BitCrack - A tool for brute-forcing private keys - page 26.

albert0bsd

hero member

Activity: 862

Merit: 662

You only can determine if some publickey is bigger than another publickey if they are NEAR to each other.

Example: Let to suppose that there are two private keys A and B and A > B

If P(A) > P(B) then P(A) - P(B) = P(C) Then P(C) is a positive Value if the value of C is under some low bit range lets to say less than 2^70 (70 bits) you can determine the value of P(C) with some tool like kangaroo of BSGS easily with no effort

So ONLY if the Difference P(A) - P(B) or P(B) - P(A) is under some value easy to find you can know which one of those publickeys are bigger.

If the difference is bigger than 90 bits or something other high value then you CAN NOT know it. Unless you have some GPU farm to calculate those values.

Example:

Code:

P(A) = 025004d7d9c2a3b2d675ada618d9ceda55d1f6a9fdf263e24daa8cbea586af2b2b
P(B) = 02fde2347f83e21198fc48b918f5657c188ffcdd8611b39b987230addb91d05d80

Differences:

P(A) - P(B) = 0379be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
P(B) - P(A) = 0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798

Solve it with keyhunt:

Code:

$ cat input.txt
0379be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
$ ./keyhunt -m bsgs -f input.txt -k 128 -t 4 -S -r 1:100000000000000
[+] Version 0.2.211117 SSE Trick or treat ¡Beta!, developed by AlbertoBSD
[+] K factor 128
[+] Threads : 4
[+] Mode BSGS secuential
[+] Opening file input.txt
[+] Added 2 points from file
[+] Range
[+] -- from : 0x1
[+] -- to : 0x100000000000000
[+] N = 0x100000000000
[+] Bloom filter for 536870912 elements : 1840.33 MB
[+] Bloom filter for 16777216 elements : 57.51 MB
[+] Bloom filter for 524288 elements : 1.80 MB
[+] Allocating 8.00 MB for 524288 bP Points
[+] Reading bloom filter from file keyhunt_bsgs_4_536870912.blm .... Done!
[+] Reading bloom filter from file keyhunt_bsgs_6_16777216.blm .... Done!
[+] Reading bP Table from file keyhunt_bsgs_2_524288.tbl .... Done!
[+] Reading bloom filter from file keyhunt_bsgs_7_524288.blm .... Done!
[+] Thread Key found privkey 1
[+] Publickey 0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
[+] Thread 0xfff00000000001
End

The value of 0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 is 1 Positive then if the result of the subtraction P(B) - P(A) is positive, hence P(B) > P(A) for this example.

@PawGo sorry to divert your topic, but i want to reply that question.

PawGo

legendary

Activity: 952

Merit: 1385

Quote from: COBRAS on April 05, 2022, 10:01:46 AM

Quote from: batareyka on December 30, 2021, 12:47:48 PM

Hello everybody. The question arose.
How to determine between the two public keys which is bigger? In addition to the subtraction function.
Example.
123456789 private key is not known to us.
His public key.
025004d7d9c2a3b2d675ada618d9ceda55d1f6a9fdf263e24daa8cbea586af2b2b

And accordingly his rival.
12345678a private key is not known to us
His public key.
02fde2347f83e21198fc48b918f5657c188ffcdd8611b39b987230addb91d05d80

Thanks for the answer.

02fde.... > 02500, so 02fde bigger

If you have 2 points, in 2 dimensions, (1,3) and (3,1), which one would be „bigger”?
I am afraid you have wrong understanding what point is, and it comes from lack of knowledge.

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

Quote from: batareyka on December 30, 2021, 12:47:48 PM

Hello everybody. The question arose.
How to determine between the two public keys which is bigger? In addition to the subtraction function.
Example.
123456789 private key is not known to us.
His public key.
025004d7d9c2a3b2d675ada618d9ceda55d1f6a9fdf263e24daa8cbea586af2b2b

And accordingly his rival.
12345678a private key is not known to us
His public key.
02fde2347f83e21198fc48b918f5657c188ffcdd8611b39b987230addb91d05d80

Thanks for the answer.

02fde.... > 02500, so 02fde bigger

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: sp_ on March 22, 2022, 07:09:27 AM

Millions of GPU's can be obsolete overnight...

If they can just switch to ETC then how do they get obsolete in 3 months?

Quote from: sp_ on March 22, 2022, 07:09:27 AM

I propose a Bitcrack + Ethereum classic dualmininer. Mine ethereum classic and crack bitcoin in the background without reduction in ethash speed.

That's just wasting the GPUs since almost no one has found a decent amount of BTC using Bitcrack (I am not counting the puzzle transactions which were intentionally designed to be cracked). Just point them all to an ETC pool at that point.

sp_

legendary

Activity: 2926

Merit: 1087

Team Black developer

Ethereum will probobly move to POS in 3 months. Millions of GPU's can be obsolete overnight...
I propose a Bitcrack + Ethereum classic dualmininer. Mine ethereum classic and crack bitcoin in the background without reduction in
ethash speed.

The dying ethereum network has 12.9091Petahash.

Or equivalent to around 650 000 000 gtx 1060 6gb.

They hash 100million keys per second each with the bitcrack sp-mod

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: PawGo on February 03, 2022, 07:23:32 AM

I may be wrong, but I have a feeling it is already in place. The difference between RIPEMD160 and final address is that address is base58 encoded (+checksum +flag). And you are right, encoding candidate just to compare it with expected address makes no sense if you may compare pure RIPEMD160 values of both.

I would still generate both types of address if they have been cracked by the program.

It would suck for someone to find a key after so many months only for them to not know how to derive the correct type themselves. Script rules let you interchange private keys for those addys (because they are one and the same) but I don't think it would be obvious that you had an uncompressed addr instead of the compressed one you were using all along, because tx history is not shared between them.

PawGo

legendary

Activity: 952

Merit: 1385

Quote from: zahid888 on February 02, 2022, 12:18:14 PM

Is any version of Bitcrack available that searches for repidme 120 instead of addresses? maybe it will increase the speed

I may be wrong, but I have a feeling it is already in place. The difference between RIPEMD160 and final address is that address is base58 encoded (+checksum +flag). And you are right, encoding candidate just to compare it with expected address makes no sense if you may compare pure RIPEMD160 values of both.

zahid888

member

Activity: 275

Merit: 20

the right steps towerds the goal

Is any version of Bitcrack available that searches for repidme 120 instead of addresses? maybe it will increase the speed

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: GBT_User on January 03, 2022, 10:59:54 AM

Sure you need 58^10 combinations, which is quite a lot. There is no other way that I see.
So you need a fast algorithm.
I could probably write something in Javascript or Python but they will not be fast enough I fear.

Is there no way to read one of the 10 missing characters even slightly ?
sometimes you can try to see where the paper is slightly pressed by the pen?
What kind of reward did you have in mind ?

You're a bit late. We managed to get something running for him a few days ago here: https://bitcointalksearch.org/topic/m.58891921

GBT_User

newbie

Activity: 17

Merit: 0

Quote from: soferox on December 30, 2021, 04:33:39 PM

Quote from: itod on December 30, 2021, 09:39:30 AM

Quote from: soferox on December 29, 2021, 05:48:01 PM

I have a question. Recently there was a flood and a notebook containing a offline wallet was damage and it destroyed part of a WIF private key, so now I basically have:

Kw**********(I have the next 40 characters, just not posting for obvious reasons), so I am missing 10 characters in all.

I also have the public key. Is it possible to use this software to start a search at Kw... and iterate over the missing 10 characters with the known 40 characters also in the key.

For example : 1GuqEWwH5iRZ89oo5xw26FqmyZFMWZrtPi - is the public address

and for the WIF private key I'd have Kw**********JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7

Any advice is appreciated and examples are even more appreciated

Thank you,
S.

It's a good thing that you have end of WIF format data where the checksum is. You have to first Base58 decode the string (with corrupted part, or you can replace the corrupted part with zeros). Since you are doing it only once you can use this online tool:
https://www.browserling.com/tools/base58-decode

Once you have decoded number you can use the checksum to quickly check the possible missing values, if the checksum does not match you do not need the other calculations to get public key and check against it.
This is enormous speed-up, this is doable even on CPU, no need for GPU.

I doubt that you have some ready made tool for this second step, have to do some work yourself to code checking the missing values against the checksum. Good luck!

Edit:
Just tried it with some test values, you have to do Base58 Decode for all possible versions of missing values, not only once, string before corrupted characters stays the same but Base58 Encode changes all values after the corrupted place.

However, this is still much, much faster then generating Public key, doable on CPU for sure.

I believe I tried this with CPU and it was going to take a crazy amount of years to go through all combos. So perhaps I am doing something wrong. I am willing to pay a bounty for any help and code examples provided.

Thanks,
S.

Sure you need 58^10 combinations, which is quite a lot. There is no other way that I see.
So you need a fast algorithm.
I could probably write something in Javascript or Python but they will not be fast enough I fear.

Is there no way to read one of the 10 missing characters even slightly ?
sometimes you can try to see where the paper is slightly pressed by the pen?
What kind of reward did you have in mind ?

batareyka

jr. member

Activity: 38

Merit: 1

I am very grateful to you for your answer.

_Counselor

member

Activity: 110

Merit: 61

Quote from: batareyka on December 30, 2021, 12:47:48 PM

Hello everybody. The question arose.
How to determine between the two public keys which is bigger? In addition to the subtraction function.
Example.
123456789 private key is not known to us.
His public key.
025004d7d9c2a3b2d675ada618d9ceda55d1f6a9fdf263e24daa8cbea586af2b2b

And accordingly his rival.
12345678a private key is not known to us
His public key.
02fde2347f83e21198fc48b918f5657c188ffcdd8611b39b987230addb91d05d80

Thanks for the answer.

There is no way to do this. If it were possible, the ecc would be completely broken.

soferox

member

Activity: 78

Merit: 133

Quote from: itod on December 30, 2021, 09:39:30 AM

Quote from: soferox on December 29, 2021, 05:48:01 PM

I have a question. Recently there was a flood and a notebook containing a offline wallet was damage and it destroyed part of a WIF private key, so now I basically have:

Kw**********(I have the next 40 characters, just not posting for obvious reasons), so I am missing 10 characters in all.

I also have the public key. Is it possible to use this software to start a search at Kw... and iterate over the missing 10 characters with the known 40 characters also in the key.

For example : 1GuqEWwH5iRZ89oo5xw26FqmyZFMWZrtPi - is the public address

and for the WIF private key I'd have Kw**********JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7

Any advice is appreciated and examples are even more appreciated

Thank you,
S.

It's a good thing that you have end of WIF format data where the checksum is. You have to first Base58 decode the string (with corrupted part, or you can replace the corrupted part with zeros). Since you are doing it only once you can use this online tool:
https://www.browserling.com/tools/base58-decode

Once you have decoded number you can use the checksum to quickly check the possible missing values, if the checksum does not match you do not need the other calculations to get public key and check against it.
This is enormous speed-up, this is doable even on CPU, no need for GPU.

I doubt that you have some ready made tool for this second step, have to do some work yourself to code checking the missing values against the checksum. Good luck!

Edit:
Just tried it with some test values, you have to do Base58 Decode for all possible versions of missing values, not only once, string before corrupted characters stays the same but Base58 Encode changes all values after the corrupted place.

However, this is still much, much faster then generating Public key, doable on CPU for sure.

I believe I tried this with CPU and it was going to take a crazy amount of years to go through all combos. So perhaps I am doing something wrong. I am willing to pay a bounty for any help and code examples provided.

Thanks,
S.

batareyka

jr. member

Activity: 38

Merit: 1

Hello everybody. The question arose.
How to determine between the two public keys which is bigger? In addition to the subtraction function.
Example.
123456789 private key is not known to us.
His public key.
025004d7d9c2a3b2d675ada618d9ceda55d1f6a9fdf263e24daa8cbea586af2b2b

And accordingly his rival.
12345678a private key is not known to us
His public key.
02fde2347f83e21198fc48b918f5657c188ffcdd8611b39b987230addb91d05d80

Thanks for the answer.

itod

legendary

Activity: 1974

Merit: 1077

^ Will code for Bitcoins

Quote from: soferox on December 29, 2021, 05:48:01 PM

I have a question. Recently there was a flood and a notebook containing a offline wallet was damage and it destroyed part of a WIF private key, so now I basically have:

Kw**********(I have the next 40 characters, just not posting for obvious reasons), so I am missing 10 characters in all.

I also have the public key. Is it possible to use this software to start a search at Kw... and iterate over the missing 10 characters with the known 40 characters also in the key.

For example : 1GuqEWwH5iRZ89oo5xw26FqmyZFMWZrtPi - is the public address

and for the WIF private key I'd have Kw**********JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7

Any advice is appreciated and examples are even more appreciated

Thank you,
S.

It's a good thing that you have end of WIF format data where the checksum is. You have to first Base58 decode the string (with corrupted part, or you can replace the corrupted part with zeros). Since you are doing it only once you can use this online tool:
https://www.browserling.com/tools/base58-decode

Once you have decoded number you can use the checksum to quickly check the possible missing values, if the checksum does not match you do not need the other calculations to get public key and check against it.
This is enormous speed-up, this is doable even on CPU, no need for GPU.

I doubt that you have some ready made tool for this second step, have to do some work yourself to code checking the missing values against the checksum. Good luck!

Edit:
Just tried it with some test values, you have to do Base58 Decode for all possible versions of missing values, not only once, string before corrupted characters stays the same but Base58 Encode changes all values after the corrupted place.

However, this is still much, much faster then generating Public key, doable on CPU for sure.

mynonce

full member

Activity: 233

Merit: 253

Quote from: PawGo on December 30, 2021, 04:57:02 AM

3) BUT! If you say that you know publickey, we may use even faster solution, Kangaroo. I have prepared a special version of it to work with custom stride, somewhere on the forum I post explanation how it works. If it works, for 10 missing characters result will be done in VERY reasonable time.

Quote from: soferox on December 29, 2021, 09:49:53 PM

Quote from: mynonce on December 29, 2021, 09:45:16 PM

If there is an outgoing transaction, then with the un/compressed public key and kangaroo or pollard, also possible.

Sadly this was an offline wallet, so it only ever had incoming transaction. It has never sent out.

@PawGo
New thread for that case
Missing 10 Characters in WIF Private Key - Can I recover them?
https://bitcointalksearch.org/topic/missing-10-characters-in-wif-private-key-can-i-recover-them-5379131

PawGo

legendary

Activity: 952

Merit: 1385

Hi,
1) you may check my program WifSolver to see if it helps.
https://github.com/PawelGorny/WifSolver

2) in your case I think it is possible to convert program into task for BitCrack. Using Gpu solution will be find much faster. Let me know if you need help with configuring bitcrack - how to configure range start/stop, stride etc

3) BUT! If you say that you know publickey, we may use even faster solution, Kangaroo. I have prepared a special version of it to work with custom stride, somewhere on the forum I post explanation how it works. If it works, for 10 missing characters result will be done in VERY reasonable time.

Check the post:
https://bitcointalksearch.org/topic/--5315607

soferox

member

Activity: 78

Merit: 133

I don't think this will help. I have already done something similar which is how I cam to determine it will take to long. But thank you for offering help. I appreciate it.

Thanks,
S.

soferox

member

Activity: 78

Merit: 133

soferox

member

Activity: 78

Merit: 133

Quote from: ?? on ??

no ,just 5 minutes:)

if you know Kw**********JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7, you can setup only for start "kw" with end "JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7"

Those 10 missing characters having a possible 58^10th power though. So it definitely won't take 5 minutes to brute force the 10 unknown characters. Unless what I am asking. can i set this software up to start at Kw and end with my 40 characters which would improve my chances by a lot using GPUs as using a CPU will not be possible in my lifetime.

If you can show an example of how I should configure the command to run this software I would greatly appreciate it, and happily tip once I recover the key.

Topic: BitCrack - A tool for brute-forcing private keys - page 26. (Read 76850 times)