Private Key Cracking & Block Database Size

[ebilgin]

I have three questions (last one is has no importance):

1) As fas as, i understand that when i put a transaction I sign it with my private key and remote party verifies it with my public key. Thus with brute attacks theoretically it is possible to find my private key. As I think institutions like NSA may have enough resources for these purposes. So it is possible to lose my bitcoins to these large institutions?

2) Bitcoin block database is growing as transactions done and blocks found. So this file will be getting bigger and bigger in time, as it holds all transactions from launch. When bitcoin gets a full traction, what will be size of those files. Will they be manageable? At the moment they total around 300mb.

3) Hashed block structure seemed too simple. And with the nonce rule, it may seem the proof of work, because calculation takes time. With time factor it seems solid. I wonder, whether it is possible to use these calculated hashes as lookup table for another purposes? That they may be using our computer power to calculate this lookup table while we are distracted as this. I know this theory has no solid grounds that project leader could not expect this popularity two years before hand. I am just curious.

[kinghajj]

1) As fas as, i understand that when i put a transaction I sign it with my private key and remote party verifies it with my public key. Thus with brute attacks theoretically it is possible to find my private key. As I think institutions like NSA may have enough resources for these purposes. So it is possible to lose my bitcoins to these large institutions?

They can't. Don't worry about it.

2) Bitcoin block database is growing as transactions done and blocks found. So this file will be getting bigger and bigger in time, as it holds all transactions from launch. When bitcoin gets a full traction, what will be size of those files. Will they be manageable? At the moment they total around 300mb.

There's some magic using merkle trees that allows the database to be slimmed by tossing unneeded transactions. Currently this isn't implemented in the client, but it's possible.

3) Hashed block structure seemed too simple. And with the nonce rule, it may seem the proof of work, because calculation takes time. With time factor it seems solid. I wonder, whether it is possible to use these calculated hashes as lookup table for another purposes? That they may be using our computer power to calculate this lookup table while we are distracted as this. I know this theory has no solid grounds that project leader could not expect this popularity two years before hand. I am just curious.

The hashes are derived from rather mundane data: block headers, transaction information, etc. I can't think of what mischievous purpose they could be used for.

[DamienBlack]

1) It is possible to brute force attack your private key. But, it has been shown that it would take a computer that uses more energy than the sun creates to brute force it before the universe ends, trillions of years from now. The NSA does not have that power. The methods bitcoin uses are the same methods as any online bank. It is considered uncrackable unless the programer got it wrong. The math is solid.

2) There is discussion about "only sending the headers of blocks" to most users in the future. I'm not sure what that exactly entails, but it would make the amount of data the average user receives a much less.

3) Once again, even if we were hashing to form an attack, it would be like trying to create a block with difficulty 2^256. We're having trouble with just 400,000. The way the math works, our computing speed is pitiful, a tiny drop in the ocean, compared to what you need to mount a successful attack. If our computing power continues to raise EXPONENTIALLY for HUNDREDS OF THOUSANDS of years, then maybe we would begin to cover a small fraction of all the possible hashes.

SHA 256 is secure. Very secure.

[dooglus]

3) Once again, even if we were hashing to form an attack, it would be like trying to create a block with difficulty 2^256. We're having trouble with just 400,000. The way the math works, our computing speed is pitiful, a tiny drop in the ocean, compared to what you need to mount a successful attack. If our computing power continues to raise EXPONENTIALLY for HUNDREDS OF THOUSANDS of years, then maybe we would begin to cover a small fraction of all the possible hashes.

SHA 256 is secure. Very secure.

If we use Moore's law, which says that processing speed roughly doubles every 2 years and the current network hash rate of 10 Ghash/s, we see that within 400 years we'll be able to crack SHA 256 in a day:

Code:

>>> giga = math.pow(10,12)
>>> current_hash_per_second = 10 * giga
>>> current_hash_per_day = current_hash_per_second * 60 * 60 * 24
>>> search_space = math.pow(2,256)
>>> math.log(search_space / current_hash_per_day, 2) * 2
392.8323821490522

Albert Einstein once declared compound interest to be "the most powerful force in the universe."  Possibly.

http://www.snopes.com/quotes/einstein/interest.asp