Topic: This message was too old and has been purged - page 10. (Read 50741 times)

Stupid question - why is the address he chose one character shorter than the preceding ones?

Also, I'm going to assume that the "random" address generator is, in fact, only generating weak addresses.  The question is, can the degree of weakness be detected in a public key?

This cracker is BS. Demonstrating one successful "brute-forcing" is straighforward if the address is generated on purpose very close to a rendez-vous point. There is no weakness here whatsoever, the regions around rendez-vous points are just tiny compared to the whole search space.

Consider that it is basically the same thing as iterating over possible private keys starting from 1, then 2, etc... then saying "uh-oh! I found some addresses that are weak and can crack them quickly!". Of course it will be true for all addresses whose private key is between 1 and few millions... But it is still nothing considering the whole search space.

Do not buy that.

Maybe you have some major computer (or perception) issues as the video clearly shows that it (contrary to your claim no address can be cracked easily) is in fact cracking a private key in seconds. More precisely, the private key of a randomly generated address.

...as long as you don't reuse addresses (Don't keep sending stuff from the same address) your public key is never published and then he can't even try to run his program on your public address. You have a better chance of getting a virus and having you BTC stolen off your machine this way.

(last message wasn't posted - maybe since I'm new it's awaiting moderation or something?)

Help me out here - is Evil claiming that he has essentially cracked RSA (ie, that given a public key, hey can ascertain its private key)?

If not, what is specific to Bitcoin about this attack?

Nah, coincidental. The only reason I put a limit at all is so I wouldn't feel ethically obligated to hold onto 50 BTC beyond that point in time.

Quoted. (is the april fools date intentional?)

So you claim you can crack some random keys provided by people on the forum? Oh really.

Well here, I'll make it very profitable for you then:


Full message at https://people.xiph.org/~greg/keysfun.asc

Surely if you can crack a single key provided by a person in the thread cracking any one of 200k keys should be a cinch.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


I, Greg Maxwell, do hereby promise to pay 50 BTC to the first person that
provides the discrete log of _any_ of the following randomly generated
200,000 secp256k1 public keys. This offer is open until 2014-04-01.

None of the below public keys have been used on the Bitcoin blockchain as
of the time of the creation of this offer.

04abb9239d3a5131de45b977807c62bf879119b05c3da33e37d8e7be0901985ce73b6ca6dff5b97 34d1225ce0120bbe023066669c29e23d3ea82de9a57dd259b63

I believe the first time a brute-forcer breaks a large bitcoin wallet he will inadvertently or by intent, also break Bitcoin and by extension crypto-currencies.  Confidence in this budding technology is already precarious.  Any notion that one's coins are insecure will not be met well by the masses.

These findings of weakness in the blockchain should be brought to the developers attention and we should be calling for some solution to this issue as soon as possible.

On re-use of addresses.

I can think of a few scenarios where one must re-use addresses.  Lets say for example Wikipedia decides to accept donations in Bitcoin.  They put up a donation address.  Should they generate a new donation address every time someone visits the donation link?  They probably should from a security point of view.  Seems inconvenient for donators that have saved the address in their address book. 

Our own Bitcoin Foundation re-uses its donation address as well.  https://blockchain.info/address/1BTCorgHwCg6u2YSAWKgS17qUad6kHmtQW There it is on blockchain.info 556 transactions at the time of this posting. Looks like address re-use to me. I wonder how many people who are either members or donators to the foundation tell people in the forums not to re-use addressess.

All of you who have an address in your signature for tips and such are also guilty of address re-use.  Basically any address that is publicly advertised for business/charity or what have you will be re-used.  This goes for all those that generated vanity addresses specifically to have a visually unique address for personal or business use.

If the solution is don't re-use addresses then this makes things inconvenient.  Does anyone really think that the masses are going to stick with one address per use?

Can someone tell me where I am going wrong here?  I can't see stopping address re-use as a solution to this potential threat.