byt411
|
|
April 07, 2014, 11:06:53 PM |
|
Let's go back to school.
It is not possible. Not even in theory. Probability forbids it. The only way it could happen is through faulty code.
Yes, there is a probability in theory. Prove that there isn't. Also, the point is not about whether we should care about this possibility, it is not about if we should think about things that have a higher probability to occur. The point is that 0.01^ ∞% ≠ 0%. You are bad at math, and wrong. There is no possibility of it happening. It has been discussed, and mathed out, a number of times before. Use the search feature and read instead of arguing on the internet. If you think that 0.01^ ∞% ≠ 0% is incorrect, you seriously need some mathematical help. How is it not possible? It is a thing with a chance so slim it cannot be described, but that is not impossible. Like Danny said, it's possible for all the air in a room to move to one corner so that you suffocate. It is possible. You are simply arguing without a valid point, "search on the internet" is not a point. Also, saying that someone is bad at math directly without knowing a person is simply stupid. Please reconsider before giving opinions.
|
|
|
|
Ibian
Legendary
Offline
Activity: 2268
Merit: 1278
|
|
April 07, 2014, 11:11:56 PM |
|
And if every single human being on earth does nothing else except generate addresses as fast as they can continuously until the sun burns out 6 billion years from now, they still won't reach the point where an address collision has any chance of happening. This really is the final word on this topic. There is nothing to discuss past this point. It is not going to happen and those of you who like to argue for arguments sake are going to have to prove otherwise. Which you can't, so you will continue to dodge the issue and set up strawmen. Have fun with that.
|
Look inside yourself, and you will see that you are the bubble.
|
|
|
BitCoinDream (OP)
Legendary
Offline
Activity: 2394
Merit: 1216
The revolution will be digital
|
|
April 08, 2014, 07:42:52 AM |
|
No, it really isn't. It is however so unlikely that we can say it is impossible (just like generating identical addresses from completely random sources with sufficient entropy). Time and again I am getting this clause completely random sources with sufficient entropy. I feel secured with the no. 2^160. But to reach that I need to make sure I am protected by sufficient entropy. How do I make sure that my lappy has sufficient entropy to make the Bitcoin-QT happy ? Or how do I know the coinbase or blockchain.info server have sufficient entropy to avoid address collission ?
|
|
|
|
CrapMan
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 08, 2014, 01:11:22 PM |
|
Danny, Again, I do understand what you are saying. My ignorance in how Bitcoin works can limit my ability to process everything, which is why I use simple examples, and my bad english can make that worse. I haven't looked into math long time ago since my college needed no math. However, the math and 0% ...etc is not the real question here. https://en.bitcoin.it/wiki/Address this link explains a lot. Also the link says that offline addresses can be generated and " The network starts tracking an address when it is first seen in a valid payment transaction." Don't be upset with me just because I am trying to learn something here, after all it is a beginner forum! Let's say I build an offline software where I can type in the address manually (not sure if this is possible) Then I come to this forum and see all those people who type in their Bitcoin address under their names. I copy one of them and paste it in my software and create a wallet. What's going to happen?
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3486
Merit: 4816
|
|
April 08, 2014, 02:16:58 PM |
|
Time and again I am getting this clause "completely random sources with sufficient entropy". I feel secured with the no. 2^160. But to reach that I need to make sure I am protected by sufficient entropy. How do I make sure that my lappy has sufficient entropy to make the Bitcoin-QT happy?
Well, you could trust the creators of your operating system (which is what most people do). Or you could provide your own entropy. There are several threads in this forum on how to do exactly that. Just a few of the methods of generating a private key from your own source of entropy that have been discussed here at bitcointalk: - Roll dice
- Flip coins
- Measure radioactive decay
Or how do I know the coinbase or blockchain.info server have sufficient entropy to avoid address collission?
Blockchain.info servers don't generate private keys. They just store them. Blockchain.info uses javascript running in the browser on your computer to generate your private keys and encrypt them with your password. Then they send the encrypted private keys to their servers to be stored. They don't have access to your password, and they don't have access to your decrypted private keys (which is why they can't help you if you forget your password). As for coinbase? You don't know. They could just be running a huge scam. For some reason, a lot of people have chosen to trust them. I don't know why. It appears to be some sort of mass mental illness.[/list][/list]
|
|
|
|
CrapMan
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 08, 2014, 02:28:45 PM |
|
Time and again I am getting this clause "completely random sources with sufficient entropy". I feel secured with the no. 2^160. But to reach that I need to make sure I am protected by sufficient entropy. How do I make sure that my lappy has sufficient entropy to make the Bitcoin-QT happy?
Well, you could trust the creators of your operating system (which is what most people do). Or you could provide your own entropy. There are several threads in this forum on how to do exactly that. Just a few of the methods of generating a private key from your own source of entropy that have been discussed here at bitcointalk: - Roll dice
- Flip coins
- Measure radioactive decay
Or how do I know the coinbase or blockchain.info server have sufficient entropy to avoid address collission?
Ok Danny, here is a question: Does the entropy method in any website generate the key first then the address (in a random or related matter?) or the address then the key (in a random or related matter?) or both at the same time (in a random matter?) Blockchain.info servers don't generate private keys. They just store them. Blockchain.info uses javascript running in the browser on your computer to generate your private keys and encrypt them with your password. Then they send the encrypted private keys to their servers to be stored. They don't have access to your password, and they don't have access to your decrypted private keys (which is why they can't help you if you forget your password). As for coinbase? You don't know. They could just be running a huge scam. For some reason, a lot of people have chosen to trust them. I don't know why. It appears to be some sort of mass mental illness.[/list][/list]
|
|
|
|
BitCoinDream (OP)
Legendary
Offline
Activity: 2394
Merit: 1216
The revolution will be digital
|
|
April 08, 2014, 02:49:07 PM |
|
Let's say I build an offline software where I can type in the address manually (not sure if this is possible) Then I come to this forum and see all those people who type in their Bitcoin address under their names. I copy one of them and paste it in my software and create a wallet. What's going to happen?
You cannot type in an address in your software and create a wallet. But u can type in your private key to create an address. In this forum everyone is sharing the address and not the private key. So again your chance of getting their private key becomes 1/(2^160) Sorry to reply a question meant for Danny
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3486
Merit: 4816
|
|
April 08, 2014, 02:50:21 PM |
|
Ok Danny, here is a question: Does the entropy method in any website generate the key first then the address (in a random or related matter?) or the address then the key (in a random or related matter?) or both at the same time (in a random matter?)
It is impossible to generate a key from an address. If that wasn't true, we could all generate keys that would work for everyone else's addresses. The private key is just a random number between 1 and 1.1579209e+77. Then the private key is used to calculate the bitcoin address: https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses- Use point multiplication on the Secp256k1 curve to calculate the ECDSA public key
- Perform SHA-256 hashing on the public key
- Perform RIPEMD-160 hashing on the result of SHA-256
- Add version byte in front of RIPEMD-160 hash
- Perform SHA-256 hash on the extended RIPEMD-160 result
- Perform SHA-256 hash on the result of the previous SHA-256 hash
- Take the first 4 bytes of the second SHA-256 hash. This is the address checksum
- Add the 4 checksum bytes from stage 7 to the end of extended RIPEMD-160 hash from stage 4. This is the 25-byte binary Bitcoin Address
- Convert the result from a byte string into a base58 string using Base58Check encoding. This is the most commonly used Bitcoin Address format
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3486
Merit: 4816
|
|
April 08, 2014, 03:03:21 PM |
|
Let's say I build an offline software where I can type in the address manually (not sure if this is possible) Then I come to this forum and see all those people who type in their Bitcoin address under their names. I copy one of them and paste it in my software and create a wallet. What's going to happen?
If you type in an address (without the private key), you will be able to see all of the bitcoins that are received at that address, and you will be able to see all of the transactions that are signed by the private key of that address. You will not be able to see the private key of the address, only the signatures. It is not possible to create a valid signature unless you have the private key, and it is not possible to send a transaction without a valid signature. Therefore, you will not be able to spend any of the bitcoins that are received at that address. There is currently no known way to calculate a private key from a bitcoin address. Some day in the future, it is possible that mathematicians may find weaknesses in the SHA-256, RIPEMD-160, and ECDSA calculations. If they find such weaknesses, it might become possible to determine a private key from a bitcoin address. It would also break much of the electronic security used by services all over the world (such as internet banking, and credit card processing). Fortunately to calculate a private key from an address it is necessary to break all three algorithms. Just breaking one or two of them isn't enough. It is rather unlikely that a single person will suddenly discover weaknesses in all 3 algorithms simultaneously entirely on their own. Generally such cryptographic weaknesses are discovered in just one algorithm and the weaknesses don't immediately completely break the algorithm, they simply make it slightly less secure. This will provide bitcoin with plenty of time to switch to a new algorithm if a small weakness is discovered in one or two of the algorithms.
|
|
|
|
DubFX
|
|
April 08, 2014, 03:06:03 PM |
|
There is REALLY REALLy small chance, i didn't happen yet and cryptocoins are here for few years already.
|
|
|
|
BitCoinDream (OP)
Legendary
Offline
Activity: 2394
Merit: 1216
The revolution will be digital
|
|
April 08, 2014, 03:19:16 PM |
|
Time and again I am getting this clause "completely random sources with sufficient entropy". I feel secured with the no. 2^160. But to reach that I need to make sure I am protected by sufficient entropy. How do I make sure that my lappy has sufficient entropy to make the Bitcoin-QT happy?
Well, you could trust the creators of your operating system (which is what most people do). Or you could provide your own entropy. There are several threads in this forum on how to do exactly that. Just a few of the methods of generating a private key from your own source of entropy that have been discussed here at bitcointalk: - Roll dice
- Flip coins
- Measure radioactive decay
I guess u r referring to https://bitcointalk.org/index.php?topic=560733.0. 90% of bitcoiners are not going to do this and will trust on OS generated random number. Does a Bitcoin-QT depend on CryptGenRandom implementation of Windows ?[/list][/list]
|
|
|
|
CrapMan
Newbie
Offline
Activity: 42
Merit: 0
|
|
April 08, 2014, 03:24:26 PM |
|
Ok Danny, here is a question: Does the entropy method in any website generate the key first then the address (in a random or related matter?) or the address then the key (in a random or related matter?) or both at the same time (in a random matter?)
It is impossible to generate a key from an address. If that wasn't true, we could all generate keys that would work for everyone else's addresses. The private key is just a random number between 1 and 1.1579209e+77. Then the private key is used to calculate the bitcoin address: https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses- Use point multiplication on the Secp256k1 curve to calculate the ECDSA public key
- Perform SHA-256 hashing on the public key
- Perform RIPEMD-160 hashing on the result of SHA-256
- Add version byte in front of RIPEMD-160 hash
- Perform SHA-256 hash on the extended RIPEMD-160 result
- Perform SHA-256 hash on the result of the previous SHA-256 hash
- Take the first 4 bytes of the second SHA-256 hash. This is the address checksum
- Add the 4 checksum bytes from stage 7 to the end of extended RIPEMD-160 hash from stage 4. This is the 25-byte binary Bitcoin Address
- Convert the result from a byte string into a base58 string using Base58Check encoding. This is the most commonly used Bitcoin Address format
Let's say I build an offline software where I can type in the address manually (not sure if this is possible) Then I come to this forum and see all those people who type in their Bitcoin address under their names. I copy one of them and paste it in my software and create a wallet. What's going to happen?
If you type in an address (without the private key), you will be able to see all of the bitcoins that are received at that address, and you will be able to see all of the transactions that are signed by the private key of that address. You will not be able to see the private key of the address, only the signatures. It is not possible to create a valid signature unless you have the private key, and it is not possible to send a transaction without a valid signature. Therefore, you will not be able to spend any of the bitcoins that are received at that address. There is currently no known way to calculate a private key from a bitcoin address. Some day in the future, it is possible that mathematicians may find weaknesses in the SHA-256, RIPEMD-160, and ECDSA calculations. If they find such weaknesses, it might become possible to determine a private key from a bitcoin address. It would also break much of the electronic security used by services all over the world (such as internet banking, and credit card processing). Fortunately to calculate a private key from an address it is necessary to break all three algorithms. Just breaking one or two of them isn't enough. It is rather unlikely that a single person will suddenly discover weaknesses in all 3 algorithms simultaneously entirely on their own. Generally such cryptographic weaknesses are discovered in just one algorithm and the weaknesses don't immediately completely break the algorithm, they simply make it slightly less secure. This will provide bitcoin with plenty of time to switch to a new algorithm if a small weakness is discovered in one or two of the algorithms. Let's say I build an offline software where I can type in the address manually (not sure if this is possible) Then I come to this forum and see all those people who type in their Bitcoin address under their names. I copy one of them and paste it in my software and create a wallet. What's going to happen?
You cannot type in an address in your software and create a wallet. But u can type in your private key to create an address. In this forum everyone is sharing the address and not the private key. So again your chance of getting their private key becomes 1/(2^160) Sorry to reply a question meant for Danny Now that really answers the whole question, wish if you explained that from start. Basically you can't generate the address, you have to generate the private key and the private key generates and the address. That also explains where the 2^160 came from as it is for the private key (not the address, since the address is shorter). It is also worthless to type in the address cause you will only see transactions but nothing more, unless you like to watch how much people are dealing with. And that leave us with the only = almost 0% chance to generate the key, which also off course we will have to remember that wallets will be born but also at the same time there are wallets will be destroyed. Thank you all for everything, I just needed to feel more secure about the system before I decide to invest more in it.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3486
Merit: 4816
|
|
April 08, 2014, 03:35:36 PM |
|
That also explains where the 2^160 came from as it is for the private key (not the address, since the address is shorter).
No. The private key is a random 256 bit number (2 256) which is much larger than the range of bitcoin addresses (which are the result of a 160 bit hash from RIPEMD-160). The 2 160 is from the maximum number of possible addresses that can be calculated from the pool of possible private keys.
|
|
|
|
dogechode
|
|
April 09, 2014, 02:48:38 AM |
|
Couldn't coins just implement a fix for this? Like maybe create a few servers that manage address generation?
Also, I imagine that if walmart or Amazon started accepting a cryptocurrency they would likely get insurance coverage to protect them against any kind of computer failure/error including this.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
April 09, 2014, 02:53:03 AM |
|
Couldn't coins just implement a fix for this? Like maybe create a few servers that manage address generation?
Also, I imagine that if walmart or Amazon started accepting a cryptocurrency they would likely get insurance coverage to protect them against any kind of computer failure/error including this.
Amazon should get "asteroids capable of killing all life on the planet" insurance coverage as the odds of that happening are quadrillions of times more likely than a 160 bit random collision.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3486
Merit: 4816
|
|
April 09, 2014, 02:53:13 AM |
|
Couldn't coins just implement a fix for this? Like maybe create a few servers that manage address generation?
No. If they did, they wouldn't be a decentralized trustless system. It would then require someone to run the servers and trust in whoever was running the servers.
|
|
|
|
dogechode
|
|
April 09, 2014, 02:57:43 AM |
|
Couldn't coins just implement a fix for this? Like maybe create a few servers that manage address generation?
Also, I imagine that if walmart or Amazon started accepting a cryptocurrency they would likely get insurance coverage to protect them against any kind of computer failure/error including this.
Amazon should get "asteroids capable of killing all life on the planet" insurance coverage as the odds of that happening are quadrillions of times more likely than a 160 bit random collision. I didn't say they should get insurance specifically for that issue I'm saying that I'm sure they would have some kind of insurance clause that covers a wide array of random computer glitch type issues.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
April 09, 2014, 03:02:59 AM |
|
Couldn't coins just implement a fix for this? Like maybe create a few servers that manage address generation?
Also, I imagine that if walmart or Amazon started accepting a cryptocurrency they would likely get insurance coverage to protect them against any kind of computer failure/error including this.
Amazon should get "asteroids capable of killing all life on the planet" insurance coverage as the odds of that happening are quadrillions of times more likely than a 160 bit random collision. I didn't say they should get insurance specifically for that issue I'm saying that I'm sure they would have some kind of insurance clause that covers a wide array of random computer glitch type issues. I don't think any insurance company is going to write a policy for "losing" coins which can never be definitively proven as lost. This isn't a "computer glitch" it is a fundamental characteristic of how ALL public key cryptographic systems work. SSL, TLS, PGP/GPG, DSA, etc they all work on the concept that creating a duplicate private key is infeasible (but not theoretically impossible).
|
|
|
|
cp1
|
|
April 09, 2014, 03:21:48 AM |
|
It's also possible for everyone named Bob to simultaneously be hit with lightning. Better start worrying about that, too.
|
|
|
|
byt411
|
|
April 09, 2014, 01:08:17 PM |
|
Let's say I build an offline software where I can type in the address manually (not sure if this is possible) Then I come to this forum and see all those people who type in their Bitcoin address under their names. I copy one of them and paste it in my software and create a wallet. What's going to happen?
If you type in an address (without the private key), you will be able to see all of the bitcoins that are received at that address, and you will be able to see all of the transactions that are signed by the private key of that address. You will not be able to see the private key of the address, only the signatures. It is not possible to create a valid signature unless you have the private key, and it is not possible to send a transaction without a valid signature. Therefore, you will not be able to spend any of the bitcoins that are received at that address. There is currently no known way to calculate a private key from a bitcoin address. Some day in the future, it is possible that mathematicians may find weaknesses in the SHA-256, RIPEMD-160, and ECDSA calculations. If they find such weaknesses, it might become possible to determine a private key from a bitcoin address. It would also break much of the electronic security used by services all over the world (such as internet banking, and credit card processing). Fortunately to calculate a private key from an address it is necessary to break all three algorithms. Just breaking one or two of them isn't enough. It is rather unlikely that a single person will suddenly discover weaknesses in all 3 algorithms simultaneously entirely on their own. Generally such cryptographic weaknesses are discovered in just one algorithm and the weaknesses don't immediately completely break the algorithm, they simply make it slightly less secure. This will provide bitcoin with plenty of time to switch to a new algorithm if a small weakness is discovered in one or two of the algorithms. Thanks. Can you also explain how VanityGen works then? It can calculate private keys for specified addresses, but it is nearly impossible to do so. (Unless the specified part is short)
|
|
|
|
|