Kouye
Sr. Member
 Offline
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
|
 |
November 14, 2013, 03:24:20 PM |
|
Still, there are only 2^160 possible addresses from the 2^256 pool due to RIPEMD-160.
Sorry for hijacking, but I have another newbie question. https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addressesIf 2 different hashes at step 2 produce the same hash at step 3 (which is theoritically possible, although very unlikely, I know) Then the final base58 address would be the same, though the ECDSA keypair would be different. What happens, then, if someone sends coins to this address? I'm guessing both ECDSA key pairs would be able to spend those coins? |
[OVER] RIDDLES 2nd edition --- this was claimed. Look out for 3rd edition! I won't ever ask for a loan nor offer any escrow service. If I do, please consider my account as hacked. |
|
|
|
|
|
|
|
|
|
According to NIST and ECRYPT II, the cryptographic algorithms used in
Bitcoin are expected to be strong until at least 2030. (After that, it
will not be too difficult to transition to different algorithms.)
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
qtronix
Member
Offline
Activity: 596
Merit: 10
|
|
November 14, 2013, 03:27:49 PM |
|
i have been running a random number generator for over a week, over 100 hours and hit 1 wallet with $4.13. it might take a million years to target one address but there's not just one out there.
the only thing i have not done is log the private key that had cash in it the program just keeps running. but i will be changing that soon.
Care to share the generator for analysis? why would i do that. i started out thinking no way that this was going to work but then i had a hit. it might be just luck but its still running so i will wait and see. edit its been running for 183 hours. |
|
|
|
|
|
Birdy
|
|
November 14, 2013, 03:30:26 PM |
|
why would i do that.
i started out thinking no way that this was going to work but then i had a hit. it might be just luck but its still running so i will wait and see.
edit its been running for 183 hours.
If there is some random number generator insecure, then this is seomthing that could costs people millions. (and even worse for the unlikely case that Bitcoin addresses aren't secure enough) |
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
November 14, 2013, 03:33:05 PM |
|
why would i do that.
i started out thinking no way that this was going to work but then i had a hit. it might be just luck but its still running so i will wait and see.
edit its been running for 183 hours.
Why? It's a potential security exploit in bitcoin. If people abuse it before it gets patched, it's over. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
Gabi
Legendary
Offline
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
|
|
November 14, 2013, 03:39:00 PM |
|
i have been running a random number generator for over a week, over 100 hours and hit 1 wallet with $4.13. it might take a million years to target one address but there's not just one out there.
the only thing i have not done is log the private key that had cash in it the program just keeps running. but i will be changing that soon.
If you really hit an address, please make a big post about this and let people analyse it, unless there is some bad random number stuff / low entropy stuff like brainwallet involved this should not have happened. He just found a weak brain-wallet  |
|
|
|
|
Birdy
|
|
November 14, 2013, 03:42:52 PM |
|
He just found a weak brain-wallet Not by using a random number generator. |
|
|
|
|
qtronix
Member
Offline
Activity: 596
Merit: 10
|
|
November 14, 2013, 04:13:24 PM |
|
He just found a weak brain-wallet Not by using a random number generator. no |
|
|
|
|
|
BitchicksHusband
|
|
November 14, 2013, 04:31:36 PM |
|
He just found a weak brain-wallet Not by using a random number generator. no What's the public hash of the address you found? Even with everything that everyone says about hashes, we did get a duplicate GUID one time where I used to work. It caused major issues but from everything we could investigate, we really did get a duplicate. It's the only place where I have used GUIDs where it has happened, but it did happen once. Nobody believes me and I have been called a thousand names on forums for mentioning it, but I can assure you it happened to us once. |
1BitcHiCK1iRa6YVY6qDqC6M594RBYLNPo
|
|
|
flatfly
Legendary
Offline
Activity: 1078
Merit: 1011
760930
|
|
November 14, 2013, 04:37:47 PM |
|
He just found a weak brain-wallet Not by using a random number generator. no What's the public hash of the address you found? Even with everything that everyone says about hashes, we did get a duplicate GUID one time where I used to work. It caused major issues but from everything we could investigate, we really did get a duplicate. It's the only place where I have used GUIDs where it has happened, but it did happen once. Nobody believes me and I have been called a thousand names on forums for mentioning it, but I can assure you it happened to us once. A SHA256 collision is billions of times less likely than duplicate GUIDs. |
|
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1007
|
|
November 14, 2013, 09:12:56 PM |
|
What happens, then, if someone sends coins to this address?
I'm guessing both ECDSA key pairs would be able to spend those coins?
Yes. |
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
November 14, 2013, 09:44:17 PM |
|
Still, there are only 2^160 possible addresses from the 2^256 pool due to RIPEMD-160.
Sorry for hijacking, but I have another newbie question. https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addressesIf 2 different hashes at step 2 produce the same hash at step 3 (which is theoritically possible, although very unlikely, I know) Then the final base58 address would be the same, though the ECDSA keypair would be different. What happens, then, if someone sends coins to this address? I'm guessing both ECDSA key pairs would be able to spend those coins? Correct. |
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
November 14, 2013, 09:47:52 PM |
|
Even with everything that everyone says about hashes, we did get a duplicate GUID one time where I used to work. It caused major issues but from everything we could investigate, we really did get a duplicate. It's the only place where I have used GUIDs where it has happened, but it did happen once.
Nobody believes me and I have been called a thousand names on forums for mentioning it, but I can assure you it happened to us once.
GUID is 128 bit. If you generated so many numbers that you had a GUID collision every second you would on average only have one 256 bit collision every 5,395,141,535,403,007,094,485,264,577,495 (for the record that is a trillion times longer than the universe has existed). |
|
|
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1007
|
|
November 14, 2013, 10:21:01 PM |
|
A SHA256 collision is billions of times less likely than duplicate GUIDs.
In fairness, SHA-256 isn't used to create bitcoin addresses, it's used to secure the blockchain. The current address algo is 168 bit, IIRC; but if it ever looks to be at risk, it can be upgraded. The first character of the address is what denotes the address version. The primary reason that there is no 2xxx... address types yet is because there isn't really a better algo to migrate towards. |
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
November 14, 2013, 10:46:21 PM
Last edit: November 16, 2013, 02:02:45 AM by DeathAndTaxes |
|
A SHA256 collision is billions of times less likely than duplicate GUIDs.
In fairness, SHA-256 isn't used to create bitcoin addresses, it's used to secure the blockchain. The current address algo is 168 bit, IIRC; but if it ever looks to be at risk, it can be upgraded. The first character of the address is what denotes the address version. The primary reason that there is no 2xxx... address types yet is because there isn't really a better algo to migrate towards. Well in fair fairness it is 160 bits; the checksum doesn't add uniqueness. Still 160 bits is 4 billion times less likely than a 128 bit one. The probability of a collision with a specific key (first preimage attack) is even less likely. |
|
|
|
|
Kouye
Sr. Member
Offline
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
|
|
November 14, 2013, 11:04:58 PM |
|
I'm guessing both ECDSA key pairs would be able to spend those coins?
Correct. Thanks! (first preimage attack)
If you're talking about the question I asked, I think we should quit using "attack". This is clearly not a valid nor sane way to "attack" bitcoin, as ROI would be ridiculously low compared to mining with the same processing power. Can we just replace "first preimage attack" by something like "first preimage hazard" or something sounding even less likely? And back on topic, There are currently just a little more than 11 millions addresses with unspent outputs. Finding one by running a random generator looks less likely than winning national lottery 3 times in a row. |
[OVER] RIDDLES 2nd edition --- this was claimed. Look out for 3rd edition! I won't ever ask for a loan nor offer any escrow service. If I do, please consider my account as hacked. |
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1007
|
|
November 14, 2013, 11:22:12 PM |
|
And back on topic, There are currently just a little more than 11 millions addresses with unspent outputs.
Finding one by running a random generator looks less likely than winning national lottery 3 times in a row.
And currently there are only just over 11 million BTC in circulation, so the average address has about 1 BTC. If the odds of such a thing occuring to you, by random bad luck or otherwise, simply divide your massive bitcoin wealth up into a few addresses. |
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
November 15, 2013, 02:32:50 PM |
|
And back on topic, There are currently just a little more than 11 millions addresses with unspent outputs.
Finding one by running a random generator looks less likely than winning national lottery 3 times in a row.
And currently there are only just over 11 million BTC in circulation, so the average address has about 1 BTC. If the odds of such a thing occuring to you, by random bad luck or otherwise, simply divide your massive bitcoin wealth up into a few addresses. Not correct. If you take out of the equation top ~10 addresses, the per address amount for the remaining ones is much less. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
MoonShadow
Legendary
Offline
Activity: 1708
Merit: 1007
|
|
November 15, 2013, 09:54:42 PM |
|
And back on topic, There are currently just a little more than 11 millions addresses with unspent outputs.
Finding one by running a random generator looks less likely than winning national lottery 3 times in a row.
And currently there are only just over 11 million BTC in circulation, so the average address has about 1 BTC. If the odds of such a thing occuring to you, by random bad luck or otherwise, simply divide your massive bitcoin wealth up into a few addresses. Not correct. If you take out of the equation top ~10 addresses, the per address amount for the remaining ones is much less. But I did not take the top anything addresses out of the equation, so the average win should an address collision ever succeed would be 1 BTC right now. If someone is trying to collide with one of those top 10 addresses in particular, then the odds are nominally zero before the heat death of the known universe. |
"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."
- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
November 15, 2013, 10:42:46 PM |
|
But I did not take the top anything addresses out of the equation, so the average win should an address collision ever succeed would be 1 BTC right now. If someone is trying to collide with one of those top 10 addresses in particular, then the odds are nominally zero before the heat death of the known universe.
Okay then, mister heat death. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
|
Rupture
|
|
November 16, 2013, 01:42:30 AM |
|
People have tried, and are still trying to bruteforce an address with funds in it. To my knowledge no one has done it yet
|
|
|
|
|
|
