Bitcoin Forum
December 15, 2024, 04:32:34 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Electrum Cracker?  (Read 1742 times)
Eadeqa (OP)
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
November 21, 2013, 12:20:54 AM
 #1


Found this on google search,

https://github.com/Evil-Knievel/electrum-cracker

is there any danger to using Electrum?

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
btcven
Hero Member
*****
Offline Offline

Activity: 715
Merit: 500


Bitcoin Venezuela


View Profile WWW
November 21, 2013, 01:06:28 AM
 #2

Here is the original post from the Newbies section https://bitcointalk.org/index.php?topic=329087.0

Hi Guys,

Im Evil Knievel and I am new here. Im from the beauiful Brazil and get more and more intrested in the question how secure bitcoin eventually is.

"The only way to improve security is to unveil its flaws" - 2013, Evil-Knievel

Unfortunately I am a newbie and restricted to this forum. However I have the feeling, that the Electrum Brainwallet Principle is not fully secure.
Let me first summarize how Electrum works.

In Electrum you have a "Master-Key" which (even when you lose your wallet due to hard disk failure and stuff) you can fully restore all your wallets / change-wallets etc.
This "Master Public Key" what they call it, is represented by a "memorizable" string of 12 random words from a word list.

While in theory (at a word list length of 1626) you have 1626^12 different possibilites we are not yet sure if the search space is really that big. It yet has to be determined if (and how many) collisions e.g. word combinations leading to the same Master-Public-Key actually exist, and yet to be checked if some words are picked more likely than others depending on the entropy coming from pythons esdsa random function.

But as a first step I have come up with an Electrum Cracker, that will search for active wallets created by random combinations of 12 words. I would hope you guys want to participate in that experiment and maybe contribute in this open source project.

Checkout the script on github (https://github.com/Evil-Knievel/electrum-cracker). Hope you like it, and I also hope for an intresting discussion towards electrum's brainwallet stuff.

I haven't known of a response yet from the devs on what is this person referring to

Admin: rdymac (PGP) | contacto@bitcoinvenezuela.com | @cafebitcoin | Electrum, lightweight bitcoin client
If I've been helpful tip me a coffee! Cheesy1rdymachKZpA9pTYHYHMYZjfjnoBW6B3k Bitrated user: rdymac.
Eadeqa (OP)
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
November 21, 2013, 02:09:34 AM
 #3

Here is the original post from the Newbies section https://bitcointalk.org/index.php?topic=329087.0

Hi Guys,

Im Evil Knievel and I am new here. Im from the beauiful Brazil and get more and more intrested in the question how secure bitcoin eventually is.

"The only way to improve security is to unveil its flaws" - 2013, Evil-Knievel

Unfortunately I am a newbie and restricted to this forum. However I have the feeling, that the Electrum Brainwallet Principle is not fully secure.
Let me first summarize how Electrum works.

In Electrum you have a "Master-Key" which (even when you lose your wallet due to hard disk failure and stuff) you can fully restore all your wallets / change-wallets etc.
This "Master Public Key" what they call it, is represented by a "memorizable" string of 12 random words from a word list.

While in theory (at a word list length of 1626) you have 1626^12 different possibilites we are not yet sure if the search space is really that big. It yet has to be determined if (and how many) collisions e.g. word combinations leading to the same Master-Public-Key actually exist, and yet to be checked if some words are picked more likely than others depending on the entropy coming from pythons esdsa random function.

But as a first step I have come up with an Electrum Cracker, that will search for active wallets created by random combinations of 12 words. I would hope you guys want to participate in that experiment and maybe contribute in this open source project.

Checkout the script on github (https://github.com/Evil-Knievel/electrum-cracker). Hope you like it, and I also hope for an intresting discussion towards electrum's brainwallet stuff.

I haven't known of a response yet from the devs on what is this person referring to

Looking at older archive, I found

Quote
The seed is a 128 bits random number, generated by os.urandom()

The seed is represented as a sequence of words in order to facilitate memorization and storage, but it can as well be represented as a hexadecimal string, or as a number.
For some reason, people tend to perceive words as "less random" than numbers. That's an illusion.

The only thing that actually matters is the number of bits of entropy in your seed (128 bits is considered as very safe, and will probably remain safe until real quantum computers are invented), and the quality of your source of randomness (electrum does not use python's random module)

So as I understand it the words  are used only for memorization, but the actual seed is 128 bit random number.

"electrum does not use python's random module"

If so, why  os.urandom() ? Isn't that python's random module?



Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
Eadeqa (OP)
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
November 21, 2013, 08:13:16 AM
 #4


If so, why  os.urandom() ? Isn't that python's random module?


I guess on Windows  os.urandom() will  use CryptGenRandom

http://en.wikipedia.org/wiki/CryptGenRandom


Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
ThomasV
Moderator
Legendary
*
Offline Offline

Activity: 1896
Merit: 1353



View Profile WWW
November 21, 2013, 04:53:35 PM
 #5


Found this on google search,

https://github.com/Evil-Knievel/electrum-cracker

is there any danger to using Electrum?

it looks more like a noob trying to attract attention..
electrum uses the python-ecdsa library to generate the seed, which calls os.urandom(), and not python's random library.
btw, this "cracker" does use python's random library.

on linux, os.urandom is non blocking, meaning that it is safe as long as you don't call it repeatedly (which might deplete your entropy pool).

Electrum: the convenience of a web wallet, without the risks
Eadeqa (OP)
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500


View Profile
November 21, 2013, 06:24:11 PM
 #6


Found this on google search,

https://github.com/Evil-Knievel/electrum-cracker

is there any danger to using Electrum?

it looks more like a noob trying to attract attention..
electrum uses the python-ecdsa library to generate the seed, which calls os.urandom(), and not python's random library.
btw, this "cracker" does use python's random library.

on linux, os.urandom is non blocking, meaning that it is safe as long as you don't call it repeatedly (which might deplete your entropy pool).


Yes, I looked it up. On Windows it will be using CryptGenRandom

http://en.wikipedia.org/wiki/CryptGenRandom

which on latest versions of Windows should be pretty secure.

Nomi, Shan, Adnan, Noshi, Nxt, Adn Khn
NXT-GZYP-FMRT-FQ9K-3YQGS
https://github.com/Lafihh/encryptiontest
BkkCoins
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1009


firstbits:1MinerQ


View Profile WWW
November 22, 2013, 06:13:25 AM
 #7

It's kind of funny when a newbie comes along and tries a naive approach to cracking something.

In this case he doesn't seem to understand he can totally remove all the code related to guessing words, and decoding them, and simply generate a 128 bit random number as seed directly. That should speed this up somewhat but to go even faster he may as well just increment a counter and check seed values sequentially - it has the same probability and would be faster still and not run into a depleted entropy pool.

2^128 = 3.402823669×10³⁸

One billion balance checks / second (very unlikely even with 10,000 computers attacking) looking for a hit in one of 2 millions addresses (current number with non-zero balances in network), would still take,

3.402823669×10³⁸ / 1x109 / 2x106 = 1.701411835×10⁵³ seconds,

or 5.395141537×10⁴⁵ years.

I wish him good luck.

wingsuit
Member
**
Offline Offline

Activity: 64
Merit: 10


2100 trillion sats baby


View Profile
November 23, 2013, 05:04:49 AM
 #8

It's kind of funny when a newbie comes along and tries a naive approach to cracking something.

In this case he doesn't seem to understand he can totally remove all the code related to guessing words, and decoding them, and simply generate a 128 bit random number as seed directly. That should speed this up somewhat but to go even faster he may as well just increment a counter and check seed values sequentially - it has the same probability and would be faster still and not run into a depleted entropy pool.

2^128 = 3.402823669×10³⁸

One billion balance checks / second (very unlikely even with 10,000 computers attacking) looking for a hit in one of 2 millions addresses (current number with non-zero balances in network), would still take,

3.402823669×10³⁸ / 1x109 / 2x106 = 1.701411835×10⁵³ seconds,

or 5.395141537×10⁴⁵ years.

I wish him good luck.

/thread

FLY
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!