Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 17. (Read 58537 times)

member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
August 14, 2022, 04:44:01 PM
Speaking of faster .. i have a question that is bugging me ..common sense would suggest that gpu is always faster by many folds than cpu .. but how in the hell is my cpu faster?! Here is what i did..
Tried kangaroo on gtx 1070 : GREAT speed
Tried keyhunt BSGS mode: just way faster?!?!
What gives? How come a gpu program would yield test results in more time than a cpu one? Am i doing something wrong concerning the gpu part? I only stick to default commands on both .. except that keyhunt BSGS uses as much memory as you want it to as long as you have enough for it .. which gives you a speed pump with every increase in memory allocation!

If anyone tried both too and got the same thing please enlighten me. Thnx
member
Activity: 73
Merit: 19
August 13, 2022, 03:15:00 PM
-snip-
I have some functions in Python and it runs very slow compared to C.

The sage I want to do with the GPU is as follows
Code:
Pr = 115792089237316195423570985008687907853269984665640564039457584007908834671663

E = EllipticCurve (GF (P), [0,7])
N = E.order ()

G = E(55066263022277343669578718895168534326250603453777594175500187360389116729240,32670510020758816978083085130507043184471273380659243275938904335757337482424) # on E

T = E(26864879445837655118481716049217967286489564259939711339119540571911158650839,29571359081268663540055655726653840143920402820693420787986280659961264797165) # on E

numInt = 5646546546563131314723897429834729834798237429837498237498237489273948728934798237489723489723984729837489237498237498237498237498273493729847

numMod = numInt %N

numInv = pow(numMod ,N-2,N) # detail -> https://stackoverflow.com/questions/59234775/how-to-calculate-2-to-the-power-of-a-large-number-modulo-another-large-number


numMod * G
numMod * T

(T-G) * numInv



print (5*T)
print (2*G)

print (numMod * G)
print (numMod * (-G))

print (numMod * T)
print ((numMod-3) * (T-G))


Do you have any suggestions? What should I do ?
I wrote my question here because it is indirectly related to this project. Please forgive.

Hi! The slowest part in your python is inverse function. Try to implement gmpy2 inverse function (included in gmpy2) - it is C-based and very fast:

https://www.lfd.uci.edu/~gohlke/pythonlibs/#gmpy

You can find the details here: https://bitcointalksearch.org/topic/m.55214449

When using Python, I use FastEcdsa(https://github.com/AntonKueltz/fastecdsa) library and mathematics similar to Sage. But can I do the math faster? I want to understand.
The FastEcdsa Library is fast, but I don't know if it uses the gmpy2 you suggested. My python script uses 17% of the CPU as a result. I wanted to write with Anaconda (for GPU), but I could not find a gpu running as fast as C or I could not.

Thank you MrFreeDragon .

No. you can't be faster then GPU on your CPU.
if i explain your word in easy example commands for new gpu based develop application/repo, by jean luc or other developer, could be develop, or if any one know already developed can post links and refferance

here are some example aspected commands
./vs-pub -c  -gpu -input in.txt -output out.txt -add 0250863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B2352 #pubkey
./vs-pub -c  -gpu -input in.txt -output out.txt -mul 123456789 # its privatekey in num (not hex)
./vs-pub -c  -gpu -input in.txt -output out.txt -sub 0250863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B2352 #pubkey
./vs-pub -c  -gpu -input in.txt -output out.txt -sub 0250863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B2352 -r (reverse like
02508... pubkey substract to all listed pubkey inside in.txt
-c is compressed pubkey
-u is uncompressed pubkey
-input is load of compressed/uncompressed pubkeys list
-output is results output to file
-r is reverse of sub ( listed pubkey in command minus(-) in.txt (pubkeys)


had any cuda dev  worked on these commnand based some scripts ?


I haven't tried the command version.
but the last time I checked, there was a cuda-based large number library. development continued.

https://github.com/NVlabs/CGBN

I've been searching the Elliptic Curve Arithmetic library to experiment on cuda.
member
Activity: 330
Merit: 34
August 13, 2022, 04:35:17 AM
-snip-
I have some functions in Python and it runs very slow compared to C.

The sage I want to do with the GPU is as follows
Code:
Pr = 115792089237316195423570985008687907853269984665640564039457584007908834671663

E = EllipticCurve (GF (P), [0,7])
N = E.order ()

G = E(55066263022277343669578718895168534326250603453777594175500187360389116729240,32670510020758816978083085130507043184471273380659243275938904335757337482424) # on E

T = E(26864879445837655118481716049217967286489564259939711339119540571911158650839,29571359081268663540055655726653840143920402820693420787986280659961264797165) # on E

numInt = 5646546546563131314723897429834729834798237429837498237498237489273948728934798237489723489723984729837489237498237498237498237498273493729847

numMod = numInt %N

numInv = pow(numMod ,N-2,N) # detail -> https://stackoverflow.com/questions/59234775/how-to-calculate-2-to-the-power-of-a-large-number-modulo-another-large-number


numMod * G
numMod * T

(T-G) * numInv



print (5*T)
print (2*G)

print (numMod * G)
print (numMod * (-G))

print (numMod * T)
print ((numMod-3) * (T-G))


Do you have any suggestions? What should I do ?
I wrote my question here because it is indirectly related to this project. Please forgive.

Hi! The slowest part in your python is inverse function. Try to implement gmpy2 inverse function (included in gmpy2) - it is C-based and very fast:

https://www.lfd.uci.edu/~gohlke/pythonlibs/#gmpy

You can find the details here: https://bitcointalksearch.org/topic/m.55214449

When using Python, I use FastEcdsa(https://github.com/AntonKueltz/fastecdsa) library and mathematics similar to Sage. But can I do the math faster? I want to understand.
The FastEcdsa Library is fast, but I don't know if it uses the gmpy2 you suggested. My python script uses 17% of the CPU as a result. I wanted to write with Anaconda (for GPU), but I could not find a gpu running as fast as C or I could not.

Thank you MrFreeDragon .

No. you can't be faster then GPU on your CPU.
if i explain your word in easy example commands for new gpu based develop application/repo, by jean luc or other developer, could be develop, or if any one know already developed can post links and refferance

here are some example aspected commands
./vs-pub -c  -gpu -input in.txt -output out.txt -add 0250863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B2352 #pubkey
./vs-pub -c  -gpu -input in.txt -output out.txt -mul 123456789 # its privatekey in num (not hex)
./vs-pub -c  -gpu -input in.txt -output out.txt -sub 0250863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B2352 #pubkey
./vs-pub -c  -gpu -input in.txt -output out.txt -sub 0250863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B2352 -r (reverse like
02508... pubkey substract to all listed pubkey inside in.txt
-c is compressed pubkey
-u is uncompressed pubkey
-input is load of compressed/uncompressed pubkeys list
-output is results output to file
-r is reverse of sub ( listed pubkey in command minus(-) in.txt (pubkeys)


had any cuda dev  worked on these commnand based some scripts ?
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
August 01, 2022, 07:46:51 AM
Guys, do you think I should convert these [my] python scripts into a library, with it's own PIP page and docs? So that people no longer make fundamental errors when using them and then calling me for tech support...

It's good idea, i think you should do it. Make sure setup script include version of required dependency (e.g. numpy==1.23.1 or numpy>=1.20,<=1.23 rather than numpy) to save headache in future if dependency API changed.

Good idea .. due to things like this, i once spent 2 hours trying to fully install a library .. a lot of searching and navigating through stackexchange and quora.. such a waste of time and energy
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
July 30, 2022, 10:36:27 AM
Guys, do you think I should convert these [my] python scripts into a library, with it's own PIP page and docs? So that people no longer make fundamental errors when using them and then calling me for tech support...

Lol Yess!
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 29, 2022, 10:46:47 PM
Guys, do you think I should convert these [my] python scripts into a library, with it's own PIP page and docs? So that people no longer make fundamental errors when using them and then calling me for tech support...
jr. member
Activity: 48
Merit: 11
July 29, 2022, 09:00:24 AM
from fastecdsa import curve
from fastecdsa.point import Point
import bit

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)

G = curve.secp256k1.G
N = curve.secp256k1.q
DIV = '02AE3482B19E840288CC9B302AD9F5DC017AB796D3690CC8029017A8AF3503BE8E'
pubkey = '03ec0f4d728d248698a59d3a50a0469da06fdb8019700dfc5de9eae2dd93fc2bc8'

Q = pub2point(pubkey)
R = pub2point(DIV)
z= Q / R

print(z)


-----------------------------------------
>>>    z= Q / R
TypeError: unsupported operand type(s) for /: 'Point' and 'Point'




CAN ANYONE HELP,HOW TO CORRECT THIS

THANKS


You can't divide a point by a point. A point can only be multiplied by a number. In this case we are multiplying by an inverse number, thus imitating the division of a point by a number.

Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)

DIV = 123456789
d = pow(DIV, N - 2, N)

pubkey = '03ec0f4d728d248698a59d3a50a0469da06fdb8019700dfc5de9eae2dd93fc2bc8'
Q = pub2point(pubkey)
z = Q * d

print(z)

newbie
Activity: 14
Merit: 0
July 29, 2022, 07:52:58 AM
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q
DIV = '02AE3482B19E840288CC9B302AD9F5DC017AB796D3690CC8029017A8AF3503BE8E'
pubkey = '03ec0f4d728d248698a59d3a50a0469da06fdb8019700dfc5de9eae2dd93fc2bc8'

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)


Q = pub2point(pubkey)
R = pub2point(DIV)
z= Q / R

print(z)


-----------------------------------------
>>>    z= Q / R
TypeError: unsupported operand type(s) for /: 'Point' and 'Point'




CAN ANYONE HELP,HOW TO CORRECT THIS

THANKS
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
July 24, 2022, 06:07:46 PM
I think if it was that easy to crack 64, someone would have tweaked the version to become 64bit .. but looks like it's already been done in secret but still unsolvable, or no one has the knowledge to do it yet .. tools like bitcrack and keyhunt makes me regret not taking cpp seriously back in my enthusiastic days .. but overall, devs like these taught me a lot more than i thought i know about bitcoin

As a C++ dev, I can tell you that the language is not the obsticle to designing these programs, but it's the knowledge required for curves, finite fields, groups, etc AND implementing all that in C++ or even JS, I'm sure I left out a ton of number theory topics from this list that are required studying as well [not to mention that GPU programming is done in a completely different language that is extremely difficult to debug].


So basically the biggest barriers are knowledge of cryptography, extensive Math, and gpu-specific programming 🤔
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 23, 2022, 06:14:50 AM
I think if it was that easy to crack 64, someone would have tweaked the version to become 64bit .. but looks like it's already been done in secret but still unsolvable, or no one has the knowledge to do it yet .. tools like bitcrack and keyhunt makes me regret not taking cpp seriously back in my enthusiastic days .. but overall, devs like these taught me a lot more than i thought i know about bitcoin

As a C++ dev, I can tell you that the language is not the obsticle to designing these programs, but it's the knowledge required for curves, finite fields, groups, etc AND implementing all that in C++ or even JS, I'm sure I left out a ton of number theory topics from this list that are required studying as well [not to mention that GPU programming is done in a completely different language that is extremely difficult to debug].
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
July 22, 2022, 03:05:28 AM
Did everyone gave up on the challenges/puzzles?  Huh Huh  Undecided Cry

Well, if zeilar managed to clear 20% of the keyspace for #120, it should not be too hard for someone to construct a DC and put an end to that key.

Or maybe puzzle solving is becoming more like mining, where it's only done when BTC price is profitable, only without those pesky ASICs and difficulty levels, hmmmm....


Or maybe 120 and 64 are the roofs in current technology .. it really seems so hard to crack those two .. been trying it for months now using multiple workarounds and tweaks but they're still out there unsolvable .. not to mention that the more resources you put into this, the more you realize you need even more resources .. hats off to Satoshi, this puzzle proved that best case scenario is you can only crack a private key of 119 bits out of the PRACTICAL staggering 256 bits .. cracking bitcoin is simply impossible, at least for this generation and under current tech

115 bits is the ceiling, actually, when you have the public key - as Pollard's Kangaroo uses a faster iterative algorithm to guess the private key.

63 when you only have the address. But then again, Bitcrack's linear search is not optimized, and I suspect that a GPU farm could solve #64 if only it had a 64-bit version of Bitcrack (the current version uses only 32-bit words) and an optional bit pattern filter to filter out long sequences of zeros and ones.

I think if it was that easy to crack 64, someone would have tweaked the version to become 64bit .. but looks like it's already been done in secret but still unsolvable, or no one has the knowledge to do it yet .. tools like bitcrack and keyhunt makes me regret not taking cpp seriously back in my enthusiastic days .. but overall, devs like these taught me a lot more than i thought i know about bitcoin
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 19, 2022, 07:42:44 AM
Did everyone gave up on the challenges/puzzles?  Huh Huh  Undecided Cry

Well, if zeilar managed to clear 20% of the keyspace for #120, it should not be too hard for someone to construct a DC and put an end to that key.

Or maybe puzzle solving is becoming more like mining, where it's only done when BTC price is profitable, only without those pesky ASICs and difficulty levels, hmmmm....


Or maybe 120 and 64 are the roofs in current technology .. it really seems so hard to crack those two .. been trying it for months now using multiple workarounds and tweaks but they're still out there unsolvable .. not to mention that the more resources you put into this, the more you realize you need even more resources .. hats off to Satoshi, this puzzle proved that best case scenario is you can only crack a private key of 119 bits out of the PRACTICAL staggering 256 bits .. cracking bitcoin is simply impossible, at least for this generation and under current tech

115 bits is the ceiling, actually, when you have the public key - as Pollard's Kangaroo uses a faster iterative algorithm to guess the private key.

63 when you only have the address. But then again, Bitcrack's linear search is not optimized, and I suspect that a GPU farm could solve #64 if only it had a 64-bit version of Bitcrack (the current version uses only 32-bit words) and an optional bit pattern filter to filter out long sequences of zeros and ones.
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
July 19, 2022, 04:37:26 AM
Did everyone gave up on the challenges/puzzles?  Huh Huh  Undecided Cry

Well, if zeilar managed to clear 20% of the keyspace for #120, it should not be too hard for someone to construct a DC and put an end to that key.

Or maybe puzzle solving is becoming more like mining, where it's only done when BTC price is profitable, only without those pesky ASICs and difficulty levels, hmmmm....


Or maybe 120 and 64 are the roofs in current technology .. it really seems so hard to crack those two .. been trying it for months now using multiple workarounds and tweaks but they're still out there unsolvable .. not to mention that the more resources you put into this, the more you realize you need even more resources .. hats off to Satoshi, this puzzle proved that best case scenario is you can only crack a private key of 119 bits out of the PRACTICAL staggering 256 bits .. cracking bitcoin is simply impossible, at least for this generation and under current tech
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 17, 2022, 10:53:26 PM
Did everyone gave up on the challenges/puzzles?  Huh Huh  Undecided Cry

Well, if zeilar managed to clear 20% of the keyspace for #120, it should not be too hard for someone to construct a DC and put an end to that key.

Or maybe puzzle solving is becoming more like mining, where it's only done when BTC price is profitable, only without those pesky ASICs and difficulty levels, hmmmm....
member
Activity: 194
Merit: 14
July 17, 2022, 12:49:42 PM
Did everyone gave up on the challenges/puzzles?  Huh Huh  Undecided Cry
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 17, 2022, 12:13:01 AM
In this example i use pubkey  0234c1fd04d301be89b31c0442d3e6ac24883928b45a9340781867d4232ec2dbdf, privkey is 0x67 and upper range is 2^7
Divisor is 2^3, so new upper range is 2^7-2^3=2^4
In file pub.txt you will find all pubkeys and their number is equil to divisor.
if you try to find all this keys in range 0x1:0xf you will see that only one pubkey will be lie in range
And this pubkey is 03d01115d548e7561b15c38f004d734633687cf4419620095bc5b0f47070afe85a with privkey 0xC
To produce real privkey need multiply privkey by divisor
0xC*0x8 = 0x60
After this need add to result founded public key number (7)
Totaly privekey = 0x60 +0x7=0x67



can you please tell me how to increase the upper range in this code

To increase the upper range, you must either supply a public key with a larger value private key, or you can tweak the "divisor" constant in the code and make it lower, because divisor makes the upper range smaller:

Quote
In this example i use pubkey  0234c1fd04d301be89b31c0442d3e6ac24883928b45a9340781867d4232ec2dbdf, privkey is 0x67 and upper range is 2^7
Divisor is 2^3, so new upper range is 2^7-2^3=2^4

PS. I totally forgot about that drama on that page of this thread Tongue Time flies, doesn't it? In fact, most of the people on this thread aren't around anymore.
newbie
Activity: 14
Merit: 0
July 16, 2022, 08:47:19 AM
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 16, 2022, 01:21:47 AM
...
So what is 03dcaaaaea9e3b34b36c5e029abaf3028b39124ba8b90b0b7480256e10630052f2 then? It is 241.5.
241.5 + 241.5 = 483

So, where do we find 241.5?

https://privatekeys.pw/key/7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b1e5f

How did I find it? key middle range minus half of our privatekey: 0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0 - 0x241 => tada

So from complexity of 11 bits, i just needed to check 10 bits now.
...

i m little bit confused can you please provide me some example


241.5 would represent the floating-point equivalent of the even private key (in this example), and 241 would represent the odd public key (note: no decimal point in the even number).

There is an assumption in the excerpt that I quoted in a.a's post, that the parity of the last bit of the PK is already known - and it's only known here because the key has already been found.

But for unsolved pubkeys, the last bit is obviously unknown, so it is impossible to know whether to subtract by 0x241 [even] or 0x241 + (1*2^(-1===n-1)) [odd].
newbie
Activity: 14
Merit: 0
July 16, 2022, 12:14:47 AM
This makes actually no sense, because the underlying principle is different.

example:

Puzzle 11
https://privatekeys.pw/key/0000000000000000000000000000000000000000000000000000000000000483

038b05b0603abd75b0c57489e451f811e1afe54a8715045cdf4888333f3ebc6e8b

halving the publickey:
03dcaaaaea9e3b34b36c5e029abaf3028b39124ba8b90b0b7480256e10630052f2
02c2ee47ca8e17112fa255a52021ffd30b6d7a3b7e2341526c559b60a9c768013d

03dcaaaaea9e3b34b36c5e029abaf3028b39124ba8b90b0b7480256e10630052f2 is the result, when the privatekey of puzzle 11 is even and
02c2ee47ca8e17112fa255a52021ffd30b6d7a3b7e2341526c559b60a9c768013d if the the privatekey of puzzle 11 is odd.

02c2ee47ca8e17112fa255a52021ffd30b6d7a3b7e2341526c559b60a9c768013d is the correct one, as the privatekey of puzzle 11 is odd  
02c2ee47ca8e17112fa255a52021ffd30b6d7a3b7e2341526c559b60a9c768013d is https://privatekeys.pw/key/0000000000000000000000000000000000000000000000000000000000000241

So if you do 02c2ee47ca8e17112fa255a52021ffd30b6d7a3b7e2341526c559b60a9c768013d + 02c2ee47ca8e17112fa255a52021ffd30b6d7a3b7e2341526c559b60a9c768013d, you get 038b05b0603abd75b0c57489e451f811e1afe54a8715045cdf4888333f3ebc6e8b (untested, I guess you need also adding the Generatorpoint for + 1 as we do 241 + 241 + 1 = 483)

So what is 03dcaaaaea9e3b34b36c5e029abaf3028b39124ba8b90b0b7480256e10630052f2 then? It is 241.5.
241.5 + 241.5 = 483

So, where do we find 241.5?

https://privatekeys.pw/key/7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b1e5f

How did I find it? key middle range minus half of our privatekey: 0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0 - 0x241 => tada

So from complexity of 11 bits, i just needed to check 10 bits now.

If I divide by 32, I actually do what?

2 * 2 * 2 * 2 * 2 = 32

So we are halving the public key 5 times. This means, that when we do this on key 11, we get 32 keys, from where one of them has the correct endsequence of the private key. So we have to check all keys if they are in the range of 2^6. If we get one, than we know how the first 6 bits of the privatekey are. We can from here determine the last 5 bits easily. I am not interested in the other ranges, as i have now a total valid privatekey



i m little bit confused can you please provide me some example
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
July 15, 2022, 02:19:46 AM


As a real world example, I am currently searching for the 120 puzzle in the 110 bit range, using a DP of 25. I divided 120's pubkey by 1,024 (2^10) which generates 1,024 new pubkeys related to the original pubkey, but only 1 (at most 2) of the new pubkeys are in the 110 bit range (the remaining pubkeys are spread out over the entire key space). So I will generate enough Tame points first and then run back through the range looking for Wilds. I expect to need to store 2^31 (110/2 + 1 - 25) total points and distances to solve the key, which will take an estimated checking of 2^56(ish) total keys. Now if I tried to bruteforce the same key, it could take me up to 2^110 total keys to check.


Hi WanderingPhilospher ,

Can u explain a little more your algorithm of dividing the pubkey before doing the Kangaroo search?
Because if i well understand when you reduce the range to 2^110 (division by 1024)

You will have to do an average of (cf Jean luc formula) :

2.08*sqrt(k2-k1) =  2.08*sqrt(2^(120-10)-2^(119-10)) = 5.29*10^16 ops

but as you say only 1 or 2 of the dividing split range will contains a pubkey with (pubkey+n)%1024==0
so you will have to repeat the search 512 times and do an average of

(1024/2)*5.29*10^16=5.42*10^19 ops  before having a collision.

But with the initial config of the kangaroo you will only have:

2.08*sqrt(k2-k1)=1.69*10^18 to do (32 times less)

Huh


I will need to run/check all of the new 1,024 pub keys through the range.
With JLP's Kangaroo program, I would need to do this one pubkey at a time. However, I modified some code to allow me to run and check all 1,024 pubkeys at once/concurrently.
A few thoughts about this...I am hoping with double the needed tame points, the less wild group ops needed for a collision. I have completed tests at lower bits and this was the case however,
this is a much larger range and untested.

Keeping the math simpler (at least for me):
The original 120 bit range (reduced to 119 bit range): 119/2 + 1 = 2^60.5 expected group ops
In the 110 bit range (reduced to 109 bit range): 109/2 + 1 = 2^55.5 expected group ops
So straight up, 109 bit range = 32 times less but as you stated (and I know) I have to check all 1,024 new pubkeys. I am hoping by having at least double the amount of required tames plus being able to check all pubs concurrently, I can beat the original 2^60.5 expected group ops.
I have beaten the averages in lower bit ranges (up to 84 bit range) but this is new territory. We shall see what happens!


When you say concurrently are you saying you're playing with code in the same language or switched to golang? Im thinking of rewriting it in Go but a little hesitant coz i always have that idea that c/c++ are still faster than Go
Pages:
Jump to: