Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 67. (Read 58537 times)

member
Activity: 406
Merit: 47
March 18, 2021, 09:29:04 PM

option -d
distinguished point (DP) method
That mean DP method is long size between 2 leg right
on image
https://raw.githubusercontent.com/JeanLucPons/Kangaroo/master/DOC/paths.jpg
I am understand correct?
if use high distinguished point how long kangaroo jump to collision hit
how can make it work with low resource, I try full range it use a lot of storage save work may be make it slow
now I think may be not save work for can possible help work too fast than

member
Activity: 406
Merit: 47
March 18, 2021, 09:20:28 PM

I testing kangaroo with full address and start kespace point from private key 1099511627776 (meddle) very fast to found in 1 minute or 2

now I try to split scan for fast, last time use full range is very log and not see any update

may be try split each 2099511627776

I try to made small simple utilities to remember my random save on text file
random start point and make each 2099511627776 and scan

I think kangaroo jump by next and next side not jump dynamic move to around all

int(2**120/2*40) = 26584559915698317458076141205606891520 (slot) time to scan (OMG.)

random count slot first and multiply to start point and remember number used

hope random found by fast

what possibility between use large range  800000000000000000000000000000...ffffffffffffffffffffffffffffff
and split range

if choose split what rage size that performance

2**120 = 1329227995784915872903807060280344576

1329227995784915872903807060280344576/10000 time = size 132922799578491593660272018980864  (2*107)
or
1329227995784915872903807060280344576/1000000000000000 = size 1329227995784915976192  (2**70)
full member
Activity: 706
Merit: 111
March 18, 2021, 02:05:07 PM

Code:
#120 ( 17s2b9ksz5y7abUm92cHwG8jEPCzK3dLnT )
800000000000000000000000000000
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630
 

puzzle # 120
very long time

yesterday from now 1 night 2 kangaroo write save work file to 1GB and 4GB
now I close for works
You must be using one helluva low -d setting to run up a 1 and 4GB file with one GPU.  Look at estimated RAM, do you have enough space to save it all and then to merge at your current -d setting?

Of course it will take a long if you're using a low -d setting.
full member
Activity: 1162
Merit: 237
Shooters Shoot...
March 17, 2021, 10:34:09 PM

Code:
#120 ( 17s2b9ksz5y7abUm92cHwG8jEPCzK3dLnT )
800000000000000000000000000000
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630
 

puzzle # 120
very long time

yesterday from now 1 night 2 kangaroo write save work file to 1GB and 4GB
now I close for works
You must be using one helluva low -d setting to run up a 1 and 4GB file with one GPU.  Look at estimated RAM, do you have enough space to save it all and then to merge at your current -d setting?
member
Activity: 406
Merit: 47
March 17, 2021, 10:10:46 PM

Code:
#120 ( 17s2b9ksz5y7abUm92cHwG8jEPCzK3dLnT )
800000000000000000000000000000
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630
 

puzzle # 120
very long time

yesterday from now 1 night 2 kangaroo write save work file to 1GB and 4GB
now I close for works
member
Activity: 406
Merit: 47
March 17, 2021, 10:06:48 PM
Quick someone give me sample start and end range with public keys, I think my 256-bit extension mod is done but I need to test it.

for testing right
40 bit far from private key very fast to found easy


40bit
23D4A09295BE678B21A5F1DCEAE1F634A69C1B41775F680EBF8164266471401B
23D4A09295BE678B21A5F1DCEAE1F634A69C1B41775F680EBF8166266471401B
03CA5606A1E820E7A2F6BB3AB090E8ADE7B04A7E0B5909A68DDA2744AE3B8ECBFA

40bit
B09C765FA3DC6AD138A8D0DA17CD94306FBC32ACB3D67BC093936761CCC48769
B09C765FA3DC6AD138A8D0DA17CD94306FBC32ACB3D67BC093936961CCC48769
0294FF933DA0498859959225ED6A50D709A4D9C678705D72E9202A4852C8084D85

40bit
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77D4C2A2ED0C99C1232
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77D4C2A30D0C99C1232
03E87E83F871DF1439B7873B4AE449D15306CAFC53E03A06FFFB534B3BF25B58D8


64bit
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77E4C2A2FD0C99C1232
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77C4C2A2FD0C99C1232
03E87E83F871DF1439B7873B4AE449D15306CAFC53E03A06FFFB534B3BF25B58D8

Those three 40-bit inputs found the private key successfully.

The 64-bit input took too much time I need to run it on my GPU rig to see if it's functioning.

Can you post a link here to the list of puzzle transactions for easy reference? I remember it was pasted in some other thread but it's easier for me to check it here on this one.

Specifically I want to test this with #125 and #160 to make sure my 256-bit handling is working. (My hashtable index tweak is working great!  Smiley)


Code:
Key# 0 [1S]Pub:  0x03E87E83F871DF1439B7873B4AE449D15306CAFC53E03A06FFFB534B3BF25B58D8
       Priv: 0x6B29781E725708AE4D94E13730A2718EE3383EA5D911E77D4C2A2FD0C99C1232

64 bit is found in 2 minite

sorry for use wrong number

for testing  (fast found)

private key is  =  48470744558466837119591892246032931505798916835461120051988009871155176149554
and I start before
64 bit mean 2**64 = 18446744073709551616

start = 48470744558466837119591892246032931505798916835461120051988009871155176149554-18446744073709551616
end = 48470744558466837119591892246032931505798916835461120051988009871155176149554+18446744073709551616

6B29781E725708AE4D94E13730A2718EE3383EA5D911E77E4C2A2FD0C99C1232
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77C4C2A2FD0C99C1232

just for fast testing  (found on two minute)

I found some time use time long 1 hour or not found

Can possible make kangaroo print out found private key in case use output file 
because when use output file is no show found key
some time test and kangaroo finish not tell anything but output found key is on file by command success
full member
Activity: 1162
Merit: 237
Shooters Shoot...
March 17, 2021, 12:39:42 PM
Quick someone give me sample start and end range with public keys, I think my 256-bit extension mod is done but I need to test it.

for testing right
40 bit far from private key very fast to found easy

03E87E83F871DF1439B7873B4AE449D15306CAFC53E03A06FFFB534B3BF25B58D8

Those three 40-bit inputs found the private key successfully.

The 64-bit input took too much time I need to run it on my GPU rig to see if it's functioning.

Can you post a link here to the list of puzzle transactions for easy reference? I remember it was pasted in some other thread but it's easier for me to check it here on this one.

Specifically I want to test this with #125 and #160 to make sure my 256-bit handling is working. (My hashtable index tweak is working great!  Smiley)

https://raw.githubusercontent.com/JeanLucPons/Kangaroo/master/puzzle32.txt

Code:
#120 ( 17s2b9ksz5y7abUm92cHwG8jEPCzK3dLnT )
800000000000000000000000000000
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630

#125 ( 1PXAyUB8ZoH3WD8n5zoAthYjN15yN5CVq5 )
10000000000000000000000000000000
1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
0233709EB11E0D4439A729F21C2C443DEDB727528229713F0065721BA8FA46F00E

#130 ( 1Fo65aKq8s8iquMt6weF1rku1moWVEd5Ua )
200000000000000000000000000000000
3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
03633CBE3EC02B9401C5EFFA144C5B4D22F87940259634858FC7E59B1C09937852

#135 ( 16RGFo6hjq9ym6Pj7N5H7L1NR1rVPJyw2v )
4000000000000000000000000000000000
7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
02145D2611C823A396EF6712CE0F712F09B9B4F3135E3E0AA3230FB9B6D08D1E16

#140 ( 1QKBaU6WAeycb3DbKbLBkX7vJiaS8r42Xo )
80000000000000000000000000000000000
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
031F6A332D3C5C4F2DE2378C012F429CD109BA07D69690C6C701B6BB87860D6640

#145 ( 19GpszRNUej5yYqxXoLnbZWKew3KdVLkXg )
1000000000000000000000000000000000000
1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
03AFDDA497369E219A2C1C369954A930E4D3740968E5E4352475BCFFCE3140DAE5

#150 ( 1MUJSJYtGPVGkBCTqGspnxyHahpt5Te8jy )
20000000000000000000000000000000000000
3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
03137807790EA7DC6E97901C2BC87411F45ED74A5629315C4E4B03A0A102250C49

#155 ( 1AoeP37TmHdFh8uN72fu9AqgtLrUwcv2wJ )
400000000000000000000000000000000000000
7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
035CD1854CAE45391CA4EC428CC7E6C7D9984424B954209A8EEA197B9E364C05F6

#160 ( 1NBC8uXJy1GiJ6drkiZa1WuKn51ps7EPTv )
8000000000000000000000000000000000000000
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
02E0A8B039282FAF6FE0FD769CFBC4B6B4CF8758BA68220EAC420E32B91DDFA673
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
March 17, 2021, 11:37:58 AM
Quick someone give me sample start and end range with public keys, I think my 256-bit extension mod is done but I need to test it.

for testing right
40 bit far from private key very fast to found easy


40bit
23D4A09295BE678B21A5F1DCEAE1F634A69C1B41775F680EBF8164266471401B
23D4A09295BE678B21A5F1DCEAE1F634A69C1B41775F680EBF8166266471401B
03CA5606A1E820E7A2F6BB3AB090E8ADE7B04A7E0B5909A68DDA2744AE3B8ECBFA

40bit
B09C765FA3DC6AD138A8D0DA17CD94306FBC32ACB3D67BC093936761CCC48769
B09C765FA3DC6AD138A8D0DA17CD94306FBC32ACB3D67BC093936961CCC48769
0294FF933DA0498859959225ED6A50D709A4D9C678705D72E9202A4852C8084D85

40bit
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77D4C2A2ED0C99C1232
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77D4C2A30D0C99C1232
03E87E83F871DF1439B7873B4AE449D15306CAFC53E03A06FFFB534B3BF25B58D8


64bit
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77E4C2A2FD0C99C1232
6B29781E725708AE4D94E13730A2718EE3383EA5D911E77C4C2A2FD0C99C1232
03E87E83F871DF1439B7873B4AE449D15306CAFC53E03A06FFFB534B3BF25B58D8

Those three 40-bit inputs found the private key successfully.

The 64-bit input took too much time I need to run it on my GPU rig to see if it's functioning.

Can you post a link here to the list of puzzle transactions for easy reference? I remember it was pasted in some other thread but it's easier for me to check it here on this one.

Specifically I want to test this with #125 and #160 to make sure my 256-bit handling is working. (My hashtable index tweak is working great!  Smiley)
member
Activity: 406
Merit: 47
March 17, 2021, 11:08:47 AM
I don't know in deep kangaroo calculate detail

Can possible to modify kangaroo to check other pubkey on same time

just idea may be bad idea

example idea

this puzzle no pubkey

puzzle #64  16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN  

range 8000000000000000...ffffffffffffffff    

I generate new key at half rank ==>  13835058055282163712 ==> 1WVexgJWbaLrofcfiqmXV7cnFPe4d48HM

private key =  13835058055282163712
private key =  c000000000000000

address = 1WVexgJWbaLrofcfiqmXV7cnFPe4d48HM

public point = Point(x=76895494048501386530536845738594915998342512697431860874178479107741250519061, y=28002895446557343371230027632087293194112828313723400109596985663614324113519)

publick key = 03aa014eaad936de6f681fac61a05b6aa64673f853eedc99cc39a37e63ec288015
uncompressed = 04aa014eaad936de6f681fac61a05b6aa64673f853eedc99cc39a37e63ec2880153de913c04636b e9ac3f2a7e43f7b0f63ef4b9b0743cecad9df814e6646c1006f

1. check address function
use pubkey search by kangaroo method and same time convert index point to address and check to 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN

note: add more function more calculate may be make kangaroo slow than normal work 50%

How kangaroo control random private key to move scope to close up private key target?
just random all and check is on range in formula need or kangaroo have formula use for multiply for calculate cover on range want to random
member
Activity: 406
Merit: 47
March 17, 2021, 10:16:25 AM

I had all of that outlined in BSGS...I've already ran over 20k ranges. But to answer your question, whatever you are willing to wait on. If you need your computer to do other tasks every hour or two or three, then pick a range that your CPU/GPU can run under that time frame or else you will have to stop the process when and restart it if you need your PC before the range is checked.

I would like to use time 1 hour each round, when not use laptop work or max 5 hour open all night 
I not have laptop or PC for running all days 24 x 7 just use on free time of works
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
March 17, 2021, 05:54:12 AM
address/public key ==> brainless ==>  private key

Is there actually a cracking tool with that name (by yourself?) or am I missing the pun?  Huh
member
Activity: 406
Merit: 47
March 17, 2021, 04:43:24 AM

address/public key ==> brainless ==>  private key

Don't say like that

it is no right no wrong

this is challenge not any brainless

Reverse I think is great to make people think hard and fine the way smarter

many smart people still do same  but they not say loud until success
PhD, Hacker, Research, Bug Bounty Program, Security, AI. research, Quantum, and more , fake satohi

still can possible because can calculate how long time need to solve success million years, world still nonstop running may be future bitcoin may be a toy for kiddy garden for calculate in future you next life million year

human do a lot crazy thing every days

while pandemic is not brainless
member
Activity: 330
Merit: 34
March 17, 2021, 04:05:35 AM

Can possible brute force public key hash to public key?
Its is double hashed (sha256 and ripemd160), so that is impossible in practice, even if an algorithm for finding collisions in one of the hashes will be invented.

Thank

I think for address not show public key (full) use bitcrack brute force directly may be easy than

address => bitcrack ==> private key

public key ==> Pollard-kangaroo ==>  private key

public key hash ==> public key ==> Pollard-kangaroo ==>  private key

problem bitcrack don't know scope of keyspace
if can possible get public key hash to public key may be can use kangaroo other option fine more use bitcrack

random public key => ripemd160 => public key


address => bitcrack ==> private key

public key ==> Pollard-kangaroo ==>  private key

public key hash ==> public key ==> Pollard-kangaroo ==>  private key

address/public key ==> brainless ==>  private key
full member
Activity: 1162
Merit: 237
Shooters Shoot...
March 17, 2021, 03:14:21 AM
my scan yesterday

SaveWork: save.work..............................done [300.4 MB] [05s] Wed Mar 17 09:03:32 2021
[0.14 MK/s][GPU 0.13 MK/s][Count 2^29.30][Dead 8862934][26:01 (Avg 00s)][270.7/346.2MB]

What mean Dead 8862934 ?
Without seeing your start command I would guess you were searching a very small small range with a very low dp where a key did not exist.
The signals are the very low GOU speed, the low count, and the high dead kangaroos.  The dead kangaroos mean that either tames were colliding with tames, wilds colliding with wilds, or probably both.

Thank you

I try to split large keyspace to small size and scan and random keyspace 

may be key space too small 100,000,000,000

now I use 2**56 = 72057594037927936

What recommend minimum for 2**120 =1329227995784915872903807060280344576 ?

2**32 = 4294967296
2**36 = 68719476736
2**40 = 1099511627776
2**50 = 1125899906842624
2**56 = 72057594037927936
2**64 = 18446744073709551616
2**72 = 4722366482869645213696
2**80 = 1208925819614629174706176
2**120 =1329227995784915872903807060280344576

2**120 and 2**160 is too high
I had all of that outlined in BSGS...I've already ran over 20k ranges. But to answer your question, whatever you are willing to wait on. If you need your computer to do other tasks every hour or two or three, then pick a range that your CPU/GPU can run under that time frame or else you will have to stop the process when and restart it if you need your PC before the range is checked.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
March 17, 2021, 02:28:51 AM
public key hash ==> public key ==> Pollard-kangaroo ==>  private key

You can't derive the public key from a public key hash.

Without public key the only possible use of birthday paradox, which is used in kangaroo method, it is to generate random points in range, then calculate distances between them. According to the birthday paradox, you will require sqrt(range) points to solve the key. But, since calculating the distances between random points requires the same amount of computation as brute force, this makes such an algorithm inapplicable in this case.

I get you now, but it looks like the birthday paradox calculations are the only method we have remaining. In a way, this is what Bitcrack does: generating a bunch of points in a range, except it generates them linearly and in order, not sampling random points which would be the ideal case.

For an extremely small range, one could implement such a function that makes up to sqrt(n) points, but for arbitrary addresses that haven't been spent from we have a 2^255 range to look at.
member
Activity: 110
Merit: 61
March 17, 2021, 02:12:12 AM
It is theoretically possible that during a tame and wild kangaroo collision test that the public key is hashed with SHA256d followed by RIPEMD160 to check these kind of hashes while still using the kangaroo method, however these would most certainly have to be GPU accelerated (will slow down the MKeys/s rate too much on CPU).
You cannot run wild kangaroos without public key, because you don't know starting point for them.

If you know some address (or RIPEMD hash), you cannot calculate "next" or "previous" addresses. Every EC calculations requires point coordinates, which can be obtained from public or private keys only.

Without public key the only possible use of birthday paradox, which is used in kangaroo method, it is to generate random points in range, then calculate distances between them. According to the birthday paradox, you will require sqrt(range) points to solve the key. But, since calculating the distances between random points requires the same amount of computation as brute force, this makes such an algorithm inapplicable in this case.
member
Activity: 406
Merit: 47
March 17, 2021, 01:57:35 AM

Can possible brute force public key hash to public key?
Its is double hashed (sha256 and ripemd160), so that is impossible in practice, even if an algorithm for finding collisions in one of the hashes will be invented.

Thank

I think for address not show public key (full) use bitcrack brute force directly may be easy than

address => bitcrack ==> private key

public key ==> Pollard-kangaroo ==>  private key

public key hash ==> public key ==> Pollard-kangaroo ==>  private key

problem bitcrack don't know scope of keyspace
if can possible get public key hash to public key may be can use kangaroo other option fine more use bitcrack

random public key => ripemd160 => public key
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
March 17, 2021, 01:46:58 AM
This is an incoming transaction, it contains a RIPEMD160 of the public key, which can be calculated from the address even without transactions.
Only outgoing transactions reveal the public key.

Can possible brute force public key hash to public key?
Its is double hashed (sha256 and ripemd160), so that is impossible in practice, even if an algorithm for finding collisions in one of the hashes will be invented.

My bad, you are right. I mistakenly gave you the HASH160 of the public key instead of the key itself.

It is theoretically possible that during a tame and wild kangaroo collision test that the public key is hashed with SHA256d followed by RIPEMD160 to check these kind of hashes while still using the kangaroo method, however these would most certainly have to be GPU accelerated (will slow down the MKeys/s rate too much on CPU).
member
Activity: 110
Merit: 61
March 17, 2021, 01:13:33 AM
I have a coin in my address. No coins were sent to anyone from this address. My public key was not published by the blockchain because it was not sent.

My public address was not published by the blockchain because no coins were sent to another address.

For example ; https://www.blockchain.com/btc/address/1GmKKaFEP4omAA9uKh1zoRCAb7caJB863k

I am sorry for my English.
Your particular address has one transaction https://www.blockchain.com/btc/tx/6abc9aca979647341389ca9ef69314fc1c01985d9c49574a2dfb83e867292798 where it is listed as an output. Blockchain.com shows the script used for each output and that script has the public key.

In this case:

Code:
Index
1
Details
Unspent
Address
1GmKKaFEP4omAA9uKh1zoRCAb7caJB863k
Value
0.40001014 BTC
Pkscript
OP_DUP
OP_HASH160
aceb7b66651b4ba5d371223582efdc39968402c5
OP_EQUALVERIFY
OP_CHECKSIG

In this case your public key is aceb7b66651b4ba5d371223582efdc39968402c5.

This is an incoming transaction, it contains a RIPEMD160 of the public key, which can be calculated from the address even without transactions.
Only outgoing transactions reveal the public key.

Can possible brute force public key hash to public key?
Its is double hashed (sha256 and ripemd160), so that is impossible in practice, even if an algorithm for finding collisions in one of the hashes will be invented.
member
Activity: 406
Merit: 47
March 17, 2021, 12:45:33 AM

In this case:

Code:
Index
1
Details
Unspent
Address
1GmKKaFEP4omAA9uKh1zoRCAb7caJB863k
Value
0.40001014 BTC
Pkscript
OP_DUP
OP_HASH160
aceb7b66651b4ba5d371223582efdc39968402c5
OP_EQUALVERIFY
OP_CHECKSIG

In this case your public key is aceb7b66651b4ba5d371223582efdc39968402c5.

Can possible brute force public key hash to public key?
Pages:
Jump to: