Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 41. (Read 58537 times)

jr. member
Activity: 81
Merit: 2
August 09, 2021, 05:53:49 AM
  can some one please let me know meaning of this line
Code:
y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
in my understanding
it is saying Y = change x value to Y in binary or multiply pub_hex bla bla . really confusing

 Roll Eyes
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 09, 2021, 01:13:24 AM
Just silly question  Grin

is it possible to know this public key is from this range? like 110 or 115?

is there any way to identify?

No, otherwise you would be able to find the upper bits of every private key in existence.
jr. member
Activity: 81
Merit: 2
August 09, 2021, 01:07:25 AM
Just silly question  Grin

is it possible to know this public key is from this range? like 110 or 115?

is there any way to identify?
jr. member
Activity: 81
Merit: 2
August 08, 2021, 06:41:47 AM
i used exact way but i am getting 0x800000000000000000000000000000 ?
 not sure what is wrong or some thing is missing , even with your code it is giving me same out put

"0x800000000000000000000000000000"

can you run on your side please ?

Same result here. It's because you have an off-by-one error. The max range should be:

Code:
ffffffffffffffffffffffffffffff

and not:

Code:
1000000000000000000000000000000

because the largest private key that fits 120 bits is the ffff.... number, the 1000.... number requires 121 bits to fit (all bits will be zero except for the 121st bit which is one).

cool , that was the issue now i got it , Thanks bro , you deserve share from my side if i hit the key hehehehe Sad
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 08, 2021, 06:35:31 AM
i used exact way but i am getting 0x800000000000000000000000000000 ?
 not sure what is wrong or some thing is missing , even with your code it is giving me same out put

"0x800000000000000000000000000000"

can you run on your side please ?

Same result here. It's because you have an off-by-one error. The max range should be:

Code:
ffffffffffffffffffffffffffffff

and not:

Code:
1000000000000000000000000000000

because the largest private key that fits 120 bits is the ffff.... number, the 1000.... number requires 121 bits to fit (all bits will be zero except for the 121st bit which is one).
jr. member
Activity: 81
Merit: 2
August 08, 2021, 06:27:22 AM
how to calculate hex key range , i mean

120 range is

  • Min range: 800000000000000000000000000000
  • Max range: 1000000000000000000000000000000

so total search space is 7fffffffffffffffffffffffffffff . i guess

how can i calculate total range space between 2 key ranges?

It's as simple as doing max range - min range and then turning the result back into hex.

It can be done using simple Python statements:

Code:
min_range = 0x800000000000000000000000000000
max_range = 0x1000000000000000000000000000000 # autoconverts to int
print(hex(max_range-min_range))
# 0x7fffffffffffffffffffffffffffff


i used exact way but i am getting 0x800000000000000000000000000000 ?
 not sure what is wrong or some thing is missing , even with your code it is giving me same out put

"0x800000000000000000000000000000"

can you run on your side please ?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 08, 2021, 06:24:31 AM
how to calculate hex key range , i mean

120 range is

  • Min range: 800000000000000000000000000000
  • Max range: 1000000000000000000000000000000

so total search space is 7fffffffffffffffffffffffffffff . i guess

how can i calculate total range space between 2 key ranges?

It's as simple as doing max range - min range and then turning the result back into hex.

It can be done using simple Python statements:

Code:
min_range = 0x800000000000000000000000000000
max_range = 0x1000000000000000000000000000000 # autoconverts to int
print(hex(max_range-min_range))
# 0x7fffffffffffffffffffffffffffff
jr. member
Activity: 81
Merit: 2
August 08, 2021, 06:07:02 AM
how to calculate hex key range , i mean

120 range is

  • Min range: 800000000000000000000000000000
  • Max range: 1000000000000000000000000000000

so total search space is 7fffffffffffffffffffffffffffff . i guess

how can i calculate total range space between 2 key ranges?
jr. member
Activity: 81
Merit: 2
August 08, 2021, 02:01:24 AM
wow it created an output file with 99 nums.. what range should those be at sir.

That's how it works.

At the bottom of the script there's a variable called "factor" you should change that determines how much each key is divided by (yes all keys are shifted by the same factor). I also include the "0" position as well as the 1-32 positions, that's why you see 33 shifted keys per key. You must have used 3 keys as file input.

If you wanted to shift down each pubkey by 5 bits for example, compute 2**5 and then set "factor" to that value.

Your range will be between 0 and 2bitsorig_range - bitsfactor e.g. if your range is 120 and you shrink it by 5, the max is 2^115 in hex.

Thanks , codes now working !~
jr. member
Activity: 40
Merit: 7
August 06, 2021, 10:25:06 AM
wow it created an output file with 99 nums.. what range should those be at sir.

That's how it works.

At the bottom of the script there's a variable called "factor" you should change that determines how much each key is divided by (yes all keys are shifted by the same factor). I also include the "0" position as well as the 1-32 positions, that's why you see 33 shifted keys per key. You must have used 3 keys as file input.

If you wanted to shift down each pubkey by 5 bits for example, compute 2**5 and then set "factor" to that value.

Your range will be between 0 and 2bitsorig_range - bitsfactor e.g. if your range is 120 and you shrink it by 5, the max is 2^115 in hex.



thanks man , its worked Smiley
newbie
Activity: 5
Merit: 0
August 06, 2021, 09:01:50 AM
i am  using kangaroo on tesla v100 X8 its currently running at 7255.03 MK/s and its stuck in 2^50 the point values are increasing extremely slow  and it shows that the expected operations is 2^60.73 so does that mean that the private key will be found when the count reaches 2^60.73..?? why is it slow do i have to increase the kangaroo number..?? if so how to do that
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 05, 2021, 08:10:14 PM
wow it created an output file with 99 nums.. what range should those be at sir.

That's how it works.

At the bottom of the script there's a variable called "factor" you should change that determines how much each key is divided by (yes all keys are shifted by the same factor). I also include the "0" position as well as the 1-32 positions, that's why you see 33 shifted keys per key. You must have used 3 keys as file input.

If you wanted to shift down each pubkey by 5 bits for example, compute 2**5 and then set "factor" to that value.

Your range will be between 0 and 2bitsorig_range - bitsfactor e.g. if your range is 120 and you shrink it by 5, the max is 2^115 in hex.
full member
Activity: 431
Merit: 105
August 05, 2021, 06:49:33 PM
wow it created an output file with 99 nums.. what range should those be at sir.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 05, 2021, 11:40:54 AM
i don't know for others but for me still issue as no error is there and nothing in output.txt.
also it is deleting data from input file Sad.
after executing codes both file became 0 in size.

I'm not doubting you but I couldn't reproduce the deleting data from input file part.

is it working on your side?

See the update a few posts above



I'm thinking of making a (CPU-only) ARM port of Kangaroo, because renting those kinds of machines on cloud systems is slightly cheaper than x86 machines.

Edit: apparently ARM doesn't have a 64x64->128 bit mul instruction, but it does have a host of 128-bit registers, so some creative assembly to implement high-level operations like ECmul (e.g. https://eprint.iacr.org/2014/760.pdf) is necessary. ARM needs 5 instructions to emulate 64x64=128 bit mul compared to just 1 on x86.
jr. member
Activity: 40
Merit: 7
August 05, 2021, 10:06:53 AM
cool bro but one issue is appearing

Code:
Traceback (most recent call last):
  File "shiftdown.py", line 47, in
    P = shiftdown(P, factor, outf, convert=False)
  File "shiftdown.py", line 28, in shiftdown
    P = Q - (i * G)
TypeError: unsupported operand type(s) for -: 'NoneType' and 'Point'

There was a small typo, try it now.

i don't know for others but for me still issue as no error is there and nothing in output.txt.
also it is deleting data from input file Sad.
after executing codes both file became 0 in size.

is it working on your side?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 05, 2021, 07:52:08 AM
cool bro but one issue is appearing

Code:
Traceback (most recent call last):
  File "shiftdown.py", line 47, in
    P = shiftdown(P, factor, outf, convert=False)
  File "shiftdown.py", line 28, in shiftdown
    P = Q - (i * G)
TypeError: unsupported operand type(s) for -: 'NoneType' and 'Point'

There was a small typo, try it now.
jr. member
Activity: 81
Merit: 2
August 04, 2021, 10:21:28 PM
In that case this should do the trick:

Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)



# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor, file, convert=True):
    if convert:
        Q = pub2point(pubkey)
    else:
        Q = pubkey
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor+1):
        P = Q - (i * G)
        P = k * P
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        file.write(prefix+hx+"\n") # Writes compressed key to file

factor = 32

with open("input.txt") as f, open("output.txt", "a") as outf:
    line = f.readline()
    if line:
        P = pub2point(line)
    while line:
          line = f.readline()
          Q = pub2point(line)
          P = shiftdown(P, factor, outf, convert=False)

This is for all keys in one file, I technically *could* script the case of one set of shifted keys per file, but then it requires an argc/argv switch to toggle the one you want and implementing that will bloat the code size Tongue

cool bro but one issue is appearing

Code:
Traceback (most recent call last):
  File "shiftdown.py", line 47, in
    P = shiftdown(P, factor, outf, convert=False)
  File "shiftdown.py", line 28, in shiftdown
    P = Q - (i * G)
TypeError: unsupported operand type(s) for -: 'NoneType' and 'Point'
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 04, 2021, 06:30:08 PM
In that case this should do the trick:


EDIT NUMBER 3: THIS VERSION ACTUALLY WORKS USE THIS ONE

Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)



# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor, file, convert=True):
    Q = pub2point(pubkey) if convert else pubkey
    print(Q, 'QQ')
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor+1):
        P = Q - (i * G)
        P = k * P
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        file.write(prefix+hx+"\n") # Writes compressed key to file

factor = 32

with open("input.txt", "r") as f, open("output.txt", "w") as outf:
    line = f.readline().strip()
    while line != '':
          shiftdown(line, factor, outf)
          line = f.readline().strip()

This is for all keys in one file, I technically *could* script the case of one set of shifted keys per file, but then it requires an argc/argv switch to toggle the one you want and implementing that will bloat the code size Tongue



EDIT: I had posted an older version of the script which people complained had a bunch of errors, admittingly I did not test this version with the file input since the base script was already "bug free" I thought these should be straightforward changes... well now I know  Embarrassed

After some proper testing, I got rid of a bunch of artifacts from older script versions that were triggering lint errors, and the result is posted here, above.
jr. member
Activity: 40
Merit: 7
August 04, 2021, 09:42:12 AM
i want to load 300 keys from file line by line and do the divisor calculation on each one 32 time and save output in file.

Again, one file total, or one file for each pubkey?

Printing all the keys in a single file becomes messy to read but is doable.

yes please if you can share such script
jr. member
Activity: 50
Merit: 7
August 04, 2021, 09:24:03 AM
Kangaroo pool up and running if anyone wants to join!

the pool is currently at 2^27/2^35.55 DP in only 4 days! we will be finding this address soon as more people join.

The prize will be split according to the number of kangaroos you supply to the pool as well as your speed. We only want QUALITY kangaroos, which means if you change your gpu grid to supply more kangaroos but decrease your speed to do so these are not quality kangaroos and you be paid on your speed to the pool.

https://github.com/yoyodapro/Kangaroo-Server

The pool is currently at 2^28.081/2^35.55 DP, thank you to all that are joining us!

As has been discussed in our discord, if you are afraid of losing the work youve already put into your own kangaroo search, we are allowing users to contribute their own work files (DP 25 and above) towards their share of the prize.
Pages:
Jump to: