Pollard's kangaroo ECDLP solver

[NotATether]

image I try to print P value out but fould like this may be is binary file need to be convert to hex or decimal

You are printing the P value directly, this will make binary output since it's a class, you have to print each of P.x and P.y separately, and each of those is split into 4 64-bit parts called P.x.bits64[0 1 2 3] which all need to be printed with a separate printf() format character.

[bigvito19]

This is just not true. The RAM consumed/used is not dependent on the bits being search...it comes down to your DP setting and how often you save the work file.  I don't see your settings/flags when starting the program but you are using a very low -d setting or that plus using a long save to file time.

I can see now that searching a 256-bit interval will become feasible if we use 128+ bits of DP mask  

How feasible are you talking? So you are working on searching 256-bit interval using 128 + bits of DP mask too?

I forgot about this thread - sorry about that.

Yeah I am, so far I have the actual program running on GPU, it's running at ~260MKeys/s with the expanded dpmask on my T4 though but it's making quite a large number of same herd collisions and dead kangaroos. I had actually expected the speed to be much faster, like around ~1500MKeys/s given that I saw someone's V100 do ~1100MKeys/s.

I doubt checking three more uint64's for equality within the main loop is what's causing this speed drop but it's a good opportunity to peek into the CUDA accelerated Int class and see what else can be sped up.

NotATether, Did you ever work on the 128 + bits DP mask?

[WanderingPhilospher]

This is just not true. The RAM consumed/used is not dependent on the bits being search...it comes down to your DP setting and how often you save the work file.  I don't see your settings/flags when starting the program but you are using a very low -d setting or that plus using a long save to file time.

I can see now that searching a 256-bit interval will become feasible if we use 128+ bits of DP mask  

How feasible are you talking? So you are working on searching 256-bit interval using 128 + bits of DP mask too?

I forgot about this thread - sorry about that.

Yeah I am, so far I have the actual program running on GPU, it's running at ~260MKeys/s with the expanded dpmask on my T4 though but it's making quite a large number of same herd collisions and dead kangaroos. I had actually expected the speed to be much faster, like around ~1500MKeys/s given that I saw someone's V100 do ~1100MKeys/s.

I doubt checking three more uint64's for equality within the main loop is what's causing this speed drop but it's a good opportunity to peek into the CUDA accelerated Int class and see what else can be sped up.

NotATether, Did you ever work on the 128 + bits DP mask?

That was a joke...it would take you 2^128 jumps to find a 128 DP mask.  So let's say your CPU (1 thread) can do 4,000 jumps per second.  Now divide 2^128 / 4000 jumps per second = 85,070,591,730,234,615,865,843,651,857,942,052,864 seconds to find one 128 DP.

[gsciservices]

Dear Sir,
I have many time tried to download for this file; it was unable to download yet. Now it is required a access to the permission. Please given to me permission for download: https://drive.google.com/file/d/1wQWLCRsYY2s4DH2OZHmyTMMxIPn8kdsz


Regards,
Md. Ashraful Alam

[fxsniper]

image I try to print P value out but fould like this may be is binary file need to be convert to hex or decimal

You are printing the P value directly, this will make binary output since it's a class, you have to print each of P.x and P.y separately, and each of those is split into 4 64-bit parts called P.x.bits64[0 1 2 3] which all need to be printed with a separate printf() format character.

yes, I print directly

I don't know C++ command to convert to binary (like 1010101)
or convert to hex

I try only
::printf("Point: %02X \n", P);
(it worsk)

look like every value is store and works in binary
pk
P
keyToSearchNeg

all is binary (when print directly will get Alien language)

[fxsniper]

@fx
Also:

if can get collision point from save.work file by kangaroo.exe may be help to easy to set DP to match with
example

puzzle #40
ec9d5049bd4509aa41e1f5c312de1900d3eac4adba0692a41286b2497e520000 1110317004752
ec9d5049bd4509aa41e1f5c312de1900d3eac4adba0692a41286b2497e520000 106665591802

The Kangaroo.exe and the kangaroo python script you have been running will not match.  Notice in your python script the zeros are at the end, they are "trailing". Kangaroo.exe uses leading zeros.  Plus, if you use a range, Kangaroo.exe subtracts start range and reduces search by 1 bit. The two will never match unless you do some deep programming modification in one of the programs.

EDIT: and the Kangaroo.exe only saves the least (last) bits of the points, where your python script saves the entire point.

old python script I use
http://bitchain.pl/100btc/pollard_kangaroo.txt
and
https://github.com/Telariust/pollard-kangaroo/blob/master/pollard-kangaroo-multi.py

for modify python just code on output display but for process and algorithm I am not modify keep work from original

Can you help to modify save function to save full data purpose for read and learning not for use continue works?
How can I do make it save full point

[NotATether]

NotATether, Did you ever work on the 128 + bits DP mask?

Yes I finished the 128+ bit range quite some time ago, you can get it from https://github.com/ZenulAbidin/Kangaroo-256

As for dpmask, what I discovered is that the runtime goes UP the bigger the dpmask you use. Search time becomes too long (in hundreds of years) when your dpmask is at 128 so I scrapped the addition.

That was a joke...it would take you 2^128 jumps to find a 128 DP mask.  So let's say your CPU (1 thread) can do 4,000 jumps per second.  Now divide 2^128 / 4000 jumps per second = 85,070,591,730,234,615,865,843,651,857,942,052,864 seconds to find one 128 DP.

I get that it wasn't a practical change to make but it's nice to be able to run it without it chopping the range while you're unaware of it. My bad, I thought you were talking about range

Dear Sir,
I have many time tried to download for this file; it was unable to download yet. Now it is required a access to the permission. Please given to me permission for download: https://drive.google.com/file/d/1wQWLCRsYY2s4DH2OZHmyTMMxIPn8kdsz


Regards,
Md. Ashraful Alam

I'm not sure where you got that Google Drive link from but I don't recall it ever being posted in this thread.

yes, I print directly

I don't know C++ command to convert to binary (like 1010101)
or convert to hex

I try only
::printf("Point: %02X \n", P);
(it worsk)

Don't do it like that, print it like this using 16-character padding for the hex numbers (they are 64-bit):

Code:

::printf("Point X: %16X%16X%16X%16X \n", P.x.bits64[3], P.x.bits64[2], P.x.bits64[1], P.x.bits64[0]);
::printf("Point Y: %16X%16X%16X%16X \n", P.y.bits64[3], P.y.bits64[2], P.y.bits64[1], P.y.bits64[0]);

[fxsniper]

Don't do it like that, print it like this using 16-character padding for the hex numbers (they are 64-bit):

Code:

::printf("Point X: %16X%16X%16X%16X \n", P.x.bits64[3], P.x.bits64[2], P.x.bits64[1], P.x.bits64[0]);
::printf("Point Y: %16X%16X%16X%16X \n", P.y.bits64[3], P.y.bits64[2], P.y.bits64[1], P.y.bits64[0]);

Thank you very much

code it is works

compare with my test print directly

this is 64 bit number right , how can decode to decimal

[NotATether]

Wait those spaces in between shouldn't be there, I meant for it to be zero-padded, can you change the code to this?

Code:

::printf("Point X: %016X%016X%016X%016X \n", P.x.bits64[3], P.x.bits64[2], P.x.bits64[1], P.x.bits64[0]);
::printf("Point Y: %016X%016X%016X%016X \n", P.y.bits64[3], P.y.bits64[2], P.y.bits64[1], P.y.bits64[0]);

[fxsniper]

I'm using Kangaroo 2.2
Windows version
 

Kangaroo 2.2 using C++ language

Visual Studio 2019 Community Edition (Free)
https://visualstudio.microsoft.com/downloads/

compile using project file  Kangaroo.sln  on folder VC_CUDA102
require to install CUDA version 10.2


I  am not programmer it is hard to modify it a lot
Kangaroo 2.2 only can work with 120 bit puzzle

python it easy to modify but it very very slow and limited with 50 bit puzzle

[fxsniper]

Wait those spaces in between shouldn't be there, I meant for it to be zero-padded, can you change the code to this?

Code:

::printf("Point X: %016X%016X%016X%016X \n", P.x.bits64[3], P.x.bits64[2], P.x.bits64[1], P.x.bits64[0]);
::printf("Point Y: %016X%016X%016X%016X \n", P.y.bits64[3], P.y.bits64[2], P.y.bits64[1], P.y.bits64[0]);

Thank you very much

last code compare with old one, am I do correct?
if correct I will remove all old code that wrong

[jacky19790729]

I don't understand "kangaroos"
but, if you want to printf  P.x,  P.y ,   pk   value  
you can use  GetBase16()

Public Key (compressed)     =  (02 or 03)  + P.x
Public Key (uncompressed) =  04 + P.x + P.y
Target Private key  =  0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - pk  

Code:

  Point P = secp->ComputePublicKey(&pk);

  printf("\nTestPrint1   %064s  %064s \nPK: %064s\n"
	  , P.x.GetBase16().c_str() , P.y.GetBase16().c_str()
	  , pk.GetBase16().c_str() );

-----my result output

TestPrint1   9FFC74F6136E60E9229A58544C0E9CFFA5A9D955D949E75E4BCCBE1C06B81C34  
FD2B45B2609A46E7C893F3409073557BF59D9E306FF0BEC04AD8644CBC0DEFE3
PK: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A027244DA849B5C9F250

====<FOUND_KEY_Time1 >  2021-04-25 21:38:34 =====
找到了 Key# 0 [1S]Pub:  0x0290E6900A58D33393BC1097B5AED31F2E4E7CBD3E5466AF958665BC0121248483
       Priv: 0x349B84B6431A6C4EF1

This Find time 06:35

test in #70

[NotATether]

I want to do a test.
Part of the oscillator
0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798, 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

I'd like to know that this is the most basic so it shouldn't be modified
For testing purposes, I want to change this public key value and run the kangaroo.

1 = 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798, 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

10 = 0xa0434d9e47f3c86235477c7b1ae6ae5d3442d49b1943c2b752a68e2a47e247c7, 0x893aba425419bc27a3b6c7e693a24c696f794c2ed877a1593cbee53b037368d7
1/10 = 0.1

0.1= 0x8c6154856794fcd5ee79ba8c96b7dd980e289a6b93a52d50dbdb9388a4c75604, 0x8fa03512509c5caa2238ef16720c9b787961e695e5401a6f5df6817ad0032d5c
priv = (81054462466121336796499689506081535496986294995352433067823614199062713046036)

Is this bolded number and point corresponding to G? Because this will make the problem easier to understand. I'm not really sure what you're trying to do when you say "oscillator".

I'm assuming you took the modular inverse G*(10G)^-1 to get the 0.1 result? (And not just did straight up division of the 10 by the 1 )

I don't really see the point of using G/10 as the generator point for Kangaroo but it's technically possible if you edit the jump table.

[fxsniper]

I don't understand "kangaroos"
 

try read description on  JeanLucPons Kangaroo github

explain about how kangaroos works with images illustration figure

https://github.com/JeanLucPons/Kangaroo

[fxsniper]

Is this bolded number and point corresponding to G? Because this will make the problem easier to understand. I'm not really sure what you're trying to do when you say "oscillator".

I'm assuming you took the modular inverse G*(10G)^-1 to get the 0.1 result? (And not just did straight up division of the 10 by the 1 )

I don't really see the point of using G/10 as the generator point for Kangaroo but it's technically possible if you edit the jump table.

I think lostbitcoin need to be show python modify code to can easy compare with C++ code, what want to do

[pacnload]

is there any way to jump over some numbers for example never use numer 3 or number 1?

[NotATether]

Receive input when playing the Kangaroo executable
Please modify the program so that the kangaroo can run it.


The reason is that Bitcoin 1% is an integer
99% was done with the decimal point key.


0.0573619 =0x822557f3ae9c29d0940e305bbcc30babe59d36ccfad2ebc972a323a8acefefc8, 0x1d5954c43bc29bd412c887d67759a0465aca7b7ce5195212b671e2ba21094dd1
0.0573619 * 10,000,000 = 573619
priv(573619) = 0x3ec274bef2990b86b8c0740faf90c11e15b8b1891c110063e3d15f05ea9bd23, 0x273f184f12a2a029c0643628561f670de859013a7dd0ef0382d86463f4b75435

I guess if you want to scale all calculations down by 1/10 or 1/100, you can replace the point in the SetBase16 code above with the one for 0.1G or 0.01G.

So, do you want to change the program to look for 0.1G, 1G, 10G, 100G points like this? (I can not read CJK languages so it is hard for me to understand the last screenshot, can you explain what's going on in there?)

To my understanding you have these values [for example]:

0.0573619 <-- this is a private key "A"
10,000,000  <-- this is some kind of multiplier I think
1505297...the value in green   <--- a private key
0x822557f3ae9c29d0940e305bbcc30babe59d36ccfad2ebc972a323a8acefefc8, 0x1d5954c43bc29bd412c887d67759a0465aca7b7ce5195212b671e2ba21094dd1
^-- this is the public key for 1505297...?  Or for 0.0573619?

So is this 1505297... private key multiplied by 10 million to get the 573619 private key? Or more likely you're multiplying their pubkeys to get that privkey, am I understanding you correctly?

What is the relation between these private keys?
573619
0.0573619
1505297...
0x15cf751db (I saw this in your second screenshot, not sure what this is I'm assuming a hex version of a privkey)?

Friends will hear this story for the first time.
However, I did a lot of tests and found these things.

My goal is not to race the quiz.
Many people are sad because they have lost their private keys.
I think you can solve this problem with a newly developed calculator

Well, I can understand that we are multiplying public keys A and B to get C, but what's special about the relation between their private keys (private key A and C in particular, why use a large number to get 573619?)

is there any way to jump over some numbers for example never use numer 3 or number 1?

Skipping particular kangaroo values? I think it will be hard to exclude specific values because they are all very large and random, but I guess you could find some group of numbers that match a pattern and sequence and do another hop for those, without making them a distinguished point.

[fxsniper]

My goal is not to race the quiz.

I like to have a name on Wikipedia records
https://en.wikipedia.org/wiki/Discrete_logarithm_records

[fxsniper]

how to use function GetBase10() on kangaroo

I copy GetBase16() and change to  GetBase10()
I using GetBase10() with display %d  but it is show wring

GetBase10() convert to decimal right?
( and GetBase16() convert to hex)

I compare by print out next line

like sample
GetBase16() result = P.x.: 59EF0C8304BB2FDB2C0F18B262EBDBCB992D0B4CB7AE92358C22406740862D78
GetBase10() result = P.x.: -1235795984


Base10 should be = 40678206325600170710078198845059231036639843417349082810943540381348337692024

[jacky19790729]

like sample
GetBase16() result = P.x.: 59EF0C8304BB2FDB2C0F18B262EBDBCB992D0B4CB7AE92358C22406740862D78
GetBase10() result = P.x.: -1235795984
Base10 should be = 40678206325600170710078198845059231036639843417349082810943540381348337692024

Code:

  Int privKey;
  privKey.SetBase16("00000000000000000000000000000000000000000000000000000000000000FF"); 	 
  printf("A: %s \n", privKey.GetBase10().c_str());
  privKey.SetBase16("59ef0c8304bb2fdb2c0f18b262ebdbcb992d0b4cb7ae92358c22406740862d78");
  printf("B: %s \n", privKey.GetBase10().c_str());
  privKey.SetBase16("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
  printf("secp256k1 MAX value: %s \n", privKey.GetBase10().c_str());

=====output Decimal:=====
A: 255
B: 40678206325600170710078198845059231036639843417349082810943540381348337692024
secp256k1 MAX value: 115792089237316195423570985008687907852837564279074904382605163141518161494337