|
Title: How? Security of private keys Post by: bitpop on March 01, 2012, 07:35:21 AM I don't understand this. I am generating addresses using vanitygen and here are the scenarios:
1. I generate many 1mtgox addresses. I have the private keys, what if one day mtgox uses an address i have? What stops me from spending all their coins since i already have the private key? 2. Can private keys somehow be different for the same address and the correct one can be checked against the blockchain? 3. It may take months, but why can't I vanitygen (thought its not really vanity) mtgox's green address or any high value address? Then empty it? I would purchase 9x 6990s to do this, what stops me? Title: Re: How? Security of private keys Post by: DeathAndTaxes on March 01, 2012, 07:41:19 AM Quote 3. It may take I would purchase 9x FYPFY. Under that scenario the heat death of the universe would stop you, and long before you even had a 1% chance of brute forcing an address. Slightly less snark answer is that addresses are deceptively short looking. 2^160 is a very large number. It is larger than the amount of atoms in our universe. You have no plausible chance of brute forcing an address. Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 07:44:01 AM LOL, I can generate a 1mtgox address every second, I can collect millions. I'm asking what IF they end up using an address that I have the private ley to? There is no protection is there? So someone somewhere can get lucky and get a private key?
Title: Re: How? Security of private keys Post by: DeathAndTaxes on March 01, 2012, 07:46:04 AM LOL, I can generate a 1mtgox address every second, I can collect millions. I'm asking what IF they end up using an address that I have the private ley to? There is no protection is there? So someone somewhere can get lucky and get a private key? Yes someone could also get "lucky" and win the lottery .... a dozen times ... in a row. That would be more likely than brute forcing a private key. Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 07:46:13 AM Is this just as much luck as solo mining? I may get lucky and get a private key to a high value address?
Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 07:47:06 AM There IS that possibillity right? So IT will happen at least once in the next 10 years where a high value address is attacked and stolen?
Someone will win the lottery. Title: Re: How? Security of private keys Post by: DeathAndTaxes on March 01, 2012, 07:51:52 AM I honestly don't know if you are trolling or just stupid.
You asked a question, I answered it. Simpler version: NO. Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 07:56:39 AM Neither, let someone else reply
Title: Re: How? Security of private keys Post by: da2ce7 on March 01, 2012, 08:15:52 AM Title: Re: How? Security of private keys Post by: SomeoneWeird on March 01, 2012, 08:37:05 AM Theres a 1 in 1000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000 chance you will get it.
Title: Re: How? Security of private keys Post by: SomeoneWeird on March 01, 2012, 08:46:09 AM (My math probably isn't right)
You can generate 1 address a second. 86,400 seconds in a day = 86,400 keys a day. 26 bits in a btc address, 403291461126605635584000000 permutations. so 403291461126605635584000000/86400 = 4667725244520898560000 days. So, you wanna wait 1.27882883411531467397260273972602739726027397260273972602739726027397260273972 6027397260273972602739726027397260273972602739726027397260273972602739726027397 260273972602739726027397260273972602739726027*(10**19) years? I didn't think so. Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 09:20:59 AM Hmm ok, but on the off chance we before generate the same address, private leys will be identical right? Theres no protection?
Title: Re: How? Security of private keys Post by: FreeMoney on March 01, 2012, 09:39:35 AM Hmm ok, but on the off chance we before generate the same address, private leys will be identical right? Theres no protection? No protection at all, the coins belonging to that address would be lost. I think the best way to think of it is this: If you eventually find a collision (millions of years with any reasonable amount of resources) the expected amount you will find is [enormous number of keys, call it 10^20] divided by [total bitcoins] = less than one satoshi (tiniest bitcoin unit). Compare to: Regular identity theft, car accident on the way to the bank, etc. Title: Re: How? Security of private keys Post by: fornit on March 01, 2012, 09:39:55 AM dude, that IS the protection.
hoping to get someones private keys like this is like hoping quantum effects randomly teleport you into fort knox. Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 09:40:50 AM Ok I kinda get it now. Just seemed so easy to vanitygen all the valid 1mtgox addresses quickly.
Hmm ok, but on the off chance we before generate the same address, private leys will be identical right? Theres no protection? I think the best way to think of it is this: If you eventually find a collision (millions of years with any reasonable amount of resources) the expected amount you will find is [enormous number of keys, call it 10^20] divided by [total bitcoins] = less than one satoshi (tiniest bitcoin unit). Compare to: Regular identity theft, car accident on the way to the bank, etc. Title: Re: How? Security of private keys Post by: FreeMoney on March 01, 2012, 09:42:45 AM Ok I kinda get it now. Just seemed so easy to vanitygen all the valid 1mtgox addresses quickly. Ah, yeah, not going to get 'all of them' by any means. There are still [sick huge number] divided by 58^5 [aka small number] of address. Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 09:43:21 AM BUT then again, bitcoin was designed when mining was astonishingly slow on the cpu. Now we are already 10000X faster, can bitcoin be strengthened if in 5 years GPUs can crack a key in a month?
Title: Re: How? Security of private keys Post by: FreeMoney on March 01, 2012, 09:46:40 AM BUT then again, bitcoin was designed when mining was astonishingly slow on the cpu. Now we are already 10000X faster, can bitcoin be strengthened if in 5 years GPUs can crack a key in a month? Yes, it can be strengthened. Title: Re: How? Security of private keys Post by: SomeoneWeird on March 01, 2012, 09:48:10 AM Vanitygen already runs on gpu.
Title: Re: How? Security of private keys Post by: da2ce7 on March 01, 2012, 09:54:00 AM Vanitygen already runs on gpu. The problem is that it is two many bits... we are dealing with exponential functions here, boys. :) Title: Re: How? Security of private keys Post by: bitpop on March 01, 2012, 09:54:28 AM So the addresses will be get longer sometime in the future?
BUT then again, bitcoin was designed when mining was astonishingly slow on the cpu. Now we are already 10000X faster, can bitcoin be strengthened if in 5 years GPUs can crack a key in a month? Yes, it can be strengthened. Title: Re: How? Security of private keys Post by: dooglus on March 01, 2012, 10:39:15 AM So the addresses will be get longer sometime in the future? Or the hashing function that's used could get more computationally intensive. Quote 2. Can private keys somehow be different for the same address and the correct one can be checked against the blockchain? There are lots of different private keys for each bitcoin address. If you can find any one of them then you can spend the coins at that address. The problem is that it's too hard to find any them. Title: Re: How? Security of private keys Post by: memvola on March 01, 2012, 11:24:27 AM There are lots of different private keys for each bitcoin address. If you can find any one of them then you can spend the coins at that address. Will it still be the case if the address has been spent before? Title: Re: How? Security of private keys Post by: kokjo on March 01, 2012, 11:33:15 AM (My math probably isn't right) there are 160 bits in a btc address. so its: 2**160 seconds you have to wait. so its about 10**93 years.You can generate 1 address a second. 86,400 seconds in a day = 86,400 keys a day. 26 bits in a btc address, 403291461126605635584000000 permutations. so 403291461126605635584000000/86400 = 4667725244520898560000 days. So, you wanna wait 1.27882883411531467397260273972602739726027397260273972602739726027397260273972 6027397260273972602739726027397260273972602739726027397260273972602739726027397 260273972602739726027397260273972602739726027*(10**19) years? I didn't think so. EDIT: my math failed to, i used ln instead of log. correct is ~10**40 years Title: Re: How? Security of private keys Post by: SomeoneWeird on March 01, 2012, 11:51:10 AM (My math probably isn't right) there are 160 bits in a btc address. so its: 2**160 seconds you have to wait. so its about 10**93 years.You can generate 1 address a second. 86,400 seconds in a day = 86,400 keys a day. 26 bits in a btc address, 403291461126605635584000000 permutations. so 403291461126605635584000000/86400 = 4667725244520898560000 days. So, you wanna wait 1.27882883411531467397260273972602739726027397260273972602739726027397260273972 6027397260273972602739726027397260273972602739726027397260273972602739726027397 260273972602739726027397260273972602739726027*(10**19) years? I didn't think so. lol yeah, i thought it was wrong. meh Title: Re: How? Security of private keys Post by: chiropteran on March 01, 2012, 01:05:54 PM there are 160 bits in a btc address. so its: 2**160 seconds you have to wait. so its about 10**93 years. EDIT: my math failed to, i used ln instead of log. correct is ~10**40 years Even that estimate is too low, because there is no big flashing sign that says HEY YOU GOT A USEFUL PRIVATE KEY! You have to add time to test each and every key you generate if your goal is to find one with money in it, which increase the time by another order of magnitude... Title: Re: How? Security of private keys Post by: bitpop on March 02, 2012, 05:42:37 AM Is using a vanity address ANY less secure than using a regular one since the scope decreases?
Title: Re: How? Security of private keys Post by: rjk on March 02, 2012, 05:46:43 AM Is using a vanity address ANY less secure than using a regular one since the scope decreases? The only reduced security is if some noob looks at the beginning and doesn't compare the rest of the string to see whether the rest of the address is legit. |