Reused R nonce faulty signature attack

ecdsa123

jr. member

Activity: 51

Merit: 107

it is not finished.

try your self. secp256k1 if you add abstract thinking you will see "there are another properties" that you can use.

You should observe the values as output and think what is going on and test it.

a lot of us had make thousend test to verify thousends posiibilities.

some times you must "go away" and create you own pattern , sometimes expand "calculation" for new coeffs.

I still observe and have a good result.

no one on this forum will really share with his knowledge. TRY Harder and be positive.

krashfire

member

Activity: 127

Merit: 14

Life aint interesting without any cuts and bruises

krashfire

member

Activity: 127

Merit: 14

Life aint interesting without any cuts and bruises

tested your code and i got this.

Result:

Code:

p1 100
nonce 10000000000000
r= 19798243710202620783647348588688142274345619222073723069576367489398066900728
s= 7837672513603410517653253649273805728025541711339898317896567334641463278646
z= 2
pb1x= 109120205882927277009434669582688362397799349121735458752155112592771976017088
pb1y= 32322658842039914617628020629256227622403961094791032847179212839690483778814
pb1= E.point((pb1x,pb1y)
u1 55821011880533648598631336316804329215482392652286954775283789851203801422955
u2 16810603266792092827549334388135142885770810715338366109637936572815686209921

private 525 K : 81188944910351530870637029427473347429503132995236429257208091824058788061868
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

private 526 K : 97999548177143623698186363815608490315273943710574795366846028396874474271789
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

private 527 K : 114810151443935716525735698203743633201044754425913161476483964969690160481710
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

private 528 K : 15828665473411613929714047583190868233978000862176623203516738400987685197294
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

private 529 K : 32639268740203706757263381971326011119748811577514989313154674973803371407215
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

private 530 K : 49449872006995799584812716359461154005519622292853355422792611546619057617136
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

private 531 K : 66260475273787892412362050747596296891290433008191721532430548119434743827057
diff 9898148597052410259602165062055276496706675356373653827296722656870247528441653357655370346914279771901156659442040383218465019776
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

private 699 K : 111431682399270797274946587745790513232685090487239522769079976956034151229697
diff 98981485970524102596021650620552764967066753563736538272967226568702475284416

This is the K Value and not the private key right? when you say compare, what do i compare it with?

ecdsa123

jr. member

Activity: 51

Merit: 107

so: compare:

according my calculation for example: szukane : 18088562470013528171101452903994950466036019212332943677622367975547738718901

we have in private 107

Code:

founded 105 104 95629036933806945424 1 5
szukane 18088562470013528171101452903994950466036019212332943677622367975547738718901
szukane_n 97703526767302667252469532104692957386801545066741960704982795165970422775436
private 106 K 114754844320568334509719232496585307130463071564063869765909312378913628754204
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 56340177243536306341007863736190052842857043067020900266258805431852281636969
szukane_n 59451911993779889082563121272497855009980521212054004116346357709665879857368
private 107 K 18088562470013528171101452903994950466036019212332943677622367965547738718901

ecdsa123

jr. member

Activity: 51

Merit: 107

and here output with my calculation for finding privatekey
when we use "wrong outputs".

Code:

ppp 100
p1 100
nonce 10000000000000
r= 115045167963494515061513744671884131783397561769819471159495798754884242293003
s= 63219244353825002060721550925150673377693765484618230755991360113610911083035
z= 2
pb1x= 107303582290733097924842193972465022053148211775194373671539518313500194639752
pb1y= 103795966108782717446806684023742168462365449272639790795591544606836007446638
pb1= E.point((pb1x,pb1y)
u1 55884778358236413705386203537939314657187400009875545072465900600581599500329
u2 19125807386761389084953205416097551188410511927343978294318218728152271459034

private 88 K 2074489833495721827703505024205201444748985430022069233391701555209065480266
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 62563646744023471824118378808805657177103999357087107966433910067479478077767
szukane_n 53228442493292723599452606199882250675733564921987796416171253074038683416570
private 89 K 21200297220257110912656710440302752633159497357366047527709920283361336939300
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 100815261517546249994024789641000759553925023211775064555070347523784020995835
szukane_n 14976827719769945429546195367687148298912541067299839827534815617734140498502
private 90 K 40326104607018499997609915856400303821570009284710025822028139011513608398334
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 23274787053752832740360215464507954077908482787388116761101621838570402419566
szukane_n 92517302183563362683210769544179953774929081491686787621503541302947759074771
private 91 K 59451911993779889082563121272497855009980521212054004116346357739665879857368
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 61526401827275610910266626296703056454729506642076073349738059294874945337634
szukane_n 54265687410040584513304358711984851398108057636998831032867103846643216156703
private 92 K 78577719380541278167516326688595406198391033139397982410664576467818151316402
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 99778016600798389080173037128898158831550530496764029938374496751179488255702
szukane_n 16014072636517806343397947879789749021287033782310874444230666390338673238635
private 93 K 97703526767302667252469532104692957386801545066741960704982795195970422775436
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 22237542137004971826508462952405353355533990072377082144405771065965869679433
szukane_n 93554547100311223597062522056282554497303574206697822238199392075552291814904
private 94 K 1037244916747860913851752512102600722374492715011034616695850782604532740133
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 60489156910527749996414873784600455732355013927065038733042208522270412597501
szukane_n 55302932326788445427156111224087452120482550352009865649562954619247748896836
private 95 K 20163052303509249998804957928200151910785004642355012911014069510756804199167
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 98740771684050528166321284616795558109176037781752995321678645978574955515569
szukane_n 17051317553265667257249700391892349743661526497321909060926517162943205978768
private 96 K 39288859690270639083758163344297703099195516569698991205332288238909075658201
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 21200297220257110912656710440302752633159497357366047527709920293361336939300
szukane_n 94591792017059084510914274568385155219678066921708856854895242848156824555037
private 97 K 58414667077032028168711368760395254287606028497042969499650506967061347117235
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 59451911993779889082563121272497855009980521212054004116346357749665879857368
szukane_n 56340177243536306341007863736190052842857043067020900266258805391852281636969
private 98 K 77540474463793417253664574176492805476016540424386947793968725695213618576269
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 97703526767302667252469532104692957386801545066741960704982795205970422775436
szukane_n 18088562470013528171101452903994950466036019212332943677622367935547738718901
private 99 K 96666281850554806338617779592590356664427052351730926088286944423365890035303
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 20163052303509249998804957928200151910785004642355012911014069520756804199167
szukane_n 95629036933806945424766027080487755942052559636719891471591093620761357295170
private 100 K 10000000000000
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 58414667077032028168711368760395254287606028497042969499650506977061347117235
szukane_n 57377422160284167254859616248292653565231535782031934882954656164456814377102
private 101 K 19125807386761389084953205416097551188410511927343978294318218738152271459034
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 96666281850554806338617779592590356664427052351730926088286944433365890035303
szukane_n 19125807386761389084953205416097551188410511927343978294318218708152271459034
private 102 K 38251614773522778169906410832195102376821023854687956588636437466304542918068
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 19125807386761389084953205416097551188410511927343978294318218748152271459034
szukane_n 96666281850554806338617779592590356664427052351730926088286944393365890035303
private 103 K 57377422160284167254859616248292653565231535782031934882954656194456814377102
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 57377422160284167254859616248292653565231535782031934882954656204456814377102
szukane_n 58414667077032028168711368760395254287606028497042969499650506937061347117235
private 104 K 76503229547045556339812821664390204753642047709375913177272874922609085836136
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 95629036933806945424766027080487755942052559636719891471591093660761357295170
szukane_n 20163052303509249998804957928200151910785004642355012911014069480756804199167
private 105 K 95629036933806945424766027080487755942052559636719891471591093650761357295170
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 95629036933806945424766027080487755942052559636719891471591093650761357295170
founded 105 104 95629036933806945424 1 5
szukane 18088562470013528171101452903994950466036019212332943677622367975547738718901
szukane_n 97703526767302667252469532104692957386801545066741960704982795165970422775436
private 106 K 114754844320568334509719232496585307130463071564063869765909312378913628754204
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 56340177243536306341007863736190052842857043067020900266258805431852281636969
szukane_n 59451911993779889082563121272497855009980521212054004116346357709665879857368
private 107 K 18088562470013528171101452903994950466036019212332943677622367965547738718901
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 18088562470013528171101452903994950466036019212332943677622367965547738718901
founded 107 105 18088562470013528171 2 7
szukane 94591792017059084510914274568385155219678066921708856854895242888156824555037
szukane_n 21200297220257110912656710440302752633159497357366047527709920253361336939300
private 108 K 37214369856774917256054658320092501654446531139676921971940586693700010177935
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 17051317553265667257249700391892349743661526497321909060926517202943205978768
szukane_n 98740771684050528166321284616795558109176037781752995321678645938574955515569
private 109 K 56340177243536306341007863736190052842857043067020900266258805421852281636969
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 56340177243536306341007863736190052842857043067020900266258805421852281636969
founded 109 106 56340177243536306341 3 9
szukane 55302932326788445427156111224087452120482550352009865649562954659247748896836
szukane_n 60489156910527749996414873784600455732355013927065038733042208482270412597501
private 110 K 75465984630297695425961069152287604031267554994364878560577024150004553096003
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 93554547100311223597062522056282554497303574206697822238199392115552291814904
szukane_n 22237542137004971826508462952405353355533990072377082144405771025965869679433
private 111 K 94591792017059084510914274568385155219678066921708856854895242878156824555037
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 94591792017059084510914274568385155219678066921708856854895242878156824555037
founded 111 107 94591792017059084510 4 11
szukane 16014072636517806343397947879789749021287033782310874444230666430338673238635
szukane_n 99778016600798389080173037128898158831550530496764029938374496711179488255702
private 112 K 113717599403820473595867479984482706408088578849052835149213461606309096014071
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 54265687410040584513304358711984851398108057636998831032867103886643216156703
szukane_n 61526401827275610910266626296703056454729506642076073349738059254874945337634
private 113 K 17051317553265667257249700391892349743661526497321909060926517192943205978768
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 17051317553265667257249700391892349743661526497321909060926517192943205978768
founded 113 108 17051317553265667257 5 13
szukane 92517302183563362683210769544179953774929081491686787621503541342947759074771
szukane_n 23274787053752832740360215464507954077908482787388116761101621798570402419566
private 114 K 36177124940027056342202905807989900932072038424665887355244735921095477437802
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 14976827719769945429546195367687148298912541067299839827534815657734140498502
szukane_n 100815261517546249994024789641000759553925023211775064555070347483784020995835
private 115 K 55302932326788445427156111224087452120482550352009865649562954649247748896836
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 55302932326788445427156111224087452120482550352009865649562954649247748896836
founded 115 109 55302932326788445427 6 15
szukane 53228442493292723599452606199882250675733564921987796416171253114038683416570
szukane_n 62563646744023471824118378808805657177103999357087107966433910027479478077767
private 116 K 74428739713549834512109316640185003308893062279353843943881173377400020355870
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 91480057266815501769359017032077353052554588776675753004807690570343226334638
szukane_n 24312031970500693654211967976610554800282975502399151377797472571174935159699
private 117 K 93554547100311223597062522056282554497303574206697822238199392105552291814904
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 93554547100311223597062522056282554497303574206697822238199392105552291814904
founded 117 110 93554547100311223597 7 17
szukane 13939582803022084515694442855584547576538048352288805210838964885129607758369
szukane_n 101852506434294110907876542153103360276299515926786099171766198256388553735968
private 118 K 112680354487072612682015727472380105685714086134041800532517610833704563273938
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 52191197576544862685600853687779649953359072206976761799475402341434150676437
szukane_n 63600891660771332737970131320908257899478492072098142583129760800084010817900
private 119 K 16014072636517806343397947879789749021287033782310874444230666420338673238635
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 16014072636517806343397947879789749021287033782310874444230666420338673238635
founded 119 111 16014072636517806343 8 19
szukane 90442812350067640855507264519974752330180096061664718388111839797738693594505
szukane_n 25349276887248554568063720488713155522657468217410185994493323343779467899832
private 120 K 35139880023279195428351153295887300209697545709654852738548885148490944697669
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 12902337886274223601842690343481946854163555637277770594143114112525075018236
szukane_n 102889751351041971821728294665205960998674008641797133788462049028993086476101
private 121 K 54265687410040584513304358711984851398108057636998831032867103876643216156703
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 54265687410040584513304358711984851398108057636998831032867103876643216156703
founded 121 112 54265687410040584513 9 21
szukane 51153952659797001771749101175677049230984579491965727182779551568829617936304
szukane_n 64638136577519193651821883833010858621852984787109177199825611572688543558033
private 122 K 73391494796801973598257564128082402586518569564342809327185322604795487615737
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 89405567433319779941655512007872151607805603346653683771415989025134160854372
szukane_n 26386521803996415481915473000815756245031960932421220611189174116384000639965
private 123 K 92517302183563362683210769544179953774929081491686787621503541332947759074771
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 92517302183563362683210769544179953774929081491686787621503541332947759074771
founded 123 113 92517302183563362683 10 23
szukane 11865092969526362687990937831379346131789062922266735977447263339920542278103
szukane_n 103926996267789832735580047177308561721048501356808168405157899801597619216234
private 124 K 111643109570324751768163974960277504963339593419030765915821760061100030533805
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 50116707743049140857897348663574448508610086776954692566083700796225085196171
szukane_n 65675381494267054565673636345113459344227477502120211816521462345293076298166
private 125 K 14976827719769945429546195367687148298912541067299839827534815647734140498502
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 14976827719769945429546195367687148298912541067299839827534815647734140498502
founded 125 114 14976827719769945429 11 25
szukane 88368322516571919027803759495769550885431110631642649154720138252529628114239
szukane_n 27423766720744276395767225512918356967406453647432255227885024888988533380098
private 126 K 34102635106531334514499400783784699487323052994643818121853034375886411957536
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 10827848052778501774139185319276745409414570207255701360751412567316009537970
szukane_n 104964241184537693649431799689411162443422994071819203021853750574202151956367
private 127 K 53228442493292723599452606199882250675733564921987796416171253104038683416570
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 53228442493292723599452606199882250675733564921987796416171253104038683416570
founded 127 115 53228442493292723599 12 27
szukane 49079462826301279944045596151471847786235594061943657949387850023620552456038
szukane_n 66712626411014915479525388857216060066601970217131246433217313117897609038299
private 128 K 72354249880054112684405811615979801864144076849331774710489471832190954875604
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 87331077599824058113952006983666950163056617916631614538024287479925095374106
szukane_n 28461011637492137309618978025020957689780946362443289844580875661593066120231
private 129 K 91480057266815501769359017032077353052554588776675753004807690560343226334638
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 91480057266815501769359017032077353052554588776675753004807690560343226334638
founded 129 116 91480057266815501769 13 29
szukane 9790603136030640860287432807174144687040077492244666744055561794711476797837
szukane_n 106001486101285554563283552201513763165797486786830237638549601346806684696500
private 130 K 110605864653576890854312222448174904240965100704019731299125909288495497793672
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 48042217909553419030193843639369247063861101346932623332691999251016019715905
szukane_n 67749871327762776393377141369318660788976462932142281049913163890502141778432
private 131 K 13939582803022084515694442855584547576538048352288805210838964875129607758369
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 13939582803022084515694442855584547576538048352288805210838964875129607758369
founded 131 117 13939582803022084515 14 31
szukane 86293832683076197200100254471564349440682125201620579921328436707320562633973
szukane_n 29498256554239998223470730537123558412155439077454324461276726434197598860364
private 132 K 33065390189783473600647648271682098764948560279632783505157183603281879217403
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 8753358219282779946435680295071543964665584777233632127359711022106944057704
szukane_n 107038731018033415477135304713616363888171979501841272255245452119411217436633
private 133 K 52191197576544862685600853687779649953359072206976761799475402331434150676437
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 52191197576544862685600853687779649953359072206976761799475402331434150676437
founded 133 118 52191197576544862685 15 33
szukane 47004972992805558116342091127266646341486608631921588715996148478411486975772
szukane_n 68787116244510637307228893881421261511350955647153315666609014663106674518565
private 134 K 71317004963306251770554059103877201141769584134320740093793621059586422135471
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
szukane 85256587766328336286248501959461748718307632486609545304632585934716029893840
szukane_n 30535501470987859137322483049226159134529931792465359077972577206802131600497
private 135 K 90442812350067640855507264519974752330180096061664718388111839787738693594505
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303
k 90442812350067640855507264519974752330180096061664718388111839787738693594505
founded 135 119 90442812350067640855 16 35

ecdsa123

jr. member

Activity: 51

Merit: 107

yes,it is sage.

it is just part of my app for finding range of privatekey.

Code:

import hashlib

p = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f

n = 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141

E = EllipticCurve(GF(p), [0, 7])

G = E.point( (0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)) # Base point
x= 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
def egcd(a, b):

if a == 0:

return (b, 0, 1)

else:

g, y, x = egcd(b % a, a)

return (g, x - (b // a) * y, y)
def modinv(a, m):

g, x, y = egcd(a, m)

if g != 1:

raise Exception('modular inverse does not exist')

else:

return x % m

def verify(r, s,z,public_key):
w = int(modinv(s, n))
u1 = int((z * w) % n)
u2 = int((r * w) % n)
D=u1*G + u2*public_key
x,y=D.xy()
x=int(x)

if (r % n) == (x % n):
print( "signature matches")
return 1
else:
print("invalid signature",r,x%n,hex(int(x%n)))
return -1
def sign(privkey,nonce,message):
z=message
nonceG=nonce*G
rx,rye=nonceG.xy()
rx=int(rx)
s=(z+int(rx)*privkey)*modinv(nonce,n)%n
return int(rx), int(s), int(z)
def calc_u(r,s,z):
mod_s= modinv(s,n)%n
u1=mod_s*z%n
u2=mod_s*r%n
return u1,u2

import random

p1=100#random.randrange(1,119)
pb1=p1*G
msg=2#random.randrange(1,n)
no=10000000000000#random.randrange(1,n)

print("p1",p1)

print("nonce",no)

r,s,z=sign(p1,no,msg)
assert z==msg
print("r=",r)
print("s=",s)
print("z=",z)
x,y=pb1.xy()
print("pb1x=",x)
print("pb1y=",y)
print("pb1= E.point((pb1x,pb1y)")

u1,u2=calc_u(r,s,z)
print("u1",u1)
print("u2",u2)
kat={}

def make_rsz(a,b,pub):
R=a*G + b*pub
r=int(R.xy()[0])

mod_s=int( b*modinv(r,n)%n)
z=int( a*modinv(mod_s,n)%n)
s=int( modinv(mod_s,n)%n)

return r,s,z

a,b=calc_u(r,s,z)
kat={}
diff=0
for i in range(1,2):

res=0
for i in range(1 ,700):
pub=i*G
r2,s2,z2=make_rsz(a,b,pub)
k=(r2*i+z2)*modinv(s2,n)%n
print("private",i,"K :",k)
d=(s2*k-z2)*modinv(r2,n)%n
assert d==i
if diff==0:
diff=k
else:
print("diff",(diff-k)%n)
print()
diff=k

output :

Code:

p1 100
nonce 10000000000000
r= 115045167963494515061513744671884131783397561769819471159495798754884242293003
s= 63219244353825002060721550925150673377693765484618230755991360113610911083035
z= 2
pb1x= 107303582290733097924842193972465022053148211775194373671539518313500194639752
pb1y= 103795966108782717446806684023742168462365449272639790795591544606836007446638
pb1= E.point((pb1x,pb1y)
u1 55884778358236413705386203537939314657187400009875545072465900600581599500329
u2 19125807386761389084953205416097551188410511927343978294318218728152271459034
private 1 K : 75010585744997802790339408954036865845597911937219523366784119328733870959363
private 2 K : 94136393131759191875292614370134417034008423864563501661102338056886142418397
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 3 K : 113262200518520580960245819786231968222418935791907479955420556785038413877431
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 4 K : 16595918667965774621628040193641611557991883440176553867133612371672523842128
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 5 K : 35721726054727163706581245609739162746402395367520532161451831099824795301162
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 6 K : 54847533441488552791534451025836713934812907294864510455770049827977066760196
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 7 K : 73973340828249941876487656441934265123223419222208488750088268556129338219230
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 8 K : 93099148215011330961440861858031816311633931149552467044406487284281609678264
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 9 K : 112224955601772720046394067274129367500044443076896445338724706012433881137298
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 10 K : 15558673751217913707776287681539010835617390725165519250437761599067991101995
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 11 K : 34684481137979302792729493097636562024027902652509497544755980327220262561029
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 12 K : 53810288524740691877682698513734113212438414579853475839074199055372534020063
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 13 K : 72936095911502080962635903929831664400848926507197454133392417783524805479097
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 14 K : 92061903298263470047589109345929215589259438434541432427710636511677076938131
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 15 K : 111187710685024859132542314762026766777669950361885410722028855239829348397165
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 16 K : 14521428834470052793924535169436410113242898010154484633741910826463458361862
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 17 K : 33647236221231441878877740585533961301653409937498462928060129554615729820896
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 18 K : 52773043607992830963830946001631512490063921864842441222378348282768001279930
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 19 K : 71898850994754220048784151417729063678474433792186419516696567010920272738964
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 20 K : 91024658381515609133737356833826614866884945719530397811014785739072544197998
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 21 K : 110150465768276998218690562249924166055295457646874376105333004467224815657032
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 22 K : 13484183917722191880072782657333809390868405295143450017046060053858925621729
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 23 K : 32609991304483580965025988073431360579278917222487428311364278782011197080763
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 24 K : 51735798691244970049979193489528911767689429149831406605682497510163468539797
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 25 K : 70861606078006359134932398905626462956099941077175384900000716238315739998831
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 26 K : 89987413464767748219885604321724014144510453004519363194318934966468011457865
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 27 K : 109113220851529137304838809737821565332920964931863341488637153694620282916899
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 28 K : 12446939000974330966221030145231208668493912580132415400350209281254392881596
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 29 K : 31572746387735720051174235561328759856904424507476393694668428009406664340630
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 30 K : 50698553774497109136127440977426311045314936434820371988986646737558935799664
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 31 K : 69824361161258498221080646393523862233725448362164350283304865465711207258698
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 32 K : 88950168548019887306033851809621413422135960289508328577623084193863478717732
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 33 K : 108075975934781276390987057225718964610546472216852306871941302922015750176766
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 34 K : 11409694084226470052369277633128607946119419865121380783654358508649860141463
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 35 K : 30535501470987859137322483049226159134529931792465359077972577236802131600497
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 36 K : 49661308857749248222275688465323710322940443719809337372290795964954403059531
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 37 K : 68787116244510637307228893881421261511350955647153315666609014693106674518565
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 38 K : 87912923631272026392182099297518812699761467574497293960927233421258945977599
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 39 K : 107038731018033415477135304713616363888171979501841272255245452149411217436633
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 40 K : 10372449167478609138517525121026007223744927150110346166958507736045327401330
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 41 K : 29498256554239998223470730537123558412155439077454324461276726464197598860364
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 42 K : 48624063941001387308423935953221109600565951004798302755594945192349870319398
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 43 K : 67749871327762776393377141369318660788976462932142281049913163920502141778432
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 44 K : 86875678714524165478330346785416211977386974859486259344231382648654413237466
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 45 K : 106001486101285554563283552201513763165797486786830237638549601376806684696500
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 46 K : 9335204250730748224665772608923406501370434435099311550262656963440794661197
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 47 K : 28461011637492137309618978025020957689780946362443289844580875691593066120231
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 48 K : 47586819024253526394572183441118508878191458289787268138899094419745337579265
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 49 K : 66712626411014915479525388857216060066601970217131246433217313147897609038299
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 50 K : 85838433797776304564478594273313611255012482144475224727535531876049880497333
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 51 K : 104964241184537693649431799689411162443422994071819203021853750604202151956367
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 52 K : 8297959333982887310814020096820805778995941720088276933566806190836261921064
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 53 K : 27423766720744276395767225512918356967406453647432255227885024918988533380098
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 54 K : 46549574107505665480720430929015908155816965574776233522203243647140804839132
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 55 K : 65675381494267054565673636345113459344227477502120211816521462375293076298166
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 56 K : 84801188881028443650626841761211010532637989429464190110839681103445347757200
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 57 K : 103926996267789832735580047177308561721048501356808168405157899831597619216234
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 58 K : 7260714417235026396962267584718205056621449005077242316870955418231729180931
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 59 K : 26386521803996415481915473000815756245031960932421220611189174146384000639965
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 60 K : 45512329190757804566868678416913307433442472859765198905507392874536272098999
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 61 K : 64638136577519193651821883833010858621852984787109177199825611602688543558033
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 62 K : 83763943964280582736775089249108409810263496714453155494143830330840815017067
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 63 K : 102889751351041971821728294665205960998674008641797133788462049058993086476101
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 64 K : 6223469500487165483110515072615604334246956290066207700175104645627196440798
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 65 K : 25349276887248554568063720488713155522657468217410185994493323373779467899832
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 66 K : 44475084274009943653016925904810706711067980144754164288811542101931739358866
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 67 K : 63600891660771332737970131320908257899478492072098142583129760830084010817900
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 68 K : 82726699047532721822923336737005809087889003999442120877447979558236282276934
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 69 K : 101852506434294110907876542153103360276299515926786099171766198286388553735968
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 70 K : 5186224583739304569258762560513003611872463575055173083479253873022663700665
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 71 K : 24312031970500693654211967976610554800282975502399151377797472601174935159699
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 72 K : 43437839357262082739165173392708105988693487429743129672115691329327206618733
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 73 K : 62563646744023471824118378808805657177103999357087107966433910057479478077767
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 74 K : 81689454130784860909071584224903208365514511284431086260752128785631749536801
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 75 K : 100815261517546249994024789641000759553925023211775064555070347513784020995835
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 76 K : 4148979666991443655407010048410402889497970860044138466783403100418130960532
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 77 K : 23274787053752832740360215464507954077908482787388116761101621828570402419566
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 78 K : 42400594440514221825313420880605505266318994714732095055419840556722673878600
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 79 K : 61526401827275610910266626296703056454729506642076073349738059284874945337634
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 80 K : 80652209214036999995219831712800607643140018569420051644056278013027216796668
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 81 K : 99778016600798389080173037128898158831550530496764029938374496741179488255702
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 82 K : 3111734750243582741555257536307802167123478145033103850087552327813598220399
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 83 K : 22237542137004971826508462952405353355533990072377082144405771055965869679433
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 84 K : 41363349523766360911461668368502904543944501999721060438723989784118141138467
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 85 K : 60489156910527749996414873784600455732355013927065038733042208512270412597501
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 86 K : 79614964297289139081368079200698006920765525854409017027360427240422684056535
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 87 K : 98740771684050528166321284616795558109176037781752995321678645968574955515569
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 88 K : 2074489833495721827703505024205201444748985430022069233391701555209065480266
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 89 K : 21200297220257110912656710440302752633159497357366047527709920283361336939300
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 90 K : 40326104607018499997609915856400303821570009284710025822028139011513608398334
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 91 K : 59451911993779889082563121272497855009980521212054004116346357739665879857368
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 92 K : 78577719380541278167516326688595406198391033139397982410664576467818151316402
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 93 K : 97703526767302667252469532104692957386801545066741960704982795195970422775436
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

private 94 K : 1037244916747860913851752512102600722374492715011034616695850782604532740133
diff 96666281850554806338617779592590356664427052351730926088286944413365890035303

CrunchyF

jr. member

Activity: 56

Merit: 26

Quote from: krashfire on December 31, 2022, 11:12:02 AM

Quote from: ecdsa123 on December 31, 2022, 10:33:28 AM

it is not finished.

try your self. secp256k1 if you add abstract thinking you will see "there are another properties" that you can use.

You should observe the values as output and think what is going on and test it.

a lot of us had make thousend test to verify thousends posiibilities.

some times you must "go away" and create you own pattern , sometimes expand "calculation" for new coeffs.

I still observe and have a good result.

no one on this forum will really share with his knowledge. TRY Harder and be positive.

🥰🥰

This attack is not applicable to Bitcoin. Because you need that the message are the same in the two signature (it not possible in the blockchain)

krashfire

member

Activity: 127

Merit: 14

Life aint interesting without any cuts and bruises

Quote from: ecdsa123 on December 31, 2022, 10:33:28 AM

it is not finished.

try your self. secp256k1 if you add abstract thinking you will see "there are another properties" that you can use.

You should observe the values as output and think what is going on and test it.

a lot of us had make thousend test to verify thousends posiibilities.

some times you must "go away" and create you own pattern , sometimes expand "calculation" for new coeffs.

I still observe and have a good result.

no one on this forum will really share with his knowledge. TRY Harder and be positive.

🥰🥰

krashfire

member

Activity: 127

Merit: 14

Life aint interesting without any cuts and bruises

i recreate the attack and modify the code based on this article.

https://asecuritysite.com/ecdsa/ecd7

it does work in giving out the private keys.

Code:

import ecdsa
import random
import libnum
import hashlib
import sys

P = 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1
N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
order = N
priv1 = 20
G = (31504125288796341338541169388783846543997786027594142627385926708036691251730,
29015715595623874326232564738946807912877814040423899127791236573353650594580)

k = int(input("K:"))
if k < 1 or k > 2**127:
raise ValueError("Input is out of range")

r = 66117490189936270206987461679613764204679654666049042771015493508015054858077
s = 49674599047379925216583523329074143648157909613025861611589669633503106636260
h = 99349198094759850433167046658148287296315819226051723223179339267006213272520

msg="HelloHello"

# Now generate a fault
rf = r
sf = (libnum.invmod(k,order)*(h+priv1*rf)) % order
hf = int(hashlib.sha256(msg.encode()).hexdigest(),base=16)
k = hf*(s-sf) * libnum.invmod(sf*r-s*rf,order)
valinv = libnum.invmod( (sf*r-s*rf),order)
dx = (hf*(s-sf)* valinv) % order

print(f"k: {k}")
print(f"Sig 1 (Good): r1={r}, s1={s}, h1={h}")
print(f"Sig 2 (Faulty): r2={rf}, s2={sf}, h2={hf}")
print (f"\nRecovered private key: {dx}")

however, the private keys given are not of the targeted wallet address. so nope, your bitcoins are still safe.
my inputs could be wrong though, correct me if im wrong. thank u so much.

Code:

K:2410
k: -8798166015846973725561614309791304655239378187079711764294056475330149015934906772429315822306934901393705779350762680499808112349218839583434901201485582221473728750380597901824590880328183205377959771799530340013137323794330090
Sig 1 (Good): r1=66117490189936270206987461679613764204679654666049042771015493508015054858077, s1=49674599047379925216583523329074143648157909613025861611589669633503106636260, h1=99349198094759850433167046658148287296315819226051723223179339267006213272520
Sig 2 (Faulty): r2=66117490189936270206987461679613764204679654666049042771015493508015054858077, s2=94761076309972293894096285019617727370519309086943504219315190442656806572338, h2=11209404430005450692776394377220775389388011163944676048947869460159787075727

Recovered private key: 37708835787268217211476314887030394677427639753441187644516074530096113903948

Topic: Reused R nonce faulty signature attack (Read 272 times)