Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Bitcoin

The Quest To Liberate $300,000 of Bitcoin From an Old ZIP File (arstechnica.com) 38

Posted by msmash from the closer-look dept.
A few quintillion possible decryption keys stand between a man and his cryptocurrency. From a report: In October, Michael Stay got a weird message on LinkedIn. A total stranger had lost access to his bitcoin private keys -- and wanted Stay's help getting his $300,000 back. It wasn't a total surprise that The Guy, as Stay calls him, had found the former Google security engineer. Nineteen years ago, Stay published a paper detailing a technique for breaking into encrypted zip files. The Guy had bought around $10,000 worth of bitcoin in January 2016, well before the boom. He had encrypted the private keys in a zip file and had forgotten the password. He was hoping Stay could help him break in. In a talk at the Defcon security conference this week, Stay details the epic attempt that ensued.

[...] "If we find the password successfully, I will thank you," The Guy wrote with a smiley face. After an initial analysis, Stay estimated that he would need to charge $100,000 to break into the file. The Guy took the deal. After all, he'd still be turning quite the profit. "It's the most fun I've had in ages. Every morning I was excited to get to work and wrestle with the problem," says Stay, who today is the chief technology officer of the blockchain software development firm Pyrofex. "The zip cipher was designed decades ago by an amateur cryptographer -- the fact that it has held up so well is remarkable." But while some zip files can be cracked easily with off-the-shelf tools, The Guy wasn't so lucky. That's partly why the work was priced so high. Newer generations of zip programs use the established and robust cryptographic standard AES, but outdated versions -- like the one used in The Guy's case -- use Zip 2.0 Legacy encryption that can often be cracked. The degree of difficulty depends on how it's implemented, though. "It's one thing to say something is broken, but actually breaking it is a whole different ball of wax," says Johns Hopkins University cryptographer Matthew Green.
This discussion has been archived. No new comments can be posted.

The Quest To Liberate $300,000 of Bitcoin From an Old ZIP File More

The Quest To Liberate $300,000 of Bitcoin From an Old ZIP File

Comments Filter:

  • And what do we learn from all this? (Score:5, Funny)

    by SlithyMagister ( 822218 ) on Thursday August 13, 2020 @02:13PM (#60398047)
    Be sure you write your passwords on post-it notes and stick them on your monitor!

    Oh crap, all my passwords were on the monitor I just binned

    <sigh>

  • Since it's /. and nobody reads the articles (Score:5, Informative)

    by bobstreo ( 1320787 ) on Thursday August 13, 2020 @02:14PM (#60398051)

    If you want to know how it actually ended up:

    "...Stay combed through his attack, worried about some obscure, incorrect assumption or a hidden bug. He soon struck on a new idea about which number, or "seed," to try as the starting point for the random number generator used in the cryptographic scheme. The Guy combed the test data as well and noticed an error that occurred if the GPU didn't process the correct password on the first attempt. Stay and Foster fixed the bug. With both of these revisions to the attack in place, they were ready to try again.

    "Poof! Out came a bunch of Bitcoin," Foster says. "It was such a relief," Stay adds.

    In the end, the infrastructure costs to run the attack were $6,000 to $7,000 instead of the roughly $100,000 they had originally estimated, Foster says. The Guy paid about a quarter of the original price tag."

    • Thanks for the summary, it didn't have one item I was really curious about - what was the original password? Here I'm assuming from the description that they were trying to a bunch of strings to get in so they would know what string worked...

      I was just curious if the original password he used was something guessable given enough time or maybe even one where a dictionary attack would have worked, or if he generated some really strong password that he managed to lose somehow.

      • Re:Did not say what the password actually was (Score:5, Funny)

        by UnknowingFool ( 672806 ) on Thursday August 13, 2020 @02:58PM (#60398179)
        The password was "12345". Duh

      • Thanks for the summary, it didn't have one item I was really curious about - what was the original password? Here I'm assuming from the description that they were trying to a bunch of strings to get in so they would know what string worked...

        I was just curious if the original password he used was something guessable given enough time or maybe even one where a dictionary attack would have worked, or if he generated some really strong password that he managed to lose somehow.

        Likely they never got back the original password. They just found a random string that ended up hashing the same and producing the right key. I'm guessing more of a brute force once they found the bug in the software,

        So the password remains hidden.

        What made it possible is ZIP doesn't encrypt metadata, so you can still read the directory of an encrypted file and you can simply brute force the keys since you can test if a file extracted right. They found a bug in the key generation algorithm that narrowed the keyspace and simply tested all the keys.

        • Re: (Score:1)

          by rtb61 ( 674572 )

          The lesson taught here, attempting to use bitcoin requires an entire functioning digital infrastructure, in emergencies, it become entirely worthless, no longer support by functioning fiat currency states and their infrastructure. Think cell phones work in a real emergency, mains power to the towers and fibre optic to carry the messaging.

          The big claims about reliability of bitcoin are entirely in marketing and nothing more. Any failure of society, kills bitcoin first.

      • Re:Did not say what the password actually was (Score:4, Informative)

        by Cylix ( 55374 ) on Thursday August 13, 2020 @04:14PM (#60398579) Homepage Journal

        You don’t need the original password. You just need something that hashes to an equivalent.

        This is why the salt bug was so important.

      • hunter2

    • Re:Since it's /. and nobody reads the articles (Score:4, Informative)

      by greytree ( 7124971 ) on Thursday August 13, 2020 @02:49PM (#60398149)

      Note to submitters: I would have read TFA if I had known beforehand that he was eventually successful. A story about him failing would be much less worth my time.

      This is not a terrible example, but in general, it's time journalists were taught that clickbait headlines PUT PEOPLE OFF.

      • Even worse, this was a Duplicate story, it was posted several days ago, so they added a clickbait headline to it, and then OMITTED THE GOD DAMNED RESULTS!

        WTF, man?

      • a filter that simply hides links/photos to articles using "this" in most cases would be wonderful, and eliminate huge swaths of clickbait . . . and then it could go onto secondary flags, such as "the reason" . . .

        hawk

    • Re: (Score:2, Insightful)

      by avandesande ( 143899 )
      Good thing he had ethics he could of just 'gave up' and cashed the bitcoin

    • Thank you.

      I was about to read the article but there were "always necessary" cross-site tracking cookies that couldn't be disabled.

    • The Guy paid about a quarter of the original price tag."

      That's quite a discount. I'm surprised; it seems he should've been charged the full $100k because that was the agreement beforehand. After all, if not for Stay, he'd have $0 worth of Bitcoin. But I guess Stay is a nice person.

    • There's some guy in the UK who put, what is now worth £50million of bitcoins onto a harddrive. He got confused and threw away the drive instead of a different one, so it's ended up somewhere on a local dump. He's been working to get to it, and has figured out which "zone" of the dump it's in. He just needs a suitable permit to go digging to find his lost hard drive. Unsurprisingly, the local council won't give him a permit (I presume unless he pays upfront - he's seemingly unwilling or unable to do so

  • This guy is being suckered. (Score:2)

    by Anonymous Coward

    The zip file contains an auto executable which upon being cracked, will email the method back to the client, who will then use the method on a different job.

  • Slashdot. Where topical news goes to die.

  • "charge $100,000 to break into the file."

    In such cases you demand to be paid by the hour and use an IBM-Convertible to do the calculations.

    • Re: (Score:1)

      by Anonymous Coward
      That guy will be in trouble when he offered $100,000 for someone to open the file, and when they get into it, there's nothing inside.

  • I did this - didn't know it was a special thing (Score:5, Interesting)

    by innocent_white_lamb ( 151825 ) on Thursday August 13, 2020 @06:24PM (#60399263)

    Many years ago I downloaded a zip file on my 2400bps modem that was encrypted. It was, I think, a game of some kind? Anyway, after I downloaded it I discovered that the zip file that I had downloaded contained another zip file and a text file that said, "To obtain the password to extract this file, send $X to this address".

    Not wanting to have to send in my $X, and having already spent several dollars of long distance charges downloading this file, I wrote a batch file that read through a big list of words and tried each one in turn against that zip file. After each attempt it checked to see if any files had been extracted, if not then it ran again with the next word on the list.

    I left that batch file to run overnight (on my 286 I think) and in the morning I had an unencrypted file and the password which was, as I recall, "purchase". If I hadn't succeeded with an actual word I suppose I would have started in with random characters and such, but as it was this job took something less than one whole night to accomplish. However long it took to get to the P's in my wordlist, I guess.

    Zip files were a relatively new format at the time (remember Phil Katz?), but I remember doing this and can't remember the actual file that I managed to unencrypt. I guess the technical challenge was more fun than whatever I got out of it as a result.

  • i have all of my passwords and userenames, and private keys saved in an encrypted text file... gpg.... and the password for that encrypted file is a sentance i will never forget, and something no one could ever guess....

Slashdot Top Deals

A debugged program is one for which you have not yet found the conditions that make it fail. -- Jerry Ogdin

Close