Bitcoin Forum
December 08, 2016, 08:15:56 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Bitcoin address exhaustion  (Read 3659 times)
Rob P.
Member
**
Offline Offline

Activity: 84



View Profile WWW
July 09, 2011, 08:13:31 PM
 #21

Whenever your bitcoin client creates a new address, it randomly creates a public/private keypair of one of the 2^160 possible addresses. 
If (and it's a HUGE if, with a VERY low probability, but it's not ZERO) you create a public/private keypair that someone else has already created, you'll have access to the coins in that address in the block chain.

Elsewhere in the forum someone was working on a program that would generate approximately 80,000 bitcoin addresses per second. 

At that rate you can create 80,000 * 31536000 (seconds/year) = 2,522,880,000,000 (2.5 Trillion) addresses a year.
However, you'd have to run that for 5.7929891129617856×10^35 years, to exhaust all of the address space. 

And of course, you'd have to have a client that could handle that many addresses, which I doubt the default client can do.  So, you'd have to come up with a way to check them all in the block chain to see if they are valid, which would slow down your rate.

It's a big number.  So, the odds of two people colliding with the same address are astronomically tiny.

You'd be better off using vanity ID creation code to try to create a specific address, at least then if/when you found it, you'd know it.

--

If you like what I've written here, consider tipping the messenger:
1GZu4CtHa6ai8iWoWiVFxV5VVoNte4SkoG

If you don't like what I've written, send me a Tip and I'll stop talking.
1481228156
Hero Member
*
Offline Offline

Posts: 1481228156

View Profile Personal Message (Offline)

Ignore
1481228156
Reply with quote  #2

1481228156
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481228156
Hero Member
*
Offline Offline

Posts: 1481228156

View Profile Personal Message (Offline)

Ignore
1481228156
Reply with quote  #2

1481228156
Report to moderator
1481228156
Hero Member
*
Offline Offline

Posts: 1481228156

View Profile Personal Message (Offline)

Ignore
1481228156
Reply with quote  #2

1481228156
Report to moderator
JoelKatz
Legendary
*
Offline Offline

Activity: 1386


Democracy is vulnerable to a 51% attack.


View Profile WWW
July 09, 2011, 08:29:57 PM
 #22

Long before this kind of attack would be possible, much simpler attacks would appear in the literature. For example, until the first RIPEMD-160 collision appears, there is really no point in worrying about this attack. Creating a RIPEMD-160 collision with control over both inputs is so much easier than this attack and nobody has even done that yet.

For this attack, you actually don't even have control over *either* input. Even if you found a public key that produced that necessary RIPEMD-160 hash to claim someone else's coins, you still wouldn't have the corresponding private key, which you'd need to produce the signature.

To summarize:

1) Find a RIPEMD-160 collision with full control over both inputs.
2) Find a RIPEMD-160 collision with full control over one input.
3) Find a RIPEMD-160 collisions with limited control over one input.

None of these are possible yet, 3 is needed to make this attack work, and 3 is much harder than 2 which is much harder than 1.

And the fix would simply be to switch from RIPEMD-160 to SHA-256. The protocol already supports that. It would just make our bitcoin addresses longer.

I am an employee of Ripple.
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
netrin
Sr. Member
****
Offline Offline

Activity: 322


FirstBits: 168Bc


View Profile
July 11, 2011, 12:38:04 AM
 #23

As long as http://blockexplorer.com/q/decimaltarget divided by the number of addresses with a balance is greater than one, it will be more profitable to generate a block than attack the key space.

17248274092338559882155796390905381469049315669915374897.332224 > 1

Greenlandic tupilak. Hand carved, traditional cursed bone figures. Sorry, polar bear, walrus and human remains not available for export.
Rob P.
Member
**
Offline Offline

Activity: 84



View Profile WWW
July 11, 2011, 01:16:40 AM
 #24

As long as http://blockexplorer.com/q/decimaltarget divided by the number of addresses with a balance is greater than one, it will be more profitable to generate a block than attack the key space.

17248274092338559882155796390905381469049315669915374897.332224 > 1

That's our point.

--

If you like what I've written here, consider tipping the messenger:
1GZu4CtHa6ai8iWoWiVFxV5VVoNte4SkoG

If you don't like what I've written, send me a Tip and I'll stop talking.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!