Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 7 Dec 2018 21:26:49 +0100
From: atroph0@...il.com
To: john-users@...ts.openwall.com
Subject: Re: Understand bitcoin2john script

Hi,
Thanks for your answer.
I noticed that the last part of the hash is the "public_key". But when
I use the function public_key_to_bc_address() with this public_key,
the btc address returned is NOT the address linked to my wallet.
That's why it's not clear how this public_key is linked to my btc pubic address.
Any hints?

Le ven. 7 déc. 2018 à 13:07, Solar Designer <solar@...nwall.com> a écrit :
>
> Hi,
>
> On Sun, Dec 02, 2018 at 08:51:33PM +0100, atroph0@...il.com wrote:
> > I am doing some experiments with bitcoin2john on my own wallet.
> > I wonder if the hash extracted by this script contains sensitive
> > information, like my public btc address? Directly or indirectly.
>
> I'm sorry no one replied to you sooner.  I was hoping someone more
> directly involved with this code would.
>
> Yes, you should assume that the "hash" contains at least semi-sensitive
> information, such as your public key.  It probably does not contain
> truly sensitive information, such as your private key, but I don't vouch
> for this.
>
> Related:
>
> Need less revealing *2john "hashes" for cryptocoin wallets & encrypted archives
> https://github.com/magnumripper/JohnTheRipper/issues/3139
>
> *2john tools should warn users when they produce particularly revealing "hashes"
> https://github.com/magnumripper/JohnTheRipper/issues/3140
>
> Generate less revealing hashes for Bitcoin wallets
> https://github.com/magnumripper/JohnTheRipper/pull/3290
>
> As you can see, the last one of these is a merged pull request, so that
> work was completed.  I didn't review it closely, even though it was
> implementation of my suggestion.  What I think we do now is take
> advantage of CBC mode's properties and store only two blocks of
> ciphertext, instead of the entire ciphertext.  What I think this
> achieves is a slight speedup of cracking and inability to restore the
> full public key from the "hash".  However, it probably doesn't help
> against matching of a "hash" (through such partially-restored key, once
> the passphrase is cracked) against an already known public key.  So
> probably not much help for privacy.
>
> We'd appreciate it if you (or anyone else reading this) research this
> further and contribute on issues 3139 and 3140.  Note that they're not
> limited to Bitcoin wallets, and the CBC mode trick should be reusable
> for many other input formats to various *2john tools.
>
> Here's someone posting a bitcoin2john "hash" (I think from prior to
> issue 3290 fix?) publicly, offering a 5 BTC bounty for anyone cracking
> their wallet's forgotten passphrase:
>
> https://crackmywallet.org
>
> Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.