Pages:
Author

Topic: Bitcoin greatest vulnerability (Read 6080 times)

AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
August 30, 2017, 06:53:32 AM
#39
Damn. Bitcoin has been hacked again! Does that mean, that my brainwallet has been hacked too? 12AKRNHpFhDSBDD9rSn74VAzZSL3774PxQ
newbie
Activity: 28
Merit: 11
August 30, 2017, 02:54:02 AM
#38
Quote
using the phrase: 12345678901234567890 (brain wallet)

This phrase make a private and public key that apparently have been used for real before.

Private key:
5Jf6mGTeCg37iZST1ukHXacwyuhjL3ABvEcpgwCRQX9y9fLGLbD (thats the same key the OP found/created)

Public key>
15eUHuCMKGekXmfH2B5awPWnwY3qVe3Nz1

Yeah I think you got it right.

This basically just means that it is insecure to use bad randomness to generate your Keys. But that's an obvious thing and does not only apply to Bitcoin but to crypto in general.
member
Activity: 61
Merit: 10
August 29, 2017, 09:57:06 PM
#37
If bitcoin and all cryptocurrencies are this vulnerable, then it should be a simple enough task to prove it to us all by hacking the blockchains and bringing the entire market crashing down to a grinding halt. If, on the other hand, you have no idea of the actual numbers involved and are just saying generally that in an infinite time and universe, anything's possible, you are correct. It still isn't bringing aliens to my doorstep, nor is it making it any easier to hack the blockchain with anything less than a few billion years of computing time. And really, once we have that, aren't we better off trying to hack the Ultimate Answer to Life, the Universe and Everything? Granted, we'll probably discover it's 42, but still.
newbie
Activity: 1
Merit: 0
August 29, 2017, 07:07:06 PM
#36
OP, you are completely and absolutely wrong. The private keys ARE NOT randomly generated characters. They are actually 256 bit numbers. This means that the total number of possible private keys is 2^256 - 1, which is a ridiculously large amount of possible private keys. Those private keys are converted into the characters that you see through a process known as Base58 Check Encoding (https://en.bitcoin.it/wiki/Base58Check_encoding). You cannot just throw random characters together to get a private key because it will probably fail the Check part of Base58 Check Encoding. The Check is the first four bytes of a SHA256 checksum of the private key.

Note that most Bitcoins are spendable by addresses, not public keys. Addresses are only 160 bits, and any private key whose public key hashes to the same 160 bit address is able to spend the coins at that address.

So for most coins it's "only" a 160 bit search to find a private key that can spend them. You don't need to find the same private key as the proper owner of the coins, you only need to find one which gives the same address.

Of course, a 160 bit search is still impractical to carry out. But it's a lot easier than a 256 bit search.


and in this case:
Bitcoin (cold address)-> person can coincidentally create an exact same  account number (cold address) .

If someone uses something non-random, sure. E.g. "Dog" as a "brain wallet" or a non random PRNG.

Otherwise, no.  Saying otherwise is either FUD or not understanding math etc as Foxpup etc has explained.



I know it's an old topic, but I think I understood what the OP wanted to say.

The answer I quoted sums it up, in my opinion.

I got here while searching google for the PUBLIC key I created... using the phrase: 12345678901234567890 (brain wallet)

This phrase make a private and public key that apparently have been used for real before.

Private key:
5Jf6mGTeCg37iZST1ukHXacwyuhjL3ABvEcpgwCRQX9y9fLGLbD (thats the same key the OP found/created)

Public key>
15eUHuCMKGekXmfH2B5awPWnwY3qVe3Nz1

used this site to create the keys: https://walletgenerator.net/

What he means, I belive, is: What stops someone to start gessing several keys.. and looking for it in block chain. When you find one that has money, transfer it.

places that I found this key:
https://bitcointalk.org/index.php?topic=156609.450
https://blockchain.info/address/15eUHuCMKGekXmfH2B5awPWnwY3qVe3Nz1

Im a total noob as well... and im starting to learn (a little bi late, i suppose) about this incredible world.

Thanks!
hero member
Activity: 3052
Merit: 651
July 20, 2016, 04:13:50 AM
#35
Imagine me a newbie reading it from top to bottom.  Cry That is a lot of stress and ending up it cant be done. You are saying you guessed some account of a Russian by a mere coincidence? There is a 1/a billion chance I think for this to happen? And you are saying our bitcoin is hackable after how many years of service? Oh crap! My head hurts after reading. Need some rest.
legendary
Activity: 2940
Merit: 1333
July 14, 2016, 09:04:35 PM
#34
Another method of mirroring

https://www.bitaddress.org

(fX)

 rd rd d d RD rd Rd rdrd rdrd rd

1E38XQRdXVhafXoAXwSZyoxPQ7R5HtmfrW

17na83aXEao3jfXJXEN4uuvchgAjg1Mw1S

Can you provide us with the name of your darknet market vendor? That's good shit you're taking.
member
Activity: 63
Merit: 10
July 14, 2016, 03:39:02 AM
#33
Another method of mirroring

https://www.bitaddress.org

(fX)

 rd rd d d RD rd Rd rdrd rdrd rd

1E38XQRdXVhafXoAXwSZyoxPQ7R5HtmfrW


17na83aXEao3jfXJXEN4uuvchgAjg1Mw1S

legendary
Activity: 1512
Merit: 1057
SpacePirate.io
June 22, 2016, 02:27:18 PM
#32
There's a better challenge open, too: there's over $10 billion worth of Bitcoins secured by "easy-to-collide" private keys. Simply collide a few of the bigger ones and take the money!

The fact that this hasn't happened should be proof enough that OP's system (whatever it is; I can't understand what he is trying to say) doesn't work.

I think we've been trolled, let's say what satoshi has to say:




Ghost of Satoshi has spoken: "Hmmm.... dubious claim is dubious."
legendary
Activity: 2940
Merit: 1333
June 22, 2016, 01:52:24 PM
#31
I'm just assuming you're talking about a brain wallet at this point...

There's a challenge open if you want to try your method to get bitcoins:
https://keybase.io/warp/warp_1.0.8_SHA256_5111a723fe008dbf628237023e6f2de72c7953f8bb4265d5c16fc9fd79384b7a.html

Good luck.

There's a better challenge open, too: there's over $10 billion worth of Bitcoins secured by "easy-to-collide" private keys. Simply collide a few of the bigger ones and take the money!

The fact that this hasn't happened should be proof enough that OP's system (whatever it is; I can't understand what he is trying to say) doesn't work.
full member
Activity: 187
Merit: 102
June 22, 2016, 09:00:06 AM
#30
On a technical level or not,

I believe Bitcoins greatest vulnerability stands with people who don't understand what the ***CRYPTO***-currency actually is and with the people who come here to make a quick penny.

I agree with you.
legendary
Activity: 1512
Merit: 1057
SpacePirate.io
June 22, 2016, 08:02:51 AM
#29
I'm just assuming you're talking about a brain wallet at this point...

There's a challenge open if you want to try your method to get bitcoins:
https://keybase.io/warp/warp_1.0.8_SHA256_5111a723fe008dbf628237023e6f2de72c7953f8bb4265d5c16fc9fd79384b7a.html

Good luck.
hero member
Activity: 686
Merit: 502
June 22, 2016, 07:48:09 AM
#28
On a technical level or not,

I believe Bitcoins greatest vulnerability stands with people who don't understand what the ***CRYPTO***-currency actually is and with the people who come here to make a quick penny.
legendary
Activity: 1066
Merit: 1050
Khazad ai-menu!
June 22, 2016, 07:35:54 AM
#27
Please post the collision you have discovered. 

Post the two private keys which correspond to the same bitcoin address. 

Thanks!  Smiley

member
Activity: 63
Merit: 10
June 22, 2016, 02:21:00 AM
#26
OP, again, BITCOIN ADDRESSES ARE NOT COMPOSED OF RANDOM CHARACTERS. In fact, there is actually no such thing as a Bitcoin address. On a technical level, there is no such thing as a Bitcoin address. Rather it is a way to represent a 160 bit number, the RIPEMD160 of the SHA256 of a public key. An address is simply an encoding, a way to package the hash of a public key in a manner which allows for some basic error checking and a way to shorten the number of characters that people have to deal with.

It doesn't matter how many or what characters are used for Bitcoin addresses. Increasing the characters used will simply make addresses shorter, they will not remain a fixed length because they must convert back to a 20 byte number. That is what stays constant, not the length nor the character space.

Let's try a picture for OP....  I'm guessing he's using random alpha characters to generate a bitcoin address and there by searching the internet with his results to product a "hit" on a collision.

Levent: This is how bitcoin addresses are generated:



cloverme:

(rt) is a theorem for collision
Read (Kurt Gödel ->principia mathematica) and (Douglas R. Hofstadter --> gödel escher bach) for the proof of (rt) theorem.




legendary
Activity: 1512
Merit: 1057
SpacePirate.io
legendary
Activity: 2940
Merit: 1333
June 21, 2016, 09:50:21 PM
#24
Thank you, this is actually a very informative diagram. Saving this imagine for use in the future

It's part of a series of similar diagrams. I don't know where to find them now, but they were made by etotheipi I think?
full member
Activity: 238
Merit: 100
I love NACHOS
June 21, 2016, 04:08:59 PM
#23
OP, again, BITCOIN ADDRESSES ARE NOT COMPOSED OF RANDOM CHARACTERS. In fact, there is actually no such thing as a Bitcoin address. On a technical level, there is no such thing as a Bitcoin address. Rather it is a way to represent a 160 bit number, the RIPEMD160 of the SHA256 of a public key. An address is simply an encoding, a way to package the hash of a public key in a manner which allows for some basic error checking and a way to shorten the number of characters that people have to deal with.

It doesn't matter how many or what characters are used for Bitcoin addresses. Increasing the characters used will simply make addresses shorter, they will not remain a fixed length because they must convert back to a 20 byte number. That is what stays constant, not the length nor the character space.

Let's try a picture for OP....  I'm guessing he's using random alpha characters to generate a bitcoin address and there by searching the internet with his results to product a "hit" on a collision.

Levent: This is how bitcoin addresses are generated:


Thank you, this is actually a very informative diagram. Saving this imagine for use in the future
legendary
Activity: 1512
Merit: 1057
SpacePirate.io
June 21, 2016, 03:02:57 PM
#22
OP, again, BITCOIN ADDRESSES ARE NOT COMPOSED OF RANDOM CHARACTERS. In fact, there is actually no such thing as a Bitcoin address. On a technical level, there is no such thing as a Bitcoin address. Rather it is a way to represent a 160 bit number, the RIPEMD160 of the SHA256 of a public key. An address is simply an encoding, a way to package the hash of a public key in a manner which allows for some basic error checking and a way to shorten the number of characters that people have to deal with.

It doesn't matter how many or what characters are used for Bitcoin addresses. Increasing the characters used will simply make addresses shorter, they will not remain a fixed length because they must convert back to a 20 byte number. That is what stays constant, not the length nor the character space.

Let's try a picture for OP....  I'm guessing he's using random alpha characters to generate a bitcoin address and there by searching the internet with his results to product a "hit" on a collision.

Levent: This is how bitcoin addresses are generated:
sr. member
Activity: 433
Merit: 267
June 21, 2016, 02:41:12 PM
#21
Code:
rt= bitcoin address"1234567890A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d e f g h i j k l m n o p q r s t u v w x y z"

The (1234567890A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
a b c d e f g h i j k l m n o p q r s t u v w x y z) system that creates Bitcoin is reduced to (rt)

With Chinese, Japanese, Latin Alphabet, the numbers and a thousand characters number series, only

    (rr) Bitcoin address
    (tt) Bitcoin address
    (rt) Bitcoin address
    (tr) Bitcoin address

       addresses can be created.

In this case when you create a Bitcoin address with a character series(6789012345678901友達彼女雪男),(Llisp),(1234542152695) of  any length, a collision occurs.

Let's consider Bitcoin (tt) as a cold address, in this case someone else can create the cold address.
Such logic, much amaze, wow.

So you're saying if I have the target of decimal 10 in binary, 00001010, I could find a collision just by finding A in hexadecimal ?
staff
Activity: 3458
Merit: 6793
Just writing some code
June 21, 2016, 02:40:29 PM
#20
OP, again, BITCOIN ADDRESSES ARE NOT COMPOSED OF RANDOM CHARACTERS. In fact, there is actually no such thing as a Bitcoin address. On a technical level, there is no such thing as a Bitcoin address. Rather it is a way to represent a 160 bit number, the RIPEMD160 of the SHA256 of a public key. An address is simply an encoding, a way to package the hash of a public key in a manner which allows for some basic error checking and a way to shorten the number of characters that people have to deal with.

It doesn't matter how many or what characters are used for Bitcoin addresses. Increasing the characters used will simply make addresses shorter, they will not remain a fixed length because they must convert back to a 20 byte number. That is what stays constant, not the length nor the character space.
Pages:
Jump to: