Pages:
Author

Topic: 10 BTC 4 U 2 STEAL - Protected by a weak 5-letter password - crack & it's yours! - page 9. (Read 20210 times)

full member
Activity: 196
Merit: 100
K... I think there may be a weakness!!!!, if I understand the code correctly...

HC


hero member
Activity: 566
Merit: 500
I have a loop in place, but ungh... its slow! i'll step this up to a beefier machine...
legendary
Activity: 3598
Merit: 2386
Viva Ut Vivas
password is BBBBB or BBBBTC

on an android tablet or I would try it myself
member
Activity: 66
Merit: 10
I have to say your documentation is very good in your application, also, it's quite difficult inserting a loop and array to generate the password properly.  I'll continue my work at trying.  Wink
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
I had been meaning for a while to see if Casascius's utilities would work under Mono on Mac, and so this contest gave me the incentive to actually try downloading Mono and see if it'd work. So, out of putting this 10 BTC he at least got another user of his program. Smiley It does seem to mostly work, though I see boxes where I'm assuming I'm supposed to see arrows, and the menus don't really work when I have it on my left monitor.

Thanks for the helpful info.  I never knew Mono worked on Mac.  I am guessing the font it uses doesn't contain the Unicode arrow code points I'm using.

If I were to guess the password, is there a button to convert the private key to the standard unencrypted WIF "5" version so that I could import it into a wallet (or maybe generate a raw transaction, if I'm feeling lucky)?

The decryption would yield the hex private key.  Then you'd just blank out the password and push the "up arrow" (I guess you see boxes, but it's on the left) and it will convert back to WIF without encryption.

And can you hint if I'm likely to get anywhere with a dictionary attack, or was it made up of 5 random letters? Or will you not say yet?

I will wait a while, and then I will pick a time and the amount of password information I plan to reveal, and then reveal it at the specified time.  Assuming it's not cracked first.  For example I may reveal the casing of the letters, cutting the difficulty by a factor of 32 (assuming they're random - something I'm not revealing at this point).
pc
sr. member
Activity: 253
Merit: 250
I decided to see if I could guess the password directly, but the first few words I thought to try haven't worked out…

I had been meaning for a while to see if Casascius's utilities would work under Mono on Mac, and so this contest gave me the incentive to actually try downloading Mono and see if it'd work. So, out of putting this 10 BTC he at least got another user of his program. Smiley It does seem to mostly work, though I see boxes where I'm assuming I'm supposed to see arrows, and the menus don't really work when I have it on my left monitor.

If I were to guess the password, is there a button to convert the private key to the standard unencrypted WIF "5" version so that I could import it into a wallet (or maybe generate a raw transaction, if I'm feeling lucky)?

And can you hint if I'm likely to get anywhere with a dictionary attack, or was it made up of 5 random letters? Or will you not say yet?

Thanks!
legendary
Activity: 1806
Merit: 1003
I don't think this test can provide any useful information, once your paper bitcoin become wide spread, someone will develop a more efficient cracker. Though right now, it is pretty difficult to crack this 5 letter password because of slow scrypt performance in c#.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
Maybe it's just me but I'm having trouble running the application to decrypt any phrase.  Maybe i'm not put the codes in the right fields?

Here is an example to decrypt.

Run the program, choose Tools - Address Utility.

Here is a test encrypted private key, paste it into the "Private Key (WIF)" box.
6PRJpenX5x4NffBK4dGxXgh1bLqwpSQBwhMXwCdg5k85d7PnPGMCaVdgGk

To decrypt it, fill in the password (which for this test key is "AAAAA") and then click the "down arrow" next to the password box.  The resulting bitcoin address is 1MfxvPTcpnVNU4bi2xs7XcZnsHqFZVKKEn and the corresponding private key should show.

Now on the other hand, to create a batch of encrypted keys, instead of doing Tools - Address Utility, simply do Address - Generate Addresses.  Specify that you want encrypted keys, put in a passphrase, and it will generate a boatload of keys (or rather, the number you asked for).  If you want them printed on paper wallets like the one in the OP, then just choose Selection - Print Banknote Vouchers, pick a color and a printer, voila.  Notably, it's very fast to generate lots of keys with the same password, since the slow step of hashing the password is done once and then the resulting work can be reused for all of the keys.
member
Activity: 66
Merit: 10
Maybe it's just me but I'm having trouble running the application to decrypt any phrase.  Maybe i'm not put the codes in the right fields?
full member
Activity: 238
Merit: 100
By the way, this money is going to get taken one way or another, even if I have to start leaking bits of the password to speed up the process.

Tell me the first 4 bits and I'll get it in no time.  Cool

That means if I don't tell you the first 4 bits, you'll get it in 16 * (no time).

But if you know some way where just 4 bits would give you more than a 16x advantage, please share!

No time≠0, it would be the time it takes to manually guess the password.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
By the way, this money is going to get taken one way or another, even if I have to start leaking bits of the password to speed up the process.

Tell me the first 4 bits and I'll get it in no time.  Cool

That means if I don't tell you the first 4 bits, you'll get it in 16 * (no time).

But if you know some way where just 4 bits would give you more than a 16x advantage, please share!
full member
Activity: 238
Merit: 100
By the way, this money is going to get taken one way or another, even if I have to start leaking bits of the password to speed up the process.

Tell me the first 4 bits and I'll get it in no time.  Cool
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
By the way, this money is going to get taken one way or another, even if I have to start leaking bits of the password to speed up the process.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
Modified your software into a script that tries all combinations...

Then realized it will take 36 years to run.

So a much more efficient calculation method would be needed.

It would take 36 years to run on the slow C# crappy implementation of scrypt that I have bundled with my app.  Simply feeding the same input to a more efficient implementation should chop this figure down by orders of magnitude.
donator
Activity: 2058
Merit: 1054
Modified your software into a script that tries all combinations...

Then realized it will take 36 years to run.

So a much more efficient calculation method would be needed.
legendary
Activity: 2324
Merit: 1125
Damn nice timing, just as I am heading out ..

Pretty sure this will be gone tomorrow because this is pretty straightforward. Fun contest though Smiley
legendary
Activity: 1078
Merit: 1003
Well we do have two hardware wallets being developed so I think this problem will soon be reasonably addressed.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)

Yeah, in fact, I am surprised it's 2012 and there isn't a popular standardized hardware security module meant for people to carry and log into websites.

That's part of my purpose of bringing password protected paper wallets to the Bitcoin community.  That constitutes simple two-factor Bitcoin storage usable by anybody: something you have and something you know.

My expectation is that weak passwords, with their obvious shortcomings, will still provide a "bicycle lock" level of security: they're still crackable, but would give the average user enough time to move their coins elsewhere in the event of loss or theft assuming they prepared themselves to do so.

It would be blasphemous for someone to use such a password for their savings wallet, but for protection of a single bitcoin from the casual thief, they have the same level of utility as a four-digit iPhone lock: a measure of protection from 99% of the population likely to steal it.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
No joke - see the BTC at http://blockchain.info/address/1BBBvd9G5YThYVVMSGSxJzQvQiQm3WxJC2

Not a gimmick

First person to brute-force this encrypted private key and take the funds gets them, no strings attached.

The password is five letters (no joke, no gimmick, not a riddle, example "AAAAA" and "zzzzz" are the lowest and highest candidates)

Given the obvious weakness of the password, these 10 BTC WILL get taken... it might as well be by you.

Private key is encrypted using methodology in BIP 38: https://en.bitcoin.it/wiki/BIP_0038

Working encryption/decryption code for Windows/.NET (as well as generator of these paper wallets) can be found at:

github: https://github.com/casascius/Bitcoin-Address-Utility
or download binary and source: https://casascius.com/btcaddress-alpha.zip



My interest in running this contest of sorts is to generate discussion and measure interest in password-protected paper wallets, and I am simply curious how long it might take somebody to crack one of these knowing the password is weak.  The password will be revealed to everyone once it is clear the money has been taken.
Pages:
Jump to: