What are the requirements for using this, I'm using python 3 on windows and still getting errors.
Did you install fastecdsa and bit modules from PyPI first?
Topic: Pollard's kangaroo ECDLP solver - page 42. (Read 60095 times)
Did you install fastecdsa and bit modules from PyPI first?
In that case this should do the trick:
EDIT NUMBER 3: THIS VERSION ACTUALLY WORKS USE THIS ONE
This is for all keys in one file, I technically *could* script the case of one set of shifted keys per file, but then it requires an argc/argv switch to toggle the one you want and implementing that will bloat the code size
EDIT: I had posted an older version of the script which people complained had a bunch of errors, admittingly I did not test this version with the file input since the base script was already "bug free" I thought these should be straightforward changes... well now I know
After some proper testing, I got rid of a bunch of artifacts from older script versions that were triggering lint errors, and the result is posted here, above.
EDIT NUMBER 3: THIS VERSION ACTUALLY WORKS USE THIS ONE
Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit
G = curve.secp256k1.G
N = curve.secp256k1.q
def pub2point(pub_hex):
x = int(pub_hex[2:66], 16)
if len(pub_hex) < 70:
y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
else:
y = int(pub_hex[66:], 16)
return Point(x, y, curve=curve.secp256k1)
# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor, file, convert=True):
Q = pub2point(pubkey) if convert else pubkey
print(Q, 'QQ')
# k = 1/divisor
k = pow(divisor, N - 2, N)
for i in range(divisor+1):
P = Q - (i * G)
P = k * P
if (P.y % 2 == 0):
prefix = "02"
else:
prefix = "03"
hx = hex(P.x)[2:].zfill(64)
hy = hex(P.y)[2:].zfill(64)
file.write(prefix+hx+"\n") # Writes compressed key to file
factor = 32
with open("input.txt", "r") as f, open("output.txt", "w") as outf:
line = f.readline().strip()
while line != '':
shiftdown(line, factor, outf)
line = f.readline().strip()
from fastecdsa.point import Point
import bit
G = curve.secp256k1.G
N = curve.secp256k1.q
def pub2point(pub_hex):
x = int(pub_hex[2:66], 16)
if len(pub_hex) < 70:
y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
else:
y = int(pub_hex[66:], 16)
return Point(x, y, curve=curve.secp256k1)
# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor, file, convert=True):
Q = pub2point(pubkey) if convert else pubkey
print(Q, 'QQ')
# k = 1/divisor
k = pow(divisor, N - 2, N)
for i in range(divisor+1):
P = Q - (i * G)
P = k * P
if (P.y % 2 == 0):
prefix = "02"
else:
prefix = "03"
hx = hex(P.x)[2:].zfill(64)
hy = hex(P.y)[2:].zfill(64)
file.write(prefix+hx+"\n") # Writes compressed key to file
factor = 32
with open("input.txt", "r") as f, open("output.txt", "w") as outf:
line = f.readline().strip()
while line != '':
shiftdown(line, factor, outf)
line = f.readline().strip()
This is for all keys in one file, I technically *could* script the case of one set of shifted keys per file, but then it requires an argc/argv switch to toggle the one you want and implementing that will bloat the code size
EDIT: I had posted an older version of the script which people complained had a bunch of errors, admittingly I did not test this version with the file input since the base script was already "bug free" I thought these should be straightforward changes... well now I know
After some proper testing, I got rid of a bunch of artifacts from older script versions that were triggering lint errors, and the result is posted here, above.
What are the requirements for using this, I'm using python 3 on windows and still getting errors.
Hi. Can you explain how you can learn the upper bits by knowing the range?
If you know that a key will be less than and greater than a maximum and minimum, it limits the values that the higher bits can have (else it wouldn't fit in that range, now would it
)For example, say that you know that a private key is between 115 and 120 bits long. That automatically means, since private keys are 256 numbers, that the bits after the 120th one (assume 1-based counting for simplicity) are all zero.
Because the ranges in these puzzle addresses are only ever going to be between (range-1) and range bits (i.e. that particular bit will always be set), it is straightforward to determine the higher bits that are zero or in a certain range like 0 to 4 (hex number values), 0 to C, etc. that's what makes brute-forcing possible.
Just silly question 
is it possible to know this public key is from this range? like 110 or 115?
is there any way to identify?
is it possible to know this public key is from this range? like 110 or 115?
is there any way to identify?
No, otherwise you would be able to find the upper bits of every private key in existence.
Hi. Can you explain how you can learn the upper bits by knowing the range?
can some one please let me know meaning of this line
it is saying Y = change x value to Y in binary or multiply pub_hex bla bla . really confusing
Code:
y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
in my understanding it is saying Y = change x value to Y in binary or multiply pub_hex bla bla . really confusing
It just calculates the Y point from the X point and the polarity of Y (compressed to uncompressed public key).
The [:2] is necessary to get the "02" or "03" at the beginning so we can convert that part from hex to int, then we use "% 2" to check if it represents odd or even Y.
fastecdsa can't work with compressed points, so we have to convert them to uncompressed points first.
can some one please let me know meaning of this line
it is saying Y = change x value to Y in binary or multiply pub_hex bla bla . really confusing
Code:
y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
in my understanding it is saying Y = change x value to Y in binary or multiply pub_hex bla bla . really confusing
Just silly question
is it possible to know this public key is from this range? like 110 or 115?
is there any way to identify?
is it possible to know this public key is from this range? like 110 or 115?
is there any way to identify?
No, otherwise you would be able to find the upper bits of every private key in existence.
Just silly question
is it possible to know this public key is from this range? like 110 or 115?
is there any way to identify?
is it possible to know this public key is from this range? like 110 or 115?
is there any way to identify?
i used exact way but i am getting 0x800000000000000000000000000000 ?
not sure what is wrong or some thing is missing , even with your code it is giving me same out put
"0x800000000000000000000000000000"
can you run on your side please ?
not sure what is wrong or some thing is missing , even with your code it is giving me same out put
"0x800000000000000000000000000000"
can you run on your side please ?
Same result here. It's because you have an off-by-one error. The max range should be:
Code:
ffffffffffffffffffffffffffffff
and not:
Code:
1000000000000000000000000000000
because the largest private key that fits 120 bits is the ffff.... number, the 1000.... number requires 121 bits to fit (all bits will be zero except for the 121st bit which is one).
cool , that was the issue now i got it , Thanks bro , you deserve share from my side if i hit the key hehehehe
i used exact way but i am getting 0x800000000000000000000000000000 ?
not sure what is wrong or some thing is missing , even with your code it is giving me same out put
"0x800000000000000000000000000000"
can you run on your side please ?
not sure what is wrong or some thing is missing , even with your code it is giving me same out put
"0x800000000000000000000000000000"
can you run on your side please ?
Same result here. It's because you have an off-by-one error. The max range should be:
Code:
ffffffffffffffffffffffffffffff
and not:
Code:
1000000000000000000000000000000
because the largest private key that fits 120 bits is the ffff.... number, the 1000.... number requires 121 bits to fit (all bits will be zero except for the 121st bit which is one).
how to calculate hex key range , i mean
120 range is
so total search space is 7fffffffffffffffffffffffffffff . i guess
how can i calculate total range space between 2 key ranges?
120 range is
- Min range: 800000000000000000000000000000
- Max range: 1000000000000000000000000000000
so total search space is 7fffffffffffffffffffffffffffff . i guess
how can i calculate total range space between 2 key ranges?
It's as simple as doing max range - min range and then turning the result back into hex.
It can be done using simple Python statements:
Code:
min_range = 0x800000000000000000000000000000
max_range = 0x1000000000000000000000000000000 # autoconverts to int
print(hex(max_range-min_range))
# 0x7fffffffffffffffffffffffffffff
max_range = 0x1000000000000000000000000000000 # autoconverts to int
print(hex(max_range-min_range))
# 0x7fffffffffffffffffffffffffffff
i used exact way but i am getting 0x800000000000000000000000000000 ?
not sure what is wrong or some thing is missing , even with your code it is giving me same out put
"0x800000000000000000000000000000"
can you run on your side please ?
how to calculate hex key range , i mean
120 range is
so total search space is 7fffffffffffffffffffffffffffff . i guess
how can i calculate total range space between 2 key ranges?
120 range is
- Min range: 800000000000000000000000000000
- Max range: 1000000000000000000000000000000
so total search space is 7fffffffffffffffffffffffffffff . i guess
how can i calculate total range space between 2 key ranges?
It's as simple as doing max range - min range and then turning the result back into hex.
It can be done using simple Python statements:
Code:
min_range = 0x800000000000000000000000000000
max_range = 0x1000000000000000000000000000000 # autoconverts to int
print(hex(max_range-min_range))
# 0x7fffffffffffffffffffffffffffff
max_range = 0x1000000000000000000000000000000 # autoconverts to int
print(hex(max_range-min_range))
# 0x7fffffffffffffffffffffffffffff
how to calculate hex key range , i mean
120 range is
so total search space is 7fffffffffffffffffffffffffffff . i guess
how can i calculate total range space between 2 key ranges?
120 range is
- Min range: 800000000000000000000000000000
- Max range: 1000000000000000000000000000000
so total search space is 7fffffffffffffffffffffffffffff . i guess
how can i calculate total range space between 2 key ranges?
wow it created an output file with 99 nums.. what range should those be at sir.
That's how it works.
At the bottom of the script there's a variable called "factor" you should change that determines how much each key is divided by (yes all keys are shifted by the same factor). I also include the "0" position as well as the 1-32 positions, that's why you see 33 shifted keys per key. You must have used 3 keys as file input.
If you wanted to shift down each pubkey by 5 bits for example, compute 2**5 and then set "factor" to that value.
Your range will be between 0 and 2bitsorig_range - bitsfactor e.g. if your range is 120 and you shrink it by 5, the max is 2^115 in hex.
Thanks , codes now working !~
wow it created an output file with 99 nums.. what range should those be at sir.
That's how it works.
At the bottom of the script there's a variable called "factor" you should change that determines how much each key is divided by (yes all keys are shifted by the same factor). I also include the "0" position as well as the 1-32 positions, that's why you see 33 shifted keys per key. You must have used 3 keys as file input.
If you wanted to shift down each pubkey by 5 bits for example, compute 2**5 and then set "factor" to that value.
Your range will be between 0 and 2bitsorig_range - bitsfactor e.g. if your range is 120 and you shrink it by 5, the max is 2^115 in hex.
thanks man , its worked
i am using kangaroo on tesla v100 X8 its currently running at 7255.03 MK/s and its stuck in 2^50 the point values are increasing extremely slow and it shows that the expected operations is 2^60.73 so does that mean that the private key will be found when the count reaches 2^60.73..?? why is it slow do i have to increase the kangaroo number..?? if so how to do that
wow it created an output file with 99 nums.. what range should those be at sir.
That's how it works.
At the bottom of the script there's a variable called "factor" you should change that determines how much each key is divided by (yes all keys are shifted by the same factor). I also include the "0" position as well as the 1-32 positions, that's why you see 33 shifted keys per key. You must have used 3 keys as file input.
If you wanted to shift down each pubkey by 5 bits for example, compute 2**5 and then set "factor" to that value.
Your range will be between 0 and 2bitsorig_range - bitsfactor e.g. if your range is 120 and you shrink it by 5, the max is 2^115 in hex.
wow it created an output file with 99 nums.. what range should those be at sir.
i don't know for others but for me still issue as no error is there and nothing in output.txt.
also it is deleting data from input file.
after executing codes both file became 0 in size.
also it is deleting data from input file
. after executing codes both file became 0 in size.
I'm not doubting you but I couldn't reproduce the deleting data from input file part.
is it working on your side?
See the update a few posts above
I'm thinking of making a (CPU-only) ARM port of Kangaroo, because renting those kinds of machines on cloud systems is slightly cheaper than x86 machines.
Edit: apparently ARM doesn't have a 64x64->128 bit mul instruction, but it does have a host of 128-bit registers, so some creative assembly to implement high-level operations like ECmul (e.g. https://eprint.iacr.org/2014/760.pdf) is necessary. ARM needs 5 instructions to emulate 64x64=128 bit mul compared to just 1 on x86.
cool bro but one issue is appearing
Code:
Traceback (most recent call last):
File "shiftdown.py", line 47, in
P = shiftdown(P, factor, outf, convert=False)
File "shiftdown.py", line 28, in shiftdown
P = Q - (i * G)
TypeError: unsupported operand type(s) for -: 'NoneType' and 'Point'
File "shiftdown.py", line 47, in
P = shiftdown(P, factor, outf, convert=False)
File "shiftdown.py", line 28, in shiftdown
P = Q - (i * G)
TypeError: unsupported operand type(s) for -: 'NoneType' and 'Point'
There was a small typo, try it now.
i don't know for others but for me still issue as no error is there and nothing in output.txt.
also it is deleting data from input file
. after executing codes both file became 0 in size.
is it working on your side?
Jump to: