Topic: A basic question - page 5. (Read 5593 times)

Two problems:

1. you can not calculate the public key from the address, since the conversion is not lossless. This is similar to, you can not get the raw picture data from a compressed JPG file, since lots of raw data have been thrown away during the compression. The only way is to guess the missing part using brute force. That is only possible by a 256 bits quantum computer, which only exists in imagination

2. You can get the public key in an transaction if one address has spent its coins. Then it is theoretically possible to calculate the private key using public key, by using a specially designed 256 bits quantum computer, which only exists in imagination

In fact, the difficulty for quantum computer lies in the calculation. You can factor large numbers since the calculation is extremely simple, just multiply, but to do hash function using quantum computer would be a huge challenge

Fortunately, nothing in bitcoin is encrypted.  Furthermore, hashes are not "random"  they are entirely deterministic.  Every time I perform SHA-256 against the words "no-ice-please is spouting off words without taking the time to understand the processes that he is attempting to discuss", I will ALWAYS get the result: bf403c0c12e1f27f5bd372b4724a2a41bbc2360a02c52ead40b4c7b4b66e6d11.  There is nothing random about it.  However, you aren't going to find a pattern in the SHA-256 inputs and outputs that will allow you to look at the hash: 1e39dffd07a1690be370193a7c03ae6e494f2adb98a8391c83c4920a5951f857 and figure out exactly what text I started with.  It is deterministic, but it isn't reversible.


Certainly.


Well that's a ridiculously non-specific question.

Ancient?  Like hundreds of years old?  No.

Untrusted?  That depends on the person doing the trusting and the purpose that it's being used for.

Recent?  Like within the past few hours?  Sure.


Microsoft does a lot of stupid things.  I don't understand the point you're trying to make.


I'd still defend MD5 as being perfectly suitable for some purposes.  MD5 (and SHA-1, and SHA-2, and RIPEMD-160) is just a tool.  When used properly, it can serve a purpose.  When used improperly, it will result in problems.

Note that MD5 didn't go from "very secure" to "completely useless" in a matter of hours (or days, or weeks).  There were incremental advancements on finding weaknesses in the algorithm building on those weaknesses.  There was a significant amount of time between when the first weakness was identified and when it was possible to forge a certificate.  Those aware of advancements in cryptography (the same types of people that contribute to the bitcoin protocol) would have been aware of the early discoveries and would have had plenty of time to adopt newer algorithms as needed.


Perhaps.  Or perhaps the effect would be to increase the mining difficulty in bitcoin and work towards replacing SHA-2 in the generation of bitcoin addresses.

Note that if it was possible today to calculate an ECDSA 256 bit public key from its SHA-256 hash in a fraction of a second, bitcoin would still be perfectly secure.  The public key is broadcast EVERY time you spend your bitcoins.  Knowing it isn't going to help you steal someone's bitcoins.

You're just jumping to conclusions.


And if a credible flaw were found in scrypt, we would need to find other hashing algorithms. What's your point?

You understood wrong.

You really have a false conception of the underlying math.

It's not "more complex" numbers. It's longer numbers, as in, more bits. With no correlation. More entropy. And more entropy does not mean more detectable patterns, it means harder to guess.

True, but to get from a public key to a private key, reversing the hashing algorithm will get you exactly nowhere.

Although hashing is used, both in the ECDSA calculations, as well as in additional steps to calculate the address from the public key.

The relationship between a private and public key is not based on a hash.  Bitcoin uses an elliptic curve algorithm.  Here's a good primer: https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm

This particular type of public/private key algorithm is used all over the place.  If it were cracked, huge portions of our electronic security systems would collapse.  So if you do crack it, you should probably choose a more lucrative target than bitcoin.

You clearly don't understand much about what you are talking about and you are taking a very simplistic understanding of arithmetic and attempting to apply it to a very complex area of mathematics (specifically cryptography).

Lets try and get you straightened out on the very basics that you're lost on before we waste time trying to help you see the more complex areas of digital signature algorithms and hashes.


You are mistaken.  SHA256 uses two hundred fifty-six single bit characters. Each and every one of those characters is either a 1 or a 0.  The results are converted to base58 for display to humans, but the math is all done in binary.  You are welcome to convert the 256 bit primary key and the 512 bit public key into any format you like, it won't change the security of the underlying binary numbers.


You are talking about patterns as if they are guaranteed to exist.  It is quite likely that there are no discoverable patterns linking an ECDSA private key to an associated bitcoin publick key hash.  Clearly if they do exist, then they can't be found with a regular computer "in a short time", because people have been trying to crack these cryptographic functions for many years and nobody has been successful yet.
 

That is almost certainly not something that is going to happen.


Fortunately bitcoin doesn't rely on complex numbers and a false impression of security.

Note that even if weaknesses are discovered in any of the cryptographic functions, there will almost certainly be plenty of time to adapt the protocol to user newer signature and hashing algorithms before those weaknesses are expanded enough to be a problem.  For example, weaknesses were discovered in the SHA-1 hashing algorithm a decade ago in 2005 and yet it would still work perfectly fine as a hashing function for bitcoin mining today if Sathoshi had chosen it instead of SHA-2

It's exactly 50%.

For any given random address, there is an equal probability for it (that's 2^-256) belonging to ANY random private key.

Note that to convert from private key to bitcoin address you need to go through 2 transforms that are each "one-way", at least for now.

private key -> public key -> address

Someone already mentioned what these transforms are (EC PK cryptography and SHA256). Cryptographers spend their careers designing as well as trying to break these transforms, because they protect other stuff much more valuable than bitcoins.

Now you come out of the blue, claim you know nothing about cryptography, but assert that is should be easy to go directly from address -> private key because there must be some pattern that should be easy to find?

When SHA256 gets too easy, they just incorporate SHA512 etc... etc.. The protocol could evolve with time and computational power.. It's not set in stone.  

If you ever fear this possibility... watch this video -->  https://www.youtube.com/watch?v=ZloHVKk7DHk

"Quindecillion" is HUGE numbers! .... The metaphor he used with drawers was excellent to explain it.... The time and resources to solve this, will be HUGE and it will kill most of your profit from doing this.  

Each address is supposed to be generated independently of other addresses. Thus, no pattern can be found between addresses.
If a private key, for example, ends in EpqWR73, and its corresponding address is gCaAbj23,
then the same private key, but ends in EpqWR74, its corresponding address is 55dXgH29.

There is no beginning or end or boundary to attempt to crack within.
The governments know this and don't waste time cracking,
they will just install malware through progs or etc to get around the cryptographic functions.

What you are describing is like finding Einstein's Unifying Theory.

EDIT: This video might be of interest to you, called "How did the NSA hack our emails?"
https://www.youtube.com/watch?v=ulg_AHBOIQU
This video shows that cryptographically, it is impossible to crack, so the NSA actually needed to place backdoors in the cryptographic functions, originally.

To my knowledge it hasn't been done.

On rare occasion, when something has never been
done before, an innovator steps up and opens a new door.

However, most times, there are reasons why things
that intuitively seem easy that no one (or few people)
can do, are actually difficult.

Many times those reasons aren't discovered until you
actually try for yourself.

So, try it.

Try to find a pattern.

Maybe you will come back
later and tell us you found
a pattern...or more likely
that you haven't and why not.

Well, it's the difference between theory and practice. Since a hash has a finite length and can be applied on arbitrary long messages, there is an infinite number of collisions, and yet not a single one has been found.

And we can live on Mars, it's only a matter of building a colony there.

Please do, because your hypothesis relies on baseless assumptions.

Easy? I doubt it. You seem to think that a hash is calculated from a mathematical formula whether in fact the process is more akin to shuffling and combining a list of bits.

Right, it is a common misconception carried on by popular culture.

Easier? Why? Just because people don't know about the iron door doesn't make it less sturdy.

I recommend reading the papers on MD5. It was successfully cracked and its construction is the same as SHA-256.

Brute forcing a private key would be incredibly difficult considering that a password that is 10-15 digits is considered secure a private key would be beyond the computing capabilities of today. But in the future with large amounts of power it could be possible.

Of course anything is possible, it's just not practical, and that's the design: to be elegantly simple, but incredibly convoluted at the same time.

Even if you had the "master" algorithm, modern computers can't crunch it, and humans can't do it on paper. That Satoshi was a genius. All this trouble for invisible money. LOL

There is no formula or progression that exists.
If it did, then current known cryptographic systems used by world intelligence agencies would be rendered worthless.
It is not possible to do what you propose since calculating all addresses from private keys would also take thousands of years and millions of dollars.
You need to do more reading on how Bitcoin's cryptographic system is implemented and functions.

As we've been trying to explain, there IS no way to way to know
if one address came from a higher or lower private key than
another address.
 
Why is that so hard to accept?