Bitcoin Forum

How much money would it take to brute force attack someone's bitcoin purse? $1 Million?  $10 Million?, $1 Billion? Also, if computers make major advancements in the future, can the encryption be changed accordingly?

Not that I want to steal someone's bitcoins, I'm just curious about how strong the encryption is. 

I didn't look into the details of the implementation, but judging by the size of a bitcoin address, it's completely unrealistic to try and enumerate them until you find one that has money attached to it. Even with billions of dollars of hardware.

Some back of the envelope computations:

If I'm not mistaken, an address has 34 characters, each one can be an uppercase letter, lowercase letter or number. I've never seen a lowercase "L" so I'll assume they're not used due to possible confusion with "1". That makes 61^34 different keys.

Assuming 10^10 (10 billion) addresses have bitcoins attached to them, a very generous estimate, and assuming you can enumerate 10^9 (one billion) addresses per second, which is also generous, it would still take billions of years to try enough of them to have a sizable chance of finding bitcoins.

Of course, that's just for brute force enumeration. There are probably much better ways of tackling the problem.

Attacking the cryptography is not how this would happen. See: http://bitcointalk.org/index.php?topic=2698.0

Attacking the cryptography would be like defeating the bank's vault door and all its security protocols vs. simply tricking a manager into giving you the vault's contents without realizing it.

If you're interested in security theory related to cryptography, I highly recommend Practical Cryptography by Niels Ferguson and Bruce Schneier.

The reason I ask is I've been looking at the current supply of paper money in the world (http://answers.google.com/answers/threadview/id/480224.html), and started to do a few computations.  According to what I found, the estimated value of all the currency in circulation around the world is 40 to 50 trillion dollars.  If you take say 40 trillion and assume bitcoins can account for 10% of that currency (4 trillion), then throwing a few million dollars at cracking bitcoins starts to take on whole different perspectives.

Another thought, if bitcoins start to become popular and the currency starts to take on real value, computer security will become a major problem.  If you think about it, if everyone had say $500 stored away in bitcoins on their computers, then computer hackers now have a new major incentive to break your computer, router, and network.  People would have to think twice about moving their bitcoin data to their hard drives and there would be plenty of confusion for the average consumer who wants to use this new currency.  As it stands, Microsoft has the best general purpose OS, but it is way to hackable when considering bitcoins for currency.  We already see these problems with MMO's, where "gold" sellers hack player accounts to steal in game currencies.  Putting a real currency on computer is like leaving sugar out and assuming the ants will not come.

I stopped reading after this phrase.

If a large subset of the equivalent of four trillion USD were accessible via desktop Windows machines and only a few calls to SendMessage() away, I'd buy a few 0-day Windows exploits and go back to writing low-level Windows code. Temporarily, anyways. :)

If bitcoin ever obtains a truly massive install base and becomes a daily part of life for most people, I'll likely build a custom, minimalist, secure-by-default bootable Linux image and keep it on a USB thumbdrive. I would either keep my wallet on another encrypted thumbdrive or on an encrypted partition on the OS thumbdrive. I could boot, decrypt my wallet, do my commerce, then shut everything down securely. The Linux image could randomise all MAC addresses at boot and set up netfilter rules to drop all incoming traffic and essentially be invisible on the network.

Even that setup is not secure, though. The first thing that comes to mind is hardware keyloggers, and the absence of deniability in the system would allow for rubber hose cryptanalysis (http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis).

lol.  I hadn't read that far.  Thanks for pointing it out.  You saved me a few precious seconds of my time :)

People should think twice about leaving important data on an unsecured computer connected to the Internet. That's not a problem with bictoins, that's a problem with people. Once they realise that their data is worth money, maybe they'll become a bit more careful.

Easy fix: store most of your bitcoins on an external drive, and don't leave it plugged into your computer. Don't plug it in an unsecured computer (Windows computer or computer that you don't own). Before you do plug it in, run a virus check.

If you want an analogy with cash, it's just like saying: don't leave $500 in your pocket at all times, or you might get robbed. Don't put $500 in your pocket unless when you're in a safe place.

I was just looking at the bitcoin source. The following comment and snippet are relevant:


So, there are 58**34 possible addresses. 904,798,310,844,700,775,313,327,215,140,493,940,623,303,545,877,497,699,631,104 is still quite a large number. :)

So, there are 58**34 possible addresses. 904,798,310,844,700,775,313,327,215,140,493,940,623,303,545,877,497,699,631,104 is still quite a large number. :)
[/quote]

Ok.  I'm satisfied that $1 billion in hardware would not make a dent in cracking something so large.

Still worried about the usability vs. the security of the platform people are using.  Yes, Windows sucks for security.  Even if people converted to some sort of Linux, the general user would not understand how to protect himself.  If bitcoins start to take off, there needs to be some sort of dedicated device that people can use.

It would have to work something like the iPhones when exchanging contact information.  You would punch the number of BTC to dispense, and then bump the device that would receive the BTC.  The person receiving the BTC would check the amount on the receiving device and then proceed with the transaction.  But the devices would have to be dedicated to the purpose of exchanging and storing BTC, as there are to many ways hack or cheat open devices.

ok, you can go wash your mouth now.

But I guess in the future storing Bitcoins on your own computer will be more something for people like us, but not for the average user. Those people will just use a service like mybitcoin, who makes sure there bitcoins are save. They probably will never download the bitcoin program, or at leat not one that saves your wallet on the computer. 

Addresses contain version and checksum information, and address size is variable. There are "only" 2¹⁶⁰ possible addresses.

Brute-forcing an address is extremely expensive. Probably well over one billion dollars. It'll never be profitable to do so.

Thanks for the clarification, theymos. I didn't notice that addresses could be of variable length.

It's no different then people currently storing text documents with their paypal passwords or bank info or prety much anything else.