It appears to the be the NIZKP that is broken when you have ____ ring signatures with the same ____ but I am still trying to prove this.
Appreciate the edit.
Topic: delete - page 3. (Read 27647 times)
Appreciate the edit.
Smooth and Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to. 
That is essentially what I meant by arguably. But cracking that "encryption" wouldn't allow you to steal wallets so even that usage doesn't allow for a consistent interpretation of the quote.
He said the encryption is not the broken part. Hehe, we are playing word games. Hey you started it. Hehe. No problem.
It's all nonsense (meaning trying infer the original usage of encryption as meaningful). The term encryption makes no sense in the original context and was just misused.
The "hehe" was me being nice. His usage is correct. The encryption part is not broken. It appears to the be the NIZKP that is broken when you have ____ ring signatures with the same ____ but I am still trying to prove this.
Smooth and Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to.
That is essentially what I meant by arguably. But cracking that "encryption" wouldn't allow you to steal wallets so even that usage doesn't allow for a consistent interpretation of the quote.
He said the encryption is not the broken part. Hehe, we are playing word games. Hey you started it. Hehe. No problem.
It's all nonsense (meaning trying infer the original usage of encryption as meaningful). The term encryption makes no sense in the original context and was just misused.
Smooth and Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to.
That is essentially what I meant by arguably. But cracking that "encryption" wouldn't allow you to steal wallets so even that usage doesn't allow for a consistent interpretation of the quote.
He said the encryption is not the broken part. Hehe, we are playing word games. Hey you started it. Hehe. No problem.
Smooth and Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to.
That is essentially what I meant by arguably. But cracking that "encryption" wouldn't allow you to steal wallets so even that usage doesn't allow for a consistent interpretation of the quote.
Well BCX did offer to show a live chain demonstration to Maxwell.
Almost but not exactly.
If gmaxwell is so sure in his belief of "bullshit" then a live chain demonstration isn't possible is it?
I am not that eager to go head to head with a Bitcoin Core Dev for the obvious political reasons.
If I win, I lose.
~BCX~
What is there for you to lose? Judging by all these threads, it can't be much.
Either put up or move on.
You write that you have nothing to gain from "attacking monero", but you some how have time to keep up on it's many threads?
James I will sleep first. If anyone can beat me to it, go ahead. Again nothing may come of my hunch.
Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to. Perhaps you forgot it is not just a digital signature as in Buttcoin.
I'll put up 10 BTC if you prove that such a critical vulnerability exists, and deliver the proof to me privately. Further conditions apply, PM me if you're serious on taking up my offer. Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to.
Perhaps you forgot it is not just a digital signature as in Buttcoin.
James I will sleep first. If anyone can beat me to it, go ahead. Again nothing may come of my hunch.
Smooth and Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to. Perhaps you forgot it is not just a digital signature as in Buttcoin.
https://cryptonote.org/whitepaper.pdf#page=7
Smooth and Gmaxell the CN does have encryption because only the receiver can decrypt who the coin was spent to.
Perhaps you forgot it is not just a digital signature as in Buttcoin.https://cryptonote.org/whitepaper.pdf#page=7
Quote
First, the sender performs a Diffie-Hellman exchange to get a shared secret from his data and
half of the recipient’s address. Then he computes a one-time destination key, using the shared
secret and the second half of the address. Two different ec-keys are required from the recipient
for these two steps, so a standard CryptoNote address is nearly twice as large as a Bitcoin wallet
address. The receiver also performs a Diffie-Hellman exchange to recover the corresponding
secret key.
half of the recipient’s address. Then he computes a one-time destination key, using the shared
secret and the second half of the address. Two different ec-keys are required from the recipient
for these two steps, so a standard CryptoNote address is nearly twice as large as a Bitcoin wallet
address. The receiver also performs a Diffie-Hellman exchange to recover the corresponding
secret key.
Careful. Encryption could mean the one-time ring signature is not broken, rather the way it is implemented
Encryption does not mean signature, ring or otherwise. Two different concepts. There is very little encryption in the protocol, arguably none at all.
So I'm not even sure what the original quote means at all, other than a somewhat confused mishmash of "big words."
The only way I see to make sense of it is to interpret encryption as cryptography as fluffypony said and gmaxwell seems to have also inferred. But it could mean something else. When you invent your own definitions for words you can later say you meant just about anything.
A theft bug that cannot be fixed without breaking the system's privacy must be a cryptographic one. Thats a pretty strong claim which deserves some strong evidence. Other systems are using related cryptosystems, and would benefit greatly from knowing it was broken. BCX should publish his discovery.
2) There is no break down in the encryption but in how it is implemented.
This is in direct contradiction to your original claim that it cannot be fixed without giving up on anonymity. I call bullshit.In the quote he is talking about encryption.
In your response you are talking about anonymity.
On the Original post he says, "To fix this, anonymity will need to be sacrificed..."
Isn't anonymity and encryption two different things? Where is the contradiction?
The anonymity is expressed in the whitepaper - if anonymity has to be sacrificed then it would be because the maths / crypto in the whitepaper is wrong.
I think the answer to your question in bold is no, here the anonymity and encryption are not two different things.
You think... Not good enough. Fluffpony basically ignored the questions. Can we have someone that knows what they are talking about respond please.
I'd hazard that he misspoke when he said encryption, and he meant "cryptography" instead. Otherwise it makes no sense - there's a keyring flaw and we have to sacrifice anonymity, but the breakdown is not in the encryption but in the implementation thereof? Confused.
Careful. Encryption could mean the one-time ring signature is not broken, rather the way it is implemented perhaps referring to having multiple intersecting ring signatures simultaneously. Afaics the whitepaper did not address the math of such an intersection.
Quote from: private message
Reading between the lines it sounds like you think that BCX can actually steal wallets remotely. I wont disclose any details to anybody else, but I am curious to know if indeed this is possible. I had assumed that all the wallets are using oneway trapdoor functions that cannot be reversed.
With the cryptonote key images and multiple signers and a lot of hashing power, could it be possible to bruteforce solve a wallet's privatekey?
With the cryptonote key images and multiple signers and a lot of hashing power, could it be possible to bruteforce solve a wallet's privatekey?
As I wrote upthread, it might be possible using multiple intersecting rings to use a system of simultaneous equations to find the 'x' private keys that are supposed to be hidden by the non-interactive Zero Knowledge Proof. However, I didn't work through the math to see if my hunch is true.
However by that time, the coins are already spent on the blockchain (unless you can intercept before), so you need the hashrate and or Time Warp Attack to backup the blockchain and double-spend them to yourself.
This wouldn't be the first time I had an insight that gmaxell didn't although he has returned the favor of me a few times too.
I am lazy to do the math because I don't see anyone offering me some considerable amount of money and I doubt I could use the exploit if I found it. If someone puts up a big bounty, I will investigate.
I could be way off course. It is just a hunch.
I hope that Risto will match my 5 BTC bounty
James
Careful. Encryption could mean the one-time ring signature is not broken, rather the way it is implemented
Encryption does not mean signature, ring or otherwise. Two different concepts. There is very little encryption in the protocol, arguably none at all.
So I'm not even sure what the original quote means at all, other than a somewhat confused mishmash of "big words."
The only way I see to make sense of it is to interpret encryption as cryptography as fluffypony said and gmaxwell seems to have also inferred. But it could mean something else. When you invent your own definitions for words you can later say you meant just about anything.
old and young...and they quarrel like children 
lol
i guess that's the price of anonymity
loli guess that's the price of anonymity
But how much do you bench?
Thanks! That comment literally made my week!
PS: 1 rep max 155kg bench
I don´t know in kg but i am able to lift 3 crates of beer from the supermarket to my car.
This thread is reminding me of the tussles with my childhood friends.
Well to you young studs, I am 49 and at least I can still lift my 5
I'm 31 so I guess that makes you technically old enough to be my dad.
49 what the hell, I didn't realize old people were in crypto.
~BCX~
Don't feel too much pity on me...
Seriously I can still bench 120 - 140kg and squat I don't know but in my 20s I did about 250 kg. I am 5'7" (169cm) and about 75 - 80kg.
My athleticism would be much greater if I wasn't suffering from a progressive autoimmune condition (which just might be improving since I started AHCC treatment in May).
Note I was an exceptional athlete most of my life though. For example I ran a sub 4:30 mile, sub 2:00 800 meters. I also ran 4.5 ish 40 meter dash, was a MVP at cornerback, etc..
I still compete with the young guys in basketball full speed. My vertical is still over 24" (just recently improved from 19").
2) There is no break down in the encryption but in how it is implemented.
This is in direct contradiction to your original claim that it cannot be fixed without giving up on anonymity. I call bullshit.In the quote he is talking about encryption.
In your response you are talking about anonymity.
On the Original post he says, "To fix this, anonymity will need to be sacrificed..."
Isn't anonymity and encryption two different things? Where is the contradiction?
The anonymity is expressed in the whitepaper - if anonymity has to be sacrificed then it would be because the maths / crypto in the whitepaper is wrong.
I think the answer to your question in bold is no, here the anonymity and encryption are not two different things.
You think... Not good enough. Fluffpony basically ignored the questions. Can we have someone that knows what they are talking about respond please.
I'd hazard that he misspoke when he said encryption, and he meant "cryptography" instead. Otherwise it makes no sense - there's a keyring flaw and we have to sacrifice anonymity, but the breakdown is not in the encryption but in the implementation thereof? Confused.
Careful. Encryption could mean the one-time ring signature is not broken, rather the way it is implemented perhaps referring to having multiple intersecting ring signatures simultaneously. Afaics the whitepaper did not address the math of such an intersection.
Quote from: private message
Reading between the lines it sounds like you think that BCX can actually steal wallets remotely. I wont disclose any details to anybody else, but I am curious to know if indeed this is possible. I had assumed that all the wallets are using oneway trapdoor functions that cannot be reversed.
With the cryptonote key images and multiple signers and a lot of hashing power, could it be possible to bruteforce solve a wallet's privatekey?
With the cryptonote key images and multiple signers and a lot of hashing power, could it be possible to bruteforce solve a wallet's privatekey?
As I wrote upthread, it might be possible using multiple intersecting rings to use a system of simultaneous equations to find the 'x' private keys that are supposed to be hidden by the non-interactive Zero Knowledge Proof. However, I didn't work through the math to see if my hunch is true.
However by that time, the coins are already spent on the blockchain (unless you can intercept before), so you need the hashrate and or Time Warp Attack to backup the blockchain and double-spend them to yourself.
This wouldn't be the first time I had an insight that gmaxell didn't although he has returned the favor of me a few times too.
I am lazy to do the math because I don't see anyone offering me some considerable amount of money and I doubt I could use the exploit if I found it. If someone puts up a big bounty, I will investigate.
I could be way off course. It is just a hunch.
But how much do you bench?
Thanks! That comment literally made my week!
PS: 1 rep max 155kg bench
I don´t know in kg but i am able to lift 3 crates of beer from the supermarket to my car.
This thread is reminding me of the tussles with my childhood friends.
Well to you young studs, I am 49 and at least I can still lift my 5
49 what the hell, I didn't realize old people were in crypto.
I'm 31 so I guess that makes you technically old enough to be my dad.
~BCX~
49 old ??
He's still a pup !!
62 here ..
Triff ..
But how much do you bench?
Thanks! That comment literally made my week!
PS: 1 rep max 155kg bench
I don´t know in kg but i am able to lift 3 crates of beer from the supermarket to my car.
This thread is reminding me of the tussles with my childhood friends.
Well to you young studs, I am 49 and at least I can still lift my 5
lots of black people
read the signature my dear troll u may need to triple read it to let it get into ur brains
~CfA~
And are stuck in 2013 talking about "revolutionary wallets" in the age if NXT.
I've seen the Nxt wallet. The one under development for Monero is revolutionary.
Re. Vertcoin, it is currently #40 on coinmarketcap. I don't spent my time studying every one of the top 40 coins.
In terms of ease of use that would indeed be a vast improvement. But we're not quite able to accomplish that yet.
It's just u. I have 1424 posts signed with my CfA brand. U have 1. BCX has 3400.
~CfA~
~CfA~
And are stuck in 2013 talking about "revolutionary wallets" in the age if NXT.
I've seen the Nxt wallet. The one under development for Monero is revolutionary.
Re. Vertcoin, it is currently #40 on coinmarketcap. I don't spent my time studying every one of the top 40 coins.
Jump to: