Author

Topic: Public Key + Half Private Key... (Read 1275 times)

full member
Activity: 176
Merit: 100
April 14, 2013, 06:06:01 AM
#4
Have a search for cassicus's coin key generator can use seeds and pre generated pass phrases.
legendary
Activity: 2506
Merit: 1010
April 13, 2013, 02:41:37 AM
#3
I am just wondering if this is possible to do on the ECDSA generated key pairs for bitcoin. It would be a new interesting way to store paper wallets, that would require you to bruteforce the last half of your own key

From another thread:

You don't want to cut the key in half.  There are lots of complicated ways to share secrets (some even involving redundancy i.e 3 of 5 key fragments needed to rebuild key) but the simplest way is an XOR.

http://en.wikipedia.org/wiki/Secret_sharing

or:

pybtcsplit - m-of-n Private Key Splitting made easy in one simple python utility
 - https://bitcointalksearch.org/topic/pybtcsplit-m-of-n-private-key-splitting-made-easy-in-one-simple-python-utility-104086
newbie
Activity: 32
Merit: 0
April 13, 2013, 02:28:23 AM
#2
Well, from a brute force perspective, they have far less options to try now. Effectively you've reduced your key down to a much lower size.

That being said, effectively what you're asking is "What is 25 + 25" and you gave the answer 5. It doesn't really get you any closer than the actual answer 50, it's just wrong.

That being said, I'm not a math or cryptography major, and there might be some crazy hypermath (that is now officially a word) that you can do to reduce the set of possible private keys down to something managable, but it's at least not something obvious.

That being said, this is interesting (for RSA):

"Exposing an RSA Private Key Given a Small Fraction of its Bits"

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&ved=0CD0QFjAB&url=http%3A%2F%2Ftheory.stanford.edu%2F~gdurf%2Fpubs%2Fexposure.ps&ei=5AlpUa7_LOqligLGg4DoAw&usg=AFQjCNHVIFD6aik02UgaWsmbdiB0EpcgLw&sig2=6OCJzdX3GDcNaSbQ2DBXRg
hero member
Activity: 840
Merit: 500
April 13, 2013, 01:36:02 AM
#1
My question is, knowing this much information, is it possible to somehow calculate the remaining portion of the private key? Or is it just as impossible as stumbling on the same private key when I generate a new address?

Thanks!
Jump to: