Topic: Pollard's kangaroo ECDLP solver - page 32. (Read 60381 times)

Find one pubkey in any range and you have the private key of original pub key

that what i said before 

I saw that you posted before I could post. I had already invested about 20 minutes for the post and was like: "Well, it is already said, but not from everyone" and so I posted it anyway.

Also the 33 division makes sense as the distance between each point will be the mod inverse of 33 or so. Its like cutting the whole N into ranges, as mentioned before. Only problem is, that you are only getting one in the lower bruteforcable range and then can jump from that one and can determine the other 32 private keys.

And yes, you just have to multiply the privatekey times your divisor and then mod N to get the right result.

Yeah I already asked about 2520; I did not see where he stated it had to be even or odd, just no float. It could be beneficial, I will have to run more tests tomorrow. But as of now, I can find any key in any range with any divisor. So I did learn something from all of this discussion. Example, if you took a 40 bit public key and divided it by 33, I could find every public key that is generated and ultimately each pub key found in any/every range will lead me back to private key of original pub key, with a click of a button.

I ran several tests with divisor of 33 and a few with a divisor of 192. Find one pubkey in any range and you have the private key of original pub key.

What about 2520?

2520 = 2³ * 3² * 5 * 7

2520 / 10 = 252
2520 / 9 = 280
2520 / 8 = 315
2520 / 7 = 360
2520 / 6 = 420
2520 / 5 = 504
2520 / 4 = 630
2520 / 3 = 830
2520  / 2 = 1260
2520 / 1 = 2520

Only difference is, that dividing by 8 will get you a odd number. If you want that it is even when dividing by 8, then just double 2520. So 5040 is much smaller than 30240. So why is according to you only 30240 dividable from 1 to 10? If it is even relevant as 30240 is not a divisor of N-1.

References:
https://en.wikipedia.org/wiki/Highly_composite_number
https://mrob.com/pub/math/numbers-14.html#lc5040

 

Maybe I am misunderstanding you and what you mean, but any multiple of 2520 would have the same result...

Thanks for the number hint.
I hope to figure it out and solve this problem.

In the previous post, I thought the other way, that we need to find such a divisor and such a multiplier that would get the same division residuals. For example, below are the results of division and multiplication using these and other numbers:
don't look at the specific values of the numbers, this is for an example. All that matters is that they end in one digit and the second digit alternates.

Giving you all one more tip , in total numerology, only 30240 is is dividable from 1 to 10, mean 5 even 5 odd, at same time, and no floating result
i gurantee, you never see 30240 secrets
30240.0000   10.0000   3024.0000
30240.0000   9.0000   3360.0000
30240.0000   8.0000   3780.0000
30240.0000   7.0000   4320.0000
30240.0000   6.0000   5040.0000
30240.0000   5.0000   6048.0000
30240.0000   4.0000   7560.0000
30240.0000   3.0000   10080.0000
30240.0000   2.0000   15120.0000
30240.0000   1.0000   30240.0000

if you multuply 30240 to any numbers, and result could also div by 1 to 10, and in result no floating point

30240 * 777 = 23496480.0000
23496480.0000   10.0000   2349648.0000
23496480.0000   9.0000   2610720.0000
23496480.0000   8.0000   2937060.0000
23496480.0000   7.0000   3356640.0000
23496480.0000   6.0000   3916080.0000
23496480.0000   5.0000   4699296.0000
23496480.0000   4.0000   5874120.0000
23496480.0000   3.0000   7832160.0000
23496480.0000   2.0000   11748240.0000
23496480.0000   1.0000   23496480.0000

hope like in my preivios post for magic numbers, you could not understand, same hope you will not understand secrets behind this only 1 magic numberology
 

The cool thing, well, neat to me; is using brainless' "math" I was able to find private keys to x,y and x,-y, or the private keys to both 03 and 02 public keys. The positive and negative Ys that belong to the same X...like I said, I have never found both so it was neat to me lol

In brainless' defense concerning this specific convo, what he says is true. The locations aren't random and you can calculate exact range in the example he gave. I went through and found each key in their respective range. Sometimes we have to remember that not everyone speaks this language or that language and that can lead to confusion...sometimes. If you go back to the convo, he does walk you through how to find exact range/location for the example he provided. No magic, no range/key shrinkage, just ranges on the curve.

Had a freak day today, so my brain's (no pun intended) not very attentive right now. Will need multiple drinks of jolt cola before I can go over what you did.


It's possible, but also remember a) OpenSSL uses multiple entropy sources - one of which is urandom (another is the entropy it stores in a file somewhere) and 2) the real-life sample size is very small - there were at least 256 256-bit random numbers generated in the process of making the puzzle, and possibly more as several of the numbers were probably not in the appropriate range.


Well all I did is reverse engineer the algorithm until it completely matched the examples that brainless provided so congratulations on explaining in simple terms why the algorithm is so absurd.


720 keys means you've only reduced it by some factor between 2^109 and 2^110, how do you even begin shifting a key down that far while not making the number of group ops explode as well?

---

This is just a dump of x-points that are on the secp256k1 curve (x=5 is not on the curve IIRC). Again though, I could pick any x-point on the curve to divide by, so this dump doesn't answer the question - How is creating multiple zones supposed to shift the range down, when all it's doing is shifting it up (massively)?  

---

0.75BTC at the time wouldn't buy you just a 3090, it would buy you an entire fucking 8Pack OrionX (almost).

Etar showed example:

Giving a ready-made script is very easy. I would hope for hints, and get to the result myself.

I have been working hard on this question for several months now, as you know. Since this topic has stuck with me a lot and I want to get to the bottom of it, including from a mathematical point of view.
I have done and am doing a lot of different experiments with these numbers and other divisors at 10 and 20 bit levels.
So far I still can not understand how to reduce the number of keys, while preserving the bits, but I'm working on it!
What I found out: as we know, these numbers are divisors of numbers N-1. When dividing by these numbers, the results are consecutively "on a circle of N".
The numbers that are not divisors do not go sequentially on the circle, but they can also be placed sequentially, in this case we should use a step that depends on the remainder.

For your question. I am afraid of misunderstanding the problem because of the translation problem. If you can, give an example of what we have and what we need to get using these numbers.
Regards.
Thank you

by the way dont brain (mind) brainless but you got me man~ now before die i really want to see script which you are using to reduce number of keys  . consider it as my last wish 

ok i dont want to go more in details but i think he is saying that you use these number to generate divisor keys ~~ instead of using 32 in script use one of magic number ( & 32 is already there)

lets say you use magic number 1262 and get 1262 keys , now again use divisor to to get 1262x1262 = 1592644

now do again divisor of 1592644 keys with 1262 each and you will get = 2009916728


now one file with 1592644 keys and one file with 2009916728 and here the real shit will come

these 2 files each other addition and multiplication will return you some lower number of keys lets say 500


than again you pick one so call magic number and start doing same process until you faint and they will take you to the hospital and when you will get up from coma you will know ssxb got 120 by calculating other side shit

right brainless 

What the hell is a div point?

https://bitcointalksearch.org/topic/m.57373246

Is there any mathematical argument for this reduction?

And what magic numbers are we talking about .

i can give you access to one of my rig , 10850k oc , 128gb 3600 OC , 3080 OC for 24/7