How long until bots can profitably guess private keys?

[jonald_fyookball]

Here is a good site to play with password and time to brute force it.
https://www.grc.com/haystack.htm

28.23 trillion trillion trillion centuries (Assuming one hundred trillion guesses per second)

We are fine 

Not exactly... the address space is 2^160, so you have to go off that.

Assuming one hundred trillion guessing per second, the time would be 463 trillion trillion years.

[jonald_fyookball]

1. Because quantum computers don't exist yet beyond very crude prototypes.

I would update that to "general purpose quantum computers" before some noob comes flying in with a DWAVE headline.

Can you elaborate?  What exactly can these DWAVEs do, if not
run Shor's Algorithm or adiabatic computations?

[crazy_rabbit]

You mean a super powerful network of computers? Something on the order of Billions of years.

[serp]

I'm unsure who made this image but I always like it to help illustrate the security of a 256 bit private key.

[farlack]

100000000000000000000000000000000000000000000000000000 combinations...

[spazzdla]

If I understand it correctly it would literally take years to get even one private key. Even so it is wise to move your coins from time to time. A moving target is much harder to hit.

You should add billions, or at least millions of years.

Is this based on current CPU processing limits or taking into account future advancements in technology at a given rate?

Google it... It is not happening.

[sgravina]

Here is one I guessed: 5JsPhw4xdtC7oHiaLwEp7HRX29XqvUHZXkBJy7efzhp3rMBVZpL

[DeathAndTaxes]

Can you elaborate?  What exactly can these DWAVEs do, if not run Shor's Algorithm or adiabatic computations?

http://en.wikipedia.org/wiki/Quantum_annealing

They are quantum annealing processors and thus can perform Adiabatic quantum computation.  This isn't useful for break cryptographic keys, implement Shor's algorithm (or any other universal quantum algorithm).  They are useful in probabilistic problems like network optimization, route finding, simulations, etc.

The set of QMA problems is a subset of NP problems.  All QMA problems are NP problems but not all NP problems are QMA problems.  For example:

We illustrate our discussion with data from a randomized benchmark test on a D-Wave Two device with up to 503 qubits. Comparing the performance of the device on random spin glass instances with limited precision to simulated classical and quantum annealers, we find no evidence of quantum speedup when the entire data set is considered, and obtain inconclusive results when comparing subsets of instances on an instance-by-instance basis. Our results for one particular benchmark do not rule out the possibility of speedup for other classes of problems and illustrate that quantum speedup is elusive and can depend on the question posed.

http://arxiv.org/abs/1401.2910

[Yakamoto]

Isn't the equation to solve a key 62*62*62*62*62... or something? Do you know how big that is?

62 (Uppercase+Lowercase+Numbers, or 26+26+10) Multiplied by 34 times, which is about the standard key size, with the standard encryption being about 34, it's

8736096908005510000000000000000000000000000000000000000000000.00

So, yes, your private key is secured by the laws of physics.

It would take more than every ASIC, PC, and Calculation machine in the WORLD to imagine solving it within a lifetime.

And I typed out every part of the equation, except for the answer.

So 62 typed 34 times, and then setting up the algorithm.

You're welcome, I think we have a definite conclusion to the number of possibilities.

[Beliathon]

Many times over long enough for humans to go extinct.

[DeathAndTaxes]

Isn't the equation to solve a key 62*62*62*62*62... or something?

No.  Bitcoin uses Base58 but an address is an encoded hash of the public key with version and checksum.  Still the correct answer is very large ~2^160 attempts are required if PubKey is unknown (2^128 attempts if PubKey is known).  Both are insanely large numbers.

[franckuestein]

It's quite impossible to obtain it 

You need a lot of computational power and many many years waiting 

[Eotnak]

Here is one I guessed: 5JsPhw4xdtC7oHiaLwEp7HRX29XqvUHZXkBJy7efzhp3rMBVZpL

Was there anything in it?  Try this one next:  5JsPhw4xdtC7oHiaLwEp7HRX29XqvUHZXkBJy7efzhp3rMBVZpM

[spazzdla]

Here is one I guessed: 5JsPhw4xdtC7oHiaLwEp7HRX29XqvUHZXkBJy7efzhp3rMBVZpL

Was there anything in it?  Try this one next:  5JsPhw4xdtC7oHiaLwEp7HRX29XqvUHZXkBJy7efzhp3rMBVZpM

Now just guess that public address...

[jjc326]

I have heard all this talk lately about not re-using old addresses.  What if I do use one for a long time.  I don't have much in it but just wondering, how will that increase the chances someone can crack into it?  Isn't it still basically impossible?

[InwardContour]

I have heard all this talk lately about not re-using old addresses.  What if I do use one for a long time.  I don't have much in it but just wondering, how will that increase the chances someone can crack into it?  Isn't it still basically impossible?

The probability isn't zero but it's really near to it.

If you have many bitcoins just split them into several addresses and if an hacker succesfully attack one of them,
you would have only lost a little percent of your holdings.

[BitCoinDream]

I heard that there exists a persistent army of bots that are currently trying every possible combination of known words to unlock a brain wallet, which apparently happens all the time. This was 8 months ago:

http://www.reddit.com/r/Bitcoin/comments/1ptuf3/brain_wallet_disaster/


So... I realize the brainwallet word combination is many exponents smaller in possible combinations than the private key, but what happens if/when the processor power is developed to brute force keys with relative success?

Maybe it will take until some well-connected cybercriminal element gets their hands on a functioning quantum supercomputer and can actually use it to harvest correct private key and address matches from parallel universes. Or such.

Brain wallets are never safe unless it uses some absolutely random salt with the pass-a-phrase.

[Triffin]

Guys ..

I must have read 100 threads in the last year that say the same thing ..

"Ooops someone hacked/cracked my wallet and stole my BTC"

Followed by lengthy discussions about 'brute force' attacks and
mathematical probabilities etc etc ..
Bottom line .. once someone has access to your wallet .. the deed is done ..
Your 'coins' are gone ..

There MUST be a security step from WITHIN the wallet to 'authorize' a withdrawal before it occurs
Why not "SMS one time pass" or something similar ??
I'm not a programmer or tech person myself so have no idea how difficult this is to do ..
But it must be done ..

Triff ..
 

[jonald_fyookball]

I have heard all this talk lately about not re-using old addresses.  What if I do use one for a long time.  I don't have much in it but just wondering, how will that increase the chances someone can crack into it?  Isn't it still basically impossible?

Yes still basically impossible... there are several huge balance addresses with spent outputs so I wouldn't worry.
The only real concern is if you're using an untested wallet software...badly written code might be exploited, but then again you shouldn't be using an unproven wallet to begin with.

[jonald_fyookball]

Guys ..

I must have read 100 threads in the last year that say the same thing ..

"Ooops someone hacked/cracked my wallet and stole my BTC"

Followed by lengthy discussions about 'brute force' attacks and
mathematical probabilities etc etc ..
Bottom line .. once someone has access to your wallet .. the deed is done ..
Your 'coins' are gone ..

There MUST be a security step from WITHIN the wallet to 'authorize' a withdrawal before it occurs
Why not "SMS one time pass" or something similar ??
I'm not a programmer or tech person myself so have no idea how difficult this is to do ..
But it must be done ..

Triff ..
 

the simplest best answer is cold storage.  authorization is irrelevant if a hacker got into your machine.