#bitcoin-wizards on 2020-04-29 — irc logs at freenode.irclog.whitequark.org

2015-10-30 00:53 sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja

00:00 tylerni71 has quit []

00:00 tromp_ has joined #bitcoin-wizards

00:00 DeanGuss has joined #bitcoin-wizards

00:04 shush has quit [Ping timeout: 240 seconds]

00:05 tromp_ has quit [Ping timeout: 272 seconds]

00:05 shush has joined #bitcoin-wizards

00:12 Chris_Stewart_5 has joined #bitcoin-wizards

00:14 shush has quit [Ping timeout: 244 seconds]

00:21 Nipo1 has joined #bitcoin-wizards

00:24 proofofkeags has quit [Remote host closed the connection]

00:24 shush has joined #bitcoin-wizards

00:31 shush has quit [Ping timeout: 240 seconds]

00:39 kenshi84 has joined #bitcoin-wizards

00:43 ghost43 has quit [Remote host closed the connection]

00:43 kenshi84_ has quit [Ping timeout: 272 seconds]

00:44 ghost43 has joined #bitcoin-wizards

00:50 mauz555 has quit [Read error: Connection reset by peer]

00:53 davispuh has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]

00:57 TheoStorm has quit [Quit: Leaving]

01:09 Chris_Stewart_5 has quit [Ping timeout: 260 seconds]

01:29 shush has joined #bitcoin-wizards

01:32 Belkaar has quit [Ping timeout: 246 seconds]

01:34 Belkaar has joined #bitcoin-wizards

01:34 Belkaar has quit [Changing host]

01:34 Belkaar has joined #bitcoin-wizards

01:35 shush has quit [Ping timeout: 240 seconds]

01:40 shush has joined #bitcoin-wizards

01:45 shush has quit [Ping timeout: 244 seconds]

01:48 tromp has joined #bitcoin-wizards

01:53 tromp has quit [Ping timeout: 265 seconds]

01:58 shush has joined #bitcoin-wizards

02:04 shush has quit [Ping timeout: 240 seconds]

02:05 proofofkeags has joined #bitcoin-wizards

02:09 shush has joined #bitcoin-wizards

02:14 shush has quit [Ping timeout: 244 seconds]

02:25 shush has joined #bitcoin-wizards

02:32 shush has quit [Ping timeout: 240 seconds]

02:32 rusty has quit [Ping timeout: 246 seconds]

02:41 shush has joined #bitcoin-wizards

02:46 shush has quit [Ping timeout: 244 seconds]

02:49 shush has joined #bitcoin-wizards

02:54 shush has quit [Ping timeout: 240 seconds]

02:58 shush has joined #bitcoin-wizards

03:00 Nipo1 has quit []

03:02 shush has quit [Ping timeout: 244 seconds]

03:22 b_b1 has joined #bitcoin-wizards

03:25 kenshi84 has quit [Read error: Connection reset by peer]

03:27 kenshi84 has joined #bitcoin-wizards

03:32 CryptoDavid has quit [Quit: Connection closed for inactivity]

03:38 real_or_random has quit [Quit: ZNC 1.7.5 - https://znc.in]

03:38 stoner19 has quit [Remote host closed the connection]

03:39 stoner19 has joined #bitcoin-wizards

03:39 stoner19 has quit [Changing host]

03:39 stoner19 has joined #bitcoin-wizards

03:41 real_or_random has joined #bitcoin-wizards

04:19 shush has joined #bitcoin-wizards

04:20 proofofkeags has quit [Remote host closed the connection]

04:20 proofofkeags has joined #bitcoin-wizards

04:23 shush has quit [Ping timeout: 240 seconds]

04:23 rusty has joined #bitcoin-wizards

04:25 proofofkeags has quit [Ping timeout: 260 seconds]

04:25 ppisati has quit [Remote host closed the connection]

04:32 ppisati has joined #bitcoin-wizards

04:50 tromp has joined #bitcoin-wizards

04:55 tromp has quit [Ping timeout: 272 seconds]

05:01 proofofkeags has joined #bitcoin-wizards

05:05 proofofkeags has quit [Ping timeout: 260 seconds]

05:38 proofofkeags has joined #bitcoin-wizards

05:43 DeanGuss has quit [Ping timeout: 240 seconds]

05:43 proofofkeags has quit [Ping timeout: 244 seconds]

05:44 tromp has joined #bitcoin-wizards

05:49 tromp has quit [Ping timeout: 265 seconds]

06:00 b_b1 has quit []

06:00 kabaum has joined #bitcoin-wizards

06:21 gchaix has joined #bitcoin-wizards

06:31 tromp has joined #bitcoin-wizards

06:31 queip has quit [Read error: Connection reset by peer]

06:36 queip has joined #bitcoin-wizards

06:36 queip has quit [Read error: Connection reset by peer]

06:42 zmnscpxj_ has quit [Remote host closed the connection]

06:43 zmnscpxj_ has joined #bitcoin-wizards

06:47 ghost43 has quit [Remote host closed the connection]

06:48 ghost43 has joined #bitcoin-wizards

07:05 tromp has quit [Remote host closed the connection]

07:09 tromp has joined #bitcoin-wizards

07:30 smk has joined #bitcoin-wizards

07:31 jonatack_ has joined #bitcoin-wizards

07:34 jonatack has quit [Ping timeout: 264 seconds]

07:39 proofofkeags has joined #bitcoin-wizards

07:44 proofofkeags has quit [Ping timeout: 246 seconds]

07:48 Guyver2 has joined #bitcoin-wizards

07:59 ghost43 has quit [Remote host closed the connection]

08:00 ghost43 has joined #bitcoin-wizards

08:06 midnight has quit [Ping timeout: 252 seconds]

08:10 marcoagner has joined #bitcoin-wizards

08:15 midnight has joined #bitcoin-wizards

08:25 zmnscpxj_ has quit [Ping timeout: 240 seconds]

09:00 gchaix has quit []

09:00 smk has quit [Ping timeout: 240 seconds]

09:21 c9sloud has joined #bitcoin-wizards

09:50 mauz555 has joined #bitcoin-wizards

09:51 sonofhan has quit [Ping timeout: 256 seconds]

09:55 shush has joined #bitcoin-wizards

09:59 shush has quit [Ping timeout: 244 seconds]

10:00 sonofhan has joined #bitcoin-wizards

10:24 ccdle12_ has joined #bitcoin-wizards

10:25 ccdle12_ has quit [Remote host closed the connection]

10:39 someone235 has quit [Quit: Connection closed for inactivity]

10:45 AaronvanW has quit []

10:50 Chris_Stewart_5 has joined #bitcoin-wizards

10:51 rusty has quit [Quit: Leaving.]

10:59 kabaum has quit [Quit: Leaving]

11:09 TheoStorm has joined #bitcoin-wizards

11:38 sonofhan has quit [Ping timeout: 240 seconds]

11:41 proofofkeags has joined #bitcoin-wizards

11:45 jonatack_ has quit [Read error: Connection reset by peer]

11:46 proofofkeags has quit [Ping timeout: 260 seconds]

11:46 jonatack has joined #bitcoin-wizards

11:47 jonatack has quit [Read error: Connection reset by peer]

11:53 jonatack has joined #bitcoin-wizards

11:55 jb55 has quit [Remote host closed the connection]

11:57 jb55 has joined #bitcoin-wizards

11:58 jonatack has quit [Ping timeout: 256 seconds]

11:59 jonatack has joined #bitcoin-wizards

12:00 c9sloud has quit []

12:22 Vogone has joined #bitcoin-wizards

12:27 CryptoDavid has joined #bitcoin-wizards

12:59 laptop has joined #bitcoin-wizards

13:01 Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]

13:03 rusty has joined #bitcoin-wizards

13:35 jb55 has quit [Ping timeout: 240 seconds]

13:36 jb55 has joined #bitcoin-wizards

13:42 proofofkeags has joined #bitcoin-wizards

13:46 proofofkeags has quit [Ping timeout: 246 seconds]

13:55 shush has joined #bitcoin-wizards

13:55 mdunnio has joined #bitcoin-wizards

13:56 AaronvanW has joined #bitcoin-wizards

14:00 shush has quit [Ping timeout: 244 seconds]

14:30 TheoStorm has quit [Quit: Leaving]

14:30 Guyver2 has joined #bitcoin-wizards

14:32 TheoStorm has joined #bitcoin-wizards

14:45 proofofkeags has joined #bitcoin-wizards

15:00 Vogone has quit []

15:07 proofofkeags has quit [Remote host closed the connection]

15:07 proofofkeags has joined #bitcoin-wizards

15:22 Dogechain has joined #bitcoin-wizards

15:27 sonofhan has joined #bitcoin-wizards

15:29 sonofhan has quit [Client Quit]

15:39 justanotheruser has quit [Ping timeout: 265 seconds]

15:52 justanotheruser has joined #bitcoin-wizards

16:05 shush has joined #bitcoin-wizards

16:07 shush has quit [Remote host closed the connection]

16:07 shush has joined #bitcoin-wizards

16:12 shush has quit [Remote host closed the connection]

16:13 shush has joined #bitcoin-wizards

16:30 Guyver2_ has joined #bitcoin-wizards

16:33 Guyver2 has quit [Ping timeout: 256 seconds]

16:37 michaelfolkson has joined #bitcoin-wizards

17:01 mryandao has quit [Remote host closed the connection]

17:04 mryandao has joined #bitcoin-wizards

17:15 pinheadmz_ has joined #bitcoin-wizards

17:18 pinheadmz has quit [Ping timeout: 246 seconds]

17:18 pinheadmz_ is now known as pinheadmz

17:30 proofofkeags has quit [Remote host closed the connection]

17:38 zmnscpxj_ has joined #bitcoin-wizards

17:41 proofofkeags has joined #bitcoin-wizards

18:00 Dogechain has quit []

18:01 mdunnio has quit [Remote host closed the connection]

18:02 DeanGuss has joined #bitcoin-wizards

18:07 <jeremyrubin> sipa: In theory, a generated musig key is "safe" to use for a ECDSA signature, correct? That is, suppose I have a key P and a key Q, and I generate musig_key(P, Q) = S. Suppose the whole world learns q such that qG = Q. Myself knowing p such that pG = P, I can produce a signature W of a message M using ECDSA with S. Learning W does not reveal anything about the private scalar p such that any signature for P could be produced.

18:08 <jeremyrubin> This is useful for some protocols one can write today where it's set up that some set of scalars will be released by an oracle which let me act with a secret key

18:09 <jeremyrubin> Because P can be a non-public key (e.g., per instance of a protocol), signing with S also does not reveal which information I was conditioned on

18:09 <sipa> so your question is: given an ECDSA signature for public key aP+b (with publicly known constants a and b), can an attacker produce a signature for P?

18:10 <jeremyrubin> It's a bit more than that, because it also requires the security properties of musig around key cancelling

18:11 mdunnio has joined #bitcoin-wizards

18:11 <jeremyrubin> But I guess maybe that is correct? a and b are derived from the musig key algo so yeah I guess it does boil down to that

18:12 <sipa> so the attacker generated Q, you provided P, then you compute S=MuSig(P,Q), then the DL q=Q/G gets revealed to you, then you produce a signature using S, and then you want to know if the attacker can use that to produce a signature with P?

18:12 <jeremyrubin> Yeah

18:13 <jeremyrubin> I think it should be fine right? because they never learn p

18:13 <sipa> i suspect this is true, but it would hard to prove

18:13 <jeremyrubin> But I'm not sure if they can factor out the a and b

18:18 <jeremyrubin> so I gues your can obviously produce a signature at least. You end up with a private key of (h1* p + h2*b) to sign by

18:18 <jeremyrubin> s = k^-1(m + r*(h1*p + h2*b))

18:19 <jeremyrubin> s = k^-1(m+rh1*p + rh2*b)

18:20 brrr has joined #bitcoin-wizards

18:20 <jeremyrubin> s = k^-1(m+rh1*p) + k^-1(rh2*b)

18:21 <jeremyrubin> so given that k is not learned, you can't compute k^-1(rh2*b) to subtract from s to get a signature from just p

18:21 <jeremyrubin> So it *seems* true?

18:22 <jeremyrubin> But maybe I'm missing a technique on it...

18:22 DeanGuss has quit [Remote host closed the connection]

18:22 DeanGuss has joined #bitcoin-wizards

18:22 <jeremyrubin> Have the related key attacks been ruled out for any of the other key aggregation schemes? E.g. stealth addresses

18:30 tromp has quit [Remote host closed the connection]

18:33 tromp has joined #bitcoin-wizards

18:38 sipa has quit [Ping timeout: 240 seconds]

18:40 sipa has joined #bitcoin-wizards

18:50 Guyver2__ has joined #bitcoin-wizards

18:53 Guyver2_ has quit [Ping timeout: 256 seconds]

18:59 Guyver2__ is now known as Guyver2

19:15 proofofkeags has quit [Remote host closed the connection]

19:17 DeanGuss has quit [Ping timeout: 240 seconds]

19:20 DeanGuss has joined #bitcoin-wizards

19:30 brrr has quit [Ping timeout: 246 seconds]

19:33 jonatack has quit [Ping timeout: 244 seconds]

19:34 sonofhan has joined #bitcoin-wizards

19:35 jonatack has joined #bitcoin-wizards

19:36 sonofhan has quit [Read error: Connection reset by peer]

19:37 shush has quit [Remote host closed the connection]

19:38 shush has joined #bitcoin-wizards

19:43 shush has quit [Ping timeout: 240 seconds]

19:51 proofofkeags has joined #bitcoin-wizards

20:02 sonofhan has joined #bitcoin-wizards

20:04 sonofhan has quit [Client Quit]

20:11 shush has joined #bitcoin-wizards

20:12 proofofkeags has quit [Quit: Leaving...]

20:14 Chris_Stewart_5 has quit [Ping timeout: 264 seconds]

20:14 proofofkeags has joined #bitcoin-wizards

20:17 davispuh has joined #bitcoin-wizards

20:20 Chris_Stewart_5 has joined #bitcoin-wizards

20:30 nyuszika7h1 has joined #bitcoin-wizards

20:31 DeanGuss has quit [Ping timeout: 240 seconds]

20:34 jonatack has quit [Quit: jonatack]

20:36 jb55 has quit [Quit: jb55]

20:36 Krellan_ has joined #bitcoin-wizards

20:36 DeanGuss has joined #bitcoin-wizards

20:46 jonatack has joined #bitcoin-wizards

21:00 nyuszika7h1 has quit []

21:20 Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]

21:22 phyll1s_work has joined #bitcoin-wizards

21:24 proofofkeags has quit [Remote host closed the connection]

21:25 proofofkeags has joined #bitcoin-wizards

21:29 proofofkeags has quit [Ping timeout: 240 seconds]

21:31 proofofkeags has joined #bitcoin-wizards

21:32 proofofk_ has joined #bitcoin-wizards

21:36 proofofkeags has quit [Ping timeout: 256 seconds]

21:41 michaelfolkson has quit [Quit: Sleep mode]

21:42 tromp has quit [Remote host closed the connection]

21:43 michaelfolkson has joined #bitcoin-wizards

21:54 kenshi84_ has joined #bitcoin-wizards

21:55 tromp has joined #bitcoin-wizards

21:56 kenshi84 has quit [Ping timeout: 265 seconds]

22:01 mauz555 has quit [Remote host closed the connection]

22:02 mauz555 has joined #bitcoin-wizards

22:14 mdunnio has quit [Remote host closed the connection]

22:21 justanotheruser has quit [Ping timeout: 264 seconds]

22:21 michaelfolkson has quit [Ping timeout: 272 seconds]

22:34 tromp has quit [Remote host closed the connection]

22:37 DeanGuss has quit [Remote host closed the connection]

22:37 DeanGuss has joined #bitcoin-wizards

22:51 marcoagner has quit [Ping timeout: 246 seconds]

22:58 laptop has quit [Ping timeout: 260 seconds]

23:07 justanotheruser has joined #bitcoin-wizards

23:10 DeanGuss has quit [Ping timeout: 240 seconds]

23:15 tromp has joined #bitcoin-wizards

23:20 tromp has quit [Ping timeout: 265 seconds]

23:22 DeanGuss has joined #bitcoin-wizards

23:27 pinheadmz has quit [Quit: pinheadmz]

23:35 shush has quit [Remote host closed the connection]

23:36 mauz555 has quit [Read error: Connection reset by peer]

23:37 shush has joined #bitcoin-wizards

23:41 shush has quit [Remote host closed the connection]

23:41 shush has joined #bitcoin-wizards

23:43 pinheadmz has joined #bitcoin-wizards

23:50 tromp has joined #bitcoin-wizards

23:56 tromp has quit [Ping timeout: 272 seconds]

23:56 jb55 has joined #bitcoin-wizards

23:57 davispuh has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]

23:59 proofofk_ has quit [Remote host closed the connection]