Understanding Public and Private Keys

[BigOrangeBee]

Can anybody explain in simple form why keys are safe?

There are several exchanges with wallets, desktop wallets, web wallets, mobile wallets, etc, and all of them are generating new addresses and private keys all the time for every user. And none of them are telling the other what keys have been used already. So why is it not possible that duplicate addresses can be created? Why is it not possible that a private key can be discovered by luck or brute force?

[1714926674]

1714926674

[gagalady]

Hey, If you want consistent explanation reads It on wiki.

Private key: https://en.bitcoin.it/wiki/Private_key

Public key: https://en.bitcoin.it/wiki/Address

[BigOrangeBee]

Hey, If you want consistent explanation reads It on wiki.

Private key: https://en.bitcoin.it/wiki/Private_key

Public key: https://en.bitcoin.it/wiki/Address

I read both of those wikis completely but I did not find the answers to my questions.

[odolvlobo]

In short, the chances of two people generating the same private keys are so low that it is not worth worrying about. Do you worry about being hit by a meteor?

[shorena]

-snip-
So why is it not possible that duplicate addresses can be created? Why is it not possible that a private key can be discovered by luck or brute force?

Because for one

-snip-the chances of two people generating the same private keys are so low that it is not worth worrying about. -snip-

but most people dont grasp how slim the chance for this actually is.

Lets play a game with private/public keys, shall we?

I have a public key (e.g. the one in my signature) the chance for you finding the private key for it is the same chance to find a bucky ball within planet earth (this includes the core and the air). If you want to see the calculation go here: https://bitcointalk.org/index.php?topic=587693.msg6473942#msg6473942

If this is to abstract you can think off it as finding a single water molecule in every water source (this would ofc include animals and humans) on earth. Yet this is way off, you have a very good chance to find this water molecule compared to your chance to find the private key to my public one.

These chances are so minimal that even if everyone would make a new address for every transaction for the next 1000 years, the chance of collision (2 same private keys) is still minimal. I probably will do a calculation on how slim exactly sometime in the future.

[cp1]

And none of them are telling the other what keys have been used already.

If you had to ask other people not to use your private key then your coins would be stolen in seconds.

[BigOrangeBee]

In short, the chances of two people generating the same private keys are so low that it is not worth worrying about. Do you worry about being hit by a meteor?

Ok, but that doesn't really satisfy. Because as more people used bitcoin, and more an more addresses are generated, and the longer its been around, there would be more and more of a chance of duplicate addresses.

Question: after an addresses is loaded with funds and added to the blockchain, then, does that information get sent to these automatic addresses generators in all the web, desk, and mobile wallets, and the bitaddress.org generator too? I don't think so. So how do they know they are not creating an address which was already created?

The chances are extremely slim, but technically speaking, it IS POSSIBLE.

[odolvlobo]

In short, the chances of two people generating the same private keys are so low that it is not worth worrying about. Do you worry about being hit by a meteor?

Ok, but that doesn't really satisfy. Because as more people used bitcoin, and more an more addresses are generated, and the longer its been around, there would be more and more of a chance of duplicate addresses.

Question: after an addresses is loaded with funds and added to the blockchain, then, does that information get sent to these automatic addresses generators in all the web, desk, and mobile wallets, and the bitaddress.org generator too? I don't think so. So how do they know they are not creating an address which was already created?

The numbers are so huge that none of the things you mention, even multiplied by a billion, make the slightest difference.

The number of possible addresses is 2¹⁶⁰. If 10 billion people have generated 1 billion addresses each, then the chances of a new address colliding with any of those is 1 in 2¹⁴¹. That's a 1 in 2,787,593,149,816,327,892,691,964,784,081,045,188,247,552 chance.

Let's pretend that Bitcoin is as big as Visa, which can process 24,000 transactions per second. In a million years, bitcoin will have processed up to 800,000,000,000,000,000 transactions. If a new key were generated for each of those, then there is still only a 1 in 2,000,000,000,000,000,000,000,000,000,000 chance that it will be a duplicate.

[cp1]

Ok, but that doesn't really satisfy. Because as more people used bitcoin, and more an more addresses are generated, and the longer its been around, there would be more and more of a chance of duplicate addresses.

Question: after an addresses is loaded with funds and added to the blockchain, then, does that information get sent to these automatic addresses generators in all the web, desk, and mobile wallets, and the bitaddress.org generator too? I don't think so. So how do they know they are not creating an address which was already created?

The chances are extremely slim, but technically speaking, it IS POSSIBLE.

Send me your private key and I'll promise not to use that address. Pinky swear.

[odolvlobo]

The chances are extremely slim, but technically speaking, it IS POSSIBLE.

Please watch this: https://www.youtube.com/watch?v=KX5jNnDMfxA

[shorena]

-snip-So how do they know they are not creating an address which was already created?

They dont.

The chances are extremely slim, but technically speaking, it IS POSSIBLE.

probabilistically speaking: it will not happen.

-snip-
as finding a single water molecule in every water source (this would ofc include animals and humans) on earth.
-snip-

[DannyHamilton]

Humans are just really bad at understanding just how big a number is when numbers start getting REALLY REALLY big.

We're not talking about lottery winning numbers here.

We're talking about:

Ok, new data, will recalc everything:

• probability of getting struck by lightning in any given year: 1/280000.
• probability of taking a shit at any given point in time: 1/(60*24) = 1/1440 (assuming you take a crap every day and the actual process takes 1 minute)
• probability of getting struck by lightning while taking a crap in any given year: 1/(280000*1440) = 1/1.47E11 = 2.48E-9
• probability of taking a crap while being in a situation where being struck by lightning can actually occur = 1/1440 = 0.25 = 1.74E-4
• probability of finding a collision: 1E-65
• getting hit by lightning while taking a crap for how many years in a row is equally probable as finding a collision: log(1E-65) / log(1.74E-4) = 17.3

is my math roughly correct now?

If so, I can say: "Finding a collision is about as likely as being struck by lightning while taking a crap every year for 17 years in a row".

It just isn't going to happen as long as the numbers being generated are from a random enough source.

Now, what can happen, is that an operating system or wallet program can have a very inadequate way of generating random numbers such that they aren't truly random.  Due to poor design, the program could fall into some pattern of numbers that initially seem random, but actually aren't.  If that happens, then two people running the same program could potentially generate the same addresses.

[shorena]

-snip-

-snip-

-snip-

That thread is awesome!

A graphical explanation of bitcoin security https://i.imgur.com/VjtG3.jpg

[liumiao]

Can anybody explain in simple form why keys are safe?

There are several exchanges with wallets, desktop wallets, web wallets, mobile wallets, etc, and all of them are generating new addresses and private keys all the time for every user. And none of them are telling the other what keys have been used already. So why is it not possible that duplicate addresses can be created? Why is it not possible that a private key can be discovered by luck or brute force?

You can try to generate as many addresses as you can to try your luck. Winning some big lottery is easier actually

[junshong]

Can anybody explain in simple form why keys are safe?

There are several exchanges with wallets, desktop wallets, web wallets, mobile wallets, etc, and all of them are generating new addresses and private keys all the time for every user. And none of them are telling the other what keys have been used already. So why is it not possible that duplicate addresses can be created? Why is it not possible that a private key can be discovered by luck or brute force?

You can try to generate as many addresses as you can to try your luck. Winning some big lottery is easier actually

No use, Bitcoin is designed to prevent duplicate address.

[odolvlobo]

You can try to generate as many addresses as you can to try your luck. Winning some big lottery is easier actually

No use, Bitcoin is designed to prevent duplicate address.

Bitcoin is not designed to prevent duplicate addresses.

[Parham6]

Public key and Address are two completely different things, your address is made from your public key but you don't normally see your public key.

[BigOrangeBee]

This would be very comforting, if it wasn't for the fact that less than 500 years ago scientists believed the Sun revolved around the Earth. Humans are consistently creating theories to fit an infinite universe into a finite mind, and ending up proving ourselves wrong and looking foolish. Without getting too abstract, can you, without doubt, say that we actually understand completely the dynamics of probablity? Is it truly random as you assume? What if it's not. Have you heard of Murphy's laws?

http://www.murphys-laws.com/murphy/murphy-laws.html

[shorena]

-snip-

Without getting too abstract, can you, without doubt, say that we actually understand completely the dynamics of probablity?

It is -mathematically speaking- not clear what randomness is. This however is no issue when analysing it, as long as you keep "luck" or "gods will" out of the equation.

Is it truly random as you assume?

True randomness -if it even exists- is hard to generate for computers. Thats why the safety of your coins is tied to the quality of the random number generator your operation system uses. If your random number generator (RNG) is bad the chance that someone else gets the same keys is high. E.g. android phone RNG https://bitcoin.org/en/alert/2013-08-11-android
This is easy to understand. If you have only 4 random bits instead of 160 you only have 2⁴ = 16 different keys. So the chance of a collision increases drastically with every new key. The pool of possible keys on the other hand is doubled with every bit.

What if it's not.

This starts to get philosophical. If you dont have randomness you cant have security. This is not limited to bitcoin, this would also effect online banking and credit cards.
There is currently no known attack against the algorithms used by bitcoin. The RNG can be bad, the code can be bad, but the algorithms are good.
However the bitcoin protocoll can be changed, its not set in stone. The strong crypto algorithms of today may tomorrow be weak and can be replaced by newer stronger ones.

Have you heard of Murphy's laws?

http://www.murphys-laws.com/murphy/murphy-laws.html

Yes, its satirical.

[Dxuz]

damn, i still don't understand the meaning of having public and private key.
could someone explain it with simple sentences?