Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 47. (Read 59389 times)

full member
Activity: 1162
Merit: 237
Shooters Shoot...
July 09, 2021, 05:31:36 PM
Does anyone have the public key of 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN   puzzle #64 or is there a way to figure out the public key of a public address?? I'm so confused I've been running cuBitCrack on tesla v100 for almost a day and I figured that Pollard's kangaroo for SECPK1 would work a lot better than cuBitCrack please help
No, no one has the public key or it would have already been solved. And there is no way to figure out what the public key is for #64
newbie
Activity: 5
Merit: 0
July 09, 2021, 05:01:14 PM
Does anyone have the public key of 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN   puzzle #64 or is there a way to figure out the public key of a public address?? I'm so confused I've been running cuBitCrack on tesla v100 for almost a day and I figured that Pollard's kangaroo for SECPK1 would work a lot better than cuBitCrack please help
full member
Activity: 1162
Merit: 237
Shooters Shoot...
July 07, 2021, 12:58:03 PM
Quote
Wait I think you actually are right, given my example was done with 48 as the divisor which is not a power of two, and to generate the 2^110 shrunk pubkeys I called it with 2**10.

It's a simple test. I will run my script to generate 30 pubkeys (of #120s pubkey, mine will actually kick out 31 because I also print out the 0 fraction), not a power of 2. They are listed below:

Code:
0306cc4e4f02b9443b09780c62fb4938ece6a565e1a655d140392c8c0722095833
0388f12eaa0dd72e34a591f3b1e26ee95ee5c69e86b180ee273d90cf4dc44c119e
023a4500584397c93e5aaf53a16523447fa1abefdf5197b8ff57b66aa392cb505b
0358dfb1bcb377e6ecff83ea462dd22834b75e556fd632f8129c58ae58d583af68
02def0fb16f2034e5b2a0042ddff0d7eac8601452b5c47a231eb8c00bd974e3d9d
03d50f4d52d3621509dde204441a8a27c427984787525e75622cce33239822098e
032fd383831b54ccb07801a38aad094b4931da963859c28ba05e13eef6ae78f054
035d5ec83c90b88c8195d626e4c06460e7884d6b9d3dcc65db523d26c40287e38d
03e8cb5ef4d9c15d57da7db6b51f239f9b9524abf43eb17cdae440282731295dcc
0266ece7f73e80cf1e3237dc39efe5bac8b2782d740cfab0fe2e4c7e4836bdc303
03c2cf0ccfc6f18ef48337ca1030d4d6b64158b85a22fb3d58ae90e42bf3d00cc1
0306a3fa40c90fe0f7020fcbfd88e0145aa00edb86c7b403dfda69c79b1094fda7
03863eca1470caf643c2a2d76ee7a362df3f83522d3ad075815928ca8d9218b880
0345bcf0b25658025f54be56fd7879d6bc4c3a063f09b82cd96c04bed05c2e4170
02770cd61fda7df08c58206e36f1ea6ee7f47bc00ed528507c37b2ffc2059eed83
03254427cca3b8ac5aae986654ebd232494115d4189f7eb4662fc736ec236031bd
020a1973d3f0f63bc39d8673681fbfd78a1a6d410796280a9abe2ef89f4b8316ff
0321278a18725d6863dba46d5564840a08513172788d50d63d1c80c5c96c8addd6
020f91f0ecf3aa2164efd5d356cb9f68738098b6a9e560c4a57d017b323ca93790
037022784d0645bba15d4503724fd74186d5afcd63f292c4a04798476b4f24382a
024d90781a80fbc6aedd6494aa3ba55d085c2904724aeb00f8d72772327d141da3
02cdc9b6e6bb8234cd9f78fe57377518570a3f5697ea69cf2c044ae9a857db6eb8
0287b4005a37760dc14fc7e18f92bcf8fda1d6893ff223ffc5fa4e54b6c1757b93
03c79dcb7c91e91fc8bbe6aae1219c147737ea0b2a1635e490eaa5d9efee93b011
02a299f573b0424b8cb2cc2f1378a87c3792e970198ddfbab40e5007f457853020
036891daa8037df91ee05db6704cb04af45d191f63b8982397490fdf18db8197fb
02acb9fffb298dafef81948e0212b1d98a3540fea547978479db0a40c17a21e545
0297f33fce0e8fd3b8137ef332e63132a58a2c7dfa9282e1338b92655abda6db4f
03ac294d5435691a1c512f7279a8c79f2c3e0f3a029c50cae669d9c925ccd7349e
03430d51248eba60694e8bb0bab136464aed31947a5de423512c6c5faf2435dd4e
027415cfbc1deb0385e47c4915232435f713f652bb0163bc658a34a96ef6530dea


Now you run your script/the script you posted and see if the lists match.
full member
Activity: 1162
Merit: 237
Shooters Shoot...
July 07, 2021, 12:50:39 PM
Thank you for your patience
NotATether

But so, he searches for the first until he finds and moves on to the other.
I've tried this way.




I just tried it.

307A688ABA7Aef7700000000000
307A688ABA7Aef77fffffffffff

0335BB25364370D4DD14A9FC2B406D398C4B53C85BE58FCC7297BD34004602EBEC
029a81e415020a8444fb5008143057803d07b4f427519f5daf06c8eb13d3a29f24


The ego finds the second key to this range instantly.
The first key is not from here.
And I put it first.
And he is looking for him.
And the working key below is idle, since it works only with one, with the first.
Ok, I guess I misunderstood your question. Or maybe not and NotA did. Not sure what you are wanting but read my above reply to your initial post.

It will not search for all pubkeys at once, "at the same time" as you asked. If your first pubkey is not in the range, the program will run FOREVER, unless you use the -m option.

Reread my post above.
jr. member
Activity: 38
Merit: 1
July 07, 2021, 12:30:26 PM
Thank you for your patience
NotATether

But so, he searches for the first until he finds and moves on to the other.
I've tried this way.




I just tried it.

307A688ABA7Aef7700000000000
307A688ABA7Aef77fffffffffff

0335BB25364370D4DD14A9FC2B406D398C4B53C85BE58FCC7297BD34004602EBEC
029a81e415020a8444fb5008143057803d07b4f427519f5daf06c8eb13d3a29f24


The ego finds the second key to this range instantly.
The first key is not from here.
And I put it first.
And he is looking for him.
And the working key below is idle, since it works only with one, with the first.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 07, 2021, 12:25:17 PM
Is this how you can do it in a kangaroo?

There is an example right in the README file of https://github.com/JeanLucPons/Kangaroo

Quote
Structure of the input file:

All values are in hex format
Public keys can be given either in compressed or uncompressed format
Code:
Start range
End range
Key #1
Key #2
...
ex

Code:
49dccfd96dc5df56487436f5a1b18c4f5d34f65ddb48cb5e0000000000000000
49dccfd96dc5df56487436f5a1b18c4f5d34f65ddb48cb5effffffffffffffff
0459A3BFDAD718C9D3FAC7C187F1139F0815AC5D923910D516E186AFDA28B221DC994327554CED887AAE5D211A2407CDD025CFC3779ECB9C9D7F2F1A1DDF3E9FF8
0335BB25364370D4DD14A9FC2B406D398C4B53C85BE58FCC7297BD34004602EBEC

Third, fourth, and below lines contain each of your public keys that you want to search for.

I wouldn't try it with 100K keys as input though, I'm not sure if it can handle that many.
jr. member
Activity: 38
Merit: 1
July 07, 2021, 12:19:36 PM
Yeah it's possible. Just put all the keys on one line each in the input file, after the two lines for start and end range.


Can you use the method you specified, in a kangaroo?


Something like this?


307A688ABA7A000000000000000
307A688ABA7Afffffffffffffff

023f81e98df59d891264d3fca9bca16552feaf1c7dba1bebd9a774c5fd6041f248
03b7d16572d1c71e629645c311078ca3cfbdd15b752de69ac606d9b0076f8373ca
0227216fdb90bd046064c3b93d10270a047233d17073ec6dae0ece6fe5d5f3942c
033b9934491df1cd5308886498dcc2be62a7a38093a372dd9355d45625a50c5407
0236bd119cd3471b5dab8599b0963fafa39972139a9c0cf11d57ff88e4449c15ce
03dfacf1392ee2a08655897f64563cdbbc9f8d700425f5d47a789fdbab028061db
0375bb11d9936856d2a081847bf121cf6ba4b687ca1ed890e46662ec26d626514b
02d4524b803c225a177449263b024bb6b2b7196fed3cb6905dbe02f9a54b4cfa53
03d71a03b483720655d327983a64dbedf6f3d4b29a0545907e8894a9d575d5e004

legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 07, 2021, 12:06:21 PM
~

Good Day. This sryptic is worked ? Then i divide 30 bytes, I got only 109 pubkeys Huh (((

That is strange. The for loop guarantees that the number of pubkeys printed should be the number you divided by.

It's kind of impractical for divisor >20 though as your disk space quickly fills up after that.

P.S. I'm not the original script author, it was posted and then deleted by rkvishvam

Hello everybody.
  Is there a way to check public keys at the same time?
how bitcrack checks addresses.
Maybe a kangaroo is a multi-key or something like that?
Or tell me how you check for example 100,000-1,000,000 keys?
It's unrealistic with your hands.

Yeah it's possible. Just put all the keys on one line each in the input file, after the two lines for start and end range.



Edit:

Quote
I try sript with 30 and 34. Then 30 I got 109 pubkeys, then 32 - 137 pubkeys. And Yes - script hard to run, requirements are give me strange errors...
If you are using Python 3.x, all you have to change is:

pubkey = '03a2efa402fd5268400c77c20e574ba86409ededee7c4020e4b9f0edbee53de0d4'

to whatever pubkey you want

and at the bottom

shiftdown(pubkey, 32)

change the 32 to however many pubkeys you want.


yes, I do it. I try now find a privkey....

edit: I wright understand what 30,32 etc is a power of 2 ? so If we talk about 120 pubkey, then I use this scripts with "30" I will get pubkey diveded by 2^30 ? so result will be "pubkey of 2^90" ?
No, I don't think so. The number 32 represents 2^5, so to get down to 2^90, you would need to enter 1073741824 (2^30), NotATether can answer if this is wrong or not

Don't enter it like that, the divisor also represents the exponent so you have to enter it as 30, maybe that's why you got this strange number (it could also be integer overflow inside the loop).

Wait I think you actually are right, given my example was done with 48 as the divisor which is not a power of two, and to generate the 2^110 shrunk pubkeys I called it with 2**10.
full member
Activity: 1162
Merit: 237
Shooters Shoot...
July 07, 2021, 12:03:13 PM
Hello everybody.
  Is there a way to check public keys at the same time?
how bitcrack checks addresses.
Maybe a kangaroo is a multi-key or something like that?
Or tell me how you check for example 100,000-1,000,000 keys?
It's unrealistic with your hands.
Running Kangaroo, checking pub keys at the same time, not without recoding. Or you can check one for awhile. Stop. Check the next one. Rinse and repeat.

You can use BSGS to check multiple keys in one run, however when you get above the 2^48, 2^52 range, it becomes time consuming. So you can break larger range down into smaller 2^40, 2^44 chunks and it's pretty fast, but if you have 1,000,000 pubkeys, expect an average of 10-15 keys checked per second; 1,000,000 / 15 = 18 hours to check them all (in the smaller range)

Or you can convert your 100,000-1,000,000 keys into addresses and use bitcrack or another brute force type program.
jr. member
Activity: 38
Merit: 1
July 07, 2021, 11:56:45 AM
Hello everybody.
  Is there a way to check public keys at the same time?
how bitcrack checks addresses.
Maybe a kangaroo is a multi-key or something like that?
Or tell me how you check for example 100,000-1,000,000 keys?
It's unrealistic with your hands.
member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
July 06, 2021, 07:27:37 PM
Quote
NotATether, answer please ?

EDIT:

I'm realy not understand how many exact sustracted from pubkey this code:


# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor):
    Q = pub2point(pubkey)
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor+1):
       P = Q - (i * G)
        P = k * P
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        print(prefix+hx, "04"+hx+hy)



so, if devisor = 5 this mean a just FIVE not any ^ and 2^5 etc.....
Cobra, why not just put 5 at the bottom and run it, see if you get 5 or 32 pubkeys?  Put 10 at the bottom and run it, see if you get 10 or 1024 pubkeys...
DO NOT mess with the code up top, I told you the two areas to tweak, pubkey and qty.

I was divide 120/30, in ECSPcallc.jar, and not foud pubkey in result of scrip work with param 30... not use this script now.
full member
Activity: 1162
Merit: 237
Shooters Shoot...
July 06, 2021, 07:09:54 PM
Quote
NotATether, answer please ?

EDIT:

I'm realy not understand how many exact sustracted from pubkey this code:


# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor):
    Q = pub2point(pubkey)
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor+1):
       P = Q - (i * G)
        P = k * P
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        print(prefix+hx, "04"+hx+hy)



so, if devisor = 5 this mean a just FIVE not any ^ and 2^5 etc.....
Cobra, why not just put 5 at the bottom and run it, see if you get 5 or 32 pubkeys?  Put 10 at the bottom and run it, see if you get 10 or 1024 pubkeys...
DO NOT mess with the code up top, I told you the two areas to tweak, pubkey and qty.
member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
July 06, 2021, 06:54:13 PM
...

Let's go to China ? They can make a BSGS for usb I think. Huh?

There is no need at the moment. Only for us to solve #120 #125 ... they wouldn't produce it.

But if we can build that network 'Calculating Satoshi's coins' https://bitcointalksearch.org/topic/calculating-satoshis-coins-5347791 then it would become interesting to produce it.

Satochi ccoin is a 0.00001 btc per address Huh
copper member
Activity: 76
Merit: 11
July 06, 2021, 06:52:14 PM
...

Let's go to China ? They can make a BSGS for usb I think. Huh?

There is no need at the moment. Only for us to solve #120 #125 ... they wouldn't produce it.

But if we can build that network 'Calculating Satoshi's coins' https://bitcointalksearch.org/topic/calculating-satoshis-coins-5347791 then it would become interesting to produce it.
member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
July 06, 2021, 06:47:14 PM
Is there a list with devices/cards and related jumps/sec?

What we need are asics

not to mine coins but for more jumps/sec



and

look at this, may be interesting: Calculating Satoshi's coins https://bitcointalksearch.org/topic/calculating-satoshis-coins-5347791



Let's go to China ? They can make a BSGS for usb I think. Huh?

I'm work now with 861 811 060 385 455 217 keys/s but this is not helpful for 120 !!!
copper member
Activity: 76
Merit: 11
July 06, 2021, 05:32:42 PM
Is there a list with devices/cards and related jumps/sec?

What we need are asics

not to mine coins but for more jumps/sec



and

look at this, may be interesting: Calculating Satoshi's coins https://bitcointalksearch.org/topic/calculating-satoshis-coins-5347791

member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
July 06, 2021, 05:29:45 PM
Quote
I try sript with 30 and 34. Then 30 I got 109 pubkeys, then 32 - 137 pubkeys. And Yes - script hard to run, requirements are give me strange errors...
If you are using Python 3.x, all you have to change is:

pubkey = '03a2efa402fd5268400c77c20e574ba86409ededee7c4020e4b9f0edbee53de0d4'

to whatever pubkey you want

and at the bottom

shiftdown(pubkey, 32)

change the 32 to however many pubkeys you want.


yes, I do it. I try now find a privkey....

edit: I wright understand what 30,32 etc is a power of 2 ? so If we talk about 120 pubkey, then I use this scripts with "30" I will get pubkey diveded by 2^30 ? so result will be "pubkey of 2^90" ?
No, I don't think so. The number 32 represents 2^5, so to get down to 2^90, you would need to enter 1073741824 (2^30), NotATether can answer if this is wrong or not

NotATether, answer please ?

EDIT:

I'm realy not understand how many exact sustracted from pubkey this code:


# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor):
    Q = pub2point(pubkey)
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor+1):
       P = Q - (i * G)
        P = k * P

        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        print(prefix+hx, "04"+hx+hy)



so, if devisor = 5 this mean a just FIVE not any ^ and 2^5 etc.....
full member
Activity: 1162
Merit: 237
Shooters Shoot...
July 06, 2021, 05:06:23 PM
Quote
I try sript with 30 and 34. Then 30 I got 109 pubkeys, then 32 - 137 pubkeys. And Yes - script hard to run, requirements are give me strange errors...
If you are using Python 3.x, all you have to change is:

pubkey = '03a2efa402fd5268400c77c20e574ba86409ededee7c4020e4b9f0edbee53de0d4'

to whatever pubkey you want

and at the bottom

shiftdown(pubkey, 32)

change the 32 to however many pubkeys you want.


yes, I do it. I try now find a privkey....

edit: I wright understand what 30,32 etc is a power of 2 ? so If we talk about 120 pubkey, then I use this scripts with "30" I will get pubkey diveded by 2^30 ? so result will be "pubkey of 2^90" ?
No, I don't think so. The number 32 represents 2^5, so to get down to 2^90, you would need to enter 1073741824 (2^30), NotATether can answer if this is wrong or not
member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
July 06, 2021, 04:12:54 PM
Quote
I try sript with 30 and 34. Then 30 I got 109 pubkeys, then 32 - 137 pubkeys. And Yes - script hard to run, requirements are give me strange errors...
If you are using Python 3.x, all you have to change is:

pubkey = '03a2efa402fd5268400c77c20e574ba86409ededee7c4020e4b9f0edbee53de0d4'

to whatever pubkey you want

and at the bottom

shiftdown(pubkey, 32)

change the 32 to however many pubkeys you want.


yes, I do it. I try now find a privkey....

edit: I wright understand what 30,32 etc is a power of 2 ? so If we talk about 120 pubkey, then I use this scripts with "30" I will get pubkey diveded by 2^30 ? so result will be "pubkey of 2^90" ?
full member
Activity: 1162
Merit: 237
Shooters Shoot...
July 06, 2021, 03:55:23 PM
it was just an example (random k generated)

from 120 puzzle we substract the starting range 800000000000000000000000000000 and we obtain the following K 03D943C68C5F958B14524CDBEF68168D6C018E101F4F7074E0C31686384A82F52F

N/2 - above K = 026C25951D1BB97C7DE3020DF0F725487FC33CC1210A155755514B7BF384AACFAD

From this K which is basically N/2 - Puz120 K + START-RANGE we add random K in the interval (0x1 - 7FFFFFFFFFFFFFFFFFFFFFFFFFFFFF)
We compute 10kk points in the range (N/2 - 10kk, N/2), points which cover the following range if we exclude parity (N/2 - 10kk, N/2 + 10kk)
Maybe i will draw something tomorrow for better understanding.

PS: I'm not saying this method will be exponentially "better" but it will double the chances to find k
Why subtract the starting range when we are going to be adding back to it? Is there a specific reason for that?

I'd just add 120 pubkey straight to N/2 and then do incremental additions.

In your opinion is it better to start below N/2 and then pass through (above N/2) to kind of straddle N/2 on both sides?

I guess I don't understand the excluding parity/y you mentioned earlier and how each pub doubles chance to find K.

EDIT:  Ok, regardless of start range subtraction (I get it), how does this possibly speed things up? You would still have to search for key from N/2-whatever through N/2 +1, using kangaroo or BSGS or some other key finder, right? I'm interested, I just don't understand how it speeds it up (however small or big), not saying it doesn't, I'm just trying to understand it better. Thanks.
Pages:
Jump to: