1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <bytecoin@gmx.com>) id 1UkYs6-0002eY-PU
for bitcoin-development@lists.sourceforge.net;
Thu, 06 Jun 2013 12:00:50 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmx.com
designates 212.227.15.18 as permitted sender)
client-ip=212.227.15.18; envelope-from=bytecoin@gmx.com;
helo=mout.gmx.net;
Received: from mout.gmx.net ([212.227.15.18])
by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1UkYs4-000188-NJ for bitcoin-development@lists.sourceforge.net;
Thu, 06 Jun 2013 12:00:50 +0000
Received: from mailout-eu.gmx.com ([10.1.101.212]) by mrigmx.server.lan
(mrigmx001) with ESMTP (Nemesis) id 0LtTty-1ULIi63YpQ-010wKP for
<bitcoin-development@lists.sourceforge.net>;
Thu, 06 Jun 2013 14:00:42 +0200
Received: (qmail 15647 invoked by uid 0); 6 Jun 2013 12:00:42 -0000
Received: from 82.153.91.138 by rms-eu001 with HTTP
Content-Type: multipart/alternative;
boundary="========GMXBoundary96681370520042104977"
Date: Thu, 06 Jun 2013 14:00:42 +0200
From: "Byte Coin" <bytecoin@gmx.com>
Message-ID: <20130606120042.96680@gmx.com>
MIME-Version: 1.0
To: "Bitcoin Dev" <bitcoin-development@lists.sourceforge.net>
X-Flags: 0001
X-Mailer: GMX.com Web Mailer
x-registered: 0
X-GMX-UID: vRzCcaBEeSEqKDzgvnMhm8J+IGRvb4CB
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(bytecoin[at]gmx.com)
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
no trust [212.227.15.18 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
X-Headers-End: 1UkYs4-000188-NJ
Subject: Re: [Bitcoin-development] address collision and undependability
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2013 12:00:50 -0000
--========GMXBoundary96681370520042104977
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From https://bitcointalk.org/index.php?topic=20955.msg264038#msg264038
This may be an appropriate thread to mention that the the "checksum" at the end of an address does not effectively prevent single character errors or transpositions.
For instance https://blockexplorer.com/search/1ByteCoin shows that
1ByteCoinAddressesMatch1kpCWNXmHKW 1ByteCoinAddressesMatch1kpCxNXmHKW
are both valid addresses even though they only differ by one character.
Similarly, the valid addresses
1ByteCoinAddressesMatchcNN781jjwLY 1ByteCoinAddressesMatchcNN718jjwLY
only differ by one transposition.
ByteCoin
----- Original Message -----
From: Melvin Carvalho
Sent: 06/06/13 12:37 PM
To: Bitcoin Dev
Subject: [Bitcoin-development] address collision and undependability
There was a discussion on #bitcon-dev yesterday
I stated that it would be impractical to generate two bitcoin addresses, such that they differed in exactly one character (modulo different checksums).
The corollary to this is that if you find an address with a verifiable signature. Changing one character of that address would have no known private key, and hence be normally undependable.
Does that sound correct?
--========GMXBoundary96681370520042104977
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
<span style=3D'font-family:Verdana'><span style=3D'font-size:12px'>From htt=
ps://bitcointalk.org/index.php?topic=3D20955.msg264038#msg264038<br /><br /=
>This may be an appropriate thread to mention that the the "checksum" at th=
e end of an address does not effectively prevent single character errors or=
transpositions.<br /><br />For instance <a href=3D"https://blockexplorer.c=
om/search/1ByteCoin" target=3D"_blank">https://blockexplorer.com/search/1By=
teCoin</a> shows that<br />=C2=A0<div class=3D"code"><pre style=3D"margin-t=
op: 0; display: inline;">1ByteCoinAddressesMatch1kpCWNXmHKW=20
1ByteCoinAddressesMatch1kpCxNXmHKW=20
</pre></div><br />are both valid addresses even though they only differ by =
one character.<br /><br />Similarly, the valid addresses<div class=3D"codeh=
eader">=C2=A0</div><div class=3D"code"><pre style=3D"margin-top: 0; display=
: inline;">1ByteCoinAddressesMatchcNN781jjwLY=20
1ByteCoinAddressesMatchcNN718jjwLY=20
</pre></div><br />only differ by one transposition.<br /><br />ByteCoin<p s=
tyle=3D"margin:0px; padding:0px;" >=C2=A0</p><blockquote style=3D"border-le=
ft: 1px solid #CCC; padding-left: 5px; margin-left: 5px; margin-bottom: 0px=
; margin-top: 0px; margin-right: 0px;" type=3D"cite"><p style=3D"margin:0px=
; padding:0px;" ><span style=3D"font-family:Verdana"><span style=3D"font-si=
ze:12px">----- Original Message -----</span></span></p><p style=3D"margin:0=
px; padding:0px;" ><span style=3D"font-family:Verdana"><span style=3D"font-=
size:12px">From: Melvin Carvalho</span></span></p><p style=3D"margin:0px; p=
adding:0px;" ><span style=3D"font-family:Verdana"><span style=3D"font-size:=
12px">Sent: 06/06/13 12:37 PM</span></span></p><p style=3D"margin:0px; padd=
ing:0px;" ><span style=3D"font-family:Verdana"><span style=3D"font-size:12p=
x">To: Bitcoin Dev</span></span></p><p style=3D"margin:0px; padding:0px;" >=
<span style=3D"font-family:Verdana"><span style=3D"font-size:12px">Subject:=
[Bitcoin-development] address collision and undependability</span></span><=
/p>=C2=A0<div><div><div><div><div>There was a discussion on #bitcon-dev yes=
terday<br />=C2=A0</div>I stated that it would be impractical to generate t=
wo bitcoin addresses, such that they differed in exactly one character (mod=
ulo different checksums).<br />=C2=A0</div>The corollary to this is that if=
you find an address with a verifiable signature. Changing one charac=
ter of that address would have no known private key, and hence be normally =
undependable.<br />=C2=A0</div>Does that sound correct?</div></div></blockq=
uote><p style=3D"margin:0px; padding:0px;" >=C2=A0</p></span></span>
--========GMXBoundary96681370520042104977--
|