Skip to content

TheBes3rdsGroup/Breaking-ECDSA-with-secp256k1

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Meet-in-the-middle attack for ECDSA

This Python script implements a meet-in-the-middle attack for the Elliptic Curve Digital Signature Algorithm (ECDSA). The attack is designed to determine the secret key used in ECDSA given the corresponding public key.

How it works

The meet-in-the-middle attack works by dividing the public key into two subkeys, and then trying all possible values for each subkey. The values for the first subkey are hashed and stored in a dictionary, and the values for the second subkey are checked against the dictionary to see if a match is found. If a match is found, the full secret key is computed by concatenating the two subkeys and hashing the resulting value. If the hash of the full secret key is equal to the given public key, the attack is successful and the secret key has been found.

How to use

To use the script, you will need to have Python installed on your system. You will also need to install the hashlib library, which can be done using the following command:

pip install hashlib

Once you have Python and the hashlib library installed, you can run the script by specifying the public key in script:

python break.py 

If the attack is successful, the script will print the secret key to the console and save it to a file named secret.txt.

Implementation

To implement the script, the following libraries are used: +hashlib: This library is used to compute the hashes of the values of s1 and s2 and the full secret key.

Let Talk About Fact Here

The likelihood of the script being able to determine the secret key using a meet-in-the-middle attack depends on the strength of the cryptographic algorithm being used and the length of the secret key.

In the case of ECDSA, which is being used in the script, the security of the algorithm is based on the difficulty of the Elliptic Curve Discrete Logarithm Problem (ECDLP). The ECDLP is considered to be a hard problem, and there is no known efficient algorithm for solving it. As a result, ECDSA is generally considered to be a secure algorithm for digital signatures.

However, the security of ECDSA can be compromised if the secret key is not sufficiently long. If the secret key is too short, it may be possible for an attacker to use a brute-force attack to try all possible keys until the correct one is found. In general, it is recommended to use a secret key of at least 256 bits to ensure adequate security.

Given the length of the secret key in the script (which is not specified), it is difficult to say with certainty whether the script will be able to determine the secret key. However, if the secret key is sufficiently long and the ECDSA algorithm is being used correctly, it is unlikely that the script will be able to determine the secret key using a meet-in-the-middle attack.

It is also worth noting that the script provided is intended for educational purposes only, and should not be used for actual cryptographic applications. In practice, there are more efficient and secure ways of implementing ECDSA and other cryptographic algorithms, and it is important to use established libraries and protocols whenever possible to ensure the security of your systems.

Note

As mentioned earlier, this script is intended for educational purposes only, and should not be used for actual cryptographic applications. In practice, there are more efficient and secure ways of implementing ECDSA and other cryptographic algorithms, and it is important to use established libraries and protocols whenever possible to ensure the security of your systems.

Another WOw!FACT

It is theoretically possible to use the script provided to try to determine the secret key of an ECDSA signature using a public key, as long as the public key is known. However, the likelihood of the script being able to successfully determine the secret key depends on the strength of the cryptographic algorithm being used and the length of the secret key.

In the case of secp256k1, which is a specific curve used with ECDSA, the security of the algorithm is based on the difficulty of the Elliptic Curve Discrete Logarithm Problem (ECDLP). The ECDLP is considered to be a hard problem, and there is no known efficient algorithm for solving it. As a result, secp256k1 is generally considered to be a secure curve for use with ECDSA.

However, the security of secp256k1 can be compromised if the secret key is not sufficiently long. If the secret key is too short, it may be possible for an attacker to use a brute-force attack to try all possible keys until the correct one is found. In general, it is recommended to use a secret key of at least 256 bits to ensure adequate security.

Given the length of the secret key being used (which is not specified in the script), it is difficult to say with certainty whether the script will be able to determine the secret key using a meet-in-the-middle attack. However, if the secret key is sufficiently long and the ECDSA algorithm is being used correctly, it is unlikely that the script will be able to determine the secret key.

It is also worth noting that the script provided is intended for educational purposes only, and should not be used for actual cryptographic applications. In practice, there are more efficient and secure ways of implementing ECDSA and other cryptographic algorithms, and it is important.

breakV2.py

breakV2.py is the optimized version of the script provided, the time.sleep(0.3) function is called to sleep for a short period of time (0.3 seconds) whenever the CPU usage exceeds the desired limit (70% in this case). This allows the script to use only a specified percentage of the available processing power, which can help to prevent the script from overloading the system and allow it to run indefinitely.

The script will wake up and continue execution as soon as the time.sleep function returns, which will be after the specified sleep duration (0.3 seconds in this case) has elapsed. The script will then check the CPU usage again and sleep again if necessary, until the CPU usage falls below the desired limit.

It is worth noting that the sleep duration (0.3 seconds in this case) is chosen arbitrarily, and can be adjusted to achieve the desired level of CPU usage. A shorter sleep duration will result in the script using more of the available processing power, while a longer sleep duration will result in the script using less of the available processing power. You can change the seconds later

pip install psutil

We welcome contributions to this project! Here are a few ways you can help:

Thank you for your support!

Donation are Welcome

If you found this repository useful and would like to contribute, you can donate using the following addresses:

BTC: 3KnkSh1v3x9DReLrdNFM6bWD1wCbhiDgdx
BCH: qzyrt0pvaejfexj3ynq88pv4r2hrxlt54s0pll4kps

Any amount is greatly appreciated!

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%