Bitcoin Forum
December 04, 2024, 02:45:12 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: I have a question about bitaddress.org and sha1.  (Read 99 times)
newsecurity1986 (OP)
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
April 02, 2022, 09:41:09 PM
 #1

I know that this is already discontinued, but I was curious to know how likely it is that with brute force, and replicating the conditions of the time such as Operating System, date, and the first versions of the code, sha1, using modern power.

Could the private keys of any of those wallets generated with the first versions of bitaddress.org be found?
https://i.imgur.com/CGRDjj0.png




BTC bc1q9tcs5cam8qhlzyd4rw0q9tdmy4ghzk4gd5rumg
nc50lc
Legendary
*
Offline Offline

Activity: 2618
Merit: 6478


Self-proclaimed Genius


View Profile
April 03, 2022, 03:18:26 AM
Merited by pooya87 (2), vapourminer (1), ABCbits (1)
 #2

From which source have you found out that the old version of bitaddress used SHA1 to produce prvKey from the entropy, their changelog?
This: github.com/pointbiz/bitaddress.org/blob/master/CHANGELOG.txt#L108 ?
Quote
- hash with SHA256 instead of SHA1. SHA1 hash still provided in package.json.

If so, that's only for the checksum of the html file, not the key generation.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
pooya87
Legendary
*
Offline Offline

Activity: 3654
Merit: 11085


Crypto Swap Exchange


View Profile
April 03, 2022, 03:26:17 AM
 #3

Using SHA1 to produce bitcoin private keys doesn't even make sense since the hash digest is smaller (160 bit) than 256 bit keys.
But even if you use SHA1 you still wouldn't be able to brute force it since SHA1 is only vulnerable to a certain type of attack to find collision. You still can't brute force 160 bit entropy or easily solve ECDLP for a 160 bit key.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!