gigabytecoin (OP)
|
|
June 29, 2011, 10:00:18 AM |
|
How many possibly bitcoin addresses are there exactly?
How long does it take to generate one?
|
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1016
Strength in numbers
|
|
June 29, 2011, 10:05:03 AM |
|
I heard 2^160.
A fast setup could do thousands each second.
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
June 29, 2011, 03:21:07 PM |
|
And if you're thinking what I think you're thinking, remember that you don't actually have to find their private key to claim someone else's bitcoins. All you have to do is find any one of the roughly 2^96 private keys whose corresponding public key hashes to that address.
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
kjj
Legendary
Offline
Activity: 1302
Merit: 1026
|
|
June 29, 2011, 11:06:30 PM |
|
There are exactly 2^160 possible addresses as long as we keep using RIPE-MD160.
2^160 is 1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976.
|
17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8 I routinely ignore posters with paid advertising in their sigs. You should too.
|
|
|
Rob P.
|
|
June 29, 2011, 11:12:01 PM |
|
The total address space is 2^160 To put that in perspective, there are only 2^63 grains of sand on all of the beaches of the Earth ( http://www.hawaii.edu/suremath/jsand.html) Before you run out and build an RPC program to generate addresses, do some math first. Or read this: http://forum.bitcoin.org/index.php?topic=1387.0The total pool of Bitcoin addresses in use is so minuscule compared to the total population of addresses you *could* create, that the odds of you creating a private key for an address that is already in use is so small (near zero), that you'd be better off just writing malware to infect computers and just steal them.
|
--
If you like what I've written here, consider tipping the messenger: 1GZu4CtHa6ai8iWoWiVFxV5VVoNte4SkoG
If you don't like what I've written, send me a Tip and I'll stop talking.
|
|
|
Ian Maxwell
|
|
June 30, 2011, 05:48:01 AM |
|
A more profitable way to make money from generating random numbers would be the state lottery.
|
|
|
|
gigabytecoin (OP)
|
|
June 30, 2011, 08:53:43 PM |
|
And if you're thinking what I think you're thinking, remember that you don't actually have to find their private key to claim someone else's bitcoins. All you have to do is find any one of the roughly 2^96 private keys whose corresponding public key hashes to that address. Ok so for somebody to be lucky enough to steal the bitcoins out of my main backup address... They first need to generate my address which could be any one of 2^160 possibilities. And then they must generate the corresponding public key that gives them access to the bitcoins in my address? Of where there at 2^96 possibilities? Or must they simple generate 2^96 bitcoin keys... at which point they would control every single bitcoin address in the world?
|
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
July 01, 2011, 12:35:02 AM |
|
And if you're thinking what I think you're thinking, remember that you don't actually have to find their private key to claim someone else's bitcoins. All you have to do is find any one of the roughly 2^96 private keys whose corresponding public key hashes to that address. Ok so for somebody to be lucky enough to steal the bitcoins out of my main backup address... They first need to generate my address which could be any one of 2^160 possibilities. And then they must generate the corresponding public key that gives them access to the bitcoins in my address? Of where there at 2^96 possibilities? Generating the public key is trivial. Or must they simple generate 2^96 bitcoin keys... at which point they would control every single bitcoin address in the world? The most sensible way to attempt the attack (which is still insane) is to generate random private keys, calculate the corresponding addresses, and then see if that address has a non-zero balance. I believe there are 2^160 possible addresses. So even if there are 1,000,000,000 addresses with non-zero balances, your odds of getting a non-zero balance on a single key are 1 in 2^128. So brute-forcing a single bitcoin address with a non-zero balance (assuming there are a billion of them, which is generous), is as hard as, say, brute-forcing a given 128-bit AES key.
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5390
Merit: 13426
|
|
July 01, 2011, 01:27:31 AM |
|
Bitcoin already supports OP_HASH256 in script, so it would be trivial to increase the number of addresses if it ever became a problem.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
schnuber
Member
Offline
Activity: 96
Merit: 18
|
|
December 21, 2013, 11:13:14 PM |
|
So there are 2^160 public keys but only 2^96 private keys? Ho does that add up? Are there private keys than unlock more than one public key?
|
|
|
|
cr1776
Legendary
Offline
Activity: 4228
Merit: 1313
|
|
December 22, 2013, 01:11:42 AM |
|
So there are 2^160 public keys but only 2^96 private keys? Ho does that add up? Are there private keys than unlock more than one public key?
This discussion might help: :-) https://bitcointalk.org/index.php?topic=199212.0
|
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
December 22, 2013, 07:50:30 AM |
|
So there are 2^160 public keys but only 2^96 private keys? Ho does that add up? Are there private keys than unlock more than one public key?
There are just under 2^256 private keys, just under 2^256 public keys, and 2^160 addresses. There are some addresses that have more than one corresponding public key and thus more than one corresponding private key.
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
schnuber
Member
Offline
Activity: 96
Merit: 18
|
|
December 22, 2013, 04:36:31 PM |
|
Ok so the quote that there are 2^96 private keys is wrong then
|
|
|
|
bitpop
Legendary
Offline
Activity: 2912
Merit: 1060
|
|
December 22, 2013, 09:29:46 PM |
|
More than atoms in the universe
|
|
|
|
ktorn
Newbie
Offline
Activity: 32
Merit: 0
|
|
May 07, 2014, 08:48:45 AM |
|
More than atoms in the universe
That is not correct, not even close. The estimated number of atoms in the observable universe (10^80) is 71 million trillion trillion times greater than 2^160.
|
|
|
|
PGSystemTester
Newbie
Offline
Activity: 1
Merit: 7
|
Ok so the quote that there are 2^96 private keys is wrong then
I realize this is an old discussion but this thread now appears towards the top of searches for "How many Bitcoin addresses are there" and I wanted to add some exact numbers along with some "color" that might make more sense than exact numbers. The AnswerThe total possible number of addresses is exactly 2 160, or more commonly expressed as 2^160 which is 2 multiplied by itself 160 times. As a decimal number (what most people consider "normal") this is 1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976. Why THAT NumberIf I were to ask you how many possible numbers could be shown on a 2-digit scoreboard under the HOME team section, the answer would be 100. Don't feel bad if you thought 99, we're all incorrectly taught to start counting at one instead of zero, but the range of 0 to 99 = 100 possible numbers. Similarly, a Bitcoin address must be a whole number that can be displayed on a "scoreboard" that uses binary numbers and extends 160 digits. If you can wrap your head around hexadecimal numbering, it offers a good illustration of the range of possible numeric addresses being from: 0 to FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFFPrivate Key PossibilitiesThe total number of possible private keys is frequently listed as 2^256 and for all sensible discussion, this is correct. However, technically there are fewer due to usage of the secp256k1 Curve usage. Words cannot express how insignificant of a difference the actual number is from 2^256. Imagine all of Earth's beaches. Now imagine them with one less grain of sand. Even THAT example is overstating the difference (though the actual numeric difference is far greater than the actual number of grains of sand on Earth's beaches ) But since we're talking exact numbers, here's an illustration (compared to 2^256) Total Numbers As Decimals 115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 (exact private key maximum) 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936 (2^256)
Maximum Value as a Hexadecimal FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140 (exact private key maximum) FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF (2^256)
Overall SecurityGoing back to the discussion of how long it would take to brute force attack a specific address -- quite simply not possible with today's technology. A few years ago, I posted this question in the mathematics section on the stack exchange trying to figure out how many trials would be needed to even have a 1% probability. Suffice to say... it's pretty safe. https://math.stackexchange.com/questions/2845598/how-to-calculate-binomial-distribution-of-really-smallIf you or someone you know still finds themselves worried about the idea of someone randomly guessing your private key code, it might be worth noting that we all face similarly improbable odds on a regular basis. It would be far more likely for a cybercriminal to find a recycled password or some other vulnerability to access our financial records. A three-year-old might accidentally hit the precise keystrokes to miraculously log into your account. These are risks we inherently accept and don't lose sleep over yet they are more likely to occur than anyone guessing your private key combination. While there is a possibility it is just too low to consider existent. But to quote dumb and dumber... SO YOU'RE SAYING THERE'S A CHANCE.....
|
|
|
|
vit05
|
|
July 08, 2018, 03:49:44 AM |
|
Ok so the quote that there are 2^96 private keys is wrong then
I realize this is an old discussion but this thread now appears towards the top of searches for "How many bitcoin addresses are there." Here are some exact numbers for Bitcoin and Ethereum... and all of their relatives. The total possible number of addresses is exactly 2^160. As a decimal number (what most people consider "normal") this is 1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,975. As a hexidecimal, this number is: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF The total possible private keys is frequently listed as 2^256 and for all sensible discussion, this is correct. However, technically there are a few less because of the secp256k1 Curve usage. Below is the exact amount of private keys that can be used. (I'm comparing them against the 2^256 just to illustrate how inconsequential the difference is) Decimal 115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 (actual private key maximum) 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,935 (2^256)
Hexidecimal FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140 (actual private key maximum) FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF (2^256)
Going back to the discussion of how long it would take to brute force attack a specific address -- quite simply not possible with today's technology. The quote of 2^96 represented how many potential PRIVATE keys would work for a single PUBLIC key (not how many total private keys were there). A brute force attack would require an approach of using all 2^256 since there's no way to tell if a private key will generate an address that's been used or not. At some point (2^200?) all 2^160 addresses would be accounted for, but again, impossible with today's technology. I hope it's not a totally stupid question. But has bech32 changed anything about this number of public addresses? I think the private keys do not change anything, right? Since they follow the same pattern.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5390
Merit: 13426
|
|
July 08, 2018, 11:39:31 PM |
|
I hope it's not a totally stupid question. But has bech32 changed anything about this number of public addresses? I think the private keys do not change anything, right? Since they follow the same pattern.
Short-style bech32 addresses have the same maximum possible addresses of 2 160. There is also a long-style bech32 address format (used for multisig and other more complex scripts) which has 2 256 possible addresses.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Devawnm367
Full Member
Offline
Activity: 1036
Merit: 144
Penguin Party 🐟
|
|
September 15, 2018, 12:12:04 AM |
|
So is that the total number of possibilities, or is that the total number of addresses? If I use a phrase and unlock one would that mean it was being used or are all of the wallets pre created with prestored key phrases, lets say if I typed random words for days and somehow unlock one would that mean that it is of use or I just found a random address?
I guess running a program would be simpler, just saying I never knew that... your odds would be less than one unlock in a million years!!!!
|
𝕻𝖊𝖓𝖌𝖚𝖎𝖓 𝕾𝖜𝛼𝖕PENGUIN PARTY BAITSHOP! Swap, Pool, Stake, or Vote
|
|
|
Coding Enthusiast
Legendary
Offline
Activity: 1043
Merit: 2818
Bitcoin and C♯ Enthusiast
|
In case you are wondering where are these numbers coming from, you should know that these aren't magic numbers or constants anywhere. These are simply the size of the "data" that represent an address! The first thing you should ask is "what is an address?" This will also clarify things for the question above regarding Bech32 and @theymos answer regarding 2 160 and 2 256 number of addresses. An address such as 1BgGZ9tcN4rm9KBzDn7KprQz87SZ26SAMH or bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4 is simply the "human readable" encoding of some data. Now that data simply has a fixed size. In case of P2PKH and P2WPH address examples above this data is RIPEMD160(SHA256(publickey)). Basically you are encoding (to be human readable) the result of RIPEMD160 cryptographic hash function. The encoding can be anything, in bitcoin we use Base58 encoding for first address example and use bech32 for the second. This hash function as its name suggests is 160 bits in size. So the number of possible results it can have is 2 160. Math: 1 bit (2^1): 0 1
2 bit (2^2): 00 01 10 11
160 bit (2^160) ...
What about 2 256 then? That "data" is not always the same. We have different types of addresses. For instance it can be a scriptHash, in which case it is the result of a SHA256 cryptographic hash function which is obviously 256 bits of data hence the 2 256 possible addresses.
|
|
|
|
|