Finding private key from torn QR and some characters?

[eranglr]

Edited: Offering 0.1BTC to whoever comes up with a decoding software for this, based on:
https://www.freecodecamp.org/news/lets-enhance-how-we-found-rogerkver-s-1000-wallet-obfuscated-private-key-8514e74a5433/

For QR code module 33x33 like this example: https://i.imgur.com/t27ZO3f.png where the known characters of the example private key are:
5mLbK---------------------YAqS1---------------------8Q




Original post:

Is it possible to find out the private key from this example?
My thoughts are - not, because the QR doesn't provide enough information, but what do you think?


https://i.imgur.com/Qo1vWLw.png

[Upgrade00]

I also do not think that information is enough to reveal the entire private keys of the address.
Only 12 characters are visible out of the 51, of which, the first two are easily predictable as it's common to a lot of addresses. I would assume, it should be impossible to find a valid sequence to satisfy the requirements and checks for a private key from that image.

[HeRetiK]

With only 12 out of 51 characters known there's still slightly more than 192 bits left which in the case of ECDSA should still be more than enough.

Calculated based on the formula found here:
https://crypto.stackexchange.com/questions/80996/a-multi-target-attack-on-128-bit-ecdsa-private-keys

For n=192 we'd get roughly 2^(97 - 31 - 3 + 7) = 2^70 seconds of computing time with 8 cores @ 2.1 Ghz, which would be about 3 * 10^13 years which is a few orders of magnitudes longer than the age of the universe.

You could cut this down to a year by running about 3 * 10^13 machines of similar specs instead of just one tho

[pooya87]

It is impossible, not just because of the high number of missing characters but because those that do exist, you don't know their position either. What I mean is that in your example you don't know if there are 5, 6,... 10,... 15,... characters before "rKNxs" and similarly you don't know how many are after it. This means even if the number of characters you had was much less than this, you still wouldn't be able to find it because of the huge number of variations.

[eranglr]

Nice explanations, always fascinated by the power of cryptographic.

[AGD]

You may be able to get some additional information from that broken qr code

[eranglr]

You may be able to get some additional information from that broken qr code

This was my thought, but looking at the QR code, I don't think I can get more than say 3-4 additional characters.

[eranglr]

If you use different example where only half of the QR code is torn-off and it uses highest-level correction level (which is Level H where about 30% of data could be restored), there will be incentive to brute-force it if the private key holds lots Bitcoin.

You may be able to get some additional information from that broken qr code

From the visible-part of the QR code, only half is about the data/content itself, at least according to https://en.wikipedia.org/wiki/File:QRCode-2-Structure.png. Definitely not enough to combine with some character and perform brute-force.

Yep, you're right.

[eranglr]

I wrote to Michel Sassano (https://www.freecodecamp.org/news/lets-enhance-how-we-found-rogerkver-s-1000-wallet-obfuscated-private-key-8514e74a5433/).
He says that there might be enough information to decode the private key.

Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.

[eranglr]

Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.

If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people.

I agree, but how can I guarantee to also get the software?

[HeRetiK]

Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.

If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people.

I agree, but how can I guarantee to also get the software?

Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow.

[eranglr]

Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.

If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people.

I agree, but how can I guarantee to also get the software?

Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow.

Well, it's a game, but I would like to see the code.
Any idea for a trusted escrow?

[NotATether]

Quoting image for reference:

First off, you need to tell us exactly which positions are already known so that valuable time is not wasted brute-forcing those positions. I see that you already have columns AA-AG and the big square at the top left, do you also know if any of the cleared squares around A9 are correct?

In your case you got 26 rows between 8 and 34, times another 26 columns between A and Z, which equals 676 different squares for you to check. In other words you're dealing with a search space of 2^676, even more enormous than the search space of bitcoin private keys.

There are some properties of QR codes that can reduce this problem size somewhat but it's still going to be too large for brute forcing.

Also, the problem solved in the freecodecamp article is fundamentally different from yours; They had a blurred QR code which they had to "unblur", but you seem to only have a fourth of your QR code and the rest of it is completely missing. The solutions used there can't be applied here, unless you actually have a blurred or low-res AR code (in which case please post it here).

Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.

If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people.

I agree, but how can I guarantee to also get the software?

Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow.

Well, it's a game, but I would like to see the code.
Any idea for a trusted escrow?

Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it?

I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available.

[eranglr]

Quoting image for reference:

https://i.imgur.com/t27ZO3f.png

First off, you need to tell us exactly which positions are already known so that valuable time is not wasted brute-forcing those positions. I see that you already have columns AA-AG and the big square at the top left, do you also know if any of the cleared squares around A9 are correct?

In your case you got 26 rows between 8 and 34, times another 26 columns between A and Z, which equals 676 different squares for you to check. In other words you're dealing with a search space of 2^676, even more enormous than the search space of bitcoin private keys.

There are some properties of QR codes that can reduce this problem size somewhat but it's still going to be too large for brute forcing.

Also, the problem solved in the freecodecamp article is fundamentally different from yours; They had a blurred QR code which they had to "unblur", but you seem to only have a fourth of your QR code and the rest of it is completely missing. The solutions used there can't be applied here, unless you actually have a blurred or low-res AR code (in which case please post it here).

Let's play a game - I'm offering 0.1BTC to whoever comes up with decoding software for my attached photo.

If you're serious about it, i would advice you to sign message with address which contain 0.1 BTC or use trusted escrow to attract people & edit title of this thread to attract of more people.

I agree, but how can I guarantee to also get the software?

Oh, so you want to hire someone then to write this software for you? That's quite different from "playing a game" because in that case you'd definitely need a trusted escrow.

Well, it's a game, but I would like to see the code.
Any idea for a trusted escrow?

Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it?

I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available.

A9 is black, no information about the squares near it.
And there's also the private key available char (see post).

[HeRetiK]

Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it?

I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available.

Why need the code for the proof at all? Usually the only proof those kind of Piñatas require is that the coins have been successfully moved out of the target address, no?

[eranglr]

Guys in this quote chain, why make it like we have to privately send the code to OP, when it can just be uploaded to Github as a public proof and so that future people can benefit from it?

I see no benefit in spending a lot of energy making something only to hide it from the public. Just look at how many threads that exist here offering bounties to decode/decrypt/unscramble/brute-force their private key and imagine how many less threads like those would be made if the existing problems were solved and the code made available.

Why need the code for the proof at all? Usually the only proof those kind of Piñatas require is that the coins have been successfully moved out of the target address, no?

The code is for educational purposes, If there's a way to make sure that the solver will get the 0.1BTC only if he shares the code, then I'll be happy to hear suggestions.

[pooya87]

This is not a valid QR code, a valid one has the position boxes at 3 corners (top left, top right and bottom left). You have one at bottom right corner which shouldn't be there.
So this is either invalid or it is rotated 90 degrees clockwise or maybe it is mirrored horizontally. That means we already have 3 different possibilities.

The second problem is that if it is rotated or invalid, the mask pattern is missing which means we can not begin to decode the data that we already have if we don't have the "key" needed to decode it.
We could decode using all patterns which adds another 8 possibilities.

You're already missing a lot of characters, this also adds more cases to check increasing the complexity even more.

[MishaSER]

This is not a valid QR code, a valid one has the position boxes at 3 corners (top left, top right and bottom left). You have one at bottom right corner which shouldn't be there.
So this is either invalid or it is rotated 90 degrees clockwise or maybe it is mirrored horizontally. That means we already have 3 different possibilities.

The second problem is that if it is rotated or invalid, the mask pattern is missing which means we can not begin to decode the data that we already have if we don't have the "key" needed to decode it.
We could decode using all patterns which adds another 8 possibilities.

You're already missing a lot of characters, this also adds more cases to check increasing the complexity even more.

If you look closely at the original file and the file shown as an example, we will see that it is rotated 90 degrees clockwise.

[eranglr]

https://i.imgur.com/t27ZO3f.png

This is not a valid QR code, a valid one has the position boxes at 3 corners (top left, top right and bottom left). You have one at bottom right corner which shouldn't be there.
So this is either invalid or it is rotated 90 degrees clockwise or maybe it is mirrored horizontally. That means we already have 3 different possibilities.

The second problem is that if it is rotated or invalid, the mask pattern is missing which means we can not begin to decode the data that we already have if we don't have the "key" needed to decode it.
We could decode using all patterns which adds another 8 possibilities.

You're already missing a lot of characters, this also adds more cases to check increasing the complexity even more.

If you look closely at the original file and the file shown as an example, we will see that it is rotated 90 degrees clockwise.
https://i.ibb.co/FXTF7sJ/Screenshot-7.jpg

The QR is just rotated, no mirror or anything like that.