Fishbones78 (OP)
|
|
July 30, 2015, 12:05:38 AM |
|
Hi. More people are starting to make their private keys from strings of words. Wallets like MultiBit HD force you to create your private keys from word strings. If Bitcoin grew substantially larger, surely this would present a problem? I could create a program to randomly shuffle words in 24 word strings (the most words MultiBit allows to create a private keys with), to create private keys and check them for a BTC balance on the block chain. If the keys' address had BTC allocated to it, I could simply withdraw it to my own, untraceable wallet.
Is my understanding of Bitcoin correct in this, and if so, surely this could happen if most of the world's population used Bitcoin?
|
|
|
|
unamis76
Legendary
Offline
Activity: 1512
Merit: 1012
|
|
July 30, 2015, 12:07:57 AM |
|
the word combinations are quite big, and when you mix languages they're even bigger. If there was enough people using this method of generating private keys for collision, one just probably had to raise the words limit.,..
|
|
|
|
Fishbones78 (OP)
|
|
July 30, 2015, 12:22:56 AM |
|
the word combinations are quite big, and when you mix languages they're even bigger. If there was enough people using this method of generating private keys for collision, one just probably had to raise the words limit.,.. That's very true. I still think it would be possible to collide (in English, probably), especially if you were deliberately trying to collide. It would probably take a long time, but it is possible without a doubt.
|
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3542
Merit: 6886
Just writing some code
|
|
July 30, 2015, 12:25:58 AM |
|
That is just like bruteforcing a password. While it doesn't seem like too much, it is in fact incredibly difficult and will take much longer than you would think. Think of it as trying to bruteforce a 24 character password. Pretty hard. Now instead of less than 100 characters to choose from for each character, you have hundreds of millions of words to choose from from each "character" That becomes pretty much impossible to brute force in any reasonable amount of time with current technology.
|
|
|
|
achow101
Staff
Legendary
Offline
Activity: 3542
Merit: 6886
Just writing some code
|
|
July 30, 2015, 12:28:08 AM |
|
the word combinations are quite big, and when you mix languages they're even bigger. If there was enough people using this method of generating private keys for collision, one just probably had to raise the words limit.,.. That's very true. I still think it would be possible to collide (in English, probably), especially if you were deliberately trying to collide. It would probably take a long time, but it is possible without a doubt. Of course it is possible. So is brute forcing someone's password. But, it is probably more cost effective to do other things with your computer. Remember, running a computer costs money (electricity costs) and it will take several times longer than your lifespan to reliably get a collision.
|
|
|
|
Kazimir
Legendary
Offline
Activity: 1176
Merit: 1011
|
|
July 30, 2015, 01:02:00 AM |
|
That's very true. I still think it would be possible to collide (in English, probably), especially if you were deliberately trying to collide. It would probably take a long time, but it is possible without a doubt.
Yes, for sure, this is most definitely possible. It's also possible to buy lotto tickets every week until you win the jackpot. The latter strategy has a much, MUCH bigger chance of success, and will yield results much faster. If you would somehow manage to have ALL of the world's total computing power at your disposal, the expected time it takes to find your first collision is approximately 19 billion years (that's longer than the current age of the universe). Keep in mind that those HD Wallet words are (roughly speaking) just a fancy way of representing the 256 bits of a private key. Also this illustration is obligatory in a topic like this. So good luck with that, sir!
|
|
|
|
jbrnt
|
|
July 30, 2015, 01:10:44 AM Last edit: July 30, 2015, 02:05:07 AM by jbrnt |
|
I could create a program to randomly shuffle words in 24 word strings (the most words MultiBit allows to create a private keys with), to create private keys and check them for a BTC balance on the block chain. If the keys' address had BTC allocated to it, I could simply withdraw it to my own, untraceable wallet.
I suggest you try it. Electrum version 1 wallets uses 12 words, half of Multibit. Create the script and run it for a month. Electrum uses a list of 1626 words, total permutations is 3.4 x 10^38. Have fun with it! You might just be lucky and hit a wallet with balance on the first attempt. I think there are people who tried it before and some still hacking. I haven't heard of any Electrum users reporting that their coins are mysteriously gone.
|
|
|
|
jonald_fyookball
Legendary
Offline
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
|
|
July 30, 2015, 01:46:03 AM |
|
I could create a program to randomly shuffle words in 24 word strings (the most words MultiBit allows to create a private keys with), to create private keys and check them for a BTC balance on the block chain. If the keys' address had BTC allocated to it, I could simply withdraw it to my own, untraceable wallet.
I suggest you try it. Electrum version 1 wallets uses 12 words, half of Multibit. Create the script and run it for a month. Electrum uses a list of 1626 words, total permutations is 3.4 x 10^38. Have fun with it! You might just be lucky and hit a wallet with balance on the first attempt. I think there are people who tried it before and some still hacking. I haven't heard of any Electrum users reporting that there coins are mysteriously gone. as I mentioned in another thread, you could have 10,000 supercomputers each running 100 petaflops for a whole century and not even get through one percent of one percent of the combinations...oh and that's before electrum's key stretching which makes it 100,000 slower to compute. it also doesn't include any extra time needed to generate multiple addresses for each seed and check their balances...so....good luck.
|
|
|
|
valkir
Legendary
Offline
Activity: 1484
Merit: 1004
|
|
July 30, 2015, 02:43:26 AM |
|
|
██ Please support sidehack with his new miner project Send to :
1BURGERAXHH6Yi6LRybRJK7ybEm5m5HwTr
|
|
|
Pursuer
Legendary
Offline
Activity: 1638
Merit: 1163
Where is my ring of blades...
|
|
July 30, 2015, 02:49:17 AM |
|
Hi. More people are starting to make their private keys from strings of words. Wallets like MultiBit HD force you to create your private keys from word strings. If Bitcoin grew substantially larger, surely this would present a problem? I could create a program to randomly shuffle words in 24 word strings (the most words MultiBit allows to create a private keys with), to create private keys and check them for a BTC balance on the block chain. If the keys' address had BTC allocated to it, I could simply withdraw it to my own, untraceable wallet.
Is my understanding of Bitcoin correct in this, and if so, surely this could happen if most of the world's population used Bitcoin?
you have to remember that creating a string of random words by a human can not be completely random. so there is a risk of being hacked.
|
Only Bitcoin
|
|
|
coretechs
Donator
Sr. Member
Offline
Activity: 362
Merit: 250
|
|
July 30, 2015, 02:59:57 AM |
|
Hi. More people are starting to make their private keys from strings of words. Wallets like MultiBit HD force you to create your private keys from word strings. If Bitcoin grew substantially larger, surely this would present a problem? I could create a program to randomly shuffle words in 24 word strings (the most words MultiBit allows to create a private keys with), to create private keys and check them for a BTC balance on the block chain. If the keys' address had BTC allocated to it, I could simply withdraw it to my own, untraceable wallet.
Is my understanding of Bitcoin correct in this, and if so, surely this could happen if most of the world's population used Bitcoin?
you have to remember that creating a string of random words by a human can not be completely random. so there is a risk of being hacked. Here's a passphrase generator you can use - https://nxtportal.org/tools/diceware_passphrase.htmlRight-click, save-as for offline use.
|
|
|
|
|