Guys I think the community need to take it seriously about NSA breaking the encryption.
I will as soon as you can explain in specific terms exactly what the NSA can do to Bitcoin with a quantum computer. 
Topic: Has the NSA already broken bitcoin? - page 11. (Read 50483 times)
I have a fantastic idea - lets use an NSA algorithm to secure Bitcoin!!
They're good people. Who's with me?
They're good people. Who's with me?
Guys I think the community need to take it seriously about NSA breaking the encryption.
WAKEUPCALL --
NSA Just bought a D-wave QUANTUM COMPUTER!!! in there brand new 1billion data senter in utar...
This isnt a dream its going to become a reality and you programmer peps need to get yr ass's in gear and look at a post quantum computer bitcoin world..
Links Below
http://www.extremetech.com/computing/173898-the-nsa-is-building-a-quantum-computer-to-crack-encryption
http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/02/confused-about-the-nsas-quantum-computing-project-this-mit-computer-scientist-can-explain/
And heres the wiki on there fancy data center thats gonna fu@k our economy up..!
http://en.wikipedia.org/wiki/Utah_Data_Center
Not quite the proverbial "box of fans," but nothing to panic over yet.
Search for previous threads on this topic. They're very interesting.
How is our owning a data analysis center going to ruin the economy?
Guys I think the community need to take it seriously about NSA breaking the encryption.
http://techstring.files.wordpress.com/2014/01/lw4a1956.jpg?w=474&h=316
WAKEUPCALL --
NSA Just bought a D-wave QUANTUM COMPUTER!!! in there brand new 1billion data senter in utar...
This isnt a dream its going to become a reality and you programmer peps need to get yr ass's in gear and look at a post quantum computer bitcoin world..
Links Below
http://www.extremetech.com/computing/173898-the-nsa-is-building-a-quantum-computer-to-crack-encryption
http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/02/confused-about-the-nsas-quantum-computing-project-this-mit-computer-scientist-can-explain/
And heres the wiki on there fancy data center thats gonna fu@k our economy up..!
http://en.wikipedia.org/wiki/Utah_Data_Center
From the horse's mouth..
http://www.democracynow.org/2013/9/6/the_end_of_internet_privacy_glenn
If you ask me, anything is possible. After all, its only data.
http://www.democracynow.org/2013/9/6/the_end_of_internet_privacy_glenn
If you ask me, anything is possible. After all, its only data.
NSA does not need to break bitcoin, something bigger is in the pipelines https://bitcointalksearch.org/topic/internet-to-fracture-along-national-borders-325642
I don't believe it... I could never think of any sci-fi-ass machine capable of cracking SHA256. Of course with Snowden's verification, how could it be false? I'm horrified. Are our savings subject to overnight destruction?
Even if they have broken encryption hashing has not been broken. Bitcoin users not effected.Plus we know how SHA works and lots of people had analysed it. Its safe
am i correct that a PRNG on a pc is used 2 ways in Bitcoin; generating a nonce for ECDSA signed tx's and generating SHA256 private keys? any other function i'm missing?
For QT wallet (and probably othets) the encryption passphrase is salted using a nonce. For deterministic wallets the master private key seed would be randomly generated.
nah, Gav addressed this and that's the point of the open surce, you can see the code, and you would just for back to the earlier version. This years 0.8 --> 0.7 for show how quickly this can happen an how transitory its effect was on price
The point made a few pages back was that opensource is a ruse--backdoors in closed source software on the host and client machines bypass the in-between security, rendering the opensource safety net moot.
what close source.....and you can air gap
Any closed source.. anything running on your computer which isn't open source. And as mentioned before, there are developers in the open source world who are planted by various agencies for XYZ reasons.
The old x files adage is true, trust no one, and presume your system is compromised.
nah, Gav addressed this and that's the point of the open surce, you can see the code, and you would just for back to the earlier version. This years 0.8 --> 0.7 for show how quickly this can happen an how transitory its effect was on price
The point made a few pages back was that opensource is a ruse--backdoors in closed source software on the host and client machines bypass the in-between security, rendering the opensource safety net moot.
what close source.....and you can air gap
nah, Gav addressed this and that's the point of the open surce, you can see the code, and you would just for back to the earlier version. This years 0.8 --> 0.7 for show how quickly this can happen an how transitory its effect was on price
The point made a few pages back was that opensource is a ruse--backdoors in closed source software on the host and client machines bypass the in-between security, rendering the opensource safety net moot.
am i correct that a PRNG on a pc is used 2 ways in Bitcoin; generating a nonce for ECDSA signed tx's and generating SHA256 private keys? any other function i'm missing?
so what's the consensus here? NSA does or does not have a backdoor into SHA-256? that would be pretty worrisome.... thinking this is FUD, though.
The NSA has no need to put a backdoor in SHA-256 when all they need to do is backdoor the developers.
For the most part, the primary developers all:
- are married
- have children
- have established careers with companies or academic institutions which are not easy to replace
Those three things are notable because those characteristics make them more vulnerable to extortion and blackmail than they might otherwise be.
Backdooring SHA-256 is presumably difficult.
On the other hand, threatening a core developer or two until they play ball is easy. Then their handlers just need to tell them to backdoor bitcoin in two steps:
First, build a trackable alternative to Bitcoin's most troublesome (from the NSA's perspective) features, such as the ability to send funds to an arbitrary public key.
Next, deprecate and remove the old function so that users no longer have the ability to avoid tracking.
nah, Gav addressed this and that's the point of the open surce, you can see the code, and you would just for back to the earlier version. This years 0.8 --> 0.7 for show how quickly this can happen an how transitory its effect was on price
Breaking SHA256 is pretty unlikely, that being said I still think we may change the wallet address hashing into something like SHA256(XOR(PubKey,SHA256(PubKey))), that will make any preimage attack against SHA256 useless.
so what's the consensus here? NSA does or does not have a backdoor into SHA-256? that would be pretty worrisome.... thinking this is FUD, though.
The NSA has no need to put a backdoor in SHA-256 when all they need to do is backdoor the developers.For the most part, the primary developers all:
- are married
- have children
- have established careers with companies or academic institutions which are not easy to replace
Those three things are notable because those characteristics make them more vulnerable to extortion and blackmail than they might otherwise be.
Backdooring SHA-256 is presumably difficult.
On the other hand, threatening a core developer or two until they play ball is easy. Then their handlers just need to tell them to backdoor bitcoin in two steps:
First, build a trackable alternative to Bitcoin's most troublesome (from the NSA's perspective) features, such as the ability to send funds to an arbitrary public key.
Next, deprecate and remove the old function so that users no longer have the ability to avoid tracking.
The NSA created Bitcoin and used ECDSA in it because they already had it broken.
This risk is already mitigated for any bitcoin address that has not been used for spending (i.e. its public key is not yet known).
Even if ECDSA is broken wide open, it doesn't really matter with respect to bitcoins that have been received at addresses that have never been used for spending, because the corresponding ECDSA public key is not known and cannot be determined without also breaking both RIPEMD160 and SHA256 simultaneously.
Can anyone speak to the issue, if I use a deterministic wallet (eg electrum,) and I spend from one address, thus ECDSA is all that is needed to be cracked, can that private key be used to access the rest of the address even though Unspent.
Thus would it be safer if I use multibit or the QT, as the issue is in the random generation only but the secon vulnerability is no their as those addresses are not determanisitc.
Where is the best place to generate the safest addresses keys, as I like the electrum interface and could always import keys.
I have tried to raise this in the elctrum sub boards, and the answer was not as definitive as I would have hoped.
My understanding (and please double verify) is that a known private key only will not enable you to find another private key, even multiple known private keys won't. However if the master seed public key AND one private key from the wallet are known it is possible to compute the master seed private key and from that compute all private keys in the wallet. Then again there is no need to ever reveal your master seed public key or a private key so I don't see it as much of an enhanced threat.
Random Wallet
reveal private key - compromise one address
reveal wallet.dat (and passphrase) - compromise entire wallet
Detemrinistic Wallet
reveal private key - compromise one address
reveal wallet file (and passphrase) - compromise entire wallet
reveal master private key - compromise entire wallet
reveal private key AND master seed public key - compromise entire wallet
The first two vulnerabilities are the same. The third one I just included to be explicit but honestly if an attacker can gain your master seed private key (which resides only in the wallet) it is highly likely your computer is compromised and a random wallet wouldn't provide any more security.
The last scenario is one where a user could (in theory) out themselves. For example say a user puts master public key seed on a website (so site can generate public keys and a compromise won't result in a loss of a private key). The user also foolishly gives someone some funds by giving them a single private key. If an attacker took the known private key and compromised the website to gain the master public key seed then the two could be used together to compromise the entire wallet. Simple solution don't reveal private keys and if you do generate a new wallet (and thus new master private & public keys) and transfer all funds to the new wallet.
I'm reading this book right now. Pretty on topic. In this novel the NSA can decrypt any algorithm except one...
I'm sorry for your loss. That book is total junk. At least with the other formulaic dan brown novels, they touch on something he knows about (religious history). This one does not.
Even his books on religious history are purely for entertainment and are seriously 'out there' on doctrine. If his cryptography treatment is similar, then accept it with a ten-ton salt boulder. Don't take Dan Brown so seriously.
so what's the consensus here? NSA does or does not have a backdoor into SHA-256? that would be pretty worrisome.... thinking this is FUD, though.
That's one reason I don't use deterministic wallets. You guess the master key somehow, you get all the keys. If you can get it from one of the spent keys, I don't know and that is up for debate, but I'd rather not take the risk when it is so easy to just use a brand new randomly generated bitcoin address.
How well do you know your RNG that created those addresses?
Jump to: