Bitcoin Forum
December 03, 2016, 04:39:48 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: possible to use up ALL wallet address combinations?  (Read 3962 times)
haploid23
Legendary
*
Offline Offline

Activity: 812



View Profile WWW
July 20, 2011, 08:42:49 AM
 #1

if wallet address don't ever get recycled, then that means there are only a predetermined set amount of wallet address, just like the amount of bitcoins that's able to be mined. if this is the case, then what happens after all the addresses gets used up? i suck at statistics, but what's the total amount available? let me know if my math is correct/wrong:

34 characters
24 capital letters
25 lower case letters
9 numbers

(24 x25 x9)^34 = about 7.97 x (10^126)?

hmm maybe this should belong in the newbie section

1480739988
Hero Member
*
Offline Offline

Posts: 1480739988

View Profile Personal Message (Offline)

Ignore
1480739988
Reply with quote  #2

1480739988
Report to moderator
1480739988
Hero Member
*
Offline Offline

Posts: 1480739988

View Profile Personal Message (Offline)

Ignore
1480739988
Reply with quote  #2

1480739988
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480739988
Hero Member
*
Offline Offline

Posts: 1480739988

View Profile Personal Message (Offline)

Ignore
1480739988
Reply with quote  #2

1480739988
Report to moderator
1480739988
Hero Member
*
Offline Offline

Posts: 1480739988

View Profile Personal Message (Offline)

Ignore
1480739988
Reply with quote  #2

1480739988
Report to moderator
Maged
Legendary
*
Offline Offline

Activity: 1260


View Profile
July 20, 2011, 09:05:16 AM
 #2

First off, what you think of as an "address" is really a base58 representation of a 160-bit hash plus a checksum. So, there's considerably less possibilities. Only 2^160, or about 1.46 × 10^48. However, that's still pretty big. If you could generate one million addresses per second (most computers can only do 1/1000th of that right now, at best), then it'd still take 4.634391290369428×10^34 YEARS for one person to exhaust the address space. That's besides the fact that we can switch to 256-bit addresses (the size of our current public keys) without any modification to the current protocol.

myrkul
Hero Member
*****
Offline Offline

Activity: 532


FIAT LIBERTAS RVAT CAELVM


View Profile WWW
July 20, 2011, 09:06:51 AM
 #3

We'll eventually run out of addresses. Probably right before the sun bakes the planet dry.

BTC1MYRkuLv4XPBa6bGnYAronz55grPAGcxja
Need Dispute resolution? Public Key ID: 0x11D341CF
No person has the right to initiate force, threat of force, or fraud against another person or their property. VIM VI REPELLERE LICET
JoelKatz
Legendary
*
Offline Offline

Activity: 1386


Democracy is vulnerable to a 51% attack.


View Profile WWW
July 20, 2011, 09:31:45 AM
 #4

(24 x25 x9)^34 = about 7.97 x (10^126)?
If every particle in the known universe could create a billion addresses a second for the entire age of the universe, they would generate about one-quintillionth of the possible addresses.

I am an employee of Ripple.
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
bitterness
Newbie
*
Offline Offline

Activity: 18


View Profile
July 20, 2011, 10:54:57 AM
 #5

If mankind doesn't restructure the entire human body, it's unlikely our species can survive more than 10^9 years from now on earth. If we don't fuck up everything before, obviously. Just as a side note.
Meni Rosenfeld
Donator
Legendary
*
Offline Offline

Activity: 1890



View Profile WWW
July 20, 2011, 11:33:30 AM
 #6

(24 x25 x9)^34 = about 7.97 x (10^126)?
If anything it should be (24+25+9)^34 = 58^34 ~ 9.05 * 10^59. But as Maged says the correct calculation is 2^160. And we're not ever going to run out of addresses.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
pc
Sr. Member
****
Offline Offline

Activity: 253


View Profile
July 20, 2011, 11:46:04 AM
 #7

If you could generate one million addresses per second (most computers can only do 1/1000th of that right now, at best)

Using vanitygen, my computer can generate over 1.5 million addresses a second, and I think some people are getting several million using their GPU. So we may be able to get down to only 1047 years or so. Smiley
molecular
Donator
Legendary
*
Offline Offline

Activity: 2128



View Profile
July 20, 2011, 11:59:22 AM
 #8

remotely relevant and quite funny: http://xkcd.com/865/

If address collisions where likely, you could bruteforce keys to bitcoins. 2^160: too big a search space. ou can start vanitygen on a search, though and it will find the key to any address, just takes some time:

Quote
#> vanitygen 1DNMiQRXNM4DhXZGF6vqnCTS14u6twahnR

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
LeonGeeste
Jr. Member
*
Offline Offline

Activity: 48


View Profile
July 20, 2011, 03:26:03 PM
 #9

Correct me if I'm wrong, but the relevant metric (under the paranoia security model) is the average time to find a collision, not time to exhaust the address space.  And I thought that that value was equal to the square root of the size of the address space, which, per Maged's post's value, would be ~1.2 x 10^24.

So if a network of comparable size to that of bitcoin miners instead devoted itself to generating addresses, they could feasibly get ~1 trillion/sec.  This would get a collision in ~38,000 years.  Not bad, but a lot sooner that the obscenely huge numbers posted in the thread.

Also, in order for an upgrade to larger keysizes, everyone would have to void the balances held by their existing addresses and transfer them to the larger-key addresses, and have those transfers incorporated into the blockchain, all before anyone could spend they coins in a collided address.

So, I've been kind of worried that maybe the ECDSA keysize was chosen to be a bit too small.  Well ... several bits too small  Wink

(Still sort of a crypto newb, please don't take offense, just let me know if I'm relying on questionable assumptions here.)
wareen
Millionaire
Hero Member
*****
Offline Offline

Activity: 742

bitcoin-austria.at


View Profile
July 20, 2011, 04:01:20 PM
 #10

Correct me if I'm wrong, but the relevant metric (under the paranoia security model) is the average time to find a collision, not time to exhaust the address space.
A simple collision would not gain you very much. You would need a collision with an already used address or otherwise you would not be able to cause any harm or profit anything from it. This is why the Birthday attack does not help you here.

Since such threads pop up every once in a while: I always find it funny how people tend to overestimate the probability of some extremely rare event. I mean, mankind is probably more likely to get extinct by the impact of a green striped meteorite tomorrow and I don't see anyone worrying about that (ok, this is the Bitcoin forum - I guess there are other forums where people actually do worry about green striped meteorites Wink

Anyway, I guess we're safe regarding the keysize for the time being, barring some cryptoanalytic breakthrough of course.
lemonginger
Full Member
***
Offline Offline

Activity: 210


firstbits: 121vnq


View Profile
July 20, 2011, 04:15:12 PM
 #11

So if a network of comparable size to that of bitcoin miners instead devoted itself to generating addresses, they could feasibly get ~1 trillion/sec.  This would get a collision in ~38,000 years.  Not bad, but a lot sooner that the obscenely huge numbers posted in the thread.

Sounds profitable Wink
LeonGeeste
Jr. Member
*
Offline Offline

Activity: 48


View Profile
July 20, 2011, 04:19:00 PM
 #12

A simple collision would not gain you very much. You would need a collision with an already used address or otherwise you would not be able to cause any harm or profit anything from it. This is why the Birthday attack does not help you here.

Since such threads pop up every once in a while: I always find it funny how people tend to overestimate the probability of some extremely rare event.

Good points, but it's not so much the worry about a rare event, but about whether someone can, with sufficient devoition and accessible means, cause the event.  If people just generate keys as needed, that's no big deal; the question, rather, is how much damage someone can do if they deliberately generate as many keys as possible, optimizing the hardware/software specifically for this application.

Some further related worries:

1) The collision calculations assume effectively random selection of addresses.  If there's any correlation between how bitcoin clients choose addresses, the collision probability is much higher.  How does the main client ensure high-quality randomness?

2) Is every value from 0 to 2^160 really usable as an ECDSA public key?  I mean, with RSA, you can't just pick any ol' 4096-bit number as your public key modulus: it has to be the product of two "big", "high-quality", "compatible" semi-primes (though I don't know how much this collapses the keyspace).  Can I securely use 1 as much bitcoin public key?

3) Aren't these keypairs the same as those used in any application of 160-bit ECDSA?  Meaning that any user of a 160-bit ECDSA keypair -- not just those who use it for bitcoin -- represents a potential collision?  Meaning that we have to worry not just about Bitcoiners using up the keyspace, but Bitcoiners plus every other user of that signature algorithm that's 160-bit?
netrin
Sr. Member
****
Offline Offline

Activity: 322


FirstBits: 168Bc


View Profile
July 20, 2011, 04:37:43 PM
 #13

The size of the 160 bit SHA-1 key space is in the same order of magnitude as the number of atoms in the Earth (~10^50)

Request to merge with topic 27277. http://forum.bitcoin.org/index.php?topic=27277.msg344652#msg344652

I'd be comfortable with an address space equal to the number of atoms in my toilet bowl.

Greenlandic tupilak. Hand carved, traditional cursed bone figures. Sorry, polar bear, walrus and human remains not available for export.
Xephan
Jr. Member
*
Offline Offline

Activity: 42


View Profile
July 20, 2011, 04:41:41 PM
 #14

Well, what's the consequences IF wallet addresses are reused?

Do we get X times the amount transacted, one in each wallet or do they simply become invalidate coins or the winner is whoever uses those coins first?

186q9YUW3x8TVHC5aYBEqgZZYMxft8Cw9f
JohnDoe
Sr. Member
****
Offline Offline

Activity: 392



View Profile
July 20, 2011, 04:42:56 PM
 #15

That's besides the fact that we can switch to 256-bit addresses (the size of our current public keys) without any modification to the current protocol.

Can anyone confirm if this is possible?

Well, what's the consequences IF wallet addresses are reused?

Do we get X times the amount transacted, one in each wallet or do they simply become invalidate coins or the winner is whoever uses those coins first?


First who uses them wins.
evoorhees
Legendary
*
Offline Offline

Activity: 994


Democracy is the original 51% attack


View Profile
July 20, 2011, 04:45:57 PM
 #16

(24 x25 x9)^34 = about 7.97 x (10^126)?
If every particle in the known universe could create a billion addresses a second for the entire age of the universe, they would generate about one-quintillionth of the possible addresses.

I dunno dude I've been repeatedly hitting refresh at instawallet.org...
BitcoinHoarder
Full Member
***
Offline Offline

Activity: 145


View Profile
July 20, 2011, 04:47:51 PM
 #17

I love it, forum posts consist of either

1) Bitcoin won't last more than 1 month
or
2) Bitcoin breaks after 1,000,000,000,000,000,000,000,000,000,000,000,000 years
Xephan
Jr. Member
*
Offline Offline

Activity: 42


View Profile
July 20, 2011, 04:48:55 PM
 #18

So if a network of comparable size to that of bitcoin miners instead devoted itself to generating addresses, they could feasibly get ~1 trillion/sec.  This would get a collision in ~38,000 years.  Not bad, but a lot sooner that the obscenely huge numbers posted in the thread.

So far the technology seemed to have been able to double available computation power every 18 to 24 months, how would that reduce the time for getting a collision? Cheesy

186q9YUW3x8TVHC5aYBEqgZZYMxft8Cw9f
LeonGeeste
Jr. Member
*
Offline Offline

Activity: 48


View Profile
July 20, 2011, 04:51:38 PM
 #19

I love it, forum posts consist of either

1) Bitcoin won't last more than 1 month
or
2) Bitcoin breaks after 1,000,000,000,000,000,000,000,000,000,000,000,000 years

I guess I'm the moderate, then, for predicting failure in 38,000 years  Tongue
fitty
Full Member
***
Offline Offline

Activity: 238


View Profile
July 20, 2011, 05:02:24 PM
 #20

So if a network of comparable size to that of bitcoin miners instead devoted itself to generating addresses, they could feasibly get ~1 trillion/sec.  This would get a collision in ~38,000 years.  Not bad, but a lot sooner that the obscenely huge numbers posted in the thread.

So far the technology seemed to have been able to double available computation power every 18 to 24 months, how would that reduce the time for getting a collision? Cheesy


A random collision is useless. Take that 38,000 years, make it 38,000,000,000,000,000 years. CPU power doubling, ehh I still think we're safe...for now. =)

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!