Post
Topic
Board Development & Technical Discussion
Re: Pollard's kangaroo ECDLP solver
by
paniker
on 29/03/2022, 07:42:07 UTC
I found a method to find any private key within 2^255 bit space. Is that new?

Can you tells us more about it?))

Absolutely, so it seems that the amount of valid public x-coords is exactly half the amount of private keys.
So as the theory is any key in the full range (1-115792089237316195423570985008687907852837564279074904382605163141518161494336 ~2^256) either it is less than half (57896044618658097711785492504343953926418782139537452191302581570759080747168) or has the same x coordinate as one that does (above 57896044618658097711785492504343953926418782139537452191302581570759080747169).

I have a mathematical function to find the resulting twin on either side.
I really do like the work that has been done here on the Kangaroo software so I will provide my python function for reference of finding said twin so long as you know 1 of 2 private keys you will know both.

~2^255 is still a very large number.
In the case of uncompressed keys you still have to compute the y coord after but it is trivial.
(using the bit library for python as the function is not intensive)

from bit import Key
import secrets
def twin(i, pubhex):
    max = 115792089237316195423570985008687907852837564279074904382605163141518161494336
    if len(pubhex) == 66:
        publichex = str(pubhex)[2:66]
        if i < 57896044618658097711785492504343953926418782139537452191302581570759080747169:
            twin = max - (i-1)
            if str(pubhex)[:2] == '02':
                twinprefix = '03'
                return [twin,f'{twinprefix}{publichex}']
            elif str(pubhex)[:2] == '03':
                twinprefix = '02'
                return [twin, f'{twinprefix}{publichex}']
        elif i > 57896044618658097711785492504343953926418782139537452191302581570759080747168:
            twin = 1 + (max-i)
            if str(pubhex)[:2] == '02':
                twinprefix = '03'
                return [twin,f'{twinprefix}{publichex}']
            elif str(pubhex)[:2] == '03':
                twinprefix = '02'
                return [twin,f'{twinprefix}{publichex}']
    elif len(pubhex) == 130:
        publichex = str(pubhex)[2:66]
        if i < 57896044618658097711785492504343953926418782139537452191302581570759080747169:
            twin = max - (i-1)
            return [twin,f'uncomp,{publichex}']
        elif i > 57896044618658097711785492504343953926418782139537452191302581570759080747168:
            twin = 1 + (max-i)
            return [twin, f'uncomp,{publichex}']

max = 115792089237316195423570985008687907852837564279074904382605163141518161494336
for x in range(100):
    q = secrets.randbelow(max)
    k = Key.from_int(x)
    t = twin(x,k.pub_to_hex())
    pt = t[0]
    ptpub = Key.from_int(pt).pub_to_hex()
    print(t[1],ptpub)

'''
# Or you can do this
for x in range(1000):
    x = secrets.randbelow(max)
    k = Key.from_int(x)
    t = twin(x,k.pub_to_hex())
    pt = t[0]
    ptpub = Key.from_int(pt).pub_to_hex()
    assert t[1] == ptpub
'''

'''
# for uncompressed
for x in range(100000):
    x = secrets.randbelow(max)
    k = Key.from_int(x)
    k._public_key = k._pk.public_key.format(compressed=False)
    t = twin(x,k.pub_to_hex())
    pt = Key.from_int(t[0])
    # this next line is not nessicary as we format the response without the leading '04'
    pt._public_key = pt._pk.public_key.format(compressed=False)
    ptpub = pt.pub_to_hex()
    assert t[1] == f'uncomp,{str(ptpub)[2:66]}'
'''


Hi still not understand how it works and whats doing, donot understand big numbers, not all of them