Can a bitcoin address can be recovered from public key???

[shorena]

Guys the things are now messing up here...

Just lock the thread. You will only get more answers from people that do not even bother reading your question properly.

i asked only the question that CAN A BITCOIN ADDRESS CAN BE RECOVERED FROM PUBLIC KEY??

and i got the answer - "NO"

and I thought we have been over this.

reason:-https://www.comodo.com/resources/small-business/digital-certificates2.php

Has nothing to do with bitcoin.

there is only two-three points that can recover your address:-
1) private key

Private key -> pubkey -> address

2) mnemonic

That only works for HD wallets and

mnemonic -> master private key -> private key -> pubkey -> address

3) email address and phone no. that was linked to the address(if you had made via blockchain)

Thats service specific and has nothing to do with the inner workings of bitcoin.

[Swordsoffreedom]

As long as someone does not have a weak R value cough blockchain tinkering with code.
If I recall correctly there was an exploit that was patched similar to that in the area of address reuse
https://en.bitcoin.it/wiki/Address_reuse
https://bitcointalk.org/index.php?topic=581411.0

Simple Answer: NO

[shorena]

-snip-
Simple Answer: NO
-snip-

Did you even look at the picture you posted? OP is talking about the public key.

[VirosaGITS]

No it is not.

Yes it is - do you understand that the question does not mention "private key" but instead "public key" or did you simply not read it?

It is a mess but if you put information like that, you will just cause confusion, and thus, a mess.

Unfortunately it is you (and most other posters in this topic) that are causing the mess and confusion by not even bothering to read the OP.

To the @OP - unfortunately this is why this forum is no longer very useful for any sort of technical advice.

Looks like you are the only one to actually read the question indeed.

I think people just automatically assume private key whenever someone starts talking about recovering something from an address.

Are you guys done bashing? You cannot recover an address from another Bitcoin address. The whole process need to go back to the privkey, hence the comment of me and other users.

"That" is what was asked "Can you recover address from address" in broken English and that is the proper answer.

[odolvlobo]

no youcan not crack private key by knowing public key.
But i think by using botnets it would be possible.

Even a botnet would not be powerful enough to crack private keys.

Skipping the physics and doing back-of-the-envelope math ...

There are 2¹⁶⁰ addresses. Just to count up to 2¹⁵⁹ (half the possible keys) would consume at least 4.8x10²⁵ joules. The energy consumption of the entire world is 5.6x10¹⁰ joules.

TL;DR Using all the electricity generated by the entire world, it would take 10¹⁵ (1,000,000,000,000,000) years to just to count through half the possible keys.

[Syke]

As a couple people have mentioned, a poorly-chosen private key can be recovered. This includes some brain wallets and bugs in private key generation. Anybody claiming to be able to recover any private key is lying or he would have done so with any number of multi-million dollar addresses readily available in the blockchain.

[c789]

Not unless quantum computers (even just a few) have taken off. Until then, no.

And even if quantum computers take off soon, there are mathematically proven ways to protect data even from them...but not the current form of BTC keys (or SSL, TLS, PGP, etc.). Still, that's a long way off by most estimates. And they would go after much, much bigger targets than a BTC wallet.

So, no.

[Amph]

Not unless quantum computers (even just a few) have taken off. Until then, no.

And even if quantum computers take off soon, there are mathematically proven ways to protect data even from them...but not the current form of BTC keys (or SSL, TLS, PGP, etc.). Still, that's a long way off by most estimates. And they would go after much, much bigger targets than a BTC wallet.

So, no.

just hope that quantum computer would be revealed to the public first, otherwise they can break ecdsa easily, and determinate public key from address

for the op this can be useful https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses

no youcan not crack private key by knowing public key.
But i think by using botnets it would be possible.

this is a public key, with a quantum computer you can easily determinate it form an address

and sha256 is impossible to crack for now, even satoshi said that there is a possibility in the future that something unknown could break it

like quantum computer could pose a serious threat, surely not something which i call impossible

[Swordsoffreedom]

-snip-
Simple Answer: NO
-snip-

Did you even look at the picture you posted? OP is talking about the public key.

It's in the picture did you read each part of the process ?
And the infographic shows the process it merited posting.

Op's question was
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

The answer is NO
However you can try  if your looking for an atom in the sun or run a defective client.
(you cannot compute the public key without the private key).  A problem is that if one private key is leaked the others can easily be computed, but there is no general way to avoid it. )

---

By publishing Kp, a customer should be able to combine Kp and n, in such a way he gains a public key Kp(1013853254).
If a customer sends Money to the associated adress of this public key Kp(1013853254), then the funds
should be spendable by combining Ks with n in such a way I gain Ks(1013853254).

How is this possible with lets say EC primitives?

The associative law and the distributive law hold for EC and can be used.  Kp = Ks * G, hence
   (1013+Ks) * G = 1013*G + Ks*G = 1013*G + Kp
and
   (1013*Ks) * G = 1013 * (Ks * G) = 1013 * Kp

Note that + and * have two different meanings above.  Operator + is point addition or number addition modulo group order.  Operator * is point multiplication or number multiplication modulo group order.

So 1013+Ks is the private key for 1013*G + Kp  and 1013*Ks is the private key for 1013 * Kp.

I think it doesn't really matter which method you use.  See also BIP32, which uses a variant of the first method for non-hardened derivation  (hardened derivation is not what you want, because then you cannot compute the public key without the private key).  A problem is that if one private key is leaked the others can easily be computed, but there is no general way to avoid it.

--

We are talking about Private Key generations... Can some guru out there have a look at my posts and give some scientific answer to my concerns?

I think not only me, but the Bitcoin community would appreciate that.

https://bitcointalk.org/index.php?topic=961023.msg10511395#msg10511395

Satoshi, you there?

So lets do the math.  vanitygen can generate about 1 MKey/s with a few tweaks (e.g. try positive/negative, compressed and uncompressed keys at the same time) on today's computer.    Lets assume that using ASIC technology (which you have to build from scratch, since SHA-256 is not enough to generate private/public key pairs) you can get a speedup of a trillion (the current Bitcoin network has significantly less than a trillion times more computing power than Satoshi's computer).  Lets assume there are about 100 million addresses that currently have a non-zero balance (I think it's less).  There are only 2^160 addresses (since we hash to 160 bits).  So you need on average

Code:

2^160 addresses / (100 million non-empty addreses) / a trillion speedup / 1 million (keys/s) /31.5 million (s/year) = 464*10^12 years/key

This are around 465 trillion years to find a single key for a non-empty address, if I'm not mistaken.

Okay, if Moore's law will still hold for 75 years, then this method might become feasible -- if you want to invest as much money as all miners together and let the computer work for half a year to find a fraction of a Bitcoin in some random address.

BTW, there are faster ways than brute-forcing all addresses. You could take an address with lot of funds where the public key is known (e.g. Bitstamp's cold wallet) and use the big-step, baby-step algorithm that "only" has complexity 2^128.  That may be 100 times faster.

And since you asked for quantum computers:  The current quantum computers can probably not be used, but if you have a real 65000-qbit quantum computer that can do complex computations without decoherence for a few seconds, then you can probably crack a public key in a few seconds.

--
Since that does not happen in most use cases the simple answer is NO

[shorena]

-snip-
Simple Answer: NO
-snip-

Did you even look at the picture you posted? OP is talking about the public key.

It's in the picture did you read each part of the process ?
And the infographic shows the process.

It explains how a TX is created and confirmed, it does not explain how addresses are created.

Op's question was
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

The answer is NO
-snip-

Your answer is wrong, same as 90% of others here that have no idea what they are talking about. The address is the hash the of public key. Of course anyone can hash the public key in the correct way and get the address. Thus the address can be "recovered" from the public key.

What you are possibly refering to is the private key. The chain goes one way like this:

private key -> public key -> address

not (!) the other way around

address -\> public key -\> private key

but thats not the question asked by OP.

[Swordsoffreedom]

It explains how a TX is created and confirmed, it does not explain how addresses are created.

I see what you meant there made an error, but the info-graphic still is handy.
It took me a while there to get the question misread it your right the private key comes first the bitcoin address comes last not that the bitcoin address is deduced backwards to find the master public key then the private key.

Was thinking of a strange configuration where the master public key reveals a private key through a hash in a deterministic wallet exploit.
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276
https://en.bitcoin.it/wiki/BIP_0032

Posting the proper one:

Op's question was
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

The answer is NO
-snip-

Your answer is wrong, same as 90% of others here that have no idea what they are talking about. The address is the hash the of public key. Of course anyone can hash the public key in the correct way and get the address. Thus the address can be "recovered" from the public key.

What you are possibly refering to is the private key. The chain goes one way like this:

private key -> public key -> address

not (!) the other way around

address -\> public key -\> private key

but thats not the question asked by OP.

In that case, I am confused (!) Following the Process it is Private -> Public -> Address
EDIT: Read it as no its the other way around nvm your fine.

How to create Bitcoin Address
https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses

0 - Having a private ECDSA key

   18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725

1 - Take the corresponding public key generated with it (65 bytes, 1 byte 0x04, 32 bytes corresponding to X coordinate, 32 bytes corresponding to Y coordinate)

   0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A 299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6

2 - Perform SHA-256 hashing on the public key

   600FFE422B4E00731A59557A5CCA46CC183944191006324A447BDB2D98D4B408

3 - Perform RIPEMD-160 hashing on the result of SHA-256

   010966776006953D5567439E5E39F86A0D273BEE

4 - Add version byte in front of RIPEMD-160 hash (0x00 for Main Network)

   00010966776006953D5567439E5E39F86A0D273BEE

(note that below steps are the Base58Check encoding, which has multiple library options available implementing it)
5 - Perform SHA-256 hash on the extended RIPEMD-160 result

   445C7A8007A93D8733188288BB320A8FE2DEBD2AE1B47F0F50BC10BAE845C094

6 - Perform SHA-256 hash on the result of the previous SHA-256 hash

   D61967F63C7DD183914A4AE452C9F6AD5D462CE3D277798075B107615C1A8A30

7 - Take the first 4 bytes of the second SHA-256 hash. This is the address checksum

   D61967F6

8 - Add the 4 checksum bytes from stage 7 at the end of extended RIPEMD-160 hash from stage 4. This is the 25-byte binary Bitcoin Address.

   00010966776006953D5567439E5E39F86A0D273BEED61967F6

9 - Convert the result from a byte string into a base58 string using Base58Check encoding. This is the most commonly used Bitcoin Address format

   16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM

http://security.stackexchange.com/questions/54136/possible-to-derive-private-key-from-public-key-given-enough-computing-power

[Perlover]

Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

Bitcoin address is Base58 encoded a hash of public key. So if you have a public key you can calculate bitcoin address ;-)
But you will not be able spend bitcoins - you will need a private key  

[pjsonowal]

Guys Thanks for your replies....it helped me a lot !!!!!

SO I AM LOCKING THIS TOPIC....

THANK YOU AGAIN!!!!