Pages:
Author

Topic: 10 BTC 4 U 2 STEAL - Protected by a weak 5-letter password - crack & it's yours! - page 4. (Read 20204 times)

legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Actually I've always wondered how good an encryption algo that I wrote years ago actually is (only went as far as verifying that no zip type software could shrink an encrypted file) and now this has given me an idea about how to test that (i.e. encrypt a Bitcoin private key with my algo and publish it for all to try).
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
So I guess the dictionary hackers should reverse their algos (i.e. do not try anything that is in a word dictionary).

Smiley


Or at least try all the dictionary entries last... pretty safe bet.  This might give a couple percent speedup.  The password isn't "maybe not a word": it's more like "totally not a word".  I am pretty sure it won't accidentally appear in a dictionary.

If I google the password, I get no meaningful results, just websites dedicated to listing every possible 5-character combination.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
So I guess the dictionary hackers should reverse their algos (i.e. do not try anything that is in a word dictionary).

Smiley


BTW - this has been a very interesting experiment and quite a valuable lesson about the value of scrypt.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
The correct password isn't a recognizable word.  It's essentially five random letters.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
One last crack at the 5 letter words after S:

TaKeR
TaKeS
TaLeS
TaLkS
TaRdY
TaSkS
TaStE
TaStY
TaXeD
TaXeS
TeAmS
TeArS
TeArY
TeAsE
TeChS
TeChY
TeLlS
TeMpT
TeNtH
TeNtS
TeStS
TeStY
ThEfT
ThEiR
ThEmE
ThErE
ThEsE
ThIcK
ThIeF
ThInG
ThOsE
ThRoW
ThUmB
TiGeR
TiGhT
TiMeD
TiMeR
TiMiD
TiNnY
ToAsT
ToDaY
ToIlS
ToKeN
ToNaL
ToOlS
ToPiC
ToRsE
ToTaL
ToWeL
ToXiC
TrApS
TrAsH
TrEnD
TrIaL
TrIcK
TrIeD
TrIeS
TrIpE
TrItE
TrOlL
TrOvE
TrUeR
TrUlY
TuNeD
TwEaK
TwIsT
UlTrA
UnDeR
UnDiD
UnDuE
UnFiT
UnTiL
UnZiP
UrGeD
UrGeR
UrGeS
UrInE
UsAgE
UsErS
UsHeR
UsInG
UsUaL
UsUrP
UsUrY
VaLuE
VaLvE
VaPoR
VaUlT
VeNoM
ViDeO
ViNeS
ViNyL
ViRaL
ViSiT
ViViD
VoDkA
VoIcE
VoIlA
VoLtS
VoTeD
VoTeR
VoTeS
VoUcH
WaCkY
WaGeD
WaGeS
WaGeR
WaIvE
WaNnA
WaNtS
WaRtS
WaStE
WeArY
WeAvE
WeEpS
WeIrD
WhAcK
WhAmS
WhEeL
WhErE
WhIcH
WhIlE
WhImS
WhIsK
WhOlE
WiDeR
WiElD
WiNeS
WiNkS
WiReD
WiTcH
WiZeN
WoRdS
WoRdY
WoRkS
WoRmY
WoRrY
WoRsE
WoRsT
WoUlD
WrAtH
WrEaK
WrEcK
WrEsT
WrItE
WrOtE
YaChT
YaCkS
YaKkA
YaRdS
YaRnS
YaWnS
YeArN
YeLlS
YeSeD
YiElD
YiKeS
YiPeS
YoUrS
YoUtH
ZeBrA
ZeRoS
ZeStY
ZoMbI
ZoNeD
ZoNeS
ZoNkS
ZoOmS
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I will avoid disclosing the first character if I am presented with credible evidence that someone is highly likely to crack it within the next 48 hours without the help.  PM if needed.  I don't want it to be a 2-week contest where everyone gives up because they're bored.
sr. member
Activity: 247
Merit: 250
I'll disclose the first character of the password at or shortly after 20:00 UTC.

Don't do that.  You've already given away too much information.  I'm genuinely interested in how long it would take someone to realisticly crack a 5 character brainwallet generated private key.  Start a new thread with less characters if you want more action.  That way we can all see how long it takes for different character lengths.  This is definitely a neat experiment to either strengthen or weaken people's piece of mind on using brainwallet.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I'll disclose the first character of the password at or shortly after 20:00 UTC.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Maybe one of the following (got bored after the letter S sorry)?

NeRdY
NiCeR
NiChE
NiFtY
NiNjA
NiMdA
NoIsE
NoTeD
NoVeL
NuKeD
NuTtY
OdDeR
OdDlY
OmEgA
OuTeD
OvErT
PaNdA
PaNiC
PaRsE
PaStE
PaStY
PaYeD
PaYeR
PeAlS
PeEvE
PeRkS
PhOnY
PiCkY
PiNgS
PiVoT
PiXeL
PoStS
PrIcY
PrOoF
PrOmO
QuErY
QuEsT
QuOtA
QuOtE
RaCeR
RaCeS
RaDiI
RaDiO
RaDiX
RaLlY
RaPiD
ReIgN
ReLaX
ReLaY
ReLiC
RePaY
RePlY
RoGuE
RoOkY
RoSeS
RuBlE
RuLeR
RuSeS
SaLeS
SaVeD
SaVeR
SaVeS
ScAmS
ScArY
SeAlS
SeEdS
SeEkS
SeIzE
SeNsE
ShAdY
ShAkY
ShArK
ShInY
ShOwN
ShOwY
SiGnS
SkInT
SlEeK
SlEeP
SlOwS
SlYeR
SmOkE
SnAiL
SnAkY
SnArE
SnOrE
SoLvE
SpAcE
SpAcY
SpOiL
SpOoF
StAkE
StArS
StArT
StAsH
StEaL
StUdY
SwEaT
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
RoBoT (If it works, I desire a 50/50 split)

~Bruno K~
hero member
Activity: 547
Merit: 500
Decor in numeris
Sure, he did.  I am sleeping.  I thought this was the new info he promised.  Sorry, wachtwoord!
sr. member
Activity: 272
Merit: 250
casascius said it a few pages back Smiley
hero member
Activity: 547
Merit: 500
Decor in numeris
The first letter is N-Z
Are you just teasing us, or did casascius tell you?

 Smiley
member
Activity: 85
Merit: 10
1h79nc
legendary
Activity: 2324
Merit: 1125
member
Activity: 85
Merit: 10
1h79nc
Yes, for the parameters of this contest, it is much easier/less time/cheaper to brute force it than investigate weaknesses in any of the elliptic curve math, scrypt, AES, or SHA256.

Right now I have ported BIP 38 to C and threaded it, and it is running on an Amazon EC2 instance at about 10-12 attempts / sec. I am using the standard scrypt library and jgarzik's new libccoin and a clean slate implementation of the BIP. So that's still about 12 days of CPU crunching... At the very least, there should be a (super hacked together, ugly code) version of the BIP in C!

Also, there is still only information enough to get it down to 26 ^ 5 = 11,881,376. Right? Just that the capitalization is AaAaA?
sr. member
Activity: 272
Merit: 250
Given the information that has been released there are exactly 5940688 combinations to try...
full member
Activity: 168
Merit: 100
pretty sure there is exactly 9,765,625 (26^5) possibilities. so more like double 5mil. so the longest it would take is 56.5 days (if you were to guess in alphabetical order and the password turned out being ZzZzZ)
sr. member
Activity: 272
Merit: 250
It's not really hacking, its purely brute force thats necessary... you can improve some of the algorithm for speed but aside from that there are about 5 million combinations to try and my system is doing about 2 attempts per second that's still roughly 2500000 seconds, approx 30 days.
legendary
Activity: 2142
Merit: 1010
Newbie
OMG. Is there any REAL hacker?
Pages:
Jump to: