-snip-
mean 789.789 is value can u div pubkey by above value ?
Can`t and nobody can`t. devider must be integer not float. all pubkeys Q=k*G, where k - integer. mean 789.789 is value can u div pubkey by above value ?
Topic: Pollard's kangaroo ECDLP solver - page 102. (Read 59389 times)
-snip-
if need div 789.789 then ?
what you mean? you can devide point only by integer.if need div 789.789 then ?
-snip-
if need div 789.789 then ?
what you mean? you can devide point only by integer. if need div 789.789 then ?
-snip-
BitCrack
apply your algo and show me pubkey div by 789 for
03D041CF467F485A96AB21EC0E1E1E26A344B28A12244320C4BDE48C123653D88F
035776b3684b6a5e9a6307aa53c3d484aabb90244e6371405c114cf8910a9a3bd0BitCrack
apply your algo and show me pubkey div by 789 for
03D041CF467F485A96AB21EC0E1E1E26A344B28A12244320C4BDE48C123653D88F
-snip-
BitCrack
apply your algo and show me pubkey div by 789 for
03D041CF467F485A96AB21EC0E1E1E26A344B28A12244320C4BDE48C123653D88F
035776b3684b6a5e9a6307aa53c3d484aabb90244e6371405c114cf8910a9a3bd0BitCrack
apply your algo and show me pubkey div by 789 for
03D041CF467F485A96AB21EC0E1E1E26A344B28A12244320C4BDE48C123653D88F
And what is problem in division pub by 789?
@mrxtraf
In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
That is, you can’t divide the public key by 10?In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
Give me any public key from which you know the private key, I will divide it by 10. And I will give in return the result in the form of a public key. And you yourself divide the private key by 10, get the public key from it and compare.
The multiplication (and division, which is multiplication with the inverse) is by scalar only. You cannot multiply two public keys without solving ECDLP first. And if you somehow can, then all coins are belong to you.
mrxtraf is saying they can "divide" the public key by 10 by multiplying the public key by the multiplicative inverse of 10 mod n.
apply your algo and show me pubkey div by 789 for
03D041CF467F485A96AB21EC0E1E1E26A344B28A12244320C4BDE48C123653D88F
@mrxtraf
In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
That is, you can’t divide the public key by 10?In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
Give me any public key from which you know the private key, I will divide it by 10. And I will give in return the result in the form of a public key. And you yourself divide the private key by 10, get the public key from it and compare.
The multiplication (and division, which is multiplication with the inverse) is by scalar only. You cannot multiply two public keys without solving ECDLP first. And if you somehow can, then all coins are belong to you.
mrxtraf is saying they can "divide" the public key by 10 by multiplying the public key by the multiplicative inverse of 10 mod n.
@mrxtraf
In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
That is, you can’t divide the public key by 10?In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
Give me any public key from which you know the private key, I will divide it by 10. And I will give in return the result in the form of a public key. And you yourself divide the private key by 10, get the public key from it and compare.
The multiplication (and division, which is multiplication with the inverse) is by scalar only. You cannot multiply two public keys without solving ECDLP first. And if you somehow can, then all coins are belong to you.
@mrxtraf
In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
That is, you can’t divide the public key by 10?In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
Give me any public key from which you know the private key, I will divide it by 10. And I will give in return the result in the form of a public key. And you yourself divide the private key by 10, get the public key from it and compare.
@mrxtraf
In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
In the private key group (mod n) we can add, negate, and invert - this allows for multiplication and division.
In the public key group (elliptic curve mod p of size n) we can add, negate, and double only. This leads to multiplication by a scalar.
One public key corresponds to exactly one private key, and vice versa. The proof is very easy. Let G is the generator of secp256k1. Let P=k*G is a point on the curve. Let also P=k'*G. Then (k-k')*G=O => (k-k') divides n. But n is prime, hence k=k' (mod n).
Jean_Luc
Can you insert this function in the code ?
Please
Big thank you.
Can you insert this function in the code ?
Code:
And one more trick, if the program showed not only just dead kangaroos, but also their type.
Please
Big thank you.
Simple model. Divided at 2 key and key-1, and paralled other key.
Interesting thing...
For first experiment I took a public key 03f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8 pk=13
Then i made fake Tame file with DP=2 and with only one DP and very small range in DEC 0:17
Small range selected specifically to check if overlap affects.
X-coordinate was 5c778e4b8cef3ca7abac09b95c709ee5 and distance 00000000000000000000000000000002
So DP is c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5
After that i make fake Wild file:
X-coordinate was 5c778e4b8cef3ca7abac09b95c709ee5 and distance 0000000000000000000000000000000B sign -
then i merge this 2 file and solve key. Ok it is correct and expected because the pub key is above "zero"
The second experiment was with almost the same key with only a minus sign 02f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8
That mean that pub key is under "zero" and -N/2+pub+N/2 do not overlap tame range..
Fake Tame file was almost the same i just change pub key y-coordinate in header
Fake Wild file the same was changed pub key y-coordinate in header and change sign in distance to +
So we have Wild DP -2 and Tame DP +2
And after merge key was solved:
Range width: 2^5
Key# 0 [0S]Pub: 0x02F28773C2D975288BC7D1D205C3748651B075FBC6610E58CDDEEDDF8F19405AA8
Priv: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364134
Those my theory is correct and we can reduce the range by half due to symmetry.
And here is question to @JeanLuc why app can solve this config:
80000000000000000000
ffffffffffffffffffff
0304b504a5122bfa6d4d3c7283b1c42f732f2e68ae129a8e6eea7671aeb6fe075f
but can`t solve this:
0
3fffffffffffffffffff
023389617b48186abe570e27966546775feaff36037a932b655c10d0c6994d7bf3
Yesterday i was wait 8h when expected time was 15minutes, so i can say that this config was impossible to solve. But what reason is?
EDIT: And one more trick, if the program showed not only just dead kangaroos, but also their type.
From the number of dead wild kangaroos, one can judge indirectly that the public key is close to the beginning of the range.
Due to symmetry, negative steps will be mirrored with positives causing a greater number of dead wild kangaroos.
For first experiment I took a public key 03f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8 pk=13
Then i made fake Tame file with DP=2 and with only one DP and very small range in DEC 0:17
Small range selected specifically to check if overlap affects.
X-coordinate was 5c778e4b8cef3ca7abac09b95c709ee5 and distance 00000000000000000000000000000002
So DP is c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5
After that i make fake Wild file:
X-coordinate was 5c778e4b8cef3ca7abac09b95c709ee5 and distance 0000000000000000000000000000000B sign -
then i merge this 2 file and solve key. Ok it is correct and expected because the pub key is above "zero"
The second experiment was with almost the same key with only a minus sign 02f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8
That mean that pub key is under "zero" and -N/2+pub+N/2 do not overlap tame range..
Fake Tame file was almost the same i just change pub key y-coordinate in header
Fake Wild file the same was changed pub key y-coordinate in header and change sign in distance to +
So we have Wild DP -2 and Tame DP +2
And after merge key was solved:
Range width: 2^5
Key# 0 [0S]Pub: 0x02F28773C2D975288BC7D1D205C3748651B075FBC6610E58CDDEEDDF8F19405AA8
Priv: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364134
Those my theory is correct and we can reduce the range by half due to symmetry.
And here is question to @JeanLuc why app can solve this config:
80000000000000000000
ffffffffffffffffffff
0304b504a5122bfa6d4d3c7283b1c42f732f2e68ae129a8e6eea7671aeb6fe075f
but can`t solve this:
0
3fffffffffffffffffff
023389617b48186abe570e27966546775feaff36037a932b655c10d0c6994d7bf3
Yesterday i was wait 8h when expected time was 15minutes, so i can say that this config was impossible to solve. But what reason is?
EDIT: And one more trick, if the program showed not only just dead kangaroos, but also their type.
From the number of dead wild kangaroos, one can judge indirectly that the public key is close to the beginning of the range.
Due to symmetry, negative steps will be mirrored with positives causing a greater number of dead wild kangaroos.
I was try deduct many times Basis point from pubkey
and get this result in decimal:
55066263022277343669578718895168534326250603453777594175500187360389116729240
80461206456126903936648321769588210263641381518345730725024477625603510475367
114350281152090415002914225360680879723439364201547916387065294902806089470701
51013628197151087321576517601027944519980487992320239741969820950564947154728
81858063707046191459386939009866976545571746100767742618686877552464701474279
91885386504538144991569604282776563056639230987209343782016348535025109416865
105949401804278716591078498274389076439291177336075085569965846810479473186009
41459912523433373843361567769935953701779569108932744302847774650924271071067
92405715801833063648780028028777895808671753827946407669234064272887784157724
54418341959535059209523319322208425784424076816816028811932505061370156780655
5126047978605685512005484045416997952858866417284486515665253490591400058134
52490963540812138089050326573359765290153157657886160007707578869545978541959
32802036335507597593529078709567273036524674888099370753687496987450852461118
27863773688718935131660845784469550803460621553574213006074163405651052167161
36645545354186924026635864492819248964849682741741028893139627006539149133774
27476149675778769341425383353707820487777155825885410693677584163936411230079
54129827521380745567621263337017653354620280013802747340066967768376390656637
80638523013064036412041871548943079184689297859131619072201660923512812171502
112723772262242031666753037233989715114592529792673293658551104097788592972230
110958129610584237331452391111361457709268353430315048828827348860484327374055
50693572800016527537751387017277354813007969227988932973757409794810631509905
17856908775349033022202533859010614530493029893325487811243073805696696942498
Why if pubkey=G*x so many different result ?
What is algorithm multiply G on x
?
Does a algorithm for get Pubkey is Q=G * x * ?
and get this result in decimal:
Code:
55066263022277343669578718895168534326250603453777594175500187360389116729240
80461206456126903936648321769588210263641381518345730725024477625603510475367
114350281152090415002914225360680879723439364201547916387065294902806089470701
51013628197151087321576517601027944519980487992320239741969820950564947154728
81858063707046191459386939009866976545571746100767742618686877552464701474279
91885386504538144991569604282776563056639230987209343782016348535025109416865
105949401804278716591078498274389076439291177336075085569965846810479473186009
41459912523433373843361567769935953701779569108932744302847774650924271071067
92405715801833063648780028028777895808671753827946407669234064272887784157724
54418341959535059209523319322208425784424076816816028811932505061370156780655
5126047978605685512005484045416997952858866417284486515665253490591400058134
52490963540812138089050326573359765290153157657886160007707578869545978541959
32802036335507597593529078709567273036524674888099370753687496987450852461118
27863773688718935131660845784469550803460621553574213006074163405651052167161
36645545354186924026635864492819248964849682741741028893139627006539149133774
27476149675778769341425383353707820487777155825885410693677584163936411230079
54129827521380745567621263337017653354620280013802747340066967768376390656637
80638523013064036412041871548943079184689297859131619072201660923512812171502
112723772262242031666753037233989715114592529792673293658551104097788592972230
110958129610584237331452391111361457709268353430315048828827348860484327374055
50693572800016527537751387017277354813007969227988932973757409794810631509905
17856908775349033022202533859010614530493029893325487811243073805696696942498
Why if pubkey=G*x so many different result ?
What is algorithm multiply G on x
?Does a algorithm for get Pubkey is Q=G * x * ?
interesting solution, but it won’t work if only public keys are known, let's say there is a public key theoretically with private key 1, how to divide the public key by 10 to get public key with 0.1 without knowing the private keys?
You can't.
Let P be a public key with unknown private key k (that means P = k*G)
By definition, you can get a public key Q such that 10*Q = P in this way:
Q = inv(10)*P = inv(10)*k*G
that's all you can have (if you don't know k, you don't know inv(10)*k neither)
It is the same thing. Inv(10) or inv(3), where is the difference?
So, PrivKey from 160 bytes = privkey 80 bytes*2 ?
But what does dividing and multiplying by 2 have to dividing by 10?
interesting solution, but it won’t work if only public keys are known, let's say there is a public key theoretically with private key 1, how to divide the public key by 10 to get public key with 0.1 without knowing the private keys?
You can't.
Let P be a public key with unknown private key k (that means P = k*G)
By definition, you can get a public key Q such that 10*Q = P in this way:
Q = inv(10)*P = inv(10)*k*G
that's all you can have (if you don't know k, you don't know inv(10)*k neither)
It is the same thing. Inv(10) or inv(3), where is the difference?
So, PrivKey from 160 bytes = privkey 80 bytes*2 ?
interesting solution, but it won’t work if only public keys are known, let's say there is a public key theoretically with private key 1, how to divide the public key by 10 to get public key with 0.1 without knowing the private keys?
You can't.
Let P be a public key with unknown private key k (that means P = k*G)
By definition, you can get a public key Q such that 10*Q = P in this way:
Q = inv(10)*P = inv(10)*k*G
that's all you can have (if you don't know k, you don't know inv(10)*k neither)
It is the same thing. Inv(10) or inv(3), where is the difference?
What you think about deduct G from PubKey many times ? Because of no ":" function on EC and we can't get x from pubkey with divide. I thin is idea to get pubkey ready for hack what have no G's component.
where pt is point and a is integer devider
Becouse above code not exact work. Please, someone make a scrypt for automatic shifting pubkey to "zero" ?
python code worked like sharm..@Jeanluc can you explaine this, please.
What you think about deduct G from PubKey many times ? Because of no ":" function on EC and we can't get x from pubkey with divide. I thin is idea to get pubkey ready for hack what have no G's component.
Becouse above code not exact work. Please, someone make a scrypt for automatic shifting pubkey to "zero" ?
python code worked like sharm..@Jeanluc can you explaine this, please.
Jump to: