Pages:
Author

Topic: Science Fair Project to trap Bitcoin private keys using Kangaroos! (Read 7850 times)

full member
Activity: 206
Merit: 447
Most success in ECDLP has been in Pollard-Rho, like a '6' character you following the tail until find the point of entry into a circle, but this method requires memory storage, but this method only works on TOY problems because there is not enough memory on earth to store the history.

You are mistaken. Pollard Rho & Kangaroo both use the same amount of memory (the same order of magnitude). In the original rho the whole memory is only two points and two numbers mod curve order. Parallelizing multiplies the needed memory, but it still remains insignificant compared to the number of point additions. The amount of memory needed is linearly dependent on the number of parallel computations.

member
Activity: 182
Merit: 30
Hello,
any one here please can explain to me what mean by Wild and Tame ? , I know that they are hops of kangaroo, but how can I use them.
for example I want to know if i run pollard for #105 and get a Wild hop, but I shutdown the pollar code .. I don't want to start from the beginning so how can I import the Wild that I find in first ? ,and the same for Tame.

the second question is, what is tame and wild ? they are collision ? if yes and we can import them ,so we can just everyone poste the wild and tame that he find and we will find it quicly !!

Thanks

Even the inventor John Pollard regrets this name, this tech is some 40+ years old. Originally is was called Pollards's Rho/Lamba method, where Lamda is an upside down Y

The notion was that two different searches converge on a common point, leading to the end goal

Then historically Pollard was reading 'national geographic' on a story about kangaroo breeding in Austrailia, and decided to call lambda-method the Kangaroo method, it is complete bullshit, there is no abstraction or moral equivalence, or equivalent thinking here

Long ago, they used to call this crap baby-step/giant-step which is better, it all come out of the same people

The principal IDEA of Kangaroo is they HOP, they HOP BIG ( giant step ), they hop small ( baby step ), you jump around the finite-field ( your prime space, a big number )

Originally they kept all the hop history in memory, but of course that restricted the search, think 2^256 is 10^77, which  is all the electrons in the universe, impossible to find this memory

So they came up with a method that didn't require lots of memory, which is this method the 'kangaroo' or 'lambda' method.

Jump around the field space, and if you find a Disctinct-Point you record it in memory, and you have 100's if not 1,000's of processes doing the same, if later another process hits that special-point, then all the kangaroos follow that point. So a DP is the 'Y' where the two top lines converge to  make one.

Now the problem with DP is its not the real Lambda Point its just a special point, defined as you wish, sort of like mining bitcoin, where difficulty is set by the number of leading zeros on a hash, here the DP is the special point defined much the same way, its just a unique point that all processes can agree on; it doesn't mean that this is the true point of convergence, just means that its a "Point of Interest", randomly defined by humans. Under their rules.

So kangaroos hop around looking for a DP in giant-hops, and if a DP is found, then they incrementally search that point forward;

The problem with the Lambda method is its restricted to a tiny subspace of the field, if your doing btc which is 2^256, the jean-luc kangaroo algo only lets you choose a 2^20 field of view, so unless its a 'made up puzzle' problem in that 2^40 space, the likelyhood of solving the problem is zilch

Most success in ECDLP has been in Pollard-Rho, like a '6' character you following the tail until find the point of entry into a circle, but this method requires memory storage, but this method only works on TOY problems because there is not enough memory on earth to store the history.
hero member
Activity: 1988
Merit: 593

talk less, work more... my C99 prototype ready!
everything is exactly as I described above

1core i7-6820, win7x64

// MODE: J + A -> J,  xJ->xA   ; 0.23Mk/s; secp256k1_gej_add_ge_var(), convert only X jacobian to affine
Code:
C:\cygwin64\home\User\pollard-kangaroo>pollard-kangaroo.exe

[###########################################################]
[#          Pollard-kangaroo PrivKey Recovery Tool         #]
[#            C99, bitcoin-core/secp256k1 library          #]
[#                        singlecore                       #]
[#                          ver 0.1                        #]
[###########################################################]
[DATE(utc)] 16 Sep 2019 18:23:53
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[pow2bits] 2^40
[range] 2^39..2^40 ; W = U - L = 0x0000008000000000 (2^39)
[maxDP] 1024 (max elements in hashtable)
[DPmodule] 0x0000000000040000
[pow2Jmax] 23
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
 --> TEST MODE
[pubkey(tests)] 03A2EFA402FD5268400C77C20E574BA86409EDEDEE7C4020E4B9F0EDBEE53DE0D4
 --> pubkey valid!
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[+] Sp-table of pow2 points - ready
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[+] T1+W1 herds - ready
 --> [0y 0m 0d 00:00:06s] [0.23Mk/s] [0y 0m 0d 00:00:11s]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[i] 1700051j; DP T+W=4+3=7; dp/kgr=3.5;
[prvkey#40] 000000000000000000000000000000000000000000000000000000E9AE4933D6
[#############################; passtime: 0y 0m 0d 00:00:06s]
[####################################; precision:   6s  38ms]
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[DATE(utc)] 16 Sep 2019 18:23:59
[~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~]
[x] EXIT
40bits, w=39bit, 2w^(1/2) at 17sec





Puzzle 32 how many time? Smiley

https://bitcointalksearch.org/topic/m.55448862
full member
Activity: 431
Merit: 105
ok great to have had you around. bye
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
As you can probably guess my daughter lost interest in this project and she moved on to other things:  competitive rock climbing, learning to fly an airplane, collecting vinyl records (!), learning to play the bass guitar in her own rock and roll band, etc.  Oh to be 13 again...
member
Activity: 330
Merit: 34
If i have 10 PC with different cpu cores numbers, how i can setup the program to search for same private key but on different range and to run program on all PC?

PC 1 to search for 10% of private keys PC 2 for next 10% and so on and the last for last 10%?

try now gpu version for Kangaroo
https://github.com/JeanLucPons/Kangaroo
full member
Activity: 486
Merit: 102
If i have 10 PC with different cpu cores numbers, how i can setup the program to search for same private key but on different range and to run program on all PC?

PC 1 to search for 10% of private keys PC 2 for next 10% and so on and the last for last 10%?
sr. member
Activity: 443
Merit: 350
=============================================================================================

Sample
Private key: 1000

Information you give me
If you give your private key 1000 public


1000-1 = 999 public key
1000 +1 = 1001 public key

1000 + 500 = 1500 public key
1000-500 = 500 public key
If I know the public key of 999,1001,1500,500
My information
Will it help me find my Bitcoin private key?

https://t.me/kyscolx

Of course. If you know this exact step between the known public key and target public key you will find the private for the target one. I mean if you know 1 and 500 in your example. But is these steps are just x and y - so no.
And also you should know the PRIVATE key from 1000+500, 1000-500, etc, not public one. Knowing just public is not enough because public key is just an ECDSA addition of 2 points.
full member
Activity: 431
Merit: 105
Happy New Year 2020 to all,

anything new under the sun regarding the project, maybe some gpu pollard.
or. Burt's Surprise
sr. member
Activity: 1400
Merit: 269
That is quite an interesting project im assuming this is still under development phase that's why, you're trying to find out the length and entropy of each BTC address are you trying to generate address as well so you check for duplicates ?
You could try this site https://www.blockcypher.com/dev/bitcoin/#documentation-structure this api has a lot of different functions including checking unconfirmed payments. You could try this out if you want  more features to your project.
sr. member
Activity: 443
Merit: 350
+ How can I upload the tame and wild into my code, because when code start he create new empty file tame and wild ?

If you can specify what kind of code do you use, it will be easier to answer your question.
However as I remember there were 2 main pollard python codes in discussion - one used text files to store tame and wild, and another used memory to store them (without files).
So I can guess that you use the 1st one (with files).

In code you can find that in the beginning it creates (re-writes) tame and wild files. You need just comment or remove these rows from the code, like these:
#open("tame.txt",'w').close()
#open("wild.txt",'w').close()

'w' for only writing (an existing file with the same name will be erased)

Every time you run the code, it will use the same tame and wild tables, and will continue to search (however the start locations of kangaroos will be changed, but it is not so important - anyway kangaroos are jumping in random way)
member
Activity: 142
Merit: 70


Visually you also can imagine that all tame kangaroos are jumping with the cord - so you know the private key of every tame's location. But wild kangaroos are wild and you know only the jump step for them but do not know the private key for their location. Wild kangaroos are located just at another public point with uknown private key. As soon as wild and tame are met at the same point, you can calculate the unknown private key with the help of your "cord" connected with the tame kangaroo  Wink
Thank you very much for explainning, but as you say now .. the wild and tame are good if we have lot of them "As soon as wild and tame are met at the same point" , so why not share all tame and wild founded and let pollard check them !?
+ How can I upload the tame and wild into my code, because when code start he create new empty file tame and wild ?
sr. member
Activity: 443
Merit: 350
Hello,
any one here please can explain to me what mean by Wild and Tame ? , I know that they are hops of kangaroo, but how can I use them.
for example I want to know if i run pollard for #105 and get a Wild hop, but I shutdown the pollar code .. I don't want to start from the beginning so how can I import the Wild that I find in first ? ,and the same for Tame.

the second question is, what is tame and wild ? they are collision ? if yes and we can import them, so we can just everyone poste the wild and tame that he find and we will find it quicly !!

Thanks

In general, tame kangaroos are jumping "in the area" of private keys, and wild kangaroos are jumping "in the area" of public keys. If k is the private key, so public key for it will be Q = k*G, where G is basis point. Now, tame kangaroos are jumping in the area of private key (number), but wild kangaroos are jumping from the point Q (public key). There is a rule in ECDSA group addition: if we add some number to private key, the result will be the sum of the public keys, i.e. public key of the number (k + j) is (k+j) * G = k*G + j*G. So you can calculate the public of the jump step, add to public key of the private key to be found and receive the resulting point. The collision is the exact one point where tame and wild kangaroos are met.
In order to import all your jumps to continue, you should save the tables of their jumps (and later use them again).

Small example:
Imagine you want to find the private key for the public key Q 02ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88 [1]
This is the public key from the private number 100 (in hex 64), but you do not know this.

If tame kanagroo jumped to number tame_jump = 150 (in hex 96), we receive the public key from this number equal to 031f6014569d1203ae0c128ac00a41097609b16386bde7f857b908ea95e5eebbef [2]
And if wild kangaroo jumped by step wild_jump = 50, we should calculate the resulting point for wild as the addition of the known public key [1] and the public key of step 50 (in hex 32) which is 0229757774cc6f3be1d5f1774aefa8f02e50bc64404230e7a67e8fde79bd559a9a [3]

So, adding point [1] (Q) and point [3] (scalar addition in bitcoin ECDSA), we receive the resulting point 031f6014569d1203ae0c128ac00a41097609b16386bde7f857b908ea95e5eebbef [4]
No we see the collision: point [4] is exatcly the point [1].
Finally, while [4] equals to [2], the private key k is tame_jump - wild_jump = 150 - 50 = 100.
So, as wild and tame kangaroo jumped to the same point, we could find the private key  as the difference between jumps.

Visually you also can imagine that all tame kangaroos are jumping with the cord - so you know the private key of every tame's location. But wild kangaroos are wild and you know only the jump step for them but do not know the private key for their location. Wild kangaroos are located just at another public point with uknown private key. As soon as wild and tame are met at the same point, you can calculate the unknown private key with the help of your "cord" connected with the tame kangaroo  Wink
member
Activity: 142
Merit: 70
Hello,
any one here please can explain to me what mean by Wild and Tame ? , I know that they are hops of kangaroo, but how can I use them.
for example I want to know if i run pollard for #105 and get a Wild hop, but I shutdown the pollar code .. I don't want to start from the beginning so how can I import the Wild that I find in first ? ,and the same for Tame.

the second question is, what is tame and wild ? they are collision ? if yes and we can import them ,so we can just everyone poste the wild and tame that he find and we will find it quicly !!

Thanks
member
Activity: 330
Merit: 34
Hi all dev
seems you all only gone busy for your interest, its good, board in empty, no new updates, no new developmentsm, no new news, no sharing, etc
comunity wish you join back, and update, post your new work , idea's, etc

newbie
Activity: 43
Merit: 0
this thread not posting nada, niet, nothing,

23-10-2019 08:26:33 PMPosted by: brainless
but the posters are the best. serious hard work and nice work.
but no BurtW software as of yet released, just test result i guessed.

so guys let some of you be heard we wan't it to.

greetings.

Something new will appear in one month aprox, after they will find 110 puzzle.
After that they will need something new because kangaroo will not find 115 in a reasonable time.
full member
Activity: 431
Merit: 105
this thread not posting nada, niet, nothing,

23-10-2019 08:26:33 PMPosted by: brainless
but the posters are the best. serious hard work and nice work.
but no BurtW software as of yet released, just test result i guessed.

so guys let some of you be heard we wan't it to.

greetings.
member
Activity: 330
Merit: 34
Dear dev's
can you post script (python or c ) where multiple publickeys checking in kangroo bit range, (by reading pubkeys file i.e pubkeys.txt)
same as implemented in brainflayer, like bloomfilter check
bitcrack, vanitysearch, etc
yes its reduce speed but 10%, but if publickeys are in 100 or 200, it will not effect
love to see multiple pubkeys like bloom filter or else check in table, in bit range.
hope you could manage it too
sr. member
Activity: 443
Merit: 350
Did anybody make the analysis for the right DP_rarity? (in phyton code the "points" reconciliation is made only for X-coordinate multiple of DP_rariry: if P.x % DP_rarity == 0)

If we select very small DP_rarity, so many points will be saved, and wee need more memory/disk space. If we select very high DP_rarirty, so most of jump points will be missed, and the meeting point of wild and tame kagaroos could be missed as well.
What is the most effctive value of DP_rarity?
member
Activity: 330
Merit: 34
Seems no more new update in kangroo subject, all waiting GPu ver, but developer have it, and he maybe waiting to find 110 puzzle, but till no news in updates and upgrades in kaangroo
anyway any modification for multiple pubkey find in range space at once, by input file (multiple pubkey)
 Huh
Pages:
Jump to: