RetiredCoder (OP)
Full Member
 Offline
Activity: 131
Merit: 120
No pain, no gain!
|
 |
December 14, 2024, 04:22:32 PM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging  Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896 |
|
|
|
llenn1227
Newbie
Offline
Activity: 12
Merit: 0
|
|
December 14, 2024, 04:24:58 PM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896I'm on it, but maybe some hint? |
|
|
|
|
RetiredCoder (OP)
Full Member
Offline
Activity: 131
Merit: 120
No pain, no gain!
|
|
December 14, 2024, 04:25:47 PM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896I'm on it, but maybe some hint? A hint is in the message |
|
|
|
llenn1227
Newbie
Offline
Activity: 12
Merit: 0
|
|
December 14, 2024, 04:31:23 PM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896I'm on it, but maybe some hint? A hint is in the message Okey I'll try to figure out? Sadly this is the last minigame QAQ |
|
|
|
|
llenn1227
Newbie
Offline
Activity: 12
Merit: 0
|
|
December 14, 2024, 06:06:50 PM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896It's 2 a.m. in my local time But I only figure out one thing This is not "a bit" harder then the previous one Hope I can figure out or get some hint in my dream Good luck for everyone! |
|
|
|
|
K0rvexX
Newbie
Offline
Activity: 21
Merit: 0
|
|
December 14, 2024, 06:25:09 PM |
|
I'm new to cryptography, just started playing ctf challenges and such about a year ago, so excuse me if this comes out a bit stupid  But from what I understood, the Signature is the message above signed with the wallet's private key. But isn't that just a way to prove that the private key corresponds to the publicly known private key? if so how is that different from bruteforcing the private key itself from the known keyspace? Again, thanks for the challenge dude, and sry if this question came out a bit dumb xd |
|
|
|
|
RetiredCoder (OP)
Full Member
Offline
Activity: 131
Merit: 120
No pain, no gain!
|
|
December 14, 2024, 06:31:50 PM |
|
This is not "a bit" harder then the previous one
Yes, you should have some understanding of ECDSA signature vulnerabilities. I'm new to cryptography, just started playing ctf challenges and such about a year ago, so excuse me if this comes out a bit stupid But from what I understood, the Signature is the message above signed with the wallet's private key. But isn't that just a way to prove that the private key corresponds to the publicly known private key? if so how is that different from bruteforcing the private key itself from the known keyspace? Again, thanks for the challenge dude, and sry if this question came out a bit dumb xd Just google more (or use ChatGPT) to see how deep the rabbit hole goes |
|
|
|
SlaitX
Newbie
Offline
Activity: 10
Merit: 0
|
|
December 14, 2024, 07:17:31 PM |
|
|
|
|
|
|
K0rvexX
Newbie
Offline
Activity: 21
Merit: 0
|
|
December 14, 2024, 07:55:18 PM |
|
The signature's hex representation starts with 20 while every other signature I checked started with 30. Did the signature get processed through some function before being encoded to b64?
|
|
|
|
|
Asmodeus_Zero
Newbie
Offline
Activity: 6
Merit: 0
|
|
December 14, 2024, 07:59:57 PM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896Hello, man. Well, I'll try my luck with this puzzle. |
|
|
|
|
K0rvexX
Newbie
Offline
Activity: 21
Merit: 0
|
|
December 14, 2024, 09:15:16 PM |
|
the length of the signature is also 65 bytes instead of 64. Is there a hint on the manipulation done on the signature before getting encoded (or is it in the message again xd) The signature's hex representation starts with 20 while every other signature I checked started with 30. Did the signature get processed through some function before being encoded to b64?
|
|
|
|
|
|
Etar
|
|
December 14, 2024, 09:35:04 PM |
|
The main vulnerability of signatures is the use of the same value of K, which gives the same value of r.
for the first message the values of r and s were:
r 0xde97092bfb7c02148a827b4f8b62db1e189a739c77815799df5e6fb35ae88a1f
s 0x3f4fa38bcbb17615446fabc6fbebceefbb7d052eca9ce136b3a4a67b7f0d4f42
for the second message the values of r and s were:
r 0x838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc
s 0x288da41a03e78a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
I don't see the same r values here, maybe I'm being stupid.
|
|
|
|
|
love19
Newbie
Offline
Activity: 1
Merit: 0
|
|
December 14, 2024, 10:02:43 PM |
|
Hi @Retired coder. Am new to this forum and just went through this bitcoin forum.Thanks for the puzzle and the hint given. I tried my luck for the first time found public key, private key and address of two wallets which seems odd to me after digging chat gpt rabbit hole. But tried the two wallets imported into electron cash wallet but found no or 0 $ BCH. Can you please confirm whether the puzzle is solved. |
|
|
|
|
K0rvexX
Newbie
Offline
Activity: 21
Merit: 0
|
|
December 14, 2024, 10:17:46 PM |
|
Hi @Retired coder. Am new to this forum and just went through this bitcoin forum.Thanks for the puzzle and the hint given. I tried my luck for the first time found public key, private key and address of two wallets which seems odd to me after digging chat gpt rabbit hole. But tried the two wallets imported into electron cash wallet but found no or 0 $ BCH. Can you please confirm whether the puzzle is solved. The public is is already exposed, and if you're sure you've found the private key (which would be obvious because is has 126 0 at the end) you would've probably cached out by now  |
|
|
|
|
K0rvexX
Newbie
Offline
Activity: 21
Merit: 0
|
|
December 14, 2024, 10:39:34 PM
Last edit: December 14, 2024, 10:50:36 PM by K0rvexX |
|
The main vulnerability of signatures is the use of the same value of K, which gives the same value of r.
for the first message the values of r and s were:
r 0xde97092bfb7c02148a827b4f8b62db1e189a739c77815799df5e6fb35ae88a1f
s 0x3f4fa38bcbb17615446fabc6fbebceefbb7d052eca9ce136b3a4a67b7f0d4f42
for the second message the values of r and s were:
r 0x838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc
s 0x288da41a03e78a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
I don't see the same r values here, maybe I'm being stupid.
@Etar where did the first r and s come from? I didn't find the same values Edit: nvm xd |
|
|
|
|
K0rvexX
Newbie
Offline
Activity: 21
Merit: 0
|
|
December 14, 2024, 10:50:53 PM |
|
yep just saw it
|
|
|
|
|
sneeky777
Newbie
Offline
Activity: 21
Merit: 1
|
|
December 15, 2024, 12:19:18 AM |
|
This would make xmas lol off to play
|
|
|
|
|
AbadomRSZ
Newbie
Offline
Activity: 28
Merit: 0
|
|
December 15, 2024, 01:29:52 AM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896Now yes, I liked it, a difficult puzzle lol, don't give any more tips to this bunch of parasitic worms, no @ RetiredCoder |
|
|
|
|
K0rvexX
Newbie
Offline
Activity: 21
Merit: 0
|
|
December 15, 2024, 10:19:13 AM |
|
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130. As you requested, this time it's a bit more challenging Message: Anything one man can imagine, other men can make real Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o= There is about 700$ in BCH there, so hurry up! And thanks to creator of original puzzles (Satoshi??) for a lot of fun! PS. No BS here please, I will remove it. PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896Now yes, I liked it, a difficult puzzle lol, don't give any more tips to this bunch of parasitic worms, no @ RetiredCoder Based on your post history, you seem to be very passionate about calling people worms and straight up insulting them in general. You know it costs nothing to be positive? |
|
|
|
|
|
Etar
|
|
December 15, 2024, 11:03:09 AM |
|
Yes, you should have some understanding of ECDSA signature vulnerabilities.
2 most common vulnerabilities are repetitions of K for the same private key and weak K We have only 2 signed messages and their signature r does not match, only the weak K remains. I checked 02/03838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc in the 80-bit range it is not there. sha256 from the message also does not reveal r, as well as double hashing. The rabbit hole is too deep. I'm tired)) |
|
|
|
|
|
