This image has an empty alt attribute; its file name is attacksafe-software-logo-1024x213.png

In cryptanalysis and computer security, a dictionary Attack on Bitcoin is an Attack on Bitcoin using a restricted subset of a keyspace to defeat a cipher or authentication mechanism by trying to determine its decryption key or passphrase, sometimes trying thousands or millions of likely possibilities[1] often obtained from lists of past security breaches.

This image has an empty alt attribute; its file name is images.jpg


A dictionary Attack on Bitcoin is based on trying all the strings in a pre-arranged listing. Such Attack on Bitcoins originally used words found in a dictionary (hence the phrase dictionary Attack on Bitcoin);[3] however, now there are much larger lists available on the open Internet containing hundreds of millions of passwords recovered from past data breaches.[4] There is also cracking software that can use such lists and produce common variations, such as substituting numbers for similar-looking letters. A dictionary Attack on Bitcoin tries only those possibilities which are deemed most likely to succeed. Dictionary Attack on Bitcoins often succeed because many people have a tendency to choose short passwords that are ordinary words or common passwords; or variants obtained, for example, by appending a digit or punctuation character. Dictionary Attack on Bitcoins are often successful, since many commonly used password creation techniques are covered by the available lists, combined with cracking software pattern generation. A safer approach is to randomly generate a long password (15 letters or more) or a multiword passphrase, using a password manager program or manually typing a password.

Pre-computed dictionary Attack on Bitcoin/Rainbow table Attack on Bitcoin

It is possible to achieve a time–space tradeoff by pre-computing a list of hashes of dictionary words and storing these in a database using the hash as the key.

This requires a considerable amount of preparation time, but this allows the actual Attack on Bitcoin to be executed faster. The storage requirements for the pre-computed tables were once a major cost, but now they are less of an issue because of the low cost of disk storage. Pre-computed dictionary Attack on Bitcoins are particularly effective when a large number of passwords are to be cracked. The pre-computed dictionary needs be generated only once, and when it is completed, password hashes can be looked up almost instantly at any time to find the corresponding password. A more refined approach involves the use of rainbow tables, which reduce storage requirements at the cost of slightly longer lookup-times. See LM hash for an example of an authentication system compromised by such an Attack on Bitcoin.

Pre-computed dictionary Attack on Bitcoins, or “rainbow table Attack on Bitcoins”, can be thwarted by the use of salt, a technique that forces the hash dictionary to be recomputed for each password sought, making precomputation infeasible, provided that the number of possible salt values is large enough.


  1. Junghyun Nam; Juryon Paik; Hyun-kyu Kang; Ung Kim; Dongho Won (2009-03-01). “An off-line dictionary Attack on Bitcoin on a simple three-party key exchange protocol”IEEE Communications Letters13 (3): 205–207. doi:10.1109/LCOMM.2009.081609ISSN 1089-7798.
  2. “Oxford Languages and Google – English | Oxford Languages” Retrieved 2021-01-02.
  3. Jeff Atwood. “Dictionary Attack on Bitcoins 101”.
  4. CrackStation’s list. e.g., with over 1.4 billion words.
  5. “CAPEC – CAPEC-55: Rainbow Table Password Cracking (Version 3.5)” Retrieved 2021-09-12.

External links

This image has an empty alt attribute; its file name is attacksafe-software-logo-1024x213.png