Hacker News new | comments | show | ask | jobs | submit login
Contest: Hack my bitcoins and keep them (linja-aho.blogspot.com)
87 points by shared4you on Mar 9, 2013 | hide | past | web | favorite | 30 comments



It's like a nano X Prize, seemingly aimed against pass phrases.

Bitcoin wallet hacking is a really fun test case, because it begs people to acknowledge the opportunity costs involved in cracking. Cracking a wallet password can always be baselined against mining.

Cracks should happen whenever: operations_per_password / wallet_size < operations_per_coin

(You can increase security either by growing your passwords or shrinking your wallets. There's some ideal inflection point in there somewhere...)

There are opportunity costs to cracking passwords in all other scenarios too, they're just harder to observe. ie, whenever it's cheaper to bribe one of your employees than crack their password, then, congrats, your passwords are officially "secure" (even if your business isn't).


this is not cracking, the guy has brainwallets and told all the clues to get into to them.


For generating memorable passphrases with high entropy, I like the "diceware" system:

http://world.std.com/~reinhold/diceware.html

Use it to generate the one password that you use for unlocking your password manager, where all of your randomly generated passwords are kept.

Since most people don't do that, this post makes me think that my idle CloudCracker cycles spent mining BTC would actually be better spent mining brainwallets. =)


I thought you meant Andrew "Dice" Clay so that it makes a phrase like Hickory Dickory Dock...


Funny, I made one of these with D&D dice. Is it considered crypto-kosher?


There are many ways such little cash bonuses can be left 'in the blockchain' for people to discover. Imagine a video/podcast which offers various obscured glimpses of a private key's QR code... the first viewer to freeze-frame and stitch-together collects the prize.

Or imagine any other riddles/puzzles with a solution space resistant to brute-force search. The prize for the first solver can be left in the blockchain, with a private key derived from the solution.

After 'easter eggs' (in real life or software), these could be called 'eggcoins'. (I find a prior use of that term related to a geocached souvenir coin.)


Fantastic idea actually. Comments on this page are fascinating.

This too: "The fourth address was robbed in 7 hours"..."I did not tell anyone about my test"! LOL, nuts.


Basically people scan brainwallets for weak passwords. Kinda obvious but still food for thought.


I wonder what the best convention for generating secure brainwallets is. They seem much more prone to dictionary attacks if you're not careful. Is inventing words and nonsensical phrases the norm?


Using a brain wallet in any form is reckless. You're better off storing your private key on paper or using SSSS[0].

[0]: http://point-at-infinity.org/ssss/


Well, for one thing, don't use just one round of SHA-256. Or more generally: don't use the same algorithm as everyone else. Chain together different hash functions, and/or run them more than once.


Dang it, I was hoping this didn't make it on HN :) I've been working on this for a few days!

Currently I'm porting SHA256, RIPEMD160, and ECDSA key pair generation to CUDA. ECDSA is giving me some trouble though...


Why Nvidia (CUDA)? It it the only hardware you have access to?

If you have access to AMD graphics cards, you should have written your code in OpenCL to target this hardware. Nvidia cards are a lot slower per $ and per Watt than AMD ones when running SHA256/RIPEMD160/ECDSA. That is why vanitygen was done in OpenCL.


> Why Nvidia (CUDA)? It it the only hardware you have access to?

Yep. Also, learning CUDA would be a benefit for my graduate research, so it's not a complete loss :)


Nice work, and good luck!


If you follow best practice and generate a new address for each tranaction, brainwallets don't scale. At least not until https://en.bitcoin.it/wiki/BIP_0032 is implemented.

One bitcoin is a lot of money (about $40). He created five wallets, so he's giving away $200. That's not a trivial amount of money for such a test.


It's not a "best practice", it's only something you should to if you want to remain as anonymous as possible.

It's perfectly acceptable to use only one address if you don't care much about anonymity.


One more private address was just brute-forced, and coins were moved: https://blockchain.info/address/1ECM1W1ZWtWDvTm3yWYWJA9mKn4D...

3 out of 5 remain to be found :)


I actually modified a Bitcoin address tool to generate brain wallets in python specifically for brute forcing week brains.

https://github.com/willwharton/pybrainwallet


"Hack my bitcoins and keep them"

So, everyone with bitcoins is always running this contest?


If you'd like to use a mnemonic (a nice long sentence) but need some extra gibberish to prevent it being easily guessed, you can try this :

http://eksith.com/experiments/passwordencoder/

Basically takes the first letter of every word in your sentence and adds its position in the alphabet (plus rotate if you like).

If the sentence you choose is sufficiently unique, the password will also be harder to crack.


Since the last half of the password is partially determined by the first half, this doesn't add much additional entropy (an attacker only has to guess your phrase, and which options you've selected).

In practice this may help in a security through obscurity way, but now your method is public.


It's been public since 2008 :)

This may work better for me since I've used phrases from out-of-print books and some are latinized phrases in Sinhalese. I prefer to use random passwords that I can add to a master file that's PGP encrypted, but in the absence of that, I can tailor this to a site and add character rotation.


    phrases from out-of-print books
Less secure now that there's massive book scanning going on.



[deleted]


Wrong thread.


Oh. Now I see. You meant the literal meaning of what you said. I completely overlooked that until just now. Sorry.

Yep, I posted in the wrong thread, I apologize.


I was expecting a twist in the plot. :)


What do you mean?


openssl rand -base64 50 ;-)




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: