Bitcoin Forum
December 05, 2016, 12:38:56 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: How? Security of private keys  (Read 2157 times)
bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 07:35:21 AM
 #1

I don't understand this. I am generating addresses using vanitygen and here are the scenarios:

1. I generate many 1mtgox addresses. I have the private keys, what if one day mtgox uses an address i have? What stops me from spending all their coins since i already have the private key?

2. Can private keys somehow be different for the same address and the correct one can be checked against the blockchain?

3. It may take months, but why can't I vanitygen (thought its not really vanity) mtgox's green address or any high value address? Then empty it?

I would purchase 9x 6990s to do this, what stops me?

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
1480941536
Hero Member
*
Offline Offline

Posts: 1480941536

View Profile Personal Message (Offline)

Ignore
1480941536
Reply with quote  #2

1480941536
Report to moderator
1480941536
Hero Member
*
Offline Offline

Posts: 1480941536

View Profile Personal Message (Offline)

Ignore
1480941536
Reply with quote  #2

1480941536
Report to moderator
1480941536
Hero Member
*
Offline Offline

Posts: 1480941536

View Profile Personal Message (Offline)

Ignore
1480941536
Reply with quote  #2

1480941536
Report to moderator
"Bitcoin: mining our own business since 2009" -- Pieter Wuille
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
March 01, 2012, 07:41:19 AM
 #2

Quote
3. It may take months, quadrillions of years but why can't I vanitygen (thought its not really vanity) mtgox's green address or any high value address? Then empty it?

I would purchase 9x 6990s planetary sized super computers consisting of quadrillions of chips each a quadrillion times more powerful than all computers today combined, what stops me?

FYPFY.

Under that scenario the heat death of the universe would stop you, and long before you even had a 1% chance of brute forcing an address.


Slightly less snark answer is that addresses are deceptively short looking.  2^160 is a very large number.  It is larger than the amount of atoms in our universe.  You have no plausible chance of brute forcing an address.
bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 07:44:01 AM
 #3

LOL, I can generate a 1mtgox address every second, I can collect millions. I'm asking what IF they end up using an address that I have the private ley to? There is no protection is there? So someone somewhere can get lucky and get a private key?

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
March 01, 2012, 07:46:04 AM
 #4

LOL, I can generate a 1mtgox address every second, I can collect millions. I'm asking what IF they end up using an address that I have the private ley to? There is no protection is there? So someone somewhere can get lucky and get a private key?

Yes someone could also get "lucky" and win the lottery .... a dozen times ...  in a row.  That would be more likely than brute forcing a private key.
bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 07:46:13 AM
 #5

Is this just as much luck as solo mining? I may get lucky and get a private key to a high value address?

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 07:47:06 AM
 #6

There IS that possibillity right? So IT will happen at least once in the next 10 years where a high value address is attacked and stolen?

Someone will win the lottery.

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
March 01, 2012, 07:51:52 AM
 #7

I honestly don't know if you are trolling or just stupid.

You asked a question, I answered it.

Simpler version: NO.
bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 07:56:39 AM
 #8

Neither, let someone else reply

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
da2ce7
Legendary
*
Offline Offline

Activity: 1218


Live and Let Live


View Profile
March 01, 2012, 08:15:52 AM
 #9

let someone else reply

No?

One off NP-Hard.
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
March 01, 2012, 08:37:05 AM
 #10

Theres a 1 in 1000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000 chance you will get it.
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
March 01, 2012, 08:46:09 AM
 #11

(My math probably isn't right)

You can generate 1 address a second.

86,400 seconds in a day = 86,400 keys a day.

26 bits in a btc address, 403291461126605635584000000 permutations.

so 403291461126605635584000000/86400 = 4667725244520898560000 days.

So, you wanna wait

1.27882883411531467397260273972602739726027397260273972602739726027397260273972 6027397260273972602739726027397260273972602739726027397260273972602739726027397 260273972602739726027397260273972602739726027*(10**19) years?

I didn't think so.
bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 09:20:59 AM
 #12

Hmm ok, but on the off chance we before generate the same address, private leys will be identical right? Theres no protection?

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
March 01, 2012, 09:39:35 AM
 #13

Hmm ok, but on the off chance we before generate the same address, private leys will be identical right? Theres no protection?

No protection at all, the coins belonging to that address would be lost.

I think the best way to think of it is this:

If you eventually find a collision (millions of years with any reasonable amount of resources) the expected amount you will find is [enormous number of keys, call it 10^20] divided by [total bitcoins] = less than one satoshi (tiniest bitcoin unit).

Compare to: Regular identity theft, car accident on the way to the bank, etc.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
fornit
Hero Member
*****
Offline Offline

Activity: 989


View Profile
March 01, 2012, 09:39:55 AM
 #14

dude, that IS the protection.
hoping to get someones private keys like this is like hoping quantum effects randomly teleport you into fort knox.

bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 09:40:50 AM
 #15

Ok I kinda get it now. Just seemed so easy to vanitygen all the valid 1mtgox addresses quickly.

Hmm ok, but on the off chance we before generate the same address, private leys will be identical right? Theres no protection?

I think the best way to think of it is this:

If you eventually find a collision (millions of years with any reasonable amount of resources) the expected amount you will find is [enormous number of keys, call it 10^20] divided by [total bitcoins] = less than one satoshi (tiniest bitcoin unit).

Compare to: Regular identity theft, car accident on the way to the bank, etc.

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
March 01, 2012, 09:42:45 AM
 #16

Ok I kinda get it now. Just seemed so easy to vanitygen all the valid 1mtgox addresses quickly.


Ah, yeah, not going to get 'all of them' by any means. There are still [sick huge number] divided by 58^5 [aka small number] of address.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
bitpop
Legendary
*
Offline Offline

Activity: 1918


https://keybase.io/bitpop


View Profile WWW
March 01, 2012, 09:43:21 AM
 #17

BUT then again, bitcoin was designed when mining was astonishingly slow on the cpu. Now we are already 10000X faster, can bitcoin be strengthened if in 5 years GPUs can crack a key in a month?

Reputation  |  PGP  |  DigitalOcean  |  OpenVPN 2GB Free  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
March 01, 2012, 09:46:40 AM
 #18

BUT then again, bitcoin was designed when mining was astonishingly slow on the cpu. Now we are already 10000X faster, can bitcoin be strengthened if in 5 years GPUs can crack a key in a month?

Yes, it can be strengthened.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700


View Profile
March 01, 2012, 09:48:10 AM
 #19

Vanitygen already runs on gpu.
da2ce7
Legendary
*
Offline Offline

Activity: 1218


Live and Let Live


View Profile
March 01, 2012, 09:54:00 AM
 #20

Vanitygen already runs on gpu.



The problem is that it is two many bits... we are dealing with exponential functions here, boys. Smiley

One off NP-Hard.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!