|
Upgrade00
Legendary
Offline
Activity: 2044
Merit: 2184
Professional Community manager
|
|
January 24, 2021, 08:07:21 PM |
|
I also do not think that information is enough to reveal the entire private keys of the address. Only 12 characters are visible out of the 51, of which, the first two are easily predictable as it's common to a lot of addresses. I would assume, it should be impossible to find a valid sequence to satisfy the requirements and checks for a private key from that image.
|
|
|
|
HeRetiK
Legendary
Offline
Activity: 2940
Merit: 2092
|
|
January 24, 2021, 11:28:42 PM |
|
With only 12 out of 51 characters known there's still slightly more than 192 bits left which in the case of ECDSA should still be more than enough. Calculated based on the formula found here: https://crypto.stackexchange.com/questions/80996/a-multi-target-attack-on-128-bit-ecdsa-private-keysFor n=192 we'd get roughly 2^(97 - 31 - 3 + 7) = 2^70 seconds of computing time with 8 cores @ 2.1 Ghz, which would be about 3 * 10^13 years which is a few orders of magnitudes longer than the age of the universe. You could cut this down to a year by running about 3 * 10^13 machines of similar specs instead of just one tho
|
|
|
|
pooya87
Legendary
Offline
Activity: 3458
Merit: 10572
|
|
January 25, 2021, 04:53:20 AM |
|
It is impossible, not just because of the high number of missing characters but because those that do exist, you don't know their position either. What I mean is that in your example you don't know if there are 5, 6,... 10,... 15,... characters before "rKNxs" and similarly you don't know how many are after it. This means even if the number of characters you had was much less than this, you still wouldn't be able to find it because of the huge number of variations.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 25, 2021, 05:08:22 AM |
|
Nice explanations, always fascinated by the power of cryptographic.
|
|
|
|
AGD
Legendary
Offline
Activity: 2069
Merit: 1164
Keeper of the Private Key
|
|
January 25, 2021, 07:29:56 AM |
|
You may be able to get some additional information from that broken qr code
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 25, 2021, 08:10:24 AM |
|
You may be able to get some additional information from that broken qr code
This was my thought, but looking at the QR code, I don't think I can get more than say 3-4 additional characters.
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 25, 2021, 12:06:49 PM |
|
If you use different example where only half of the QR code is torn-off and it uses highest-level correction level (which is Level H where about 30% of data could be restored), there will be incentive to brute-force it if the private key holds lots Bitcoin. You may be able to get some additional information from that broken qr code
From the visible-part of the QR code, only half is about the data/content itself, at least according to https://en.wikipedia.org/wiki/File:QRCode-2-Structure.png. Definitely not enough to combine with some character and perform brute-force. Yep, you're right.
|
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 27, 2021, 12:23:31 PM |
|
Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.
If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people. I agree, but how can I guarantee to also get the software?
|
|
|
|
HeRetiK
Legendary
Offline
Activity: 2940
Merit: 2092
|
|
January 27, 2021, 12:48:21 PM |
|
Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.
If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people. I agree, but how can I guarantee to also get the software? Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow.
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 27, 2021, 01:17:48 PM |
|
Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.
If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people. I agree, but how can I guarantee to also get the software? Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow. Well, it's a game, but I would like to see the code. Any idea for a trusted escrow?
|
|
|
|
NotATether
Legendary
Offline
Activity: 1610
Merit: 6752
bitcoincleanup.com / bitmixlist.org
|
|
January 27, 2021, 08:25:39 PM |
|
Quoting image for reference: First off, you need to tell us exactly which positions are already known so that valuable time is not wasted brute-forcing those positions. I see that you already have columns AA-AG and the big square at the top left, do you also know if any of the cleared squares around A9 are correct? In your case you got 26 rows between 8 and 34, times another 26 columns between A and Z, which equals 676 different squares for you to check. In other words you're dealing with a search space of 2^676, even more enormous than the search space of bitcoin private keys. There are some properties of QR codes that can reduce this problem size somewhat but it's still going to be too large for brute forcing. Also, the problem solved in the freecodecamp article is fundamentally different from yours; They had a blurred QR code which they had to "unblur", but you seem to only have a fourth of your QR code and the rest of it is completely missing. The solutions used there can't be applied here, unless you actually have a blurred or low-res AR code (in which case please post it here). Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.
If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people. I agree, but how can I guarantee to also get the software? Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow. Well, it's a game, but I would like to see the code. Any idea for a trusted escrow? Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it? I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 27, 2021, 09:11:43 PM |
|
Quoting image for reference: First off, you need to tell us exactly which positions are already known so that valuable time is not wasted brute-forcing those positions. I see that you already have columns AA-AG and the big square at the top left, do you also know if any of the cleared squares around A9 are correct? In your case you got 26 rows between 8 and 34, times another 26 columns between A and Z, which equals 676 different squares for you to check. In other words you're dealing with a search space of 2^676, even more enormous than the search space of bitcoin private keys. There are some properties of QR codes that can reduce this problem size somewhat but it's still going to be too large for brute forcing. Also, the problem solved in the freecodecamp article is fundamentally different from yours; They had a blurred QR code which they had to "unblur", but you seem to only have a fourth of your QR code and the rest of it is completely missing. The solutions used there can't be applied here, unless you actually have a blurred or low-res AR code (in which case please post it here). Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.
If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people. I agree, but how can I guarantee to also get the software? Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow. Well, it's a game, but I would like to see the code. Any idea for a trusted escrow? Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it? I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available. A9 is black, no information about the squares near it. And there's also the private key available char (see post).
|
|
|
|
HeRetiK
Legendary
Offline
Activity: 2940
Merit: 2092
|
|
January 27, 2021, 09:42:16 PM |
|
Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it?
I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available.
Why need the code for the proof at all? Usually the only proof those kind of Piñatas require is that the coins have been successfully moved out of the target address, no?
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 27, 2021, 10:22:13 PM |
|
Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it?
I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available.
Why need the code for the proof at all? Usually the only proof those kind of Piñatas require is that the coins have been successfully moved out of the target address, no? The code is for educational purposes, If there's a way to make sure that the solver will get the 0.1BTC only if he shares the code, then I'll be happy to hear suggestions.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3458
Merit: 10572
|
|
January 28, 2021, 06:36:23 AM |
|
This is not a valid QR code, a valid one has the position boxes at 3 corners (top left, top right and bottom left). You have one at bottom right corner which shouldn't be there. So this is either invalid or it is rotated 90 degrees clockwise or maybe it is mirrored horizontally. That means we already have 3 different possibilities. The second problem is that if it is rotated or invalid, the mask pattern is missing which means we can not begin to decode the data that we already have if we don't have the "key" needed to decode it. We could decode using all patterns which adds another 8 possibilities. You're already missing a lot of characters, this also adds more cases to check increasing the complexity even more.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
MishaSER
Full Member
Offline
Activity: 1050
Merit: 103
BIB Exchange
|
|
January 29, 2021, 05:18:34 PM |
|
This is not a valid QR code, a valid one has the position boxes at 3 corners (top left, top right and bottom left). You have one at bottom right corner which shouldn't be there. So this is either invalid or it is rotated 90 degrees clockwise or maybe it is mirrored horizontally. That means we already have 3 different possibilities. The second problem is that if it is rotated or invalid, the mask pattern is missing which means we can not begin to decode the data that we already have if we don't have the "key" needed to decode it. We could decode using all patterns which adds another 8 possibilities. You're already missing a lot of characters, this also adds more cases to check increasing the complexity even more. If you look closely at the original file and the file shown as an example, we will see that it is rotated 90 degrees clockwise.
|
|
|
|
eranglr (OP)
Newbie
Offline
Activity: 47
Merit: 0
|
|
January 29, 2021, 05:20:13 PM |
|
This is not a valid QR code, a valid one has the position boxes at 3 corners (top left, top right and bottom left). You have one at bottom right corner which shouldn't be there. So this is either invalid or it is rotated 90 degrees clockwise or maybe it is mirrored horizontally. That means we already have 3 different possibilities. The second problem is that if it is rotated or invalid, the mask pattern is missing which means we can not begin to decode the data that we already have if we don't have the "key" needed to decode it. We could decode using all patterns which adds another 8 possibilities. You're already missing a lot of characters, this also adds more cases to check increasing the complexity even more. If you look closely at the original file and the file shown as an example, we will see that it is rotated 90 degrees clockwise. https://i.ibb.co/FXTF7sJ/Screenshot-7.jpgThe QR is just rotated, no mirror or anything like that.
|
|
|
|
|