Pollard's kangaroo ECDLP solver - page 24.

MrFreeDragon

sr. member

Activity: 443

Merit: 350

Quote from: mausuv on November 20, 2021, 10:23:08 AM

-snip-

input two point
privatekey 3 - 2 = 1
   point1 - point2 = point3
   X Y
point1 f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9 388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672
point2 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a

i need 3rd point subtract value

please write easy understand make python or explain mathematicaly

Actually the scalar subtraction is the addition where you change y value of the second point from y to modulo - y
Please find the python code with the sub function which subtracts one Point from another:

Demonstration of the function result:

Code:

>>> Point1 = Point(0xf9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9, 0x388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672)
>>> Point2 = Point(0xc6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5, 0x1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a)
>>> Point3 = sub(Point1,Point2)
>>> hex(Point3.x),hex(Point3.y)
('0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798', '0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8')

Python code:

Code:

import gmpy2

modulo = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
order = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
Gx = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
Gy = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

class Point:
   def __init__(self, x=0, y=0):
   self.x = x
   self.y = y

PG = Point(Gx,Gy)
Z = Point(0,0) # zero-point

# returns (g, x, y) a*x + b*y = gcd(x, y)
def egcd(a, b):
   if a == 0:
   return (b, 0, 1)
   else:
   g, x, y = egcd(b % a, a)
   return (g, y - (b // a) * x, x)

def modinv(m, n = modulo):
   while m < 0:
   m += n
   g, x, _ = egcd(m, n)
   if g == 1:
   return x % n

   else: print (' no inverse exist')

def mul2(Pmul2, p = modulo):
   R = Point(0,0)
   #c = 3*Pmul2.x*Pmul2.x*modinv(2*Pmul2.y, p) % p
   c = 3*Pmul2.x*Pmul2.x*gmpy2.invert(2*Pmul2.y, p) % p
   R.x = (c*c-2*Pmul2.x) % p
   R.y = (c*(Pmul2.x - R.x)-Pmul2.y) % p
   return R

def add(Padd, Q, p = modulo):
   if Padd.x == Padd.y == 0: return Q
   if Q.x == Q.y == 0: return Padd
   if Padd == Q: return mul2(Q)
   R = Point()
   dx = (Q.x - Padd.x) % p
   dy = (Q.y - Padd.y) % p
   c = dy * gmpy2.invert(dx, p) % p
   #c = dy * modinv(dx, p) % p
   R.x = (c*c - Padd.x - Q.x) % p
   R.y = (c*(Padd.x - R.x) - Padd.y) % p
   return R

def mulk(k, Pmulk, p = modulo):
   if k == 0: return Z
   if k == 1: return Pmulk
   if (k % 2 == 0): return mulk(k//2, mul2(Pmulk, p), p)
   return add(Pmulk, mulk((k-1)//2, mul2(Pmulk, p), p), p)

def sub(P1, P2, p = modulo): #scalar subtraction P1-P2
   if P1 == P2: return Z
   if P2.x == P2.y == 0: return P1
   return add (P1, Point(P2.x, modulo - P2.y))

If you do not have gmpy2 I recommend to install it (it is 50x faster than self implemented inverse), but you can just uncomment c calculation in mul2 and add functions and comment the formula with gmpy2.

EDIT: corrected typo mistakes

itod

legendary

Activity: 1974

Merit: 1077

^ Will code for Bitcoins

Quote from: mausuv on November 20, 2021, 10:23:08 AM

Quote from: bigvito19 on November 20, 2021, 07:57:47 AM

Quote from: mausuv on November 20, 2021, 06:12:52 AM

please eny update this post https://bitcointalksearch.org/topic/m.58481226

i need how to work to point subtract Cry

any idea make subtract code in python Sad

Python 3

https://github.com/WanderingPhilosopher/Windows-KeySubtractor/releases/tag/v1.0

yes i know this git code
i am not understand c language so,

input two point
privatekey 3 - 2 = 1
   point1 - point2 = point3
   X Y
point1 f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9 388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672
point2 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a

i need 3rd point subtract value

please write easy understand make python or explain mathematicaly

Code:

class Point:
b = 7
def __init__(self, x=float('inf'), y=float('inf')):
self.x = x
self.y = y

def copy(self):
return Point(self.x, self.y)

def is_zero(self):
return self.x > 1e20 or self.x < -1e20

def neg(self):
return Point(self.x, -self.y)

def dbl(self):
if self.is_zero():
return self.copy()
try:
L = (3 * self.x * self.x) / (2 * self.y)
except ZeroDivisionError:
return Point()
x = L * L - 2 * self.x
return Point(x, L * (self.x - x) - self.y)

def add(self, q):
if self.x == q.x and self.y == q.y:
return self.dbl()
if self.is_zero():
return q.copy()
if q.is_zero():
return self.copy()
try:
L = (q.y - self.y) / (q.x - self.x)
except ZeroDivisionError:
return Point()
x = L * L - self.x - q.x
return Point(x, L * (self.x - x) - self.y)

def mul(self, n):
p = self.copy()
r = Point()
i = 1
while i <= n:
if i&n:
r = r.add(p)
p = p.dbl()
i <<= 1
return r

def __str__(self):
return "({:.3f}, {:.3f})".format(self.x, self.y)

def show(s, p):
print(s, "Zero" if p.is_zero() else p)

def from_y(y):
n = y * y - Point.b
x = n**(1./3) if n>=0 else -((-n)**(1./3))
return Point(x, y)

# demonstrate
a = from_y(1)
b = from_y(2)
show("a =", a)
show("b =", b)
c = a.add(b)
show("c = a + b =", c)
d = c.neg()
show("d = -c =", d)
show("c + d =", c.add(d))
show("a + b + d =", a.add(b.add(d)))
show("a * 12345 =", a.mul(12345))

Output:

Code:

a = (-1.817, 1.000)
b = (-1.442, 2.000)
c = a + b = (10.375, -33.525)
d = -c = (10.375, 33.525)
c + d = Zero
a + b + d = Zero
a * 12345 = (10.759, 35.387)

mausuv

jr. member

Activity: 70

Merit: 1

Quote from: bigvito19 on November 20, 2021, 07:57:47 AM

Quote from: mausuv on November 20, 2021, 06:12:52 AM

please eny update this post https://bitcointalksearch.org/topic/m.58481226

i need how to work to point subtract Cry

any idea make subtract code in python Sad

Python 3

https://github.com/WanderingPhilosopher/Windows-KeySubtractor/releases/tag/v1.0

yes i know this git code
i am not understand c language so,

input two point
privatekey 3 - 2 = 1
point1 - point2 = point3
X Y
point1 f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9 388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672
point2 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a

i need 3rd point subtract value

please write easy understand make python or explain mathematicaly

bigvito19

full member

Activity: 706

Merit: 111

Quote from: mausuv on November 20, 2021, 06:12:52 AM

please eny update this post https://bitcointalksearch.org/topic/m.58481226

i need how to work to point subtract Cry

any idea make subtract code in python Sad

Python 3

https://github.com/WanderingPhilosopher/Windows-KeySubtractor/releases/tag/v1.0

mausuv

jr. member

Activity: 70

Merit: 1

please eny update this post https://bitcointalksearch.org/topic/m.58481226

i need how to work to point subtract Cry

any idea make subtract code in python Sad

mausuv

jr. member

Activity: 70

Merit: 1

Quote from: _Counselor on November 20, 2021, 12:47:48 AM

Quote from: jovica888 on November 19, 2021, 10:02:52 PM

When I look at this picture I see that this one value for x and y of R
has millions and billions different pairs of x and y of Q and P
I mean just change the slope of the line

Of course it has. Equation like x+y = 10 has infinite number of solutions.

i know but i am reasontly watch
read full please yes its real no scam only education purpos
hacker upload 1000 BTC stolen video youtube remove quickly https://www.youtube.com/watch?v=KqTS_0Zlr2c i am not download Huh

yes
i am watch youtube video today 13/11/21 >>> how to find bitcoin private key >>search

important notice this hacker use only python languagae ,,
1000 BTC stolen
step 1: hacker crack adderss to public key convert >> note python code use it
step 2: compressed to Uncompressed publickey convert >> this tool use https://iancoleman.io/bitcoin-key-compression/
step 3:past Uncompressed public key 2nd python code $ run 7hr find private key

yes its real no scam only education purpos video upload but youtube remove this video so no data get

share this message
please python code use find bitcoin private keys
you can find private key make video share me

so i need subtract code please

_Counselor

member

Activity: 110

Merit: 61

Quote from: jovica888 on November 19, 2021, 10:02:52 PM

When I look at this picture I see that this one value for x and y of R
has millions and billions different pairs of x and y of Q and P
I mean just change the slope of the line

Of course it has. Equation like x+y = 10 has infinite number of solutions.

mausuv

jr. member

Activity: 70

Merit: 1

Quote from: jovica888 on November 19, 2021, 10:02:52 PM

And also one more thing.
https://i.imgur.com/RU7sYqO.png

When I look at this picture I see that this one value for x and y of R
has millions and billions different pairs of x and y of Q and P
I mean just change the slope of the line

this code write for c in keysubtracter i need python >>>> https://github.com/albertobsd/keysubtracter

i know tow point add,multiple in python code, but subtracter not understand https://github.com/albertobsd/keysubtracter/blob/main/keysubtracter.c please

modifiy this code c to python convert
another c code https://github.com/albertobsd/ecctools subtract
please only subtract code get write to python

atleast this c code https://github.com/albertobsd/keysubtracter/blob/main/keysubtracter.c decode to mathematical explain
for example :

c = K(qy-py)/(qx-px)
rx1 = K(c^2-px-qx)
ry2 = K(c*(px-rx)) #sorrymyBADenglish

----------------------------------------------------------i use this tow point multiple in python
P = 2**256 - 2**32 - 2**9 - 2**8 - 2**7 - 2**6 - 2**4 - 1
N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
Gx = 0xc6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5
Gy = 0x1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a
Acurve = 0

Cx,Cy = multiple(Gx,Gy)
print (hex(Cx)[2:66],hex(Cy)[2:66])

jovica888

jr. member

Activity: 42

Merit: 11

And also one more thing.

When I look at this picture I see that this one value for x and y of R
has millions and billions different pairs of x and y of Q and P
I mean just change the slope of the line

fxsniper

member

Activity: 406

Merit: 47

I am not yet understand about subtract method I follow come later
May be subtract method it is not works. for now can not solve
What is thing make subtract method stuck, power of GPU not help right

jovica888

jr. member

Activity: 42

Merit: 11

@mausuv

I am searching for this too... It looks to me that if | public key = private key * G point | then some parts of the whole process is the same for all keys... It does not need to be calculated again... Also what I understood is I have 2 points P and Q and I am searching for x and y of R... So what does generator points have to do with all process... And how do I get values of P and Q if I know the private key and that private key has a value "0x2"... Somebody could explain which variable means what?

mausuv

jr. member

Activity: 70

Merit: 1

guys please tell two point subtract example i need

tell easy understand because, i know tow point add and multipliction
but subtract not understand please write example easy math

for example :

c = K(qy-py)/(qx-px)
rx1 = K(c^2-px-qx)
ry2 = K(c*(px-rx))

your example write this method #sorrymyBADenglish

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: bigvito19 on November 16, 2021, 08:22:43 AM

Are there any Rho programs?

Not that I know of.

Quote from: fxsniper on November 17, 2021, 07:57:15 PM

I not yet deep understand about ECDLP and Pollard's kangaroo Algorithm and about Collision
I just know overview that not enough for knowledge can solve puzzle

I am not sure I understand it correctly
This Collision method meaning it have Collision every where on range around 2*32 will be found Collision of every key right (but size large 2**256 it is large enough for can not find it)

It is considering as a collision any key that has the same Most Significant Bytes as some other key in the hash table. How many MSBs that have to be identical depends on your DP setting. So if your DP size is 10, all keys with the same 10 beginning bits are considered a collision for hashtable purposes.

fxsniper

member

Activity: 406

Merit: 47

I not yet deep understand about ECDLP and Pollard's kangaroo Algorithm and about Collision
I just know overview that not enough for knowledge can solve puzzle

I am not sure I understand it correctly
This Collision method meaning it have Collision every where on range around 2*32 will be found Collision of every key right (but size large 2**256 it is large enough for can not find it)

bigvito19

full member

Activity: 706

Merit: 111

Quote from: NotATether on November 16, 2021, 07:54:01 AM

Quote from: superkatchu on November 10, 2021, 05:51:45 AM

Quote from: NotATether on November 10, 2021, 02:47:44 AM

Quote from: John_Ahmet on November 08, 2021, 07:23:49 PM

I've shared the basic pseudo code for RSA Bruteforce below. Can you please write a basic pseudo-code for this method?

You cannot solve RSA problems with the Kangaroo method because the ECDLP problem is not applicable for RSA, as there are no logarithms to solve for.

Not ECDLP but DLP so Pollard Rho and Pollard Kangaroo should be applicable no?

Rho is specifically designed for Discrete Logarithm (factoring) problem.

Also I read the Wikipedia page for Kangaroo which said that it's applicable for any group. In fact the paper for Pollard's Kangaroo originally mentioned it's use for multiplicative [again, RSA/factoring] groups.

Are there any Rho programs?

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: superkatchu on November 10, 2021, 05:51:45 AM

Quote from: NotATether on November 10, 2021, 02:47:44 AM

Quote from: John_Ahmet on November 08, 2021, 07:23:49 PM

I've shared the basic pseudo code for RSA Bruteforce below. Can you please write a basic pseudo-code for this method?

You cannot solve RSA problems with the Kangaroo method because the ECDLP problem is not applicable for RSA, as there are no logarithms to solve for.

Not ECDLP but DLP so Pollard Rho and Pollard Kangaroo should be applicable no?

Rho is specifically designed for Discrete Logarithm (factoring) problem.

Also I read the Wikipedia page for Kangaroo which said that it's applicable for any group. In fact the paper for Pollard's Kangaroo originally mentioned it's use for multiplicative [again, RSA/factoring] groups.

wedom

jr. member

Activity: 48

Merit: 11

Quote from: demoinvest1 on November 16, 2021, 04:45:02 AM

Can possible Pollard's kangaroo can search multiple pubkey in same time?
I mean check multiple pubkey at once

No, one at a time only

demoinvest1

newbie

Activity: 6

Merit: 0

Can possible Pollard's kangaroo can search multiple pubkey in same time?
I mean check multiple pubkey at once

superkatchu

newbie

Activity: 5

Merit: 2

Quote from: NotATether on November 10, 2021, 02:47:44 AM

Quote from: John_Ahmet on November 08, 2021, 07:23:49 PM

I've shared the basic pseudo code for RSA Bruteforce below. Can you please write a basic pseudo-code for this method?

You cannot solve RSA problems with the Kangaroo method because the ECDLP problem is not applicable for RSA, as there are no logarithms to solve for.

Not ECDLP but DLP so Pollard Rho and Pollard Kangaroo should be applicable no?

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: John_Ahmet on November 08, 2021, 07:23:49 PM

I've shared the basic pseudo code for RSA Bruteforce below. Can you please write a basic pseudo-code for this method?

You cannot solve RSA problems with the Kangaroo method because the ECDLP problem is not applicable for RSA, as there are no logarithms to solve for.

Topic: Pollard's kangaroo ECDLP solver - page 24. (Read 59389 times)