Topic: Bitcoin Wallet generation by hand - page 2. (Read 6770 times)
Is there some kind of "hash" that can be easily "calculated" from an human (even if takes some hours...) but not from computer?
Hashes are impossible by hand...
Wouldn't a LiveCD on an offline HDD-less PC enough?
Wouldn't a LiveCD on an offline HDD-less PC enough?
I haven't looked at the details of the hashing algorithm used to generate the public address from the private key. However, I don't think impossible is correct. I mean, everything a computer does can (in principle) be simulated using a very long tape and a pencil (see universal Turing machine).
Im just saying, difficult/tedious != impossible.
You want to play with semantics?
Ok, let's play.
Let's take a human, the super-hero kind, who can:
a/ Calculate a 32-bit operation in 10 seconds
b/ Work from midnight to midnight everyday
c/ Calculate a 32-bit operation without any errors
A hash takes about 5000 32-bit operations. So make it 10000 for ripemd160(sha256()).
That makes (10*10000) = 100k seconds = 38.4 hours = 1.6 day non-stop.
Possible.
Now here comes the fun.
This time we take a real human, the super smart kind.
A/ He calculates a 32-bit operation in 30 seconds (please try a 32-bit addition and tell me how much time it took)
This raises the total time to calculate one hash to 115.2 hours
B/ The guy must sleep, so he can "only" work from 8am to midnight.
This makes the total time to calculate one hash equal to 4.8 days.
Still possible.
C/ The lower brain failure rate in the best conditions is 5%. As he's super smart his is only 1%.
The probability of him finding the correct hash on one try is P = 1/2^(100000*1%) = 1/2^1000 ~ 1/10^300
D/ He starts the hashing calculation at birth and will stop at 100 years old.
This is (100*365) = 36500 days of calculation.
One try is 4.8 days, so he has 7604 tries available.
The odd of our super smart guy FINDING AT LEAST ONCE the correct hash in his entire lifetime is then:
R = 1-Q where Q = (1-P)^7604 = ( 1 - 1/2^1000 )^7604
Basic maths gives that Q > 1 - 7604/2^1000 = 1 - 10^(-297.149) > 1 - 10^(-297)
So R < 10^(-297) < 1/2^986
Yes, R < 1/2^986
TLDR
It's easier to crack 6 different bitcoin addresses with only 6 guesses than to a human to calculate a correct bitcoin address hash in his lifetime
Yes, I call that impossible
well the math is above me lol, but couldn't your 'super-smart' be a little smarter and instead of doing the math himself, be allocated to to the of task simply breaking it up into easier micro chunks of math to be distributed amongst an army of mental sweatshop laborers and then supersmart guy checks over for errors and does the final math on it? assuming a low amount of errors, it would reduce the time significantly would it not? In some countries right just paying the workers with food (some economical high protein stuff like peanut butter!) would be incentive enough.
note i'm am conscious of 3rd world war/global poverty issues and don't mean to be insensitive here, so please don't interpret as that.
An alternative is to use your camera and take a picture of the dice, take a picture of the sky and some random things. Then download those pictures and run it through sha256sum.
Actually a single dark picture (cover the lens with your hand) is good enough. The resulting noise and hot pixels in the image are a good source of entropy, coming directly from the sensor (ie hardware).
Quote
Although graphing calculators have been called inexpensive in education reform research,[4] the TI-84 Plus Silver Edition costs $139.00 as of 2013 on the TI online store.
I think I'm better off getting the cheapest android unit that can run bitaddress or some app that does the same thing.
paid the bounty, now how can i get a public key with not using a computer, nearly impossible I gather?
Your best bet is to take your private key into an offline computer to calculate it for you.
That's what I've been saying. Offline computer to calculate it for you. Can be an offline Android smartphone or tablet. Dice is your entropy source.
.5 btc bounty for a program that will hash working bitcoin addresses and works on a TI-83+
Where can I get one of those? Is that a calculator? On googling, it is a discontinued model. Can you update your request to something I can get today?
And if you include today's smart phones, then we have the solution already. Grab the cheapest model, put bitaddress.org on it, then zap out the antenna or SIM card. Store it in the refrigerator. Cold storage.
http://www.thediceshoponline.com/dice/4411/Hexidice-D16-Hexadecimal-Dice
Hexadecimal Dice. 16 sided. Roll 64 times. Private key.
Hexadecimal Dice. 16 sided. Roll 64 times. Private key.
What am I, chopped liver?
An alternative is to use your camera and take a picture of the dice, take a picture of the sky and some random things. Then download those pictures and run it through sha256sum.
http://www.thediceshoponline.com/dice/4411/Hexidice-D16-Hexadecimal-Dice
Hexadecimal Dice. 16 sided. Roll 64 times. Private key.
Hexadecimal Dice. 16 sided. Roll 64 times. Private key.
What am I, chopped liver?
paid the bounty, now how can i get a public key with not using a computer, nearly impossible I gather?
Your best bet is to take your private key into an offline computer to calculate it for you.
http://www.thediceshoponline.com/dice/4411/Hexidice-D16-Hexadecimal-Dice
Hexadecimal Dice. 16 sided. Roll 64 times. Private key.
Hexadecimal Dice. 16 sided. Roll 64 times. Private key.
This is my attempt at a solution.
https://www.youtube.com/watch?v=CzrgJ0jA4dg
Does it count as a solution if I designed it using a pen and paper
https://www.youtube.com/watch?v=CzrgJ0jA4dg
Does it count as a solution if I designed it using a pen and paper
You could also buy a 16 sided dice or something and use 0-F which would be more proper. If you do it this way, the max address you can use is FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141
Just pedantry here, but there's no such thing as a fair 16 sided die. Fair dice can only be made from platonic solids.
I thought this too when I was looking for dice to generate private keys (actually, to generate electrum wallet seeds, but the principle is the same). But actually you are mistaken. The dice need not be platonic. I bought a bunch of 16-sided dice here: http://www.thediceshoponline.com/dice-search/16-sided. They need only possess sufficient rotational and reflectional symmetry, so that each face has an equal chance of landing up. It seems to me, the general idea behind the 16-sided models is adaptable to any even number of sides from 6 up (though for 6 itself you'd prefer a cube, and for 8 that gives you the platonic octahedron anyway).
The public key part is very difficult with just pen and paper. Thus an offline bitaddress. You could use a dedicated offline computer or smartphone for this.
Use 100 dice rolls, convert to hex, then use that as the private key.
At the very least, you are absolutely sure the RNG is truly random and not broken.
Use 100 dice rolls, convert to hex, then use that as the private key.
At the very least, you are absolutely sure the RNG is truly random and not broken.
The bounty has been claimed, but I propose using an unbiased dice generation method.
Use base 6 for the 6 sided dice. Roll it about 100 times (really.) Write it down. Then convert that to hexadecimal and you have your private key with no bias. (Okay, maybe you need another dice roll?)
For example:
1001112400000533003453522130540400324355321453252515013101100231113332152441500 105310450123404240000
becomes
F213DA1F48C5B538B67BB9E25379B1CE0A8C8D8E205B03E3E68BDB35CDECA3A2
Then you plug that in to an offline copy of bitaddress.org on a computer that is never used for any other purpose (or uses a Live CD), and we get this:
Bitcoin Address (compressed): 1A2nR6q3aUQPJKpA2YFXjqRdh6XN8WAxKQ
Private Key WIF (compressed, 52 characters base58, starts with a 'K' or 'L'): L5LH5Sg1reynj5pKbVcUo6uvbQTnxnqQs1W1ghACrgdU5A1WJm3J
If that looks better, you can also send me a coin. If not, uh, I tried. hehe. (coin address in my signature.)
For the dice roll, subtract by 1 to get the base 6 digit.
1 = 0
2 = 1
3 = 2
4 = 3
5 = 4
6 = 5
Use base 6 for the 6 sided dice. Roll it about 100 times (really.) Write it down. Then convert that to hexadecimal and you have your private key with no bias. (Okay, maybe you need another dice roll?)
For example:
1001112400000533003453522130540400324355321453252515013101100231113332152441500 105310450123404240000
becomes
F213DA1F48C5B538B67BB9E25379B1CE0A8C8D8E205B03E3E68BDB35CDECA3A2
Then you plug that in to an offline copy of bitaddress.org on a computer that is never used for any other purpose (or uses a Live CD), and we get this:
Bitcoin Address (compressed): 1A2nR6q3aUQPJKpA2YFXjqRdh6XN8WAxKQ
Private Key WIF (compressed, 52 characters base58, starts with a 'K' or 'L'): L5LH5Sg1reynj5pKbVcUo6uvbQTnxnqQs1W1ghACrgdU5A1WJm3J
If that looks better, you can also send me a coin. If not, uh, I tried. hehe. (coin address in my signature.)
For the dice roll, subtract by 1 to get the base 6 digit.
1 = 0
2 = 1
3 = 2
4 = 3
5 = 4
6 = 5
What is your proposal for the public key?
Quote
How difficult would it be to create a formula that allows one to create a private and public key using just paper and a pencil?
The bounty has been claimed, but I propose using an unbiased dice generation method.
Use base 6 for the 6 sided dice. Roll it about 100 times (really.) Write it down. Then convert that to hexadecimal and you have your private key with no bias. (Okay, maybe you need another dice roll?)
For example:
1001112400000533003453522130540400324355321453252515013101100231113332152441500 105310450123404240000
becomes
F213DA1F48C5B538B67BB9E25379B1CE0A8C8D8E205B03E3E68BDB35CDECA3A2
Then you plug that in to an offline copy of bitaddress.org on a computer that is never used for any other purpose (or uses a Live CD), and we get this:
Bitcoin Address (compressed): 1A2nR6q3aUQPJKpA2YFXjqRdh6XN8WAxKQ
Private Key WIF (compressed, 52 characters base58, starts with a 'K' or 'L'): L5LH5Sg1reynj5pKbVcUo6uvbQTnxnqQs1W1ghACrgdU5A1WJm3J
If that looks better, you can also send me a coin. If not, uh, I tried. hehe. (coin address in my signature.)
For the dice roll, subtract by 1 to get the base 6 digit.
1 = 0
2 = 1
3 = 2
4 = 3
5 = 4
6 = 5
Use base 6 for the 6 sided dice. Roll it about 100 times (really.) Write it down. Then convert that to hexadecimal and you have your private key with no bias. (Okay, maybe you need another dice roll?)
For example:
1001112400000533003453522130540400324355321453252515013101100231113332152441500 105310450123404240000
becomes
F213DA1F48C5B538B67BB9E25379B1CE0A8C8D8E205B03E3E68BDB35CDECA3A2
Then you plug that in to an offline copy of bitaddress.org on a computer that is never used for any other purpose (or uses a Live CD), and we get this:
Bitcoin Address (compressed): 1A2nR6q3aUQPJKpA2YFXjqRdh6XN8WAxKQ
Private Key WIF (compressed, 52 characters base58, starts with a 'K' or 'L'): L5LH5Sg1reynj5pKbVcUo6uvbQTnxnqQs1W1ghACrgdU5A1WJm3J
If that looks better, you can also send me a coin. If not, uh, I tried. hehe. (coin address in my signature.)
For the dice roll, subtract by 1 to get the base 6 digit.
1 = 0
2 = 1
3 = 2
4 = 3
5 = 4
6 = 5
My trying to increase the probability by multiplying by 10 billions proves suggests that I have no idea how the numbers evolved here. Evidence of a proposition is not the same as a proof of that proposition within a model.
In fact, I admitted that I only skimmed your calculations, and I'll further admit that throwing in all humans as workers was a sorta off the shoulder comment made without consideration of the specificity of your calculations. I'm focusing on the categorical difference between impossibility and improbability.
If your argument is basically this: X is improbable.
And my reply is this: X is improbable doesn't imply X is impossible.
And your reply is this: no, X is very very improbable.
Then it seems like we're talking past each other.
You said you like semantics. So do I! Perhaps we can find some agreement here:
1) An event with probability > 0 is not impossible.
2) A proposition supported only by inductive evidence is not deductively proven.
Cheers!
AgainIn fact, I admitted that I only skimmed your calculations, and I'll further admit that throwing in all humans as workers was a sorta off the shoulder comment made without consideration of the specificity of your calculations. I'm focusing on the categorical difference between impossibility and improbability.
If your argument is basically this: X is improbable.
And my reply is this: X is improbable doesn't imply X is impossible.
And your reply is this: no, X is very very improbable.
Then it seems like we're talking past each other.
You said you like semantics. So do I! Perhaps we can find some agreement here:
1) An event with probability > 0 is not impossible.
2) A proposition supported only by inductive evidence is not deductively proven.
Cheers!
Quote
Calculating something is also being sure your result is right. And that is precisely impossible.
It's not impossible to correctly get a hash by hand once, it's impossible to calculate it in the sense of being sure you have the right result
The dice method is great!!! Now I can be sure that my key is a really good key with almost 0 chance of collision 
I wouldn't be so sure. Your private key will probably be full of 7's
(from http://hyperphysics.phy-astr.gsu.edu/hbase/math/dice.html).
I'd rather flip a coin 256 times. Or better, 256 coins once (decreases the effect of a biased coin)
Hashes are impossible by hand...
Wouldn't a LiveCD on an offline HDD-less PC enough?
Wouldn't a LiveCD on an offline HDD-less PC enough?
I haven't looked at the details of the hashing algorithm used to generate the public address from the private key. However, I don't think impossible is correct. I mean, everything a computer does can (in principle) be simulated using a very long tape and a pencil (see universal Turing machine).
Im just saying, difficult/tedious != impossible.
You want to play with semantics?
Ok, let's play.
[snip]
Basic maths gives that Q > 1 - 7604/2^1000 = 1 - 10^(-297.149) > 1 - 10^(-297)
So R < 10^(-297) < 1/2^986
Yes, R < 1/2^986
TLDR
It's easier to crack 6 different bitcoin addresses with only 6 guesses than to a human to calculate a correct bitcoin address hash in his lifetime
Yes, I call that impossible
It's still easier to crack 6 different bitcoin addresses with only 1000 guesses than to 10 billions humans to calculate a correct bitcoin address hash in their lifetimes.
Your trying to increase the probability by multiplying by 10 billions proves that you really have no idea about the numbers evolved here.
Calculating something is also being sure your result is right. And that is precisely impossible.
My trying to increase the probability by multiplying by 10 billions
In fact, I admitted that I only skimmed your calculations, and I'll further admit that throwing in all humans as workers was a sorta off the shoulder comment made without consideration of the specificity of your calculations. I'm focusing on the categorical difference between impossibility and improbability.
If your argument is basically this: X is improbable.
And my reply is this: X is improbable doesn't imply X is impossible.
And your reply is this: no, X is very very improbable.
Then it seems like we're talking past each other.
You said you like semantics. So do I! Perhaps we can find some agreement here:
1) An event with probability > 0 is not impossible.
2) A proposition supported only by inductive evidence is not deductively proven.
Cheers!
Hashes are impossible by hand...
Wouldn't a LiveCD on an offline HDD-less PC enough?
Wouldn't a LiveCD on an offline HDD-less PC enough?
I haven't looked at the details of the hashing algorithm used to generate the public address from the private key. However, I don't think impossible is correct. I mean, everything a computer does can (in principle) be simulated using a very long tape and a pencil (see universal Turing machine).
Im just saying, difficult/tedious != impossible.
You want to play with semantics?
Ok, let's play.
[snip]
Basic maths gives that Q > 1 - 7604/2^1000 = 1 - 10^(-297.149) > 1 - 10^(-297)
So R < 10^(-297) < 1/2^986
Yes, R < 1/2^986
TLDR
It's easier to crack 6 different bitcoin addresses with only 6 guesses than to a human to calculate a correct bitcoin address hash in his lifetime
Yes, I call that impossible
It's still easier to crack 6 different bitcoin addresses with only 1000 guesses than to 10 billions humans to calculate a correct bitcoin address hash in their lifetimes.
Your trying to increase the probability by multiplying by 10 billions proves that you really have no idea about the numbers evolved here.
Calculating something is also being sure your result is right. And that is precisely impossible.
Hashes are impossible by hand...
Wouldn't a LiveCD on an offline HDD-less PC enough?
Wouldn't a LiveCD on an offline HDD-less PC enough?
I haven't looked at the details of the hashing algorithm used to generate the public address from the private key. However, I don't think impossible is correct. I mean, everything a computer does can (in principle) be simulated using a very long tape and a pencil (see universal Turing machine).
Im just saying, difficult/tedious != impossible.
You want to play with semantics?
Ok, let's play.
[snip]
Basic maths gives that Q > 1 - 7604/2^1000 = 1 - 10^(-297.149) > 1 - 10^(-297)
So R < 10^(-297) < 1/2^986
Yes, R < 1/2^986
TLDR
It's easier to crack 6 different bitcoin addresses with only 6 guesses than to a human to calculate a correct bitcoin address hash in his lifetime
Yes, I call that impossible
Yes, I love semantics!
Sorry, I only skimmed the maths, but as far as I can tell your argument is based on the improbability of finding the right answer and the speed of calculation of a human also taking into consideration the length of a lifespan.
You've certainly convinced me that it's improbable. But improbable != impossible.
Really, all I have to do now is employ the 6.5 billion humans in the world at this task and implement a reasonable work-sharing scenario.
I am offering a 1btc bounty for someone who can demonstrate a repeatable method for calculating a private key using only paper pencil and brain
What an easy challenge for a huge bounty, I really should hang out on this forum more. A user just gained about $140 for teaching people how to throw dice.
You could also buy a 16 sided dice or something and use 0-F which would be more proper. If you do it this way, the max address you can use is FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4141
Just pedantry here, but there's no such thing as a fair 16 sided die. Fair dice can only be made from platonic solids.
The idea I had to use the full range of bits would be to throw an 8-sided die and write down the private key in octal format. Each throw gives you 3 bits of randomness so to get 256 bits you need to throw 86 times.
Also, instead of throwing two 6-sided dice you could throw a single 12-sided dodecahedron.
Also, you could throw a 4-sided die and a 12-sided die, together giving you up any number in the range 0-F.
Or you could just flip a coin 256 times.
But generating a private key is the easy part. More interesting is generating the corresponding public key. If I'm not mistake that requires calculating the point multiplication of the private key, I guess it could be done since all the long multiplication and long addition stuff you learn at school still works for hex and octal if you stop thinking in base 10. It would take a couple of weeks I imagine. And you'd want to do it a couple of times to make sure you haven't made a mistake.
You may also want to look into this: http://procbits.com/2013/08/27/generating-a-bitcoin-address-with-javascript
Jump to: