SHA-3-Hashing-Algorithmus - Bergbau, ASIC ... - Bitcoin

QuarkCoin Cryptocurrency

Quark is a decentralized digital monetary system. It facilitates sending Quarks to Friends, Family Members Online Payments free of charges and charge-backs. Military Grade Encryption. No Bank or Government Control. Quark coins are based on the original idea of Bitcoin but improved, more secure, faster transaction times and zero fees. With improvements to design and security. There is also a greater coin supply with higher block rewards for miners. Quark is fully Open Source.
[link]

Boolberry

Advanced Anonymity
[link]

How are Ethereum addresses created?

This says that an Ethereum address is basically a Keccak-256 (SHA-3) with some truncation, basically 20 bytes.
https://cryptoticker.io/en/ethereum-addresses-generation/
Bitcoin by comparison has this nice article: https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
I also found the EIP for checksum addresses, but that of course needs an address to be constructed first: https://eips.ethereum.org/EIPS/eip-55
submitted by Zamicol to ethdev [link] [comments]

Waltonchain adds GNU General Public License details to code - BUT does the code contain this?

Waltonchain adds GNU General Public License details to code - BUT does the code contain this?
Dear Crypto community,
Yesterday we saw Waltonchain release their Open Source code which resulted in huge criticism regarding the oversight of removing the original copyright to the original codebase, Ethereum Go, on which it is based.
Following this, the team have now updated the code to show the original copyright:
Image from Github
Source: https://github.com/WaltonChain/WaltonChain_Gwtc_Src/blob/mastep2p/rlpx.go?utm_source=share&utm_medium=ios_app
Github: https://github.com/WaltonChain?tab=repositories

I'd like to say thank you to the community for having such strong opinion on this matter, and for all the subreddit admins that assisted in creating clarity toward this. As a global community we should hold every blockchain up to the same standards, and I am grateful that this was shown in regard to the GNU General Public License.

Now that the issue is resolved, and since Waltonchain is currently a hot topic, I implore all the coders and devs out there to delve deep into the code to see exactly what Waltonchain have released. Not just the modification to the eth codebase, but the additional code. What does the code allow?

What we've been told as a community is that the Waltonchain source code has changes that allows for:
  • Security - DASH X11 - Most cryptographic algorithms used in cryptocurrencies use only one hash function for calculation. There are 11 of them in X11, which provides a higher degree of protection against hackers and scams. Waltonchain has customised the DASH X11 hashing algorithm to fit their purpose.
  • More secure than Bitcoin. The Bitcoin algorithm is SHA-256 is based on a previous secure hash algorithm family of standards, namely SHA-2, the hash functions within the X11 algorithm all successfully made it into the second-round in search for a new, more secure standard — SHA-3. Keccak, the function which won the competition and is therefore the new standard on which SHA-3 is based on, can at the very least be considered more secure that SHA-256.
  • Efficiency — Waltonchain have produced ASICs with the equivalent hashing power of 200GPUs (32–40kW) whilst using only 135W, thus helping the parent chain become decentralised
  • PoS aspect works in tandem with PoW, in that it adds a reduced difficulty based on number of coins held and time between blocks. Effectively the longer coins are held and the longer the time between blocks, the lower the difficulty for mining blocks. This again enhances the power efficiency of the network in its entirety.
  • Fast cross-chain searching via Proof of Labour —PoL enables hash values or indices from sub-chains (child chains) to be synced with the parent chain in a ‘cross chain index mechanism’ to enable fast searches for data via the parent chain.
  • Scalibility — Unlimited scalibility due to child chains; each CC is an independent blockchain (or DAG) using its own consensus mechanism (PoS, PoA, PoW, PoeT, etc) and can store data within itself. The parent chain by nature therefore cannot become bloated.
  • Atomic Swaps — PoL by nature ensures a record of every inter-chain transaction is held, and allows the function of atomic swaps between currencies.

Also to note is that the code has been audited by Knownsec, the same company that audited projects like HPB and NANO.

Lets have an open dialogue and talk about these features of the code - but firstly, do they exist? Hopefully people will approach this with the same enthusiasm as they did yesterday.

EDIT 1st June: A user on the Waltonchain sub has done an analysis which by the looks of it, disproves the initial assessment by many of the 'blockchain experts' in cc that have said the open source code is simply a copy and paste . https://www.reddit.com/waltonchain/comments/bveqea/changeset_goethereum_v171_to_gwtc_v110/
It is interesting to see just how much people love to hate Waltonchain that they spread misinformation either intentionally, or unintentionally, and that it gets the most attention out of any announcement.

For reference:
Block explorer: www.Waltonchain.pro (all wallets, mining wallet, documentation etc is available via that link)
submitted by Yayowam to CryptoCurrency [link] [comments]

CODE FUD: Resolved.

Dear Waltonchain community,
Yesterday we saw Waltonchain release their Open Source code which resulted in huge criticism regarding the oversight of removing the original copyright to the original codebase, Ethereum Go, on which it is based.
Following this, the team have now updated the code to show the original copyright:
Source: https://github.com/WaltonChain/WaltonChain_Gwtc_Src/blob/mastep2p/rlpx.go?utm_source=share&utm_medium=ios_app
Github: https://github.com/WaltonChain?tab=repositories

I'd like to say thank you to the community for having such strong opinion on this matter, and for all the subreddit admins that assisted in creating clarity toward this. As a global community we should hold every blockchain up to the same standards, and I am grateful that this was shown in regard to the GNU General Public License.

Now that the issue is resolved, and since Waltonchain is currently a hot topic, I implore all the coders and devs out there to delve deep into the code to see exactly what Waltonchain have released. Not just the modification to the eth codebase, but the additional code. What does the code allow?

What we've been told as a community is that the Waltonchain source code has changes that allows for:

Also to note is that the code has been audited by Knownsec, the same company that audited projects like HPB and NANO.

Lets have an open dialogue and talk about these features of the code - but firstly, do they exist? Hopefully people will approach this with the same enthusiasm as they did yesterday.

For reference:
Block explorer: www.Waltonchain.pro (all wallets, mining wallet, documentation etc is available via that link)
submitted by Yayowam to waltonchain [link] [comments]

IOTA and Tangle discussion/info, scam or not?

In the past weeks I heard a lot pros and cons about IOTA, many of them I believe were not true (I'll explain better). I would like to start a serious discussion about IOTA and help people to get into it. Before that I'll contribute with what I know, most things that I will say will have a source link providing some base content.
 
The pros and cons that I heard a lot is listed below, I'll discuss the items marked with *.
Pros
Cons
 

Scalability

Many users claim that the network infinitely scales, that with more transactions on the network the faster it gets. This is not entirely true, that's why we are seeing the network getting congested (pending transactions) at the moment (12/2017).
The network is composed by full-nodes (stores all transactions), each full-node is capable of sending transactions direct to the tangle. An arbitrary user can set a light-node (do not store all transactions, therefore a reduced size), but as it does not stores all transactions and can't decide if there are conflicting transactions (and other stuff) it needs to connect to a full-node (bitifinex node for example) and then request for the full-node to send a transaction to the tangle. The full-node acts like a bridge for a light-node user, the quantity of transactions at the same time that a full-node can push to the tangle is limited by its brandwidth.
What happens at the moment is that there are few full-nodes, but more important than that is: the majority of users are connected to the same full-node basically. The full-node which is being used can't handle all the requested transactions by the light-nodes because of its brandwidth. If you are a light-node user and is experiencing slow transactions you need to manually select other node to get a better performance. Also, you need to verify that the minimum weight magnitude (difficulty of the Hashcash Proof of Work) is set to 14 at least.
The network seems to be fine and it scales, but the steps an user has to make/know are not friendly-user at all. It's necessary to understand that the technology envolved is relative new and still in early development. Do not buy iota if you haven't read about the technology, there is a high chance of you losing your tokens because of various reasons and it will be your own fault. You can learn more about how IOTA works here.
There are some upcoming solutions that will bring the user-experience to a new level, The UCL Wallet (expected to be released at this month, will talk about that soon and how it will help the network) and the Nelson CarrIOTA (this week) besides the official implementations to come in december.
 

Centralization

We all know that currently (2017) IOTA depends on the coordinator because the network is still in its infancy and because of that it is considered centralized by the majority of users.
The coordinator are several full-nodes scattered across the world run by the IOTA foundation. It creates periodic Milestones (zero value transactions which reference valid transactions) which are validated by the entire network. The coordinator sets the general direction for the tangle growth. Every node verifies that the coordinator is not breaking consensus rules by creating iotas out of thin air or approving double-spendings, nodes only tells other nodes about transactions that are valid, if the Coordinator starts issuing bad Milestones, nodes will reject them.
The coordinator is optional since summer 2017, you can choose not implement it in your full-node, any talented programmer could replace Coo logic in IRI with Random Walk Monte Carlo logic and go without its milestones right now. A new kind of distributed coordinator is about to come and then, for the last, its completely removal. You can read more about the coordinator here and here.

Mining-Blockchain-based Cryptocurrencies

These are blockchain-based cryptocurrencies (Bitcoin) that has miners to guarantee its security. Satoshi Nakamoto states several times in the Bitcoin whitepaper that "The system is secure as long as honest nodes collectively control more CPU power than any cooperating group of attacker nodes". We can see in Blockchain.info that nowadays half of the total hashpower in Bitcoin is controlled by 3 companies (maybe only 1 in the future?). Users must trust that these companies will behave honestly and will not use its 50%> hashpower to attack the network eventually. With all that said it's reasonable to consider the IOTA network more decentralized (even with the coordinator) than any mining-blockchain-based cryptocurrency
You can see a comparison between DAG cryptocurrencies here
 

IOTA partnerships

Some partnerships of IOTA foundation with big companies were well known even when they were not officialy published. Some few examples of confirmed partnerships are listed below, others cofirmed partnerships can be seem in the link Partnerships with big companies at the pros section.
So what's up with all alarming in social media about IOTA Foundation faking partnerships with big companies like Microsoft and Cisco?
At Nov. 28th IOTA Foundation announced the Data Marketplace with 30+ companies participating. Basically it's a place for any entity sell data (huge applications, therefore many companies interested), at time of writing (11/12/2017) there is no API for common users, only companies in touch with IOTA Foundation can test it.
A quote from Omkar Naik (Microsoft worker) depicted on the Data Marketplace blog post gave an idea that Microsoft was in a direct partnership with IOTA. Several news websites started writing headlines "Microsoft and IOTA launches" (The same news site claimed latter that IOTA lied about partnership with Microsoft) when instead Microsoft was just one of the many participants of the Data Marketplace. Even though it's not a direct partnership, IOTA and Microsoft are in close touch as seen in IOTA Microsoft and Bosch meetup december 12th, Microsoft IOTA meetup in Paris 14th and Microsoft Azure adds 5 new Blockchain partners (may 2016). If you join the IOTA Slack channel you'll find out that there are many others big companies in close touch with IOTA like BMW, Tesla and other companies. This means that right now there are devs of IOTA working directly with scientists of these companies to help them integrate IOTA on their developments even though there is no direct partnership published, I'll talk more about the use cases soon.
We are excited to partner with IOTA foundation and proud to be associated with its new data marketplace initiative... - Omkar Naik
 

IOTA's use cases

Every cryptocurrency is capable of being a way to exchange goods, you pay for something using the coin token and receive the product. Some of them are more popular or have faster transactions or anonymity while others offers better scalablity or user-friendness. But none of them (except IOTA) are capable of transactioning information with no costs (fee-less transactions), in an securely form (MAM) and being sure that the network will not be harmed when it gets more adopted (scales). These characteristics open the gates for several real world applications, you probably might have heard of Big Data and how data is so important nowadays.
Data sets grow rapidly - in part because they are increasingly gathered by cheap and numerous information-sensing Internet of things devices such as mobile devices, aerial (remote sensing), software logs, cameras, microphones, radio-frequency identification (RFID) readers and wireless sensor networks.
 
It’s just the beginning of the data period. Data is going to be so important for human life in the future. So we are now just starting. We are a big data company, but compared to tomorrow, we are nothing. - Jack Ma (Alibaba)
There are enormous quantities of wasted data, often over 99% is lost to the void, that could potentially contain extremely valuable information if allowed to flow freely in data streams that create an open and decentralized data lake that is accessible to any compensating party. Some of the biggest corporations of the world are purely digital like Google, Facebook and Amazon. Data/information market will be huge in the future and that's why there so many companies interested in what IOTA can offer.
There are several real world use cases being developed at the moment, many of them if successful will revolutionize the world. You can check below a list of some of them.
Extra
These are just few examples, there are a lot more ongoing and to explore.
 

IOTA Wallet (v2.5.4 below)

For those who have read a lot about IOTA and know how it works the wallet is fine, but that's not the case for most users. Issues an user might face if decide to use the current wallet:
Problems that could be easily avoided with a better understand of the network/wallet or with a better wallet that could handle these issues. As I explained before, some problems during the "congestion" of the network could be simply resolved if stuff were more user-friendly, this causes many users storing their iotas on exchanges which is not safe either.
The upcoming (dec 2017) UCL Wallet will solve most of these problems. It will switch between nodes automatically and auto-reattach transactions for example (besides other things). You can have full a overview of it here and here. Also, the upcoming Nelson CarrIOTA will help on automatic peer discovery for users setup their nodes more easily.
 

IOTA Vulnerability issue

On sept 7th 2017 a team from MIT reported a cryptographic issue on the hash function Curl. You can see the full response of IOTA members below.
Funds were never in danger as such scenarios depicted on the Neha's blogpost were not pratically possible and the arguments used on the blogpost had'nt fundamentals, all the history you can check by yourself on the responses. Later it was discovered that the whole Neha Narula's team were envolved in other concurrent cryptocurrency projects
Currently IOTA uses the relatively hardware intensive NIST standard SHA-3/Keccak for crucial operations for maximal security. Curl is continuously being audited by more cryptographers and security experts. Recenlty IOTA Foundation hired Cybercrypt, the world leading lightweight cryptography and security company from Denmark to take the Curl cryptography to its next maturation phase.
 
It took me a couple of days to gather the informations presented, I wanted it to make easier for people who want to get into it. It might probably have some mistakes so please correct me if I said something wrong. Here are some useful links for the community.
This is my IOTA donation address, in case someone wants to donate I will be very thankful. I truly believe in this project's potential.
I9YGQVMWDYZBLHGKMTLBTAFBIQHGLYGSAGLJEZIV9OKWZSHIYRDSDPQQLTIEQEUSYZWUGGFHGQJLVYKOBWAYPTTGCX
 
This is a donation address, if you want to do the same you might pay attention to some important details:
  • Create a seed for only donation purposes.
  • Generate a address and publish it for everyone.
  • If you spend any iota you must attach a new address to the tangle and refresh your donation address published before to everyone.
  • If someone sends iota to your previous donation address after you have spent from it you will probably lose the funds that were sent to that specific address.
  • You can visualize how addresses work in IOTA here and here.
This happens because IOTA uses Winternitz one-time signature to become quantum resistent. Every time you spend iota from a address, part of the private key of that specific address is revealed. This makes easier for attackers to steal that address balance. Attackers can search if an address has been reused on the tangle explorer and try to brute force the private key since they already know part of it.
submitted by mvictordbz to CryptoCurrency [link] [comments]

Surae's (me) end-of-November (2017!) update.

You can check it out on the forums here. Here's a copypasta:
Surae's End of November (2017!) Update
Hello, everyone! Sarang posted his update a few days ago to give the community time to review his work before the end of the month. I was hoping to finish multisig off before the end of this month... so I held off on writing this update until then... but it looks like I'm somewhere between 2 days and a week behind on that estimate.
MRL Announcements
Meetings. We are holding weekly meetings on Mondays at 17:00 UTC. Logs are to be posted on my github soon(tm). Usually we alternate between "office hours" and "research meetings." At office hours, we want members of the community to come in and be able to ask questions, so we are considering opening up a relay to the freenode channel during office hours times, unless things get out of hand.
POW-Difficulty Replacement Contest. Some time in December, I am going to formalize an FFS "idea" to open up a multiple-round contest for possible replacements for our proof of work game. The first round would have a 3- or 6-month deadline. Personally, I would love it if this FFS could have an unbounded reward amount. If the community is extremely generous, we could easily whip up a large enough reward to spur lots and lots of interest across the world.
The Bitcoin POW game uses SHA256 to find nonces that produce hashes with sufficiently small digests according to the Bitcoin difficulty metric. Our current POW game uses CryptoNight to find nonces that produce hashes with sufficiently small digests according to the CryptoNote difficulty metric. The winner need not be proof of work. My current thoughts are roughly this:
All submissions will be public. Submissions that minimize incentives for centralized mining (or maximize disincentives) will be preferred over submissions that do not. Submissions that are elegant will be preferred over submissions that are not. Submissions that have provable claims about desirable properties will be preferred over submissions that do not (e.g. for either the Bitcoin or the Monero POW games, the necessary and sufficient network conditions for these games to produce blocks in a Poisson process have not been identified, to my understanding). Submissions that have a smaller environmental impact will be preferred over submissions that have a larger impact. And so on. I would like as many ideas as possible about a judging rubric for the first round. Especially if a large amount of money will be put up as a prize.
The details of the next round would be announced along with the winners of the first round. The reward funds should be released when a set of judges agree on a winner. MRL and Monero Core should each have representation on the panel of judges, and there ought to be at least one independent judge not directly associated with the Monero Project, like Peter Todd, Tim Ruffing, or someone along those lines. But, again, this is just an idea. If the community doesn't like it, we can drop it.
Here is a rundown for November
Multisig. Almost done. I know, I know, it's been forever. We, as a community, have recently come to see how important it is to carefully and formally ensure the correctness of our schemes before proceeding. Multisig is a delicate thing because a naively implemented multisig can reveal information about the participants.
I'm finishing vetting key creation today, finishing signatures tomorrow and the next day. Then I'm passing the result off to moneromooo and luigi to ensure that my description of their code is accurate up to their understanding. Then onto Sarang for final reviews before submission, hopefully by the end of the month. I have my life until Sunday evening blocked off to finish this. A copy of the document will be made available to the community ASAP (an older version is on my github), after more checking and writing is completed.
This whitepaper on multisig will be broken into two papers: one will be intended for peer review describing multi-ring signatures, and one will be a Monero Standard. More about that later...
RTRS RingCT column-linkability and amortization. You may say "what? I thought we were putting RTRS RingCT on the back burner?" Well, I'm still think ing about amortization of signatures. I'm thinking it will be possible (although perhaps not feasible) for miners to include amortized signatures upon finding new blocks. This would allow users to cite an amortized signature for fast verification, but has some possible drawbacks. But more exciting, I'm also chatting with Tim Ruffing, one of the authors on the RTRS RingCT papers: he thinks he has a solution to our "linkability by columns" problem with MLSAG and RingCT. Currently we try to avoid using more than one ring signature per recipient. This avoids linking distinct outputs based on bundling of these ring signatures. Ruffing believes RTRS RingCT can be tweaked to prove several commitments in a vector of commitments; this would allow a single RTRS RingCT to be computed and checked for each output being spent.
Once all the details are checked, I'll write up a document and make a copy of it available to the community. If it works, of course.
Consequences of bulletproofs. In my last end-of-month update I hinted at issues with an exponential space-time trade-off in RTRS RingCT. Due to the speed and space savings with bulletproofs, it may now be feasible to implement RTRS RingCT. With improved verification time savings with bulletproofs we can relax our requirements for verification times for signatures. This will allow the slightly longer verification times of RTRS RingCT to be counter-acted. Solving the problem "what ring sizes can we really get away with?" involves some modeling and solving some linear programming problems (linear programming, or linear optimization, is an anachronistically named area of applied mathematics involved with optimizing logistic problems... see here for more information).
Hence, we will be inserting bulletproofs into Monero with low friction, and then we will look into the logistics of moving to RTRS RingCT.
Monero Standards. Right now, we don't have a comprehensive list of how Monero works, all the various primitives and how they all fit together. Sarang and I have begun working on some Monero Standards that are similar to the original Cryptonote Standards (see here for more information). For each standard, from our hash function on upward, we will describe the standard, provide a justification for Monero's choices in those standards (complete with references), as well as a list of possible replacement standards. For example, our Monero RingCT Standard should describe the RingCT scheme described by shen, which is essentially a ring signature with linear combinations of signing keys + amount commitments. Under the "possible replacements" section, we would describe both the RTRS RingCT scheme and the doubly efficient zk-snark technology as two separate options.
These standards may take awhile to complete, and will be living documents as we change the protocol over the years. In the meantime, it will make it dramatically easier for future researchers to step into MRL and pick up where previous researchers have left off.
Hierarchical view keys. Exploiting the algebra we currently use for computing one-time keys, the sub-address scheme plays with view keys in a certain way, allowing a user to have one single view key for many wallets. Similarly, we may split a view key into several shares, where each subset of shares can be used to grant partial view access to the wallet. A receiver can request that a sender use a particular basepoint in their transaction key where different subsets of shares of the view key grant access to transactions with different basepoints in their transaction keys. None of these are protocol-level observations, they are wallet-level observations. Moreover, these require only that a receiver optionally specify a basepoint.
In other words: hierarchical view keys are a latent feature of our one-time address scheme that has not seen specific development yet. It's a rather low priority compared to the other projects under development; it grants users fine-grained control over their legal compliance, but Monero Standards will have great long-term impact on development and research at Monero.
Criticisms. Monero has suffered some recent criticisms about our hash function. I want to briefly address them.
First, I believe part of the criticism came from a confusion between Keccak3, SHA-3, and Keccak: we have never claimed to use SHA-3 as our hash function, we have only used the Keccak3 hash function, which is a legacy choice inherited from the original CryptoNote reference code. Many developers confuse the two, but Keccak3 was the hash function on which SHA-3 is based. In particular, the Keccak sponge construction can be used to fashion lots and lots of primitives, all of which could fairly be called "Keccak:" both Keccak3 and SHA-3 are Keccak constructions. This may be a subtle nomenclature issue, but it's important because a good portion of our criticisms say "Hey, they aren't using SHA-3!"
Second, I believe part of the criticism also comes from our choice of library, which in my opinion isn't a big deal as long as the library does what it says on the tin. In this case, our hash function is a valid implementation of Keccak3 according to the Keccak3 documentation. The most important criticism, from my point of view, is our choice of pre-SHA-3 Keccak3 as our hash function. Keccak3 underwent lots of analysis during the SHA contest, and Keccak3 is a well-vetted hash funtion. However, it has not been chosen as an international standard. There is a sentiment in the cryptocurrency community to distrust standards, which is probably a healthy sentiment. In this case, however, it means that our choice of hash function is not likely to be supported in common, well-vetted libraries in the future. Moreover, since SHA-3 is an international standard, it shall be undergoing heavy stress testing over the coming decades, a benefit Keccak3 shall not enjoy.
Last month, after some discussions, we made changes to our choice of PRNG in Monero to match the PRNG for Bitcoin. There has since been some discussions instantiated by anonimal about this choice of PRNG. We at MRL are doing our best to assist the core team in weighing the relative costs and benefits of switching to a library like crypto++, and so we believe these criticisms fall into the same category. We intend to address these issues and make formal recommendations in the aforementioned Monero Standards. Sorry for using the word aforementioned.
Things that didn't move much include a) educational outreach, b) SPECTRE, c) anti-ASIC roadmap, d) refund transactions. Most of which was on hold to complete multisig.
As far as educational outreach, I contacted a few members of a few math/cs depts at universities around me, but I haven't gotten anything hopeful yet. I wanted to go local (with respect to me) to make it easier to organize, but that's looking less likely. No matter how enthusiastic of a department we find, garnering participation from faculty members, beginning an application process for new students, squirelling up funding, working out logistics of getting teachers or lecturers/speakers from point A to point B, where to stash students, etc would be a challenge to finish before, say, July. And some schools start their fall semesters in mid-August. So I'm thinking that Summer 2019 is reasonable as the first Monero Summer School... and would be a real fun way to finish off a two-year post-doc!
December plan. I am going to finish multisig, and then finish the zk-lit review with Jeffrey Quesnelle, since these are both slam dunks. Any other time in December I have will be devoted to a) looking into the logistics of using the bulletproofs + RTRS RingCT set-up, b) reading the new zk-stark paper and assessing its importance for Monero, c) beginning work on Monero Standards, which includes addressing our hash function criticisms, our PRNG, etc.
Thank you again! This is an incredible opportunity, and this community is filled with some smart cookies. Every day is a challenge, and I couldn't ask for a more fun thing to be doing with my life right now. I'm hoping that my work ends up making Monero better for you.
submitted by snoether to Monero [link] [comments]

I decided to post this here as I saw some questions on the QRL discord.

Is elliptic curve cryptography quantum resistant?
No. Using a quantum computer, Shor's algorithm can be used to break Elliptic Curve Digital Signature Algorithm (ECDSA). Meaning: they can derive the private key from the public key. So if they got your public key, they got your private key, and they can empty your funds. https://en.wikipedia.org/wiki/Elliptic-curve_cryptography#Quantum_computing_attacks https://eprint.iacr.org/2017/598.pdf
Why do people say that BTC is quantum resistant, while they use elliptic curve cryptography? (Here comes the idea from that never reusing a private key from elliptic curve cryptography (and public key since they form a pair) would be quantum resistant.)
Ok, just gonna start with the basics here. Your address, where you have your coins stalled, is locked by your public- private key pair. See it as your e-mail address (public key) and your password (Private key). Many people got your email address, but only you have your password. If you got your address and your password, then you can access your mail and send emails (Transactions). Now if there would be a quantum computer, people could use that to calculate your password/ private key, if they have your email address/ public key.
What is the case with BTC: they don't show your public key anywhere, untill you make a transaction. So your public key is private untill you make a transaction. How do they do that while your funds must be registered on the ledger? Wel, they only show the Hash of your public key (A hash is an outcome of an equation. Usually one-way hash functions are used, where you can not derive the original input from the output. But everytime you use the same hash function on the same original input (For example IFUHE8392ISHF), you will always get the same output (For example G). That way you can have your coins on public key IFUHE8392ISHF, while on the chain, they are on G.) So your funds are registered on the blockchain on the "Hash" of the public key. The Hash of the public key is also your "email address" in this case. So you give "G" as your address to send BTC to.
By the way, in the early days you could use your actual public key as your address. And miners would receive coins on their public key, not on the hashed public key. That is why all the Satoshi funds are vulnerable to quantum attacks even though these addresses have never been used to make transactions from. These public keys are already public instead of hashed. Also certain hard forks have exposed the public keys of unused addresses. So it's really a false sense of security that most people hang on to in the first place.
But it's actually a false sense of security over all.
Since it is impossible to derive a public key from the Hash of a public key, your coins are safe for quantum computers as long as you don't make any transaction. Now here follows the biggest misconseption: Pretty much everyone will think, great, so BTC is quantum secure! It's not that simple. Here it is important to understand two things:
1 How is a transaction sent? The owner has the private key and the public key and uses that to log into the secured environment, the wallet. This can be online or offline. Once he is in his wallet, he states how much he wants to send and to what address.
When he sends the transaction, it will be broadcasted to the blockchain network. But before the actual transaction that will be sent, it is formed into a package, created by the wallet. This happens out of sight of the sender.
That package ends up carrying roughly the following info: The public key to point to the address where the funds will be coming from, the amount that will be transferred, the public key of the address the funds will be transferred to.
Then this package caries the most important thing: a signature, created by the wallet, derived from the private- public key combination. This signature proves to the miners that you are the rightfull owner and you can send funds from that public key.
So this package is then sent out of the secure wallet environment to multiple nodes. The nodes don’t need to trust the sender or establish the sender’s "identity." And because the transaction is signed and contains no confidential information, private keys, or credentials, it can be publicly broadcast using any underlying network transport that is convenient. As long as the transaction can reach a node that will propagate it into the network, it doesn’t matter how it is transported to the first node.
2 How is a transaction confirmed/ fullfilled and registered on the blockchain?
After the transaction is sent to the network, it is ready to be processed. The nodes have a bundle of transactions to verify and register on the next block. This is done during a period called the block time. In the case of BTC that is 10 minutes.
If you comprehend the information written above, you can see that there are two moments where you can actually see the public key, while the transaction is not fullfilled and registered on the blockchain yet.
1: during the time the transaction is sent from the sender to the nodes
2: during the time the nodes verify the transaction.
This paper describes how you could hijack a transaction and make a new transaction of your own, using someone elses address to send his coins to an address you own during moment 2: the time the nodes verify the transaction:
https://arxiv.org/pdf/1710.10377.pdf
"(Unprocessed transactions) After a transaction has been broadcast to the network, but before it is placed on the blockchain it is at risk from a quantum attack. If the secret key can be derived from the broadcast public key before the transaction is placed on the blockchain, then an attacker could use this secret key to broadcast a new transaction from the same address to his own address. If the attacker then ensures that this new transaction is placed on the blockchain first, then he can effectively steal all the bitcoin behind the original address."
So this means that practically, you can't call BTC a quantum secure blockchain. Because as soon as you will touch your coins and use them for payment, or send them to another address, you will have to make a transaction and you risk a quantum attack.
Why would Nexus be any differtent?
If you ask the wrong person they will tell you "Nexus uses a combination of the Skein and Keccak algorithms which are the 2 recognized quantum resistant algorithms (keccal is used by the NSA) so instead of sha-256, Nexus has SK-1024 making it much harder to break." Which would be the same as saying BTC is quantum resistant because they use a Hashing function to hash the private key as long as no transaction is made.
No, this is their sollid try to be quantum resistant: Nexus states it's different because they have instant transactions (So there wouldn't be a period during which time the nodes verify the transaction. This period would be instant.) Also they use a particular order in which the miners verify transactions: First-In-First-Out (FIFO) (So even if instant is not instant after all, and you would be able to catch a public key and derive the private key, you would n't be able to have your transaction signed before the original one. The original one is first in line, and will therefore be confirmed first. Also for some reason Nexus has standardized fees which are burned after a transaction. So if FIFO wouldn't do the trick you would not be able to use a higher fee to get prioritized and get an earlyer confirmation.
So, during during the time the nodes verify the transaction, you would not be able to hijack a transaction. GREAT, you say? Yes, great-ish. Because there is still moment # 1: during the time the transaction is sent from the sender to the nodes. This is where network based attacks could do the trick:
There are network based attacks that can be used to delay or prevent transactions to reach nodes. In the mean time the transactions can be hijacked before they reach the nodes. And thus one could hijack the non quantum secure public keys (they are openly included in sent signed transactions) who then can be used to derive privatekeys before the original transaction is made. So this means that even if Nexus has instant transactions in FIFO order, it is totally useless, because the public key would be obtained by the attacker before they reach the nodes. Conclusion: Nexus is Nnot quantum resistant. You simply can't be without using a post quantum signature scheme.
Performing a DDoS attack or BGP routing attacks or NSA Quantum Insert attacks on a peer to peer newtork would be hard. But when provided with an opportunitiy to steal billions, hackers would find a way. For example:
https://bitcoinmagazine.com/articles/researchers-explore-eclipse-attacks-ethereum-blockchain/
For BTC:
https://eprint.iacr.org/2015/263.pdf
"An eclipse attack is a network-level attack on a blockchain, where an attacker essentially takes control of the peer-to-peer network, obscuring a node’s view of the blockchain."
That is exactly the receipe for what you would need to create extra time to find public keys and derive private keys from them. Then you could sign transactions of your own and confirm them before the originals do.
By the way, yes this seems to be fixed now, but it most definately shows it's possible. And there are other creative options. Either you stop tranasctions from the base to get out, while the sender thinks they're sent, or you blind the network and catch transactions there. There are always options, and they will be exploited when billions are at stake. The keys can also be hijacked when a transaction is sent from the users device to the blockchain network using a MITM attack. The result is the same as for network based attacks, only now you don't mess with the network itself. These attacks make it possible to 1) retrieve the original public key that is included in the transaction message. 2) Stop or delay the transaction message to arrive at the blockchain network. So, using a quantum computer, you could hijack transactions and create forged transactions, which you then send to the nodes to be confirmed before the nodes even receive the original transaction. There is nothing you could change to the Nexus network to prevent this. The only thing they can do is implement a quantum resistant signature scheme. They plan to do this in the future, like any other serious blockchain project. Yet Nexus is the only of these future quantum resistant projects to prematurely claim to be quantum resistant. There is only one way to get quantum resistancy: POST QUANTUM SIGNATURE SCHEMES. All the rest is just a shitty shortcut that won't work in the end.
(If you use this info on BTC, you will find that the 10 minutes blocktime that is used to estimate when BTC will be vulnerable for quantum attacks, can actually be more then 10 minutes if you catch the public key before the nodes receive them. This makes BTC vulnerable sooner thatn the 10 min blocktime would make you think.)
By the way, Nexus using FIFO and standadrized fees which are burned after the transaction comes with some huge downsides:
Why are WOTS+ signatures (and by extension XMSS) more quantum resistant?
First of all, this is where the top notch mathematicians work their magic. Cryptography is mostly maths. As Jackalyst puts it talking about post quantum signature schemes: "Having papers written and cryptographers review and discuss it to nauseating levels might not be important for butler, but it's really important with signature schemes and other cryptocraphic methods, as they're highly technical in nature."
If you don't believe in math, think about Einstein using math predicting things most coudldn't even emagine, let alone measure back then.
Then there is implementing it the right way into your blockchain without leaving any backdoors open.
So why is WOTS+ and by extension XMSS quantum resistant? Because math papers say so. With WOTS it would even take a quantum computer too much time to derive a private key from a public key. https://en.wikipedia.org/wiki/Hash-based_cryptography https://eprint.iacr.org/2011/484.pdf
What is WOTS+?
It's basiclally an optimized version of Lamport-signatures. WOTS+ (Winternitz one-time signature) is a hash-based, post-quantum signature scheme. So it's a post quantum signature scheme meant to be used once.
What are the risks of WOTS+?
Because each WOTS publishes some part of the private key, they rapidly become less secure as more signatures created by the same public/private key are published. The first signature won't have enough info to work with, but after two or three signatures you will be in trouble.
IOTA uses WOTS. Here's what the people over at the cryptography subreddit have to say about that:
https://www.reddit.com/crypto/comments/84c4ni/iota_signatures_private_keys_and_address_reuse/?utm_content=comments&utm_medium=user&utm_source=reddit&utm_name=u_QRCollector
With the article:
http://blog.lekkertech.net/blog/2018/03/07/iota-signatures/
Mochimo uses WOTS+. They kinda solved the problem: A transaction consists of a "Source Address", a "Destination Address" and a "Change Address". When you transact to a Destination Address, any remaining funds in your Source Address will move to the Change Address. To transact again, your Change Address then becomes your Source Address.
But what if someone already has your first address and is unaware of the fact you already send funds from that address? He might just send funds there. (I mean in a business environment this would make Mochimo highly impractical.) They need to solve that. Who knows, it's still a young project. But then again, for some reason they also use FIFO and fixed fees, so there I have the same objections as for Nexus.
How is XMSS different?
XMSS uses WOTS in a way that you can actually reuse your address. WOTS creates a quantum resistant one time signature and XMSS creates a tree of those signatures attached to one address so that the address can be reused for sending an asset.
submitted by QRCollector to QRL [link] [comments]

DD on Crypto. Just kidding Allin AMD

Alright, I keep seeing you fucks talk about how "Bitcoin is going to make Nvidia/AMD go to the moon". I'm going to walk all you fucks through bitcoin, crypto currencies, and how they effect the GPU market.
What is Bitcoin?
Bitcoin is a decentralized ledger. That's pretty much it. A set number of bitcoin is generated per block, and each block is solved when a resulting hash is found for the corresponding proof of work. The difficulty is adjusted periodically based on a formula, meaning that as hash rate rises and falls, the number of bitcoins produced per day is roughly the same.
What does Bitcoin have to do with AMD and Nvidia?
Fucking nothing. Bitcoin is mined on proprietary hardware called Application-specific Integrated Circuits (ASICs). Neither AMD or Nvidia produce these.
Why does everyone keep talking about Bitcoin and AMD then?
Because they're fucking retarded and you're listening to retards. Bitcoin runs on the SHA-256 Hashing Function which people have custom hardware for. The Crypto driving GPU sales is ETHEREUM, NOT BITCOIN
What the fuck is Ethereum then?
Don't worry about it. It's for smug assholes who are too edgy for Bitcoin. All you need to know is it runs on a different Hashing function than Bitcoin, so if you weren't a retard you'd probably realize that the proprietary hardware I talked about earlier won't work with it. Currently Ethereum is being mined the same way Bitcoin was when it first started; on GPUs.
When are you going to tell me what to buy
Shut the fuck up, learn something or kill your self.
How many GPUs are being used to mine currently?
Currently the Ethereum Hash Rate is 73,000 GH/s. For upcoming earnings, we should instead look at the period from April to June. April 1st shows a network hash rate of 16,500 GH/s, and June 31st shows 59,200 GH/s, meaning the network hash rate increased by 42,700 GH/s for this upcoming earnings report quarter.
I've linked a decent benchmark for GPU hashrate . You should notice that all of these are quoted in MH/s, versus the Network reporting in GH/s; there are ALOT of fucking GPUs running on the network. A top of the line 1080 puts out about 20-25 MH/s, a good Radeon card does about 30. As a rough estimate, lets assume that the average card mining Ethereum currently produces about 25 MH/s. 42,700GH/s / 25MH/s means that there are 1.7 MILLION more GPUs currently mining ethereum than there were at the beginning of Q1. Based on my personal observations being involved in this, AMD is actually taking a majority market share of the sold cards just due to their superior performance compared to Nvidia's 1080s, and I'd estimate that About 50-60% of the cards currently mining Ethereum are AMD Radeons.
What does this all mean?
AMD are selling their highest margin video cards faster than they can produce them, and at ~250$ a pop with 50%-60% market capture AMD will have sold roughly 200-300 million dollars more in video cards than they did last quarter. AMD quarterly revenue last reported was just under 1 Billion. This is a 20-30% increase in revenue from last quarter, where Ethereum Hash Rate only increased by about 10,000GH/s. Even assuming a modest 30% margin for their video cards, AMD will still have almost 60 million in unexpected earnings this quarter due to crypto mining, which translates to about .06-.1 per share in earnings.
tl;dr
Ethereum will make AMD beat revenue by 20-30%. BUY AMD YOU CUCKS.
submitted by Askmeaboutmyautism to wallstreetbets [link] [comments]

Nutz and Boltz for computing Tezos ICO private keys for Betanet?

I'm tired of the lip service posting concerning some mythical software wallet that will convert one's ICO seed words, email address and account password into private Tezzie keys. There should be nothing mystical about the Tezos ICO key synthesis process. Can someone kindly point me to a few test vectors and details so I can independently code something that will make the conversion to double check results from other wallets as they emerge? I plan on using open source libbitcoin secp256k1, monero ed25519, and Keccak tools and code to make such a conversion. Who knows, I might even add pertinent details to update this important libbitcoin Wiki Table and provide a complementary https://github.com/libbitcoin/libbitcoin/wiki/Altcoin-Version-Mappings#7-bitcoin-btc-bip-3944-technology-examples example for Tezos.
submitted by greatskaht to tezos [link] [comments]

X11 Algorithm Explained

X11 Algorithm Explained

The X11 algorithm is a proof-of-work hashing function that was developed by Evan Duffield and implemented into the Darkcoin protocol in 2014, later renamed to DASH. X11 was developed and selected by Duffield as the algorithm of choice because of the inherent resistance that it had at the time to Application-Specific Integrated Circuits, or better known as, ASICs.
The notion by the Darkcoin development team was such that, a more complex proof-of-work algorithm would substantially increase the length of time for an ASIC capable of efficiently mining the X11 algorithm to be developed. In the meantime, hobbyists who could only mine with CPUs and GPUs would remain competitive when it came to producing blocks and securing a block reward.

How The X11 Algorithms Works

X11 works by combing 11 individual hash functions (hence the number 11 in X11) into one algorithm. When a value is submitted, the first function produces a hash which is then submitted to the following function to produce another hash. The X11 algorithm is comprised of the following hash functions:
To illustrate how the algorithm works at a high level, when a value is submitted to the BLAKE function, it produces a hash value; this value is then submitted to the BMW function, which then produces another value; this process repeats until the very last function.
All of the algorithms above were entered into the US National Institute of Standards and Technology (NIST) open competition in order to develop a new hash function, SHA-3, that was more secure than the previous generations: SHA-1 and SHA-2. Of the 64 algorithms that were entered into the competition, all the X11 hash functions were accepted as first-round candidates. Of the 14 second-round candidates, all the X11 algorithms were once again accepted, with the only following functions making it into the final 5: BLAKE, Grøstl, JH, Keccak and Skein. Keccak would then be the function to win the competition.
In short, the involvement of these functions in what was a 5-year long competition, speaks to their security and credibility.

Advantage & Disadvantage of The X11 Algorithm

One advantage of the X11 algorithm includes:
Arguably more secure than Bitcoin – Where SHA-256 is based on a previous secure hash algorithm family of standards, namely SHA-2, the hash functions within the X11 algorithm all successfully made it into the second-round in search for a new, more secure standard, i.e. SHA-3. Keccak, the function which won the competition and is therefore the new standard on which SHA-3 is based on, can at the very least be considered more secure that SHA-256.
Conversely, one current disadvantage of the X11 algorithm is:
No longer AISC-resistant – As previously mentioned, the X11 algorithm was designed to be ASIC-resistant due to its additional complexity. However, since its inception in 2014, ASICs capable of mining the X11 algorithm have been developed. The net result of this is, hobbyists with CPUs and GPUS are put at a competitive disadvantage with regards to producing new blocks and receiving a block reward for their efforts.

Conclusion

To conclude, X11 is an algorithm that contains 11 individual hash functions. It was formerly developed by Evan Duffield and implemented into the Darkcoin, now DASH, protocol.
It is arguably more secure than Bitcoin, due to the hash function used within it being based on the latest hash algorithm family of standards, SHA-3. However, its initial purpose of being ASIC-resistant has since failed as there are now ASICs capable of efficiently mining the algorithm.
Additional algorithms have been developed that include more than 11 individual hashing algorithms, these include: X13, X14, X15 and X17. The number of hash functions within the algorithm can be determined by the number that appears after the ‘X’. For example, in the algorithm X17, there will be 17 individual hash functions contained within it.
Additional information on X11 algorithm can be found in the DASH whitepaper.
More information on the SHA-3 competition can be found on the official NIST website.
submitted by nuka_mussinov to u/nuka_mussinov [link] [comments]

X11 Algorithm Explained

X11 Algorithm Explained
The X11 algorithm is a proof-of-work hashing function that was developed by Evan Duffield and implemented into the Darkcoin protocol in 2014, later renamed to DASH. X11 was developed and selected by Duffield as the algorithm of choice because of the inherent resistance that it had at the time to Application-Specific Integrated Circuits, or better known as, ASICs.
The notion by the Darkcoin development team was such that, a more complex proof-of-work algorithm would substantially increase the length of time for an ASIC capable of efficiently mining the X11 algorithm to be developed. In the meantime, hobbyists who could only mine with CPUs and GPUs would remain competitive when it came to producing blocks and securing a block reward.

How The X11 Algorithms Works

X11 works by combing 11 individual hash functions (hence the number 11 in X11) into one algorithm. When a value is submitted, the first function produces a hash which is then submitted to the following function to produce another hash. The X11 algorithm is comprised of the following hash functions:
To illustrate how the algorithm works at a high level, when a value is submitted to the BLAKE function, it produces a hash value; this value is then submitted to the BMW function, which then produces another value; this process repeats until the very last function.
All of the algorithms above were entered into the US National Institute of Standards and Technology (NIST) open competition in order to develop a new hash function, SHA-3, that was more secure than the previous generations: SHA-1 and SHA-2. Of the 64 algorithms that were entered into the competition, all the X11 hash functions were accepted as first-round candidates. Of the 14 second-round candidates, all the X11 algorithms were once again accepted, with the only following functions making it into the final 5: BLAKE, Grøstl, JH, Keccak and Skein. Keccak would then be the function to win the competition.
In short, the involvement of these functions in what was a 5-year long competition, speaks to their security and credibility.

Advantage & Disadvantage of The X11 Algorithm

One advantage of the X11 algorithm includes:
Arguably more secure than Bitcoin – Where SHA-256 is based on a previous secure hash algorithm family of standards, namely SHA-2, the hash functions within the X11 algorithm all successfully made it into the second-round in search for a new, more secure standard, i.e. SHA-3. Keccak, the function which won the competition and is therefore the new standard on which SHA-3 is based on, can at the very least be considered more secure that SHA-256.
Conversely, one current disadvantage of the X11 algorithm is:
No longer AISC-resistant – As previously mentioned, the X11 algorithm was designed to be ASIC-resistant due to its additional complexity. However, since its inception in 2014, ASICs capable of mining the X11 algorithm have been developed. The net result of this is, hobbyists with CPUs and GPUS are put at a competitive disadvantage with regards to producing new blocks and receiving a block reward for their efforts.

Conclusion

To conclude, X11 is an algorithm that contains 11 individual hash functions. It was formerly developed by Evan Duffield and implemented into the Darkcoin, now DASH, protocol.
It is arguably more secure than Bitcoin, due to the hash function used within it being based on the latest hash algorithm family of standards, SHA-3. However, its initial purpose of being ASIC-resistant has since failed as there are now ASICs capable of efficiently mining the algorithm.
Additional algorithms have been developed that include more than 11 individual hashing algorithms, these include: X13, X14, X15 and X17. The number of hash functions within the algorithm can be determined by the number that appears after the ‘X’. For example, in the algorithm X17, there will be 17 individual hash functions contained within it.
Additional information on X11 algorithm can be found in the DASH whitepaper.
More information on the SHA-3 competition can be found on the official NIST website.
submitted by astkova to u/astkova [link] [comments]

MaxCoin Specifications. Important

Quick Technicals
Cryptography Tech Spec
MaxCoin uses the Keccak (SHA-3) hashing algorithm for its Proof-of-Work. Keccak was selected as an alternative to the NSA designed SHA256 after a 5-year long competition held by the NIST and will be seen increasingly as the algorithm used in banking and other secure applications. A single round of Keccak is used, resulting in a 256 bit hash.
We have also implemented a provably-secure signing algorithm, EC-Schnorr. Every existing cryptocurrency uses the ECDSA algorithm, as chosen by Satoshi; whilst ECDSA is in common use and is secure, EC-Schnorr is provably more secure and is currently being recommended over it (https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report/at_download/fullReport). Additionally, MaxCoin changes the elliptic curve utilised within the signing algorithms from a Koblitz curve, secp256k1, to a more secure psuedo-random one, secp256r1. The use of the latter curve is recommended almost universally - and the decision by Satoshi to use the former is one that is often queried in the Bitcoin world. One theory is that there are some speed advantages to using the Koblitz curve, but, the implementation used in Bitcoin (OpenSSL) does not make use of this optimisation and, thus, the result is reduced-security.
The cryptography choices within MaxCoin have been made to maximise security and, where possible, to minimise NSA influence. We have been advised throughout by the renowed cryptography expert Professor Nigel Smart (https://en.wikipedia.org/wiki/Nigel_Smart_(cryptographer)).
These changes also lay the foundation for some key features we're aiming to implement in MaxCoin over the coming months, so while they may currently appear uninteresting changes they pave the way for our future growth.
What do you mean by "Starting Algorithm"?
This is an issue of hardware miner resistance, such as ASICs. Keccak is the starting algorithm for MaxCoin and at this point in time no hardware miner currently exists. However, creating a Keccak ASIC is not impossible. Therefore, in order to protect against a hardware-miner future we are going to implement an "ASIC protection" feature into MaxCoin. This will work by allowing the blockchain to decide a new hashing algorithm for MaxCoin every x blocks. More specifically, the last authenticated transaction's hash is used to determine an integer and depending on this value an algorithm will be selected. This will mean hardware miners will find it difficult to create hardware in enough time to see profitable return. Purely for example, these could be:
x Algorithm 0 Keccak 1 Blake 2 Grostlx2 3 JH 4 Skein 5 Blake2 6 JH(Grostl) 7 Keccak+Blake
Difficulty & Distribution
MaxCoin will have a zero % premine, proven by the timestamps of the first blocks in a block explorer, and we have attempted to combat low-difficulty instamining with a fast retarget rate up until block 200. At block 200 the Kimoto Gravity Well implementation will take over the retargeting.
Mining is done via CPU at release (mining guides about to be released also on this subreddit), but a GPU miner will not be far away. We've seen some versions in the works already after we released CPUminer yesterday, and while we have not yet seen a working version, this is very unlikely to take long. We'll update all official channels with Keccak GPU miner once it is available. It's also worth noting that any GPU miner created will not work after the first algorithm switch takes place.
submitted by maxcoinproject to maxcoinproject [link] [comments]

[Kali 17.1] JtR support for pkzip dropped?

Hi all, I'm just trying my hand on the okcupid challenge (view source of okcupid.com). It includes four encrypted zip files. I wanted to try the easy way first and use john, but it seems on Kali 17.1 JtR does not support the pkzip format anymore?
[email protected]:~# john --list=formats 
descrypt, bsdicrypt, md5crypt, bcrypt, scrypt, LM, AFS, tripcode, dummy, dynamic_n, bfegg, dmd5, dominosec, dominosec8, EPI, Fortigate, FormSpring, has-160, hdaa, ipb2, krb4, krb5, KeePass, MSCHAPv2, mschapv2-naive, mysql, nethalflm, netlm, netlmv2, netntlm, netntlm-naive, netntlmv2, md5ns, NT, osc, PHPS, po, skey, SybaseASE, xsha, xsha512, agilekeychain, aix-ssha1, aix-ssha256, aix-ssha512, asa-md5, Bitcoin, Blackberry-ES10, WoWSRP, Blockchain, chap, Clipperz, cloudkeychain, cq, CRC32, sha1crypt, sha256crypt, sha512crypt, Citrix_NS10, dahua, Django, django-scrypt, dmg, dragonfly3-32, dragonfly3-64, dragonfly4-32, dragonfly4-64, Drupal7, eCryptfs, EFS, eigrp, EncFS, EPiServer, fde, gost, gpg, HAVAL-128-4, HAVAL-256-3, HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, HMAC-SHA512, hMailServer, hsrp, IKE, keychain, keyring, keystore, known_hosts, krb5-18, krb5pa-sha1, kwallet, lp, lotus5, lotus85, LUKS, MD2, md4-gen, mdc2, MediaWiki, MongoDB, Mozilla, mscash, mscash2, krb5pa-md5, mssql, mssql05, mssql12, mysql-sha1, mysqlna, net-md5, net-sha1, nk, nsldap, o5logon, ODF, Office, oldoffice, OpenBSD-SoftRAID, openssl-enc, oracle, oracle11, Oracle12C, Panama, pbkdf2-hmac-md5, PBKDF2-HMAC-SHA1, PBKDF2-HMAC-SHA256, PBKDF2-HMAC-SHA512, PDF, PFX, phpass, pix-md5, plaintext, pomelo, postgres, PST, PuTTY, pwsafe, RACF, RAdmin, RAKP, rar, RAR5, Raw-SHA512, Raw-Blake2, Raw-Keccak, Raw-Keccak-256, Raw-MD4, Raw-MD5, Raw-SHA1, Raw-SHA1-Linkedin, Raw-SHA224, Raw-SHA256, Raw-SHA256-ng, Raw-SHA3, Raw-SHA384, Raw-SHA512-ng, Raw-SHA, Raw-MD5u, ripemd-128, ripemd-160, rsvp, Siemens-S7, Salted-SHA1, SSHA512, sapb, sapg, saph, 7z, sha1-gen, Raw-SHA1-ng, SIP, skein-256, skein-512, aix-smd5, Snefru-128, Snefru-256, LastPass, SSH, SSH-ng, Stribog-256, Stribog-512, STRIP, SunMD5, sxc, Sybase-PROP, tcp-md5, Tiger, tc_aes_xts, tc_ripemd160, tc_sha512, tc_whirlpool, VNC, vtp, wbb3, whirlpool, whirlpool0, whirlpool1, wpapsk, ZIP, NT-old, crypt
Am I missing something? Thanks!
submitted by mrquisda to AskNetsec [link] [comments]

Cryptography and the future of single-crypto coins verse multi-crypto coins

BitCoin, currently the world's largest decentralized digital currency, has made headlines throughout the world. With market values of over $1,000 per coin, it has become a valuable commodity to invest in. Many individuals, though, do not understand basic underpinnings of Bitcoin, and all altcoins (a term used to describe other digital currencies) as it applies to cryptography.
BitCoin is based on a cryptographic hash function called SHA-256, which is a subset of SHA-2. SHA-2 was created by the US National Security Agency (NSA) in 2001.[1] Currently, it is one of the most secure and most widely used cryptographic functions in the world.
While SHA-2 has proven it's strength over the years, it's not without it's weaknesses. Like most cryptoalgorithms, it is susceptible to birthday attacks, collisions, and man-in-the-middle attacks. While SHA-2 is still sufficient despite these possible weaknesses, it is difficult to say what the future holds for SHA-2. If the basic concept of a currency can be seen to be undermined at any point in the future, how can said currency maintain long-term value?
Enter Quark (QRK). Quark is a distributed, non-centralized currency much like BitCoin, but several key differences. This article will focus solely on the cryptographic changes. Quark employes not one cryptographic function, but a combination of six functions: blake, bmw, grøstl, jh, keccak, skein. These are the six finalists of the NIST hash function competition which ended in October 2012. [2] While I won't go into specific detail on each cryptographic algorithm here, I'll explain why these multiple algorithms help Quark in the long-run.
As previously mentioned BitCoin (and other digital currencies) are based on one cryptographic algorithm, leaving them open to possible attacks in the future. While BitCoin users have discussed the possibility of shifting cryptos in the future [3], it is not a guaranteed option, and could cause instability with the BitCoin value. With the market booming with ASIC and FPGA mining hardware, there are more opportunities for individuals to turn their hardware power into attacking SHA-2 mechanisms to simply destroy the BitCoin value.
With multi-layer multi-hash algorithms such as the ones Quark employes, it makes it extremely difficult to break down the entire structure. Even if a weakness is found in one – or even more – of the cryptographic algorithms that Quark employes, it doesn't destroy the entire structure, due to the “avalanche” affect of cryptoalgorithms.
Multi-tiered cryptoalgorithms provide the optimal basis for a currency to stand the test of time. Not only does it provide much more durability and security than single-hash functions, it extremely limits the abilities of ASIC miners to disrupt the mining market, making mining viable for “entry-level” and “mid-level” miners to still make it worth their time and computing power.
Resources: [1] http://en.wikipedia.org/wiki/SHA-2 [2] http://en.wikipedia.org/wiki/NIST_hash_function_competition [3] https://bitcointalk.org/index.php?topic=191.msg1585#msg1585
EDIT: 11:31 CST, 12/16/13 ... Fixed known typos.
submitted by mechman991 to QuarkCoin [link] [comments]

İphone Mining Yapma 2 Dakikada - YouTube Minergate Silent Miner v1 0 Hashing Algorithms and Security - Computerphile - YouTube

Keccak is a family of cryptographic sponge functions and is designed as an alternative to SHA-256 – An algorithm used by Bitcoin and various other crypto currencies. Compared to SHA-256, Keccak (SHA-3) is much faster and is more secure. If you are looking for Keccak Whitepaper then head to this link. SHA-3 (Keccak) – алгоритм хеширования переменной разрядности, разработанный группой во главе с Йоаном Дайменом в 2012 году. 5 августа 2015 года алгоритм утверждён и опубликован в качестве стандарта FIPS 202. SHA-3 (Secure Hash Algorithm Versione 3), chiamato anche Keccak, è unidirezionale funzione per la generazione di stampe digitali della lunghezza selezionata (lo standard accetta 224, 256, 384 o 512 bit) da dati di input di qualsiasi dimensione, sviluppato da un gruppo di autori guidato da Yoan Dimen... SHA-3 (Secure Hash Algorithm Version 3), auch Keccak genannt, ist eine unidirektionale Funktion zum Erzeugen digitaler Ausdrucke der ausgewählten Länge (der Standard akzeptiert 224, 256, 384 oder 512 Bit) aus Eingabedaten beliebiger Größe, die von a entwickelt werden Gruppe von Autoren, die 2008 von Yoan Dimen geleitet und 2015 als neuer FIPS-Standard angenommen wurde. SHA-3 ("'Keccak"') adalah algoritma variabel-bit hashing dikembangkan oleh sebuah kelompok yang dipimpin oleh Joan Dimen pada tahun 2012. Pada 5 Agustus 2015, algoritma ini disetujui dan diterbitkan sebagai FIPS 202 standar. Algoritma Sha-3 berdasarkan prinsip dari kriptografi spons. Daftar isi. 1 Riwayat; 2 Keterangan algoritm; 3 Tahap menyerap; 4 Lihat juga di BitcoinWiki; Riwayat . Pada ...

[index] [9843] [25876] [27831] [7369] [1802] [19145] [4380] [24296] [8448] [2812]

İphone Mining Yapma 2 Dakikada - YouTube

mining bitcoin http://www.wow-professions.com/ day mining ada coin mining act mining apush mining accumulator mining bitcoin cash http://www.wowhead.com/item... This video is unavailable. Watch Queue Queue Audible free book: http://www.audible.com/computerphile Hashing Algorithms are used to ensure file authenticity, but how secure are they and why do they keep...

#