This message was too old and has been purged

[Evil-Knievel]

This message was too old and has been purged

[tsoPANos]

Panos, if you created the key in the way depicted earlier in this thread, I will crack it.
Give me some time :-)

All of you, who want to contribute to this project:
Help creating more and more rendezvous-points  
I have made a small python script public, which will generate such points - for each rendezvous point you are paid a certain amount of BTC.
More Infos here: https://bitcointalk.org/index.php?topic=433522.0

I did, also I would like to know if it is possible to check a if a public address is weak

[Ritual]

Really looking forward to the result of this.

Rit.

[RGBKey]

This is the reason why people say to not reuse addresses. When you recieve bitcoins, do so with a fresh address and when you spend them, spend the entire address, the change back to a new fresh address.

[Ritual]

Yeah fair enough.

But the entire network can't run that way - it's impractical.

If there's a weakness, better that it shows up now so that it can be rectified that result in the loss of someone's (possibly) life savings.

Rit.

[urbanogt5]

Hey, Interesting project man

 I was trying to create millions of address with vanitygen and then check the balace ( No bruteforce ), but your method of small range bruteforce sounds great.

Code:

0xe8b50b147a1e371613a9253a5219e46be5875bc7a45d93707b82913e8d7ef16cL	0x6cabea076c54a7bb55e6bfaeff3a9c5e07ff149c8ccfd002bcaa82e729c5343cL	0xd8487b27cbd178a1c409bf84496356abe98c84475a5180f270d615ce065b8f0aL

[Ritual]

It is an interesting project, and Evil is clearly working hard on extending his range of rendezvous points on the curve, but....

What happened to this test?

Did the cracker not work?

Is this no longer for sale?

Is it worth less than was asked?

Is Evil's data-collection on the other thread likely to (a) compromise the security of the network in general? (b) likely to devalue his own product?

I dunno.

An update'd be wonderful, for those of thinking seriously of purchasing. 2BTC is alot to some.

Rit.

[weedoge]

Good luck! ^^ https://blockchain.info/tx/e99fb7b6e2f69a6cb1cda2d83cc0644f93ae6c9413009f11a6a6bc3740cc9ce6

[tsoPANos]

It is an interesting project, and Evil is clearly working hard on extending his range of rendezvous points on the curve, but....

What happened to this test?

Did the cracker not work?

Is this no longer for sale?

Is it worth less than was asked?

Is Evil's data-collection on the other thread likely to (a) compromise the security of the network in general? (b) likely to devalue his own product?

I dunno.

An update'd be wonderful, for those of thinking seriously of purchasing. 2BTC is alot to some.

Rit.

Well we really need an update...\
anyway, I would like to note that even if he cracks the address, he will have a hard time finding weak addresses with bitcoins inside.

[Ritual]

weedoge - you just gave tsoPANos those BTC

He was the one who posted the test, and he has the private key.

But yeah, we've butted heads on this thread, and probably won't go drinking together, but tso is right - we need an update.

What happened to "I'll crack any weak key immediately"?

Rit.

[weedoge]

weedoge - you just gave tsoPANos those BTC

He was the one who posted the test, and he has the private key.

But yeah, we've butted heads on this thread, and probably won't go drinking together, but tso is right - we need an update.

What happened to "I'll crack any weak key immediately"?

Rit.

It's cool, I just felt like sending it. We'll see where it goes anyway.

[weedoge]

Also tbh there's nothing we can do to speed him up while he's offline.... so just wait I guess.

It'll still be impressive if cracked.

[Ritual]

Also tbh there's nothing we can do to speed him up while he's offline.... so just wait I guess.

It'll still be impressive if cracked.

Agree with both.

Feel free to send me a few thousand bitcoins if you're "feeling it " hahah

Rit.

[FiatKiller]

So how can we find out if our addresses are "weak"?

[weedoge]

So how can we find out if our addresses are "weak"?

Probably with a modified version of Evil's program

He's put a lot of time into in, specifically having other people help him by generating thousands of rendezvous points or something, I generated a few myself.

I'm very interested to see how this turns out... and maybe if you could attempt to bruteforce any of a list of bitcoin addresses.

Edit: Although I'm also interested in Bitcoin devs making it more secure if this is real

[FiatKiller]

I would def pay less for a checker program. Please make it available!

[urbanogt5]

Evil, meaby I'm very bad posting this, but I want to understand your work. What do you want to get? All the weak address or only the rendezvous points??


Is something like that?

[Ritual]

So how can we find out if our addresses are "weak"?

You can't.

I'm no expert on elliptical curves, but basically it seems to come down to this:

- Every address is a point on the elliptical curve, described by a triplet.

- Evil has mapped 768 by himself, and is currently mapping thousands more of rendezvous points - fixed points on the curve.

- Your address might, or might not be "close" to any given rendezvous point.

- If it is, he can crack it in a short time, by using an arc-attack. That is, he can figure out a tiny portion of the curve, and attack it.

- If your address is within this tiny arc, it's weak.

- As he adds more rendezvous points (i.e. platforms of attack), every address potentially falls into his attackable zones.

A few things:

1. We do not know how far from a rendezvous point he can reasonably attack.
2. We have no context on how many rendezvous points make a problem - i.e. 768 points could be a serious issue for a large portion of the namespace, or 150 million could be non-serious. We just don;t know this.
3. The namespace is ENORMOUS.
4. The chances of any given address falling in an attackable space appears to be very small.
5. The addresses in use are (we must assume) randomly distributed
6. This means any address could be weak or strong, and we cannot know this either.

Until Evil can do two things, nobody can know if this is a threat:

a. Actually crack an address. He's given a script which should generate a weak address. So anything output by that should have been cracked quickly. i.e. by now.
b. Publish how far from any given rendezvous point his attack can go, and the portion of the curve in total he can attack.

To expand that last point a bit:

Total namespace: 2^160.
Rendezvous points: 768 (at this time)

Divide the namespace by the points and that's a hell of a lot of black space which cannot be attacked.

If he can go 50 trillion points to either side of the points, this might not be a very big portion of the namespace at all.

On the other hand, if Evil has figured out a way to work with only the used namespace, then Bitcoin is in serious shit.

Rit.

PS: I might have alot of the above surmises wrong. I'm no mathematician, and I'm certainly no cryptographer.

[FiatKiller]

Thank you. Very thorough answer.  :-D

[Ritual]

Also, given his work on the mining thread, I'd say that Evil has lost interest in this little piece of software and has instead concentrated his efforts on cracking the entire curve instead.

Doubt we'll see him again here on this thread, but I stand to be corrected - pleasantly so.

Rit.