The main issue I have with all these 'proof' of difficulty is that they assume it's perfectly random.
In fact, they ignore the type of encryption used and focus exclusively on the length. 256 bits then 2^256 possibilities. Way higher than the age of universe to hack - agreed.
But then why is a PGP 256 bit key (RSA to be pedantic) completely unsafe but the Bitcoin 256 bit key safe?
Reference
Cryptographic key length recommendations:
http://www.keylength.comYou answered your own question partially.
It's all about the type of encryption and how many bits
of security it really provides, not the key length.
And this in turn is based on the kinds of algorithms
that can find a solution most efficiently.
Elliptic curve cryptography is excellent because
it it only requires 2 characters for each bit of
security.
from
http://en.wikipedia.org/wiki/Elliptic_curve_cryptography:
Since all the fastest known algorithms that allow one to solve the ECDLP (baby-step giant-step, Pollard's rho, etc.), need O(\sqrt{n}) steps, it follows that the size of the underlying field should be roughly twice the security parameter. For example, for 128-bit security one needs a curve over \mathbb{F}_q, where q \approx 2^{256}. This can be contrasted with finite-field cryptography (e.g., DSA) which requires[17] 3072-bit public keys and 256-bit private keys, and integer factorization cryptography (e.g., RSA) which requires a 3072-bit value of n, where the private key should be just as large. However the public key may be smaller to accommodate efficient encryption, especially when processing power is limited.
So you get 128 bits of security with Bitcoin. This is further increased
to 160 bits for an unspent address because of RIPEMD-160 hash.
