Bitcoin Forum
November 19, 2024, 04:44:49 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: Bitcoin Wallet generation by hand  (Read 6770 times)
str4wm4n
Legendary
*
Offline Offline

Activity: 1611
Merit: 1001


View Profile
September 04, 2013, 11:19:07 PM
 #21

would a pocket calculator make it any more feasible ?
Sothh (OP)
Full Member
***
Offline Offline

Activity: 238
Merit: 100



View Profile
September 04, 2013, 11:50:12 PM
 #22

would a pocket calculator make it any more feasible ?

One of the TI-84s or should may be able to do it.  (With custom programming, probably.)
str4wm4n
Legendary
*
Offline Offline

Activity: 1611
Merit: 1001


View Profile
September 05, 2013, 12:58:01 AM
Last edit: September 05, 2013, 01:14:02 AM by str4wm4n
 #23

.5 btc bounty for a program that will hash working bitcoin addresses and works on a TI-83+

it should also generate private keys using user inputed entropy such as the dice mentioned earlier
walruscode
Newbie
*
Offline Offline

Activity: 32
Merit: 0


View Profile
September 05, 2013, 01:26:47 AM
 #24

.5 btc bounty for a program that will hash working bitcoin addresses and works on a TI-83+

it should also generate private keys using user inputed entropy such as the dice mentioned earlier
Wouldn't a ripemd160 and sha256 function for the calculator be sufficient? I would assume you can do the rest by hand.
johnyj
Legendary
*
Offline Offline

Activity: 1988
Merit: 1012


Beyond Imagination


View Profile
September 05, 2013, 12:44:34 PM
 #25

The dice method is great!!! Now I can be sure that my key is a really good key with almost 0 chance of collision Grin

BombaUcigasa
Legendary
*
Offline Offline

Activity: 1442
Merit: 1005



View Profile
September 05, 2013, 01:28:55 PM
 #26

You may also want to look into this: http://procbits.com/2013/08/27/generating-a-bitcoin-address-with-javascript
yakov
Newbie
*
Offline Offline

Activity: 40
Merit: 0


View Profile
September 05, 2013, 06:05:19 PM
 #27

I am offering a 1btc bounty for someone who can demonstrate a repeatable method for calculating a private key using only paper pencil and brain

What an easy challenge for a huge bounty, I really should hang out on this forum more. A user just gained about $140 for teaching people how to throw dice.


You could also buy a 16 sided dice or something and use 0-F which would be more proper.  If you do it this way, the max address you can use is FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141

Just pedantry here, but there's no such thing as a fair 16 sided die. Fair dice can only be made from platonic solids.
http://upload.wikimedia.org/wikipedia/commons/c/c7/BluePlatonicDice.jpg


The idea I had to use the full range of bits would be to throw an 8-sided die and write down the private key in octal format. Each throw gives you 3 bits of randomness so to get 256 bits you need to throw 86 times.

Also, instead of throwing two 6-sided dice you could throw a single 12-sided dodecahedron.

Also, you could throw a 4-sided die and a 12-sided die, together giving you up any number in the range 0-F.

Or you could just flip a coin 256 times.



But generating a private key is the easy part. More interesting is generating the corresponding public key. If I'm not mistake that requires calculating the point multiplication of the private key, I guess it could be done since all the long multiplication and long addition stuff you learn at school still works for hex and octal if you stop thinking in base 10. It would take a couple of weeks I imagine. And you'd want to do it a couple of times to make sure you haven't made a mistake.
tspacepilot
Legendary
*
Offline Offline

Activity: 1456
Merit: 1081


I may write code in exchange for bitcoins.


View Profile
September 05, 2013, 06:14:28 PM
 #28

Hashes are impossible by hand...
Wouldn't a LiveCD on an offline HDD-less PC enough?

I haven't looked at the details of the hashing algorithm used to generate the public address from the private key.  However, I don't think impossible is correct.  I mean, everything a computer does can (in principle) be simulated using a very long tape and a pencil (see universal Turing machine).

Im just saying, difficult/tedious != impossible.

You want to play with semantics?

Ok, let's play.


[snip]

Basic maths gives that Q > 1 - 7604/2^1000 = 1 - 10^(-297.149) > 1 - 10^(-297)
So R < 10^(-297) < 1/2^986
Yes, R < 1/2^986



TLDR

It's easier to crack 6 different bitcoin addresses with only 6 guesses than to a human to calculate a correct bitcoin address hash in his lifetime
Yes, I call that impossible

Yes, I love semantics!

Sorry, I only skimmed the maths, but as far as I can tell your argument is based on the improbability of finding the right answer and the speed of calculation of a human also taking into consideration the length of a lifespan.

You've certainly convinced me that it's improbable.  But improbable != impossible. 

Really, all I have to do now is employ the 6.5 billion humans in the world at this task and implement a reasonable work-sharing scenario.  Smiley


jackjack
Legendary
*
Offline Offline

Activity: 1176
Merit: 1280


May Bitcoin be touched by his Noodly Appendage


View Profile
September 05, 2013, 07:15:10 PM
 #29

Hashes are impossible by hand...
Wouldn't a LiveCD on an offline HDD-less PC enough?

I haven't looked at the details of the hashing algorithm used to generate the public address from the private key.  However, I don't think impossible is correct.  I mean, everything a computer does can (in principle) be simulated using a very long tape and a pencil (see universal Turing machine).

Im just saying, difficult/tedious != impossible.

You want to play with semantics?

Ok, let's play.


[snip]

Basic maths gives that Q > 1 - 7604/2^1000 = 1 - 10^(-297.149) > 1 - 10^(-297)
So R < 10^(-297) < 1/2^986
Yes, R < 1/2^986



TLDR

It's easier to crack 6 different bitcoin addresses with only 6 guesses than to a human to calculate a correct bitcoin address hash in his lifetime
Yes, I call that impossible
Really, all I have to do now is employ the 6.5 billion humans in the world at this task and implement a reasonable work-sharing scenario.  Smiley
Yeah that would make R<1/2^953
It's still easier to crack 6 different bitcoin addresses with only 1000 guesses than to 10 billions humans to calculate a correct bitcoin address hash in their lifetimes.
Your trying to increase the probability by multiplying by 10 billions proves that you really have no idea about the numbers evolved here.

Calculating something is also being sure your result is right. And that is precisely impossible.

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
tspacepilot
Legendary
*
Offline Offline

Activity: 1456
Merit: 1081


I may write code in exchange for bitcoins.


View Profile
September 05, 2013, 07:28:27 PM
 #30

Hashes are impossible by hand...
Wouldn't a LiveCD on an offline HDD-less PC enough?

I haven't looked at the details of the hashing algorithm used to generate the public address from the private key.  However, I don't think impossible is correct.  I mean, everything a computer does can (in principle) be simulated using a very long tape and a pencil (see universal Turing machine).

Im just saying, difficult/tedious != impossible.

You want to play with semantics?

Ok, let's play.


[snip]

Basic maths gives that Q > 1 - 7604/2^1000 = 1 - 10^(-297.149) > 1 - 10^(-297)
So R < 10^(-297) < 1/2^986
Yes, R < 1/2^986



TLDR

It's easier to crack 6 different bitcoin addresses with only 6 guesses than to a human to calculate a correct bitcoin address hash in his lifetime
Yes, I call that impossible
Really, all I have to do now is employ the 6.5 billion humans in the world at this task and implement a reasonable work-sharing scenario.  Smiley
Yeah that would make R<1/2^953
It's still easier to crack 6 different bitcoin addresses with only 1000 guesses than to 10 billions humans to calculate a correct bitcoin address hash in their lifetimes.
Your trying to increase the probability by multiplying by 10 billions proves that you really have no idea about the numbers evolved here.

Calculating something is also being sure your result is right. And that is precisely impossible.

My trying to increase the probability by multiplying by 10 billions proves suggests that I have no idea how the numbers evolved here.  Evidence of a proposition is not the same as a proof of that proposition within a model.

In fact, I admitted that I only skimmed your calculations, and I'll further admit that throwing in all humans as workers was a sorta off the shoulder comment made without consideration of the specificity of your calculations.  I'm focusing on the categorical difference between impossibility and improbability.

If your argument is basically this:  X is improbable.  
And my reply is this: X is improbable doesn't imply X is impossible.  
And your reply is this: no, X is very very improbable.  
Then it seems like we're talking past each other.

You said you like semantics.  So do I!  Perhaps we can find some agreement here:

1) An event with probability > 0 is not impossible.
2) A proposition supported only by inductive evidence is not deductively proven.

Cheers!
ghgr
Newbie
*
Offline Offline

Activity: 59
Merit: 0



View Profile WWW
September 06, 2013, 07:10:20 AM
 #31

The dice method is great!!! Now I can be sure that my key is a really good key with almost 0 chance of collision Grin

I wouldn't be so sure. Your private key will probably be full of 7's  Undecided

http://hyperphysics.phy-astr.gsu.edu/hbase/math/immath/dice.gif
(from http://hyperphysics.phy-astr.gsu.edu/hbase/math/dice.html).


I'd rather flip a coin 256 times. Or better, 256 coins once (decreases the effect of a biased coin)  Wink
jackjack
Legendary
*
Offline Offline

Activity: 1176
Merit: 1280


May Bitcoin be touched by his Noodly Appendage


View Profile
September 06, 2013, 07:43:00 AM
 #32

My trying to increase the probability by multiplying by 10 billions proves suggests that I have no idea how the numbers evolved here.  Evidence of a proposition is not the same as a proof of that proposition within a model.

In fact, I admitted that I only skimmed your calculations, and I'll further admit that throwing in all humans as workers was a sorta off the shoulder comment made without consideration of the specificity of your calculations.  I'm focusing on the categorical difference between impossibility and improbability.

If your argument is basically this:  X is improbable. 
And my reply is this: X is improbable doesn't imply X is impossible. 
And your reply is this: no, X is very very improbable. 
Then it seems like we're talking past each other.

You said you like semantics.  So do I!  Perhaps we can find some agreement here:

1) An event with probability > 0 is not impossible.
2) A proposition supported only by inductive evidence is not deductively proven.

Cheers!
Again
Quote
Calculating something is also being sure your result is right. And that is precisely impossible.

It's not impossible to correctly get a hash by hand once, it's impossible to calculate it in the sense of being sure you have the right result

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
September 14, 2013, 10:41:28 AM
 #33

The bounty has been claimed, but I propose using an unbiased dice generation method.

Use base 6 for the 6 sided dice. Roll it about 100 times (really.) Write it down. Then convert that to hexadecimal and you have your private key with no bias. (Okay, maybe you need another dice roll?)

For example:

1001112400000533003453522130540400324355321453252515013101100231113332152441500 105310450123404240000

becomes

F213DA1F48C5B538B67BB9E25379B1CE0A8C8D8E205B03E3E68BDB35CDECA3A2

Then you plug that in to an offline copy of bitaddress.org on a computer that is never used for any other purpose (or uses a Live CD), and we get this:

Bitcoin Address (compressed): 1A2nR6q3aUQPJKpA2YFXjqRdh6XN8WAxKQ
Private Key WIF (compressed, 52 characters base58, starts with a 'K' or 'L'): L5LH5Sg1reynj5pKbVcUo6uvbQTnxnqQs1W1ghACrgdU5A1WJm3J

If that looks better, you can also send me a coin. If not, uh, I tried. hehe. (coin address in my signature.)

For the dice roll, subtract by 1 to get the base 6 digit.

1 = 0
2 = 1
3 = 2
4 = 3
5 = 4
6 = 5

BombaUcigasa
Legendary
*
Offline Offline

Activity: 1442
Merit: 1005



View Profile
September 14, 2013, 03:16:58 PM
 #34

The bounty has been claimed, but I propose using an unbiased dice generation method.

Use base 6 for the 6 sided dice. Roll it about 100 times (really.) Write it down. Then convert that to hexadecimal and you have your private key with no bias. (Okay, maybe you need another dice roll?)

For example:

1001112400000533003453522130540400324355321453252515013101100231113332152441500 105310450123404240000

becomes

F213DA1F48C5B538B67BB9E25379B1CE0A8C8D8E205B03E3E68BDB35CDECA3A2

Then you plug that in to an offline copy of bitaddress.org on a computer that is never used for any other purpose (or uses a Live CD), and we get this:

Bitcoin Address (compressed): 1A2nR6q3aUQPJKpA2YFXjqRdh6XN8WAxKQ
Private Key WIF (compressed, 52 characters base58, starts with a 'K' or 'L'): L5LH5Sg1reynj5pKbVcUo6uvbQTnxnqQs1W1ghACrgdU5A1WJm3J

If that looks better, you can also send me a coin. If not, uh, I tried. hehe. (coin address in my signature.)

For the dice roll, subtract by 1 to get the base 6 digit.

1 = 0
2 = 1
3 = 2
4 = 3
5 = 4
6 = 5

What is your proposal for the public key?

Quote
How difficult would it be to create a formula that allows one to create a private and public key using just paper and a pencil?
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
September 15, 2013, 12:26:29 AM
 #35

The public key part is very difficult with just pen and paper. Thus an offline bitaddress. You could use a dedicated offline computer or smartphone for this.

Use 100 dice rolls, convert to hex, then use that as the private key.

At the very least, you are absolutely sure the RNG is truly random and not broken.

Nancarrow
Hero Member
*****
Offline Offline

Activity: 492
Merit: 503


View Profile
September 15, 2013, 06:34:59 PM
 #36

You could also buy a 16 sided dice or something and use 0-F which would be more proper.  If you do it this way, the max address you can use is FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141

Just pedantry here, but there's no such thing as a fair 16 sided die. Fair dice can only be made from platonic solids.



I thought this too when I was looking for dice to generate private keys (actually, to generate electrum wallet seeds, but the principle is the same). But actually you are mistaken. The dice need not be platonic. I bought a bunch of 16-sided dice here: http://www.thediceshoponline.com/dice-search/16-sided. They need only possess sufficient rotational and reflectional symmetry, so that each face has an equal chance of landing up. It seems to me, the general idea behind the 16-sided models is adaptable to any even number of sides from 6 up (though for 6 itself you'd prefer a cube, and for 8 that gives you the platonic octahedron anyway).

If I've said anything amusing and/or informative and you're feeling generous:
1GNJq39NYtf7cn2QFZZuP5vmC1mTs63rEW
stevep
Jr. Member
*
Offline Offline

Activity: 30
Merit: 4



View Profile
September 15, 2013, 07:53:04 PM
 #37

This is my attempt at a solution.

https://www.youtube.com/watch?v=CzrgJ0jA4dg

Does it count as a solution if I designed it using a pen and paper Smiley
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
September 16, 2013, 03:37:03 AM
 #38

http://www.thediceshoponline.com/dice/4411/Hexidice-D16-Hexadecimal-Dice

Hexadecimal Dice. 16 sided. Roll 64 times. Private key.

cp1
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


Stop using branwallets


View Profile
September 16, 2013, 03:51:27 AM
 #39

paid the bounty, now how can i get a public key with not using a computer, nearly impossible I gather?

Your best bet is to take your private key into an offline computer to calculate it for you.

Guide to armory offline install on USB key:  https://bitcointalk.org/index.php?topic=241730.0
Nancarrow
Hero Member
*****
Offline Offline

Activity: 492
Merit: 503


View Profile
September 16, 2013, 07:36:14 AM
 #40

http://www.thediceshoponline.com/dice/4411/Hexidice-D16-Hexadecimal-Dice

Hexadecimal Dice. 16 sided. Roll 64 times. Private key.

What am I, chopped liver?  Wink

If I've said anything amusing and/or informative and you're feeling generous:
1GNJq39NYtf7cn2QFZZuP5vmC1mTs63rEW
Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!