Bsidescbr18 Hacking Bitcoin Slides
Bsidescbr18 Hacking Bitcoin Slides
Bsidescbr18 Hacking Bitcoin Slides
Bitcoin Addresses
Michael McKinnon - @bigmac
This talk is ONLY about Bitcoin
Bro, wanna buy some #sheepcoin?
2
I won’t be outing Satoshi
#whoissatoshi
3
I’m not a Lawyer,
This is not legal advice.
Just because something is technically
possible doesn’t mean it isn’t stealing…
4
https://bit.ly/2HjT7aq
5
Bitcoin Addresses 101
16ga2uqnF1NqpAuQeeg7sTCAdtDUwDyJav
3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy
bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq
6
Bitcoin Addresses 101
16ga2uqnF1NqpAuQeeg7sTCAdtDUwDyJav
Generated offline.
7
Bitcoin Addresses 101
Never includes 0,O,I,l
16ga2uqnF1NqpAuQeeg7sTCAdtDUwDyJav
Base58Check decode…
3e546d0acc0de5aa3d66d7a920900ecbc66c20314648aa13
( Hash160 + Checksum )
8
Hash 160 | blockchain.info
9
Address =
RIPEMD160(SHA256(Public Key))
Private
Public Key
Bitcoin Elliptic Key
Address
04B568858A407A8721923B89DF Curve
9963D30013639AC690CCE5F555 Function
3e546d0acc0de5aa3d6
529B77B83CBFC76950F90BE717
6d7a920900ecbc66c2031 E38A3ECE1F5558F40179F8C950
2DECA11183BB3A3AEA797736A6
10
y2 = x 3 + 7
Magic stuff happens!
11
secp256k1
12
“y2 = x3 + 7”
“G”
“n”
13
Just pick a number
between 1 and …
115,792,089,237,316,195,423,570,985,008,687,907,852,
837,564,279,074,904,382,605,163,141,518,161,494,337.
78 digits long.
115 quattuorvigintillion!
14
So, it’s “just” 256-bits…
Challenge Accepted!
15
https://lbc.cryptoguru.org/
16
Other than brute-forcing the
key space, what else?
17
Introducing
“Brain Wallets”
18
“password”
SHA256(“password”)
5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
As a Bitcoin address?
16ga2uqnF1NqpAuQeeg7sTCAdtDUwDyJav
19
The address for “password”
has been used 45,010 times!
20
Okay, time to build.
a.k.a Designing the Bitcoin Death-ray.
21
Bitcoin
Passwords Other
Server
Lists stuff?
(bitcoin core)
generate deterministic
parse blk*.dat files
addresses
(rusty-blockparser)
(btcthumper, file2addr)
Results
23
91.8%
junk
1,018
other
24
“Passwords” Found
kkkkkkkkkkkkkkkk - 0.005 BTC
12EMX7CANb7iGu4SMb3MTEg3oZ6Trz1gUF
25
Numbers?
0 … n
Results
26
Number Results!
27
Birthdates?
Results
28
Birthdates Found
28081967 - 0.005 BTC
1DEihiioBnxj9EMG8A97vDTXZurzQusCQw
29
Epoch?
Results
30
What else?
https://pastebin.com/jCDFcESz
31
Block hashes?
Oh no, he’s about to mention “blockchain”…
000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f
Results
500,000 addresses
Method 1 “String”: found 0
Method 2 “Binary”: found 0
Method 3 “Double SHA256”: found 0
32
Other Experiments…
33
Oops…?
34
Other Weaknesses?
(time permitting)
35
Public Key Collision?
36
Much Randomness
java.util.Random()
37
ECDSA Exposure
http://www.nilsschneider.net/2013/01/28/
recovering-bitcoin-private-keys.html
38
Take Aways
- Problem applies to many other cryptocurrencies
39
Such a waste…
40
Thank You!