Cryptology ePrint Archive: Report 2016/103

Speed Optimizations in Bitcoin Key Recovery Attacks

Nicolas Courtois and Guangyan Song and Ryan Castellucci

Abstract: In this paper we study and give the first detailed benchmarks on existing implementations of the secp256k1 elliptic curve used by at least hundreds of thousands of users in Bitcoin and other cryptocurrencies. Our implementation improves the state of the art by a factor of 2.5, with focus on the cases where side channel attacks are not a concern and a large quantity of RAM is available. As a result, we are able to scan the Bitcoin blockchain for weak keys faster than any previous implementation. We also give some examples of passwords which have we have cracked, showing that brain wallets are not secure in practice even for quite complex passwords.

Category / Keywords: implementation / Bitcoin, Elliptic Curve Cryptosystem, Cryptocurrency, Brain wallet

Date: received 8 Feb 2016, last revised 7 May 2016

Contact author: g song at cs ucl ac uk

Available format(s): PDF | BibTeX Citation

Note: updated related work including more recent work in this area. Added a list of students name who helped finding new password in appendix.

Version: 20160507:124557 (All versions of this report)

Short URL: ia.cr/2016/103

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]