Brute forcing BM addr's

[chan] bitmessage
Jul 8 13:45

I generated 17,000 BM addr's in a couple hours using python. A C program could probably do millions or billions per hour on a GPU or ASIC setup. Are there any C gurus who want a challenge? We could run a CLI bitmessage address and chan generator in pure C, using only C libs, with multi core threading, and switches for every option. A few people running that for a few months might be able to brute force some addresses and get compatible keys. If collisions are not found in a few months of running, we could say the addressing scheme and its keys are presumable very secure. I could never do this with python. You can't brute force 2+2 with snakesoft. I shoulda learned C.

[chan] bitmessage
Jul 8 14:09

A hardware acceleration route may be the best (core) way to go. with carefully tuned bare metal coding for custom processor ops. Because the use of cryptographic grade hash standards and block/streaming ciphers capable of efficiently processing large quantities of wire transmitted data demands a very specific approach. Opposed to the (mis)uses as a chosen standard where highly assymetric time / computational overhead is desirable rather than undesirable All early crypto-coin implementations fall into this trap, to a greater or lesser extent Simply making huge loops of designed-for-efficiency algorithms in core functions is pretty typical until recently.

[chan] bitmessage
Jul 8 14:31

it wouldn't make any sense, because the probability of finding something is very very low but you could try to brute force peoples passphrases, which makes a lot more sense, and might actually work

[chan] bitmessage
Jul 8 14:48

Using a full UTF8 character set rather than legacy ASCII subset is also a game-changer .

Jul 8 15:22

I'm assuming you're using the p\Python vanity generator I wrote. Rewriting it in C won't matter, as I've posted in the past. Most of the processing time is spent in OpenSSL.EC_POINT_mul which is already written in C. The Python overhead surrounding this OpenSSL call is miniscule in comparision. Not worth it at all.

[chan] bitmessage
Jul 8 15:41

I use 160 char base64 passphrases from /dev/urandom. Good luck brute forcing that.

[chan] bitmessage
Jul 8 15:41

Yahamana ... Just a 10 char pwd in full UTF-8 pans out like this: {2^21} ^ {len(pwd)} ----------------------------------------------------- Using a full UTF8 character set rather than legacy ASCII subset is also a game-changer .

[chan] bitmessage
Jul 9 11:23

Watch out for combining them though - especially if using GUI copy paste operations. You'll get reminders about the difference between a code-point and a character when you mic 'em up radically. I'm having an interesting time (in the Chinese sense) with code in python2.7 where odd combinations of ass-backwards UTF8 right to left scripts mix up with regular left to right ones. In python strings and structures. Will probably do most of the final work in C structures anyway.

[chan] bitmessage
Jul 18 13:31

C is easy as fuck bro

[chan] bitmessage
Jul 18 13:34

Being "easy as fuck" doesn't matter when rewriting won't improve anything.

Jul 19 03:13

Assembler (On any target processors, with more than 1 millions of lines coded in my life) and C guru here. Yep. I have been thinking rewritting the whole thing in C but for now it's too much work for me, and it would be useless. The only missing thing that will make BitMessage really more secure and that will be able to truly restore anonymity is using the dedicated open-hardware open-core project, the BitMessage Secure Station.

[chan] bitmessage
Jul 19 03:31

Quit moaning about your hardware bla bla already. Close the curtains, put on your thinfoil hat and don't forget to take your pills

[chan] bitmessage
Jul 19 03:48

Easy to understand; yes; fast to code in; no. I can do a web browser in a couple dozen lines of python. Perhaps 50 thousand lines of C will get you the same thing.

[chan] bitmessage
Jul 19 06:54

Are there not any other crypto libraries that might improve the situation? libsecp56k1?

[chan] bitmessage
Jul 19 07:26

Do you have any arguments against Stman's, other than ad hominem? Assuming there are hidden hardware/flash/bios/etc channels, his idea seems quite reasonable to me, and the only safe and currently doable way to go. Do you have any proof there are no such channels? NB: a negative proof is quite difficult to do in a convincing way. If there aren't any and all of our off-the-shelf hardware is clean, Stman and his comrades will at least learn a lot about hardware while making that station, and that's a huge gain in itself.

[chan] bitmessage
Jul 19 08:38

(Not the original poster) The issue with Stman is, that he sounds like an advertisement stuck in a loop, plastering his project EVERYWHERE, even if it's not in any way related to the original question. The general idea he had, i.e. to design and build a more secure setup for bitmessage, is sound, but when he goes around, trying to smear it in everyone's face, he loses a LOT of credibility. And in this case, it's not even about bitmessage as a running node, but just a program to brute-force addresses, which doesn't profit from being more secure in any way.

Jul 19 11:26

Fuck you. As simple as that. FUCK YOU DEEPLY. You are a fucking crypto-fascist. Point. I will forward my open-hardware open-core project, even if you keep trying to trap me with all your fuckeries with mind control right ? Don't forget the scandal of my "antitrust" patent case. I know on which side you are. You are not only a true fascist, You are a fucking mafia model defender. And stop spying on me motherucker. You wil not win in the end, you will end in jail. ⬇︎

[chan] bitmessage
Jul 19 11:32

You could've done the mature thing and simply ignored his shitpost, but you chose to throw around words like "fascist" and other. This is most likely exactly what the other guy meant with "he loses a LOT of credibility". If your project actually reaches a point where it's usable and well accepted, that would speak for itself. But currently, you're only making yourself look like you just love to call people fascists, mafia and other shit. Concentrate on getting your project rolling, and stop shouting at trolls and making yourself look like a maniac.

Jul 19 11:36

Oh and I know who you are. Exactly. You are LKB. Shall I dox you ? Maybe it's what you want. It's what you deserv indeed. It would mean a true fascist spy less endangering humanity and global peace.

[chan] bitmessage
Jul 19 11:39

Ah, there he goes again, making the trolls laugh their ass off and making himself look like a nutjob.

Jul 19 11:46

You are right, I am loosing my time. I'll stop feeding him and his nazi spy club trolls.

[chan] bitmessage
Jul 19 13:13


[chan] bitmessage
6 hours ago

Very true

5 hours ago

I was also tempted to rewrite everything in C, but it won't fix anything new known. Peter Surda convinced me logicaly & easily it was stupid and energy lost doing so for the moment, as long as it will not solve anything new, but just improve performances a little bit, and current work with python + Qt is ok to me in terms of performance. Getting rid of Qt is another debate (What I have always feared with Qt are the possibility of having Qt Backdoored, but still, I consider Qt the best cross-platform meta-framework available on the market, because there are no performance degradation). Personnaly, my energy is much better spent on working on the BitMessage Secure Station Open-Core Open-Hardware stuff.

[chan] bitmessage

Subject Last Count
Brute forcing BM addr's Jul 21 18:57 24
Network Size Jul 21 13:07 5
memory leak? Jul 21 06:19 3
BM bot sourcecode sample Jul 20 15:56 7
RE: BM bot sourcecode sample Jul 20 04:01 1
BitMessage need new improvements Jul 19 23:35 3
2 bugs while quitting Jul 19 19:03 1
[Feature Request/Question] Blacklist counters Jul 19 12:01 1
raspberry pi Jul 18 17:13 3
Feature request (2) Jul 17 00:44 13
Bug report (UI shows deleted messages) Jul 17 00:20 3
ECC Curves: secp256k1 versus secp521r1 -> BitMessage Secure Station Jul 16 22:18 1
PyBitmessage message save folder Jul 16 21:00 5
HELP(!) - Impossible PoW recipient address msg Jul 16 20:53 6
ECC Curves: secp256k1 versus secp521r1 Jul 16 20:44 28
Precedence of work / Priority of work Jul 16 20:43 5
I need help Jul 16 16:42 1
Pre-commitment and "open source canary" Jul 16 16:41 2
Killing impossible PoW sent items (daemon) Jul 16 16:40 1
Feature request (1) Jul 13 13:45 6
Bitmessage statistics Jul 13 09:42 13
addr command problems and plans Jul 13 06:19 7
BM client 0.6.2 (OS X) does not show images Jul 12 04:16 24
bug in latest commits Jul 11 08:46 11
Bitmessage bug in latest v0.6 branch Jul 11 06:09 1
bmwrapper broadcasts Jul 10 14:27 5
Beamstat chanlist bug? Jul 10 06:10 3
FPGA Hardware backdoors risk and counter-measures, regarding « TOR/VPN fingerprinting family anonymity breach fix » with a custom FPGA based « Single Socket » Ethernet Controller. Jul 9 11:36 1
tor socks access issues continue (0.6dEV pYbm code @ 20170706) Jul 8 23:10 3
FPGA Hardware backdoors, regarding « TOR/VPN fingerprinting family anonymity breach fix » with a custom FPGA based « Single Socket » Ethernet Controller. Jul 8 14:10 3
BM-2NB prefix ? Jul 8 13:30 3
Jabit and Abit update Jul 8 07:45 1
Peer "Ratings" Jul 7 12:54 9
How to.. Jul 6 18:01 49
Is there a quick way to export a thread, or all threads of a chan in a readable manner. Jul 6 04:00 6
Dev-talk PML status / instructions pls Jul 5 21:04 5
BM db blob questions Jul 5 07:40 11
How to connect to more nodes Jul 5 07:34 13
P.P.S. Re: BM db blob questions Jul 5 03:21 2
bitmessage API TTL Jul 5 01:08 2
Re: Re: Re: Re: Religious garbage at this point Jul 4 22:28 7
Yes it's obvious my BM private keys have been stolen.... Jul 4 22:20 34
MiNode I2P support testing Jul 2 07:04 25
To the person running /wire:0.1.0/bmd:0.0.1/ on Jul 1 12:55 9
So you think God is a myth ... Jul 1 12:14 1
How to.. (Node Conns Encrypted) Jul 1 10:17 1
Any predictions? Jun 30 12:24 2
Hello ! Jun 30 10:03 18
If I had cash Jun 30 09:56 3
"addr" commands Jun 29 22:14 2
How to.. (DNS issues and asyncore/conventional Network Access behaviour) Jun 29 13:03 3
I2P peer discovery by publishing destinations as custom objects Jun 27 03:53 4
Confused Jun 25 21:29 6
Curious Jun 25 21:23 1
Question - BM mesage model alteration idea Jun 25 18:39 4
Privacy? I don't have anything to hide. Jun 25 18:30 2
Support (connections are "stuck" when using TOR+iptables) Jun 24 21:10 7