Bitcoin Forum>Bitcoin>Development & Technical Discussion
Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 10. (Read 55445 times)

elicscc
newbie
Activity: 2
Merit: 0
Re: Pollard's kangaroo ECDLP solver
May 14, 2023, 01:53:53 AM
#2648
Quote from: WanderingPhilospher on May 13, 2023, 11:51:23 PM
Quote from: elicscc on May 13, 2023, 11:26:09 PM
I am not sure how you perform elliptic curve cryptography (ECC) calculations on a GPU as CUDA GPUs do not currently support 128-bit integers. Could you please explain your implementation, preferably with some code?
First page, link to GitHub, go look at the code.

This program has already solved 2 keys, at 109 and 114 bits.
  2 steps folding 512bits to 256bits reduction using 64 bits digits. According to the document, I found out that this is not the secp256K1 algorithm. I want to implement GPU calculation in Python. Do you have any sample code?
WanderingPhilospher
full member
Activity: 1050
Merit: 219
Shooters Shoot...
Re: Pollard's kangaroo ECDLP solver
May 13, 2023, 11:51:23 PM
#2647
Quote from: elicscc on May 13, 2023, 11:26:09 PM
I am not sure how you perform elliptic curve cryptography (ECC) calculations on a GPU as CUDA GPUs do not currently support 128-bit integers. Could you please explain your implementation, preferably with some code?
First page, link to GitHub, go look at the code.

This program has already solved 2 keys, at 109 and 114 bits.
elicscc
newbie
Activity: 2
Merit: 0
Re: Pollard's kangaroo ECDLP solver
May 13, 2023, 11:26:09 PM
#2646
I am not sure how you perform elliptic curve cryptography (ECC) calculations on a GPU as CUDA GPUs do not currently support 128-bit integers. Could you please explain your implementation, preferably with some code?
AlterdCarbon
newbie
Activity: 1
Merit: 0
Re: Pollard's kangaroo ECDLP solver
May 06, 2023, 10:31:07 PM
#2645
Hello I've started attempting to port this over AMD devices, HIP to be specific. Currently stuck on working out exactly what the asm instructions are doing via CUDA/PTX. I have been reading up on the amd gpu instruction sets but it's all pretty complex and vary alot from nvidia https://llvm.org/docs/AMDGPUUsage.html https://gpuopen.com/amd-isa-documentation/ currently utilizing a RX 6800 so that would be rdna2 arch.

I have been considering just not using inline asm at all for this project so we can support more different gpu models.

Any help at all for this project would be greatly appreciated.

Targeting RX 6000s series gpus for now as that would be what I can test on.

This would be the project repo it's forked from JLP's repo.
https://github.com/TooPlain/Kangaroo-HIP
unclevito
jr. member
Activity: 74
Merit: 4
Re: Pollard's kangaroo ECDLP solver
April 30, 2023, 10:28:59 PM
#2644
thanks for the info got a new in box rtx3060TI for $330 I think a great deal
WanderingPhilospher
full member
Activity: 1050
Merit: 219
Shooters Shoot...
Re: Pollard's kangaroo ECDLP solver
April 30, 2023, 10:07:14 PM
#2643
Quote from: unclevito on April 30, 2023, 09:39:39 PM
Just wondering because there is a good price on a RTX3060TI LHR and I was not sure it would slow down bitcrack or your Vbitcrack before I purchased it
I understand. You can purchase without fear of losing cracking speed or mining hashrate.

I had some non FE cards that were LHR, but once eth/gpu demand went down, they released drivers that took away the LHR or unblocked whatever they were blocking.
unclevito
jr. member
Activity: 74
Merit: 4
Re: Pollard's kangaroo ECDLP solver
April 30, 2023, 09:39:39 PM
#2642
Just wondering because there is a good price on a RTX3060TI LHR and I was not sure it would slow down bitcrack or your Vbitcrack before I purchased it
WanderingPhilospher
full member
Activity: 1050
Merit: 219
Shooters Shoot...
Re: Pollard's kangaroo ECDLP solver
April 30, 2023, 09:27:01 PM
#2641
Quote from: unclevito on April 30, 2023, 09:12:05 PM
Do anyone happen to know if the LHR function in a RTX card will slow up bitcrack or vanity search or kangaroo
The LHR function has been removed since eth went to PoS. Upgrade the driver for full speed. I do not think it impacted kangaroo but it did impact BSGS cuda.
unclevito
jr. member
Activity: 74
Merit: 4
Re: Pollard's kangaroo ECDLP solver
April 30, 2023, 09:12:05 PM
#2640
Do anyone happen to know if the LHR function in a RTX card will slow up bitcrack or vanity search or kangaroo
brainless
member
Activity: 313
Merit: 34
Re: Pollard's kangaroo ECDLP solver
April 28, 2023, 07:59:02 AM
#2639
Quote from: AshrafCsr on April 28, 2023, 06:10:46 AM
Quote from: brainless on April 28, 2023, 04:46:33 AM
Quote from: AshrafCsr on April 27, 2023, 02:17:19 PM
Quote from: WanderingPhilospher on April 26, 2023, 02:36:55 PM
Quote
Hi Eter,
It is possible to automatically printed output number of decimal; which are reduced.
Yes, are you wanting to print all results to a .txt file?

Hi,
I wanted to automatically printed output number of decimal; which are reduced through bit range.
As like: https://github.com/iceland2k14/quick/blob/main/PubSub.py

Could you please help me.
write in details ....


Hi,
I have find range from script as below:
Initial Pub: 0329fb788204d6b2b6797859572db2eb8c66c43756d4946bcad497ddec61b94d27
       Priv: 0x1F3869ACC5B

Key# 1 Pub:  0x02C9056EA5EBB46309024FF22C9668C2BEC887A0B3D48567CDB8D940F25B3C44D1 # -1072723486254
       Priv: 0xF9C34D662D

Key# 1 Pub:  0x033005E37EE6F877F86793334752F41E9243631C263414615A9B25DC98F35CF251 # -536361743127
       Priv: 0x7CE1A6B316

Key# 1 Pub:  0x025196FA41B4A8D8A1D1C48BAAD791B5EF5CC8A489D510A2BF72B725E2423105F0 # -268180871563
       Priv: 0x3E70D3598B

As a result: divisor = 2**1 equivalent reduce is an 1 BIT range. So i wanted a output below example 0x02C9056EA5EBB46309024FF22C9668C2BEC887A0B3D48567CDB8D940F25B3C44D1 # -1072723486254

Please advice it is possible.
if you have privatekey and pubkey, and like div, and get print in file result pubkey and prvkey, its possible
Lolo54
member
Activity: 117
Merit: 32
Re: Pollard's kangaroo ECDLP solver
April 28, 2023, 07:51:40 AM
#2638
Quote from: AshrafCsr on April 28, 2023, 06:10:46 AM

Hi,
I have find range from script as below:
Initial Pub: 0329fb788204d6b2b6797859572db2eb8c66c43756d4946bcad497ddec61b94d27
       Priv: 0x1F3869ACC5B

Key# 1 Pub:  0x02C9056EA5EBB46309024FF22C9668C2BEC887A0B3D48567CDB8D940F25B3C44D1 # -1072723486254
       Priv: 0xF9C34D662D

Key# 1 Pub:  0x033005E37EE6F877F86793334752F41E9243631C263414615A9B25DC98F35CF251 # -536361743127
       Priv: 0x7CE1A6B316

Key# 1 Pub:  0x025196FA41B4A8D8A1D1C48BAAD791B5EF5CC8A489D510A2BF72B725E2423105F0 # -268180871563
       Priv: 0x3E70D3598B

As a result: divisor = 2**1 equivalent reduce is an 1 BIT range. So i wanted a output below example 0x02C9056EA5EBB46309024FF22C9668C2BEC887A0B3D48567CDB8D940F25B3C44D1 # -1072723486254

Please advice it is possible.

Yes your results are correct. But this is possible because you know the initial private key otherwise you would have a problem your result would be wrong and your PubKey not found on the curve.
Try to perform the same operations with this pubkey 03770538afe9b82a6a4d6511ee28427f68ce2d4c4a2598fd5453232e304bedb9e0
and your result will be false very quickly where you will need +/-1 so 2^n for each operation then just for -10 bit 2^10 1024 operations X2 because +/- so 2048  (2048 pubkey of which only one will be on the curve with -10bit) 11 bit 4096 operations
AshrafCsr
newbie
Activity: 5
Merit: 0
Re: Pollard's kangaroo ECDLP solver
April 28, 2023, 06:10:46 AM
#2637
Quote from: brainless on April 28, 2023, 04:46:33 AM
Quote from: AshrafCsr on April 27, 2023, 02:17:19 PM
Quote from: WanderingPhilospher on April 26, 2023, 02:36:55 PM
Quote
Hi Eter,
It is possible to automatically printed output number of decimal; which are reduced.
Yes, are you wanting to print all results to a .txt file?

Hi,
I wanted to automatically printed output number of decimal; which are reduced through bit range.
As like: https://github.com/iceland2k14/quick/blob/main/PubSub.py

Could you please help me.
write in details ....


Hi,
I have find range from script as below:
Initial Pub: 0329fb788204d6b2b6797859572db2eb8c66c43756d4946bcad497ddec61b94d27
       Priv: 0x1F3869ACC5B

Key# 1 Pub:  0x02C9056EA5EBB46309024FF22C9668C2BEC887A0B3D48567CDB8D940F25B3C44D1 # -1072723486254
       Priv: 0xF9C34D662D

Key# 1 Pub:  0x033005E37EE6F877F86793334752F41E9243631C263414615A9B25DC98F35CF251 # -536361743127
       Priv: 0x7CE1A6B316

Key# 1 Pub:  0x025196FA41B4A8D8A1D1C48BAAD791B5EF5CC8A489D510A2BF72B725E2423105F0 # -268180871563
       Priv: 0x3E70D3598B

As a result: divisor = 2**1 equivalent reduce is an 1 BIT range. So i wanted a output below example 0x02C9056EA5EBB46309024FF22C9668C2BEC887A0B3D48567CDB8D940F25B3C44D1 # -1072723486254

Please advice it is possible.
brainless
member
Activity: 313
Merit: 34
Re: Pollard's kangaroo ECDLP solver
April 28, 2023, 04:46:33 AM
#2636
Quote from: AshrafCsr on April 27, 2023, 02:17:19 PM
Quote from: WanderingPhilospher on April 26, 2023, 02:36:55 PM
Quote
Hi Eter,
It is possible to automatically printed output number of decimal; which are reduced.
Yes, are you wanting to print all results to a .txt file?

Hi,
I wanted to automatically printed output number of decimal; which are reduced through bit range.
As like: https://github.com/iceland2k14/quick/blob/main/PubSub.py

Could you please help me.
write in details ....
sssergy2705
copper member
Activity: 188
Merit: 0
Re: Pollard's kangaroo ECDLP solver
April 28, 2023, 03:49:18 AM
#2635
Quote from: AshrafCsr on April 27, 2023, 02:17:19 PM
Quote from: WanderingPhilospher on April 26, 2023, 02:36:55 PM
Quote
Hi Eter,
It is possible to automatically printed output number of decimal; which are reduced.
Yes, are you wanting to print all results to a .txt file?

Hi,
I wanted to automatically printed output number of decimal; which are reduced through bit range.
As like: https://github.com/iceland2k14/quick/blob/main/PubSub.py

Could you please help me.

This is impossible. you can print many keys, but the chance is small that it will be correct
AshrafCsr
newbie
Activity: 5
Merit: 0
Re: Pollard's kangaroo ECDLP solver
April 27, 2023, 02:17:19 PM
#2634
Quote from: WanderingPhilospher on April 26, 2023, 02:36:55 PM
Quote
Hi Eter,
It is possible to automatically printed output number of decimal; which are reduced.
Yes, are you wanting to print all results to a .txt file?

Hi,
I wanted to automatically printed output number of decimal; which are reduced through bit range.
As like: https://github.com/iceland2k14/quick/blob/main/PubSub.py

Could you please help me.
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: Pollard's kangaroo ECDLP solver
April 27, 2023, 07:16:00 AM
#2633
Quote from: sssergy2705 on April 27, 2023, 07:00:18 AM
Quote from: NotATether on April 27, 2023, 06:49:21 AM

That AI-generated version of my shiftdown is horseshit and will promptly be reported for spam.

Chat gpt version 4 considers the second option to be more visual and productive in terms of using intermediate results.  Grin

On a more serious note, don't use that script. It's slow. I made a C++ shiftdown that is 8x faster than this Python on a single thread, using GMP.

PM me if you want the download. It is not FOSS.
sssergy2705
copper member
Activity: 188
Merit: 0
Re: Pollard's kangaroo ECDLP solver
April 27, 2023, 07:00:18 AM
#2632
Quote from: NotATether on April 27, 2023, 06:49:21 AM

That AI-generated version of my shiftdown is horseshit and will promptly be reported for spam.

Chat gpt version 4 considers the second option to be more visual and productive in terms of using intermediate results.  Grin
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: Pollard's kangaroo ECDLP solver
April 27, 2023, 06:49:21 AM
#2631
Quote from: ?? on ??
I suggest using a more efficient way to generate the downscaled public keys by utilizing the add and double operations of elliptic curve cryptography. Here is a modified version of the shiftdown function:

Code:
def shiftdown(pubkey, divisor, file, convert=True):
    Q = pub2point(pubkey) if convert else pubkey
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    R = Point.identity(curve=curve.secp256k1)
    for i in range(divisor):
        R += Q # Equivalent to subtracting (divisor - i) * G
        P = k * R
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        file.write(prefix+ " " + hx+"\n") # Writes compressed key to file
    file.write("\n") # Writes compressed key to file

This modified version adds the public key Q to a running variable R, which is initially the identity element. On each loop iteration, R is incremented by Q using the add operation, which is much faster than subtracting a multiple of G. Then, the public key P is computed by multiplying R by the inverse of the divisor modulo N, using the pow function. Finally, P is written to the output file in compressed form, as before. This algorithm has a time complexity of O(divisor), which is much faster than the original algorithm's O(divisor^2) time complexity.

That AI-generated version of my shiftdown is horseshit and will promptly be reported for spam. (Although it is also possible that you just pasted my code and stole the attribution for it.)
AshrafCsr
newbie
Activity: 5
Merit: 0
Re: Pollard's kangaroo ECDLP solver
April 26, 2023, 02:40:12 PM
#2630
Quote from: a.a on September 28, 2021, 05:43:45 AM
Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)

# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor, file, convert=True):
    Q = pub2point(pubkey) if convert else pubkey
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor):
        P = Q - (i * G)
        P = k * P
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        file.write(prefix+ " " + hx+"\n") # Writes compressed key to file
    file.write("\n") # Writes compressed key to file

with open("input.txt", "r") as f, open("output.txt", "w") as outf:
    line = f.readline().strip()
    while line != '':
        outf.write("original: " +line + "\n")
        shiftdown(line, pow(2,1), outf)
        line = f.readline().strip()

input:
Code:
02e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13
022f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4

..d13 is 4 and ...fe4 is 5

output:
Quote
original: 02e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5
02 c62c910e502cb615a27c58512b6cc2c94f5742f76cb3d12ec993400a3695d413

original: 022f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4
03 5699b93fc6e1bd29e09a328d657a607b4155b61a6b5fcbedd7c12df7c67df8f5
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5


02c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 is 2

Because i know 4 is even, i know it has to be the first pubkey. Because i know 5 is odd, I know it has to be the second key.

The problem is, that in bigger numbers, you can not determine if it is odd or even.

See,if I add the pubkey of 3
Quote
original: 02f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9 -> pubkey of 3
02 c62c910e502cb615a27c58512b6cc2c94f5742f76cb3d12ec993400a3695d413 -> not the halve
02 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 -> pubkey of 1

original: 02e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13 -> pubkey of 4
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 -> odd pubkey of 5
02 c62c910e502cb615a27c58512b6cc2c94f5742f76cb3d12ec993400a3695d413 -> even pubkey of 3

original: 022f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4 -> pubkey of 5
03 5699b93fc6e1bd29e09a328d657a607b4155b61a6b5fcbedd7c12df7c67df8f5 -> not the halve
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5-> pubkey of 2

You see... You can not determine from the halve if it is the correct one.

Hi,
It is possible to automatically printed output number of decimal; which are reduced.
WanderingPhilospher
full member
Activity: 1050
Merit: 219
Shooters Shoot...
Re: Pollard's kangaroo ECDLP solver
April 26, 2023, 02:36:55 PM
#2629
Quote
Hi Eter,
It is possible to automatically printed output number of decimal; which are reduced.
Yes, are you wanting to print all results to a .txt file?
Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: