5
0
mirror of https://github.com/cwinfo/yggdrasil-go.git synced 2024-11-22 14:10:28 +00:00

Merge pull request #416 from fifteenthcommotion/yggdrasil-brute-simple

contribute decently fast yggdrasil address generator in C
This commit is contained in:
Neil Alexander 2019-05-18 12:28:49 +01:00 committed by GitHub
commit 5b09b45572
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 455 additions and 0 deletions

View File

@ -0,0 +1,150 @@
This software is released into the public domain. As such, it can be
used under the Unlicense or CC0 public domain dedications.
The Unlicense
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
of the public at large and to the detriment of our heirs and
successors. We intend this dedication to be an overt act of
relinquishment in perpetuity of all present and future rights to this
software under copyright law.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
For more information, please refer to <http://unlicense.org/>
CC0 1.0 Universal
Statement of Purpose
The laws of most jurisdictions throughout the world automatically confer
exclusive Copyright and Related Rights (defined below) upon the creator and
subsequent owner(s) (each and all, an "owner") of an original work of
authorship and/or a database (each, a "Work").
Certain owners wish to permanently relinquish those rights to a Work for the
purpose of contributing to a commons of creative, cultural and scientific
works ("Commons") that the public can reliably and without fear of later
claims of infringement build upon, modify, incorporate in other works, reuse
and redistribute as freely as possible in any form whatsoever and for any
purposes, including without limitation commercial purposes. These owners may
contribute to the Commons to promote the ideal of a free culture and the
further production of creative, cultural and scientific works, or to gain
reputation or greater distribution for their Work in part through the use and
efforts of others.
For these and/or other purposes and motivations, and without any expectation
of additional consideration or compensation, the person associating CC0 with a
Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
and publicly distribute the Work under its terms, with knowledge of his or her
Copyright and Related Rights in the Work and the meaning and intended legal
effect of CC0 on those rights.
1. Copyright and Related Rights. A Work made available under CC0 may be
protected by copyright and related or neighboring rights ("Copyright and
Related Rights"). Copyright and Related Rights include, but are not limited
to, the following:
i. the right to reproduce, adapt, distribute, perform, display, communicate,
and translate a Work;
ii. moral rights retained by the original author(s) and/or performer(s);
iii. publicity and privacy rights pertaining to a person's image or likeness
depicted in a Work;
iv. rights protecting against unfair competition in regards to a Work,
subject to the limitations in paragraph 4(a), below;
v. rights protecting the extraction, dissemination, use and reuse of data in
a Work;
vi. database rights (such as those arising under Directive 96/9/EC of the
European Parliament and of the Council of 11 March 1996 on the legal
protection of databases, and under any national implementation thereof,
including any amended or successor version of such directive); and
vii. other similar, equivalent or corresponding rights throughout the world
based on applicable law or treaty, and any national implementations thereof.
2. Waiver. To the greatest extent permitted by, but not in contravention of,
applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
and Related Rights and associated claims and causes of action, whether now
known or unknown (including existing as well as future claims and causes of
action), in the Work (i) in all territories worldwide, (ii) for the maximum
duration provided by applicable law or treaty (including future time
extensions), (iii) in any current or future medium and for any number of
copies, and (iv) for any purpose whatsoever, including without limitation
commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
the Waiver for the benefit of each member of the public at large and to the
detriment of Affirmer's heirs and successors, fully intending that such Waiver
shall not be subject to revocation, rescission, cancellation, termination, or
any other legal or equitable action to disrupt the quiet enjoyment of the Work
by the public as contemplated by Affirmer's express Statement of Purpose.
3. Public License Fallback. Should any part of the Waiver for any reason be
judged legally invalid or ineffective under applicable law, then the Waiver
shall be preserved to the maximum extent permitted taking into account
Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
is so judged Affirmer hereby grants to each affected person a royalty-free,
non transferable, non sublicensable, non exclusive, irrevocable and
unconditional license to exercise Affirmer's Copyright and Related Rights in
the Work (i) in all territories worldwide, (ii) for the maximum duration
provided by applicable law or treaty (including future time extensions), (iii)
in any current or future medium and for any number of copies, and (iv) for any
purpose whatsoever, including without limitation commercial, advertising or
promotional purposes (the "License"). The License shall be deemed effective as
of the date CC0 was applied by Affirmer to the Work. Should any part of the
License for any reason be judged legally invalid or ineffective under
applicable law, such partial invalidity or ineffectiveness shall not
invalidate the remainder of the License, and in such case Affirmer hereby
affirms that he or she will not (i) exercise any of his or her remaining
Copyright and Related Rights in the Work or (ii) assert any associated claims
and causes of action with respect to the Work, in either case contrary to
Affirmer's express Statement of Purpose.
4. Limitations and Disclaimers.
a. No trademark or patent rights held by Affirmer are waived, abandoned,
surrendered, licensed or otherwise affected by this document.
b. Affirmer offers the Work as-is and makes no representations or warranties
of any kind concerning the Work, express, implied, statutory or otherwise,
including without limitation warranties of title, merchantability, fitness
for a particular purpose, non infringement, or the absence of latent or
other defects, accuracy, or the present or absence of errors, whether or not
discoverable, all to the greatest extent permissible under applicable law.
c. Affirmer disclaims responsibility for clearing rights of other persons
that may apply to the Work or any use thereof, including without limitation
any person's Copyright and Related Rights in the Work. Further, Affirmer
disclaims responsibility for obtaining any necessary consents, permissions
or other rights required for any use of the Work.
d. Affirmer understands and acknowledges that Creative Commons is not a
party to this document and has no duty or obligation with respect to this
CC0 or use of the Work.
For more information, please see
<http://creativecommons.org/publicdomain/zero/1.0/>

View File

@ -0,0 +1,12 @@
.PHONY: all
all: util yggdrasil-brute-multi-curve25519 yggdrasil-brute-multi-ed25519
util: util.c
gcc -Wall -std=c89 -O3 -c -o util.o util.c
yggdrasil-brute-multi-ed25519: yggdrasil-brute-multi-ed25519.c util.o
gcc -Wall -std=c89 -O3 -o yggdrasil-brute-multi-ed25519 -lsodium yggdrasil-brute-multi-ed25519.c util.o
yggdrasil-brute-multi-curve25519: yggdrasil-brute-multi-curve25519.c util.o
gcc -Wall -std=c89 -O3 -o yggdrasil-brute-multi-curve25519 -lsodium yggdrasil-brute-multi-curve25519.c util.o

View File

@ -0,0 +1,8 @@
# yggdrasil-brute-simple
Simple program for finding curve25519 and ed25519 public keys whose sha512 hash has many leading ones.
Because ed25519 private keys consist of a seed that is hashed to find the secret part of the keypair,
this program is near optimal for finding ed25519 keypairs. Curve25519 key generation, on the other hand,
could be further optimized with elliptic curve magic.
Depends on libsodium.

View File

@ -0,0 +1,62 @@
#include "yggdrasil-brute.h"
int find_where(unsigned char hash[64], unsigned char besthashlist[NUMKEYS][64]) {
/* Where to insert hash into sorted hashlist */
int j;
int where = -1;
for (j = 0; j < NUMKEYS; ++j) {
if (memcmp(hash, besthashlist[j], 64) > 0) ++where;
else break;
}
return where;
}
void insert_64(unsigned char itemlist[NUMKEYS][64], unsigned char item[64], int where) {
int j;
for (j = 0; j < where; ++j) {
memcpy(itemlist[j], itemlist[j+1], 64);
}
memcpy(itemlist[where], item, 64);
}
void insert_32(unsigned char itemlist[NUMKEYS][32], unsigned char item[32], int where) {
int j;
for (j = 0; j < where; ++j) {
memcpy(itemlist[j], itemlist[j+1], 32);
}
memcpy(itemlist[where], item, 32);
}
void make_addr(unsigned char addr[32], unsigned char hash[64]) {
/* Public key hash to yggdrasil ipv6 address */
int i;
int offset;
unsigned char mask;
unsigned char c;
int ones = 0;
unsigned char br = 0; /* false */
for (i = 0; i < 64 && !br; ++i) {
mask = 128;
c = hash[i];
while (mask) {
if (c & mask) {
++ones;
} else {
br = 1; /* true */
break;
}
mask >>= 1;
}
}
addr[0] = 2;
addr[1] = ones;
offset = ones + 1;
for (i = 0; i < 14; ++i) {
c = hash[offset/8] << (offset%8);
c |= hash[offset/8 + 1] >> (8 - offset%8);
addr[i + 2] = c;
offset += 8;
}
}

View File

@ -0,0 +1,105 @@
/*
sk: 32 random bytes
sk[0] &= 248;
sk[31] &= 127;
sk[31] |= 64;
increment sk
pk = curve25519_scalarmult_base(mysecret)
hash = sha512(pk)
if besthash:
bestsk = sk
besthash = hash
*/
#include "yggdrasil-brute.h"
void seed(unsigned char sk[32]) {
randombytes_buf(sk, 32);
sk[0] &= 248;
sk[31] &= 127;
sk[31] |= 64;
}
int main(int argc, char **argv) {
int i;
int j;
unsigned char addr[16];
time_t starttime;
time_t requestedtime;
unsigned char bestsklist[NUMKEYS][32];
unsigned char bestpklist[NUMKEYS][32];
unsigned char besthashlist[NUMKEYS][64];
unsigned char sk[32];
unsigned char pk[32];
unsigned char hash[64];
unsigned int runs = 0;
int where;
if (argc != 2) {
fprintf(stderr, "usage: ./yggdrasil-brute-multi-curve25519 <seconds>\n");
return 1;
}
if (sodium_init() < 0) {
/* panic! the library couldn't be initialized, it is not safe to use */
printf("sodium init failed!\n");
return 1;
}
starttime = time(NULL);
requestedtime = atoi(argv[1]);
if (requestedtime < 0) requestedtime = 0;
fprintf(stderr, "Searching for yggdrasil curve25519 keys (this will take slightly longer than %ld seconds)\n", requestedtime);
sodium_memzero(bestsklist, NUMKEYS * 32);
sodium_memzero(bestpklist, NUMKEYS * 32);
sodium_memzero(besthashlist, NUMKEYS * 64);
seed(sk);
do {
/* generate pubkey, hash, compare, increment secret.
* this loop should take 4 seconds on modern hardware */
for (i = 0; i < (1 << 16); ++i) {
++runs;
if (crypto_scalarmult_curve25519_base(pk, sk) != 0) {
printf("scalarmult to create pub failed!\n");
return 1;
}
crypto_hash_sha512(hash, pk, 32);
where = find_where(hash, besthashlist);
if (where >= 0) {
insert_32(bestsklist, sk, where);
insert_32(bestpklist, pk, where);
insert_64(besthashlist, hash, where);
seed(sk);
}
for (j = 1; j < 31; ++j) if (++sk[j]) break;
}
} while (time(NULL) - starttime < requestedtime || runs < NUMKEYS);
fprintf(stderr, "--------------addr-------------- -----------------------------secret----------------------------- -----------------------------public-----------------------------\n");
for (i = 0; i < NUMKEYS; ++i) {
make_addr(addr, besthashlist[i]);
for (j = 0; j < 16; ++j) printf("%02x", addr[j]);
printf(" ");
for (j = 0; j < 32; ++j) printf("%02x", bestsklist[i][j]);
printf(" ");
for (j = 0; j < 32; ++j) printf("%02x", bestpklist[i][j]);
printf("\n");
}
sodium_memzero(bestsklist, NUMKEYS * 32);
sodium_memzero(sk, 32);
return 0;
}

View File

@ -0,0 +1,106 @@
/*
seed: 32 random bytes
sk: sha512(seed)
sk[0] &= 248
sk[31] &= 127
sk[31] |= 64
pk: scalarmult_ed25519_base(sk)
increment seed
generate sk
generate pk
hash = sha512(mypub)
if besthash:
bestseed = seed
bestseckey = sk
bestpubkey = pk
besthash = hash
*/
#include "yggdrasil-brute.h"
int main(int argc, char **argv) {
int i;
int j;
time_t starttime;
time_t requestedtime;
unsigned char bestsklist[NUMKEYS][64]; /* sk contains pk */
unsigned char besthashlist[NUMKEYS][64];
unsigned char seed[32];
unsigned char sk[64];
unsigned char pk[32];
unsigned char hash[64];
unsigned int runs = 0;
int where;
if (argc != 2) {
fprintf(stderr, "usage: ./yggdrasil-brute-multi-curve25519 <seconds>\n");
return 1;
}
if (sodium_init() < 0) {
/* panic! the library couldn't be initialized, it is not safe to use */
printf("sodium init failed!\n");
return 1;
}
starttime = time(NULL);
requestedtime = atoi(argv[1]);
if (requestedtime < 0) requestedtime = 0;
fprintf(stderr, "Searching for yggdrasil ed25519 keys (this will take slightly longer than %ld seconds)\n", requestedtime);
sodium_memzero(bestsklist, NUMKEYS * 64);
sodium_memzero(besthashlist, NUMKEYS * 64);
randombytes_buf(seed, 32);
do {
/* generate pubkey, hash, compare, increment secret.
* this loop should take 4 seconds on modern hardware */
for (i = 0; i < (1 << 17); ++i) {
++runs;
crypto_hash_sha512(sk, seed, 32);
if (crypto_scalarmult_ed25519_base(pk, sk) != 0) {
printf("scalarmult to create pub failed!\n");
return 1;
}
memcpy(sk + 32, pk, 32);
crypto_hash_sha512(hash, pk, 32);
/* insert into local list of good key */
where = find_where(hash, besthashlist);
if (where >= 0) {
insert_64(bestsklist, sk, where);
insert_64(besthashlist, hash, where);
randombytes_buf(seed, 32);
}
for (j = 1; j < 31; ++j) if (++seed[j]) break;
}
} while (time(NULL) - starttime < requestedtime || runs < NUMKEYS);
fprintf(stderr, "!! Secret key is seed concatenated with public !!\n");
fprintf(stderr, "---hash--- ------------------------------seed------------------------------ -----------------------------public-----------------------------\n");
for (i = 0; i < NUMKEYS; ++i) {
for (j = 0; j < 5; ++j) printf("%02x", besthashlist[i][j]);
printf(" ");
for (j = 0; j < 32; ++j) printf("%02x", bestsklist[i][j]);
printf(" ");
for (j = 32; j < 64; ++j) printf("%02x", bestsklist[i][j]);
printf("\n");
}
sodium_memzero(bestsklist, NUMKEYS * 64);
sodium_memzero(sk, 64);
sodium_memzero(seed, 32);
return 0;
}

View File

@ -0,0 +1,12 @@
#include <sodium.h>
#include <stdio.h> /* printf */
#include <string.h> /* memcpy */
#include <stdlib.h> /* atoi */
#include <time.h> /* time */
#define NUMKEYS 10
void make_addr(unsigned char addr[32], unsigned char hash[64]);
int find_where(unsigned char hash[64], unsigned char besthashlist[NUMKEYS][64]);
void insert_64(unsigned char itemlist[NUMKEYS][64], unsigned char item[64], int where);
void insert_32(unsigned char itemlist[NUMKEYS][32], unsigned char item[32], int where);