Address collision?

[tkbx]

I was reading a guide on securely storing bitcoins, and it said a good way is to disconnect a computer from the internet, generate an address, send coins to that address, encrypt the wallet, and store it. This got me thinking: If that computer disconnected from the network can generate a given address, doesn't that mean I can generate the same address? What if two people were to create the same public and private keys, would they have access to each other's funds?

[Scott J]

This is possible, yes.

Hopefully the next post will explain exactly how unlikely it is to happen.

[Zomdifros]

This is possible, yes.

Hopefully the next post will explain exactly how unlikely it is to happen.

There ya go: https://en.bitcoin.it/wiki/Weaknesses#Generating_tons_of_addresses

[MysteryMiner]

This is discussed here numerous times. Search for "hash collision" or "address collision". In theory it is possible, but super ultra extremely unlike in practice.

It is nothing to be worried about.

If someone can generate the same key or different key that hashes to same address, he can spend all associated coins. But as I told it is too unlikely to ever happen in lifetime of Bitcoin as long as random number generator is not faulty.

[tkbx]

This is discussed here numerous times. Search for "hash collision" or "address collision". In theory it is possible, but super ultra extremely unlike in practice.

It is nothing to be worried about.

If someone can generate the same key or different key that hashes to same address, he can spend all associated coins. But as I told it is too unlikely to ever happen in lifetime of Bitcoin as long as random number generator is not faulty.

So is your address a hash of your private key?

[MysteryMiner]

A Bitcoin address is a 160-bit hash of the public portion of a public/private ECDSA keypair

https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses

[Elwar]

Someone else will probably jump in but the odds of it happening are to the point where you would need all of the time and energy in the universe for it to happen. Maybe slightly less if you are lucky.

[MysteryMiner]

Im lazy to search but here it was calculated how much time needs to be spent for 50% probability of collision. But the irony is that the collision might happen right now with simple New Address press. It is highly unlikely, even more unlikely to be hit by comet from outer space while masturbating to Knight Rider rerun.

[MagicalTux]

Actually a bitcoin address collision is very unlikely.

At MtGox we handle around 2.2 million active bitcoin addresses, and another 18 million addresses, and haven't had any collision with addresses already in the blockchain.

This said, collision on weak random generators are possible, and known to have happened with vanity address generators.

[Anon136]

i dont think its as unlikely as these guys let on although still pretty unlikely. this is because computers are not capable of generating random numbers and all of these crazy maths rely on the assumption that we are dealing with truly random numbers. Still with that being said dont expect it to happen to you.

[dree12]

i dont think its as unlikely as these guys let on although still pretty unlikely. this is because computers are not capable of generating random numbers and all of these crazy maths rely on the assumption that we are dealing with truly random numbers. Still with that being said dont expect it to happen to you.

AFAIK Bitcoin uses a TRNG (truly random numbers) on Linux at least (/dev/random), so this should not be a concern on Linux OSes.

[Ichthyo]

...we should add the warning here, that Brainwallets might be dangerous.
Reason is, in practice there is an increased probability for people to pick common terms which can be remembered easily.

[westkybitcoins]

Let's say that you lived to be 100, and each second of your life, you generate 1 trillion unique, truly random bitcoin addresses to use.

Now, let's assume that the population of the planet exploded to 100 billion people, and that they each lived to be 100 years old, and that they each also generated 1 trillion bitcoin addresses to use each second of their lives. Let's further assume that all of these addresses are unique, and truly random.

Going by the important number, the size of a bitcoin address (160 bits), what is the chance of you generating an address that collides with that of someone else on the planet?

Best I can do right now is to turn this into an analogy (I'm sure the math will be corrected, but it's close enough to make the point.)

Imagine that I tell you that I've hidden a small treasure box, one inch cubed, that I've buried under a few inches deep somewhere in the 48 contiguous United States. You have a sewing needle. You have to guess where in the U.S. the box is, with NO data, and mark the location by sticking the needle into the ground on top of where you think the box is.

Your chance of finding that box with that needle in one try is millions of times better than your chance of creating an address collision with 100 billion other people, each generating 1 trillion unique, truly random addresses a second for 100 years straight.

So long as you're generating truly random bitcoin addresses, a collision should never be a problem.

[Anon136]

i dont think its as unlikely as these guys let on although still pretty unlikely. this is because computers are not capable of generating random numbers and all of these crazy maths rely on the assumption that we are dealing with truly random numbers. Still with that being said dont expect it to happen to you.

AFAIK Bitcoin uses a TRNG (truly random numbers) on Linux at least (/dev/random), so this should not be a concern on Linux OSes.

thanks, im glad to know that.

[dree12]

Let's say that you lived to be 100, and each second of your life, you generate 1 trillion unique, truly random bitcoin addresses to use.

Now, let's assume that the population of the planet exploded to 100 billion people, and that they each lived to be 100 years old, and that they each also generated 1 trillion bitcoin addresses to use each second of their lives. Let's further assume that all of these addresses are unique, and truly random.

Going by the important number, the size of a bitcoin address (160 bits), what is the chance of you generating an address that collides with that of someone else on the planet?

Best I can do right now is to turn this into an analogy (I'm sure the math will be corrected, but it's close enough to make the point.)

Imagine that I tell you that I've hidden a small treasure box, one inch cubed, that I've buried under a few inches deep somewhere in the 48 contiguous United States. You have a sewing needle. You have to guess where in the U.S. the box is, with NO data, and mark the location by sticking the needle into the ground on top of where you think the box is.

Your chance of finding that box with that needle in one try is millions of times better than your chance of creating an address collision with 100 billion other people, each generating 1 trillion unique, truly random addresses a second for 100 years straight.

So long as you're generating truly random bitcoin addresses, a collision should never be a problem.

Actually, with those (albeit unrealistic) numbers you'd have generated quite a few collisions. ~3.5×10¹⁶ to be more precise, and even more if RIPEMD is not reversible.

Assuming RIPEMD-160 is a reversible function, there are 2¹⁶⁰ possible addresses. Therefore, the likelihood any pair of addresses is a collision is 1/2¹⁶⁰.

Here, we are theoretically generating 10¹¹ (# people) × 10¹² (# addresses/s) × 60 × 60 × 24 × 365 × 100 (time) addresses. That's around (exactly, actually) 3.1536×10³².

The number of address pairs for n number of addresses is n(n-1)/2. With so many addresses, n(n-1) is virtually equal to n². So there are approximately 4.97259648×10⁶⁴, but this approximation is off by something very insignificant.

Dividing by 2¹⁶⁰, we will have quite a few (i.e. too many to count) colliding pairs.

2¹⁶⁰ is big, but not that big.