Pages:
Author

Topic: This message was too old and has been purged - page 11. (Read 50772 times)

hero member
Activity: 868
Merit: 1000

All horseshit aside, to clarify all of this:

It seems that any reused Bitcoin address is potentially vulnerable to attack because right now there is no way to know if it's close to a rendezvous point?

But addresses that haven't been reused are safe, but only because the public key for that address has not been broadcast yet?  As soon as the public key is broadcast by spending from an address it becomes vulnerable?

I've been noticing rumblings of this before from a privacy point of view, but it seems now we have even more reason to stop reusing addresses.

Since this is very important, can you define "reused"? Do you mean accept incoming funds, but don't transmit any funds out except to drain the address??  thanks

When bitcoin is sent out of an address, the public key of that address will be known to the world.
sr. member
Activity: 378
Merit: 250

All horseshit aside, to clarify all of this:

It seems that any reused Bitcoin address is potentially vulnerable to attack because right now there is no way to know if it's close to a rendezvous point?

But addresses that haven't been reused are safe, but only because the public key for that address has not been broadcast yet?  As soon as the public key is broadcast by spending from an address it becomes vulnerable?

I've been noticing rumblings of this before from a privacy point of view, but it seems now we have even more reason to stop reusing addresses.

Since this is very important, can you define "reused"? Do you mean accept incoming funds, but don't transmit any funds out except to drain the address??  thanks
jr. member
Activity: 51
Merit: 502

Thanks  Grin I take it as a compliment because I always felt my english was a lot worse than his. But this gives me some confidence again  Cheesy

hmmm.......

fwiw alesso restani hates bitcoin
legendary
Activity: 1260
Merit: 1168
This message was too old and has been purged
jr. member
Activity: 51
Merit: 502
legendary
Activity: 1260
Merit: 1168
This message was too old and has been purged
jr. member
Activity: 51
Merit: 502
what a load of shit!

his voice sounds familar???
legendary
Activity: 1974
Merit: 1077
Honey badger just does not care
Quote
Disclaimer:
This project is for research purpose only, or to recover lost private keys. It may not be used for any illegal activities and I cannot be held responsible for anything you do with it.

You say it's for research only, but at the end of your video you say the bitcoins in the address are "stolen".  You little comic shows your true intention of just stealing people's coins.  If you were going to do this, why would you announce it?  Wouldn't you just quietly steal all the bitcoins you could find?  It makes no sense. 

And then to top it off, if it really is for research, why wouldn't you just donate the knowledge to the development team to help fix the security hole that you're claiming exists?  You have the possibility of earning more money in donations from the community by providing a fix for what you're trying to prove is a security flaw.  Hell, I'd donate bitcoin to you if you were doing this for the good of the community.  But 2BTC for a copy... it makes no sense.  If it did what you say it does, and it could have very well be proven in the profanity-laced and almost tourettes-like video, why wouldn't you be charging more for it.  2BTC is chump change if this is legit.

Something doesn't add up.  Just my $0.02.

-Fuse

He is writing the paper, so the research will be published eventually. There is no security hole, and nothing can be fixed by the development team at this moment until more research is done to investigate these phenomenons. The good of the community and the good of the collective knowledge are not the same things, and at this moment Evil-Knievel is doing this for the knowledge that can be gained, if the community will benefit or not is another matter.
sr. member
Activity: 314
Merit: 251
To be absolutely safe, you are absolutely correct. You should not reuse addresses, because as you do your public key gets broadcasted.
However, if you only store a few thousand bucks in your wallet, you are not likely to because a target of the "bruteforcers" as they will probably aim for higher accounts.

However, yes: Not reusing the address will make you safe.

I believe the first time a brute-forcer breaks a large bitcoin wallet he will inadvertently or by intent, also break Bitcoin and by extension crypto-currencies.  Confidence in this budding technology is already precarious.  Any notion that one's coins are insecure will not be met well by the masses.

These findings of weakness in the blockchain should be brought to the developers attention and we should be calling for some solution to this issue as soon as possible.
sr. member
Activity: 430
Merit: 250
This is actually for cracking public addresses and finding the private key? lol

Theoretically yes,
I am offering it for "scientific purpose" only. The buyer must agree not to use it for any illegal activity whatsoever.

For clarification: Collisions mean that there is a private key found, of which the public key matches in 32bits (out of 256) the public key you provided as an input. This (at the current speed) happens several times a minute.

If wanted, I can prove that weak private keys are found within a manner of seconds. Weak private keys are all those, who are significantly close (like several million units apart on the x axis) to one of the 768 rendezvous points on the elliptic curve.
Just want to clarify, this is cracking public keys not addresses. There is currently no known way of getting the public key from the address unless sha256 and ripemd-160 are broken.

However, a very interesting project, Evil-Knievel - but I wouldn't put my money on it actually cracking any public key with actual bitcoins on it (unless it's set up, of course).

I have to correct you here. All public keys are publicly available on blockchain.info.


They are once you sign an input, but any half capable wallet won't reuse addresses, making it so once the public key is known the funds will be gone.

edit: I see you already addressed this.
legendary
Activity: 1260
Merit: 1168
This message was too old and has been purged
sr. member
Activity: 314
Merit: 251

All horseshit aside, to clarify all of this:

It seems that any reused Bitcoin address is potentially vulnerable to attack because right now there is no way to know if it's close to a rendezvous point?

But addresses that haven't been reused are safe, but only because the public key for that address has not been broadcast yet?  As soon as the public key is broadcast by spending from an address it becomes vulnerable?

I've been noticing rumblings of this before from a privacy point of view, but it seems now we have even more reason to stop reusing addresses.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
So what exactly is a rendezvous point? I can't find anything on Google about rendezvous points about ECDSA or curves
legendary
Activity: 1260
Merit: 1168
This message was too old and has been purged
sr. member
Activity: 430
Merit: 250
This is actually for cracking public addresses and finding the private key? lol

Theoretically yes,
I am offering it for "scientific purpose" only. The buyer must agree not to use it for any illegal activity whatsoever.

For clarification: Collisions mean that there is a private key found, of which the public key matches in 32bits (out of 256) the public key you provided as an input. This (at the current speed) happens several times a minute.

If wanted, I can prove that weak private keys are found within a manner of seconds. Weak private keys are all those, who are significantly close (like several million units apart on the x axis) to one of the 768 rendezvous points on the elliptic curve.
Just want to clarify, this is cracking public keys not addresses. There is currently no known way of getting the public key from the address unless sha256 and ripemd-160 are broken.

However, a very interesting project, Evil-Knievel - but I wouldn't put my money on it actually cracking any public key with actual bitcoins on it (unless it's set up, of course).
legendary
Activity: 1582
Merit: 1002
HODL for life.
Quote
Disclaimer:
This project is for research purpose only, or to recover lost private keys. It may not be used for any illegal activities and I cannot be held responsible for anything you do with it.

You say it's for research only, but at the end of your video you say the bitcoins in the address are "stolen".  You little comic shows your true intention of just stealing people's coins.  If you were going to do this, why would you announce it?  Wouldn't you just quietly steal all the bitcoins you could find?  It makes no sense. 

And then to top it off, if it really is for research, why wouldn't you just donate the knowledge to the development team to help fix the security hole that you're claiming exists?  You have the possibility of earning more money in donations from the community by providing a fix for what you're trying to prove is a security flaw.  Hell, I'd donate bitcoin to you if you were doing this for the good of the community.  But 2BTC for a copy... it makes no sense.  If it did what you say it does, and it could have very well be proven in the profanity-laced and almost tourettes-like video, why wouldn't you be charging more for it.  2BTC is chump change if this is legit.

Something doesn't add up.  Just my $0.02.

-Fuse
legendary
Activity: 1260
Merit: 1168
This message was too old and has been purged
member
Activity: 98
Merit: 10
Pretty awesome....

but it's a very specific way of generating addresses.

And you have no method of checking which addresses are weak?

Can you attempt to crack multiple addresses at the same time with little performance loss?
hero member
Activity: 602
Merit: 500
In math we trust.
member
Activity: 84
Merit: 10
Pages:
Jump to: