Date: Fri, 11 Nov 2016 23:18:29 +0100 From: Luis Rocha <luiscrocha@...il.com> To: john-users@...ts.openwall.com Subject: Brainwallets and cracking Blockchain hashes Hi, Lately I've been reading about bitcoin and come across a very interesting project called brainflayer by Ryan Castelllucci that was presented on Defcon last year - https://www.youtube.com/watch?v=foil0hzl4Pg- . It's essentially cracking the password of bitcoin brainwallets. Braiwallets generate bitcoin addresses but the keys are generated with low entropy. So it’s possible to crack it just like JtR does for passwords. Was wondering if JtR code would be faster on CPU than his implementation. I know JtR already has support for raw-sha256 and ripmed-160 on Dynamic formats. Maybe an interesting project would be to add the support for secp256k1. An artisanal way to generate a Bitcoin wallet address would be: $openssl ecparam -genkey -name secp256k1 -out /tmp/data.pem $openssl ec -in /tmp/data.pem -outform DER|tail -c +8|head -c 32|xxd -p -c 32 $openssl ec -in /tmp/data.pem -pubout -outform DER|tail -c 65| sha256sum |xxd -r -p | openssl rmd160 read EC key writing EC key (stdin)= 374910ef9dbaf030c3fe59da7217d3b33d77cdfd This is the hash160 for a bitcoin public key and available on the Blockchain. It’s my understanding that brainflayer computes this hash using passwords and compares it offline with the addresses stored on the Blockchain. For completeness, to finalize the generation of the wallet address, one needs to add 00 in the beginning and then compute the checksum which are the first 4 bytes of the following results: $ echo -n "00374910ef9dbaf030c3fe59da7217d3b33d77cdfd" | xxd -r -p | sha256sum | xxd -r -p | sha256sum Final address string is: 00374910ef9dbaf030c3fe59da7217d3b33d77cdfd3ff15026 which then needs to be encoded in base58 which gives 163KhH2AySYNvCajqpPqb2GiexiyShEB1P - https://blockchain.info/address/163KhH2AySYNvCajqpPqb2GiexiyShEB1P Not sure how hard this would be and if it would be interesting for JtR, so just planting the idea here. References: The Bitcoin Brain Drain: A Short Paper on the Use and Abuse of Bitcoin Brain Wallets http://fc16.ifca.ai/preproceedings/36_Vasek.pdf Speed Optimizations in Bitcoin Key Recovery Attacks https://eprint.iacr.org/2016/103.pdf https://github.com/ryancdotorg/brainflayer Best, Luis
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.