What if somebody makes an ASIC to crack SHA-256 hashes with Brute force?

[odolvlobo]

With current available technology (Considering ASICs and Current Quantum Computing), whats the max Bitcoin Private keys mankind is able to generate per second with ONE central unit of processing working at 100%?

Currently, the fastest transistor can operate at 856 GHz, so in theory that is the fastest that any counter can count -- 856 billion private keys per second or 2.7x10¹⁹ private keys per year.

At that rate it will take about 5.4x10²⁸ years for one counter to generate private keys for all possible 2¹⁶⁰ addresses.

Now, you don't have to find all private keys, just the ones in use. There are a few hundred thousand in use currently, but let's plan for the future and assume there are 1 trillion (10¹²) in use. Then on average, it will take only 5.4x10¹⁶ years to find a private key that is in use.

Let's say that that Dr. Evil is willing to invest a lot of money in trying to crack private keys, and assume that he builds 1 million ASICs that each can check 856 billion private keys per second. With 1 million ASICs, it will take take him on average only 5.4x10¹⁰ years to find a private key.

Now let's put that into perspective. The universe is 14 billion years old -- that's 1.4x10¹⁰ years. If Dr. Evil started looking for private keys at the beginning of the universe, he would only be 1/4 of the way to his first key by now.

Somebody please check my math.


Edit: 2¹⁶⁰ unique addresses, not 2²⁵⁶

[1714162410]

1714162410

[1714162410]

1714162410

[johoe]

We are talking about Private Key generations... Can some guru out there have a look at my posts and give some scientific answer to my concerns?

I think not only me, but the Bitcoin community would appreciate that.

https://bitcointalk.org/index.php?topic=961023.msg10511395#msg10511395

Satoshi, you there?

So lets do the math.  vanitygen can generate about 1 MKey/s with a few tweaks (e.g. try positive/negative, compressed and uncompressed keys at the same time) on today's computer.    Lets assume that using ASIC technology (which you have to build from scratch, since SHA-256 is not enough to generate private/public key pairs) you can get a speedup of a trillion (the current Bitcoin network has significantly less than a trillion times more computing power than Satoshi's computer).  Lets assume there are about 100 million addresses that currently have a non-zero balance (I think it's less).  There are only 2^160 addresses (since we hash to 160 bits).  So you need on average

Code:

2^160 addresses / (100 million non-empty addreses) / a trillion speedup / 1 million (keys/s) /31.5 million (s/year) = 464*10^12 years/key

This are around 465 trillion years to find a single key for a non-empty address, if I'm not mistaken.

Okay, if Moore's law will still hold for 75 years, then this method might become feasible -- if you want to invest as much money as all miners together and let the computer work for half a year to find a fraction of a Bitcoin in some random address.

BTW, there are faster ways than brute-forcing all addresses. You could take an address with lot of funds where the public key is known (e.g. Bitstamp's cold wallet) and use the big-step, baby-step algorithm that "only" has complexity 2^128.  That may be 100 times faster.

And since you asked for quantum computers:  The current quantum computers can probably not be used, but if you have a real 65000-qbit quantum computer that can do complex computations without decoherence for a few seconds, then you can probably crack a public key in a few seconds.

[Joe_Bauers]

Maybe I should ask like this: with current available technology (Considering ASICs and Current Quantum Computing), whats the max Bitcoin Private keys mankind is able to generate per second with ONE central unit of processing?

If we know this number, we may know exactly how much time we have left.

You are confused what private keys are, and that's the reason you are asking the wrong questions in the loop which can't be answered. First you have to know what bitcoin private key is: It's any number between 1 and 1852673427797059126777135760139006525645401028465198470121682610264290583909392 . Nothing else. That number your computer chooses for you with random number generator can have many representations, decimal, hexadecimal or WIF, WIF being the one most commonly used because it has recognizable format, uniform length and checksum in the end to prevent typing or copy/paste mistakes. Problem is humans are vary bad at representing themselves how big 1852673427797059126777135760139006525645401028465198470121682610264290583909392 number really is. Illustration I've posted clearly explains that all computers which will ever be built can not collectively count to 1852673427797059126777135760139006525645401028465198470121682610264290583909392 before the universe colds up billions of years from now. So the simplest answer to your question is that we have so much time before anyone stumbles to your private key by accident that it can not be expressed in meaningful way humans can imagine. You have all the time in the world, planet Earth will probably turn into frozen rock before anyone finds anybodies else's private key.

By the same token, in an infinite number of universes, someone could theoretically guess a private key in one try every time.

So, there is hope for some of you!