Topic: A basic question - page 6. (Read 5595 times)

Without getting into details of Mathematical trap doors please just watch this video and you will begin to understand how difficult it is to brute force or guess a private key.

https://www.youtube.com/watch?v=ZloHVKk7DHk

Additionally , Its not just about guessing the correct private key but guessing the correct private key for a specific public key.

This is the reason there are hundreds of wallets with single public addresses that even the smartest cryptographers and hackers cannot steal.

http://bitcoinrichlist.com/top100

Both the elliptic curve maths for going from private to public key, as well as the sha256+ripemd160 hashing to go from public key to address, are both deliberately designed to be one way operations.

The only correlation is that they're deterministic (the same private key always results in the same address).

Not saying that it is theoretically impossible to come up with a feasible way of constructing a matching private key with some given addresses (although extremely, astronomically unlikely). But in general, such a formula will not exist. For starters because it's destructive: some information is lost in the process, and you can't magically restore information out of thin air.

You seem to think that for mathematical or logical reasons, there must be some hidden correlation or formula that, once discovered, would allow you to efficiently reverse addresses back into private keys. This is not necessarily the case.

For example, suppose that the function that converts from private keys to addresses is a pseudorandom mapping: it's deterministic, but there's no specific order or correlation whatsoever. Or for argument's sake, let's say the mapping is really random, constructed by sequentially throwing a dice a centillion times. Then this boils down to a huge (but ordered) list of private keys and their corresponding addreses. Well, guess what, we have such a mapping right here:

http://directory.io/

Note that this is actually real: ALL private Bitcoin keys are in there, both used and new, current and future ones, along with their matching addresses.

So there's the function right there. It allows for very efficiently calculating the address for any private key, based on a simple (but huge) one-to-one mapping. Now, given this function, how does your argument apply that this 'must' be feasibly reversible in some way?

You just make it sound too easy.
Mathematical geniuses  were researching cryptography before there was even a computer. One a mathematical level, there was no way found, to reverse e.g. SHA-256.
Don't you think, people already tried that? People, who are much smarter than everyone who wrote in this thread combined(at least, when it comes to math).
I guess, you would have to find a new mathematical law, that would win you the nobel prize with certainty, to find the pattern you are talking about.

No, it's just a 256 bit number. It doesn't "decrypt" anything. However, it's used to sign messages proving a relationship to a particular public key.


Yes.


Yes, that's the part of security which protects user accounts (private keys). It's based on elliptic curve cryptography. The other large part of Bitcoin security is secure hashing algorithms used by miners to provide arbitration for the blockchain.


Nobody needs to show that. It's already known. That's why it's possible to verify a private key without knowing it.


The part where you go off the track is when you say "accessible formula". The elliptic curve used by Bitcoin is Secp256k1. Its points on a graph would appear randomly scattered and the number of points is between 2^255 and 2^256 or about one point for every eight atoms in the universe. If you think you have or can find an accessible formula to compute these points backward from a public key, then yes you could cause problems with the current version of Bitcoin.



Yes, counting up by one for instance. The problem is there are so many possible addresses it would take you (or a computer) an unbelievable amount of time just to count upward and hit one.


Can be ordered or must be ordered?  


The security comes from both the size of the number set and the difficulty in calculating the private key from only a public key.


This presumes such a formula could be discovered.


Let's see it then.

I hear what you are saying, but the fact of the matter is that so far, no one has
been able to detect any sort of pattern in strong cryptographic hash functions
such as SHA-256.    

There is something called the 'avalanche effect' where changing one character
changes the outcome completely.  If you look into the inner workings of the
hash function, it goes through I believe 64 rounds of computation.  By the
time its done all that computing, you're left with something that has no
discernable pattern.  

So while you're correct that they are not 'random', the outputs appear
random for all intents and purposes and without a pattern to follow,
no ordering is possible.

Perhaps someday someone may indeed find a pattern, but when/if
that happens, it would be time to migrate to a stronger form of
cryptography.

Not really, because the amount of processing power required to brute force a private key is MANY orders of magnitude beyond that of solving a block.

 

Try to find some basics about encryption, using private keys. It is a one way encryption and lucky guessing is with the current state of computing power not something that is done easily. Though the development of bitcoin is spawning mines that have massive computer power and it spurts like hell to new hights. The downfall of the crypto currency might just be it's popularity and influence on the processing power.

Correct, the consensus is that good hash functions are "one way". They require a ridiculously huge amount of computing power to brute-force (predict), but only a small amount to verify information.

This is a basic question about bitcoin security that I don't see answered adequately.

I'm not an expert in anything, so it is possible I am missing the obvious, but would still like an answer.

The bitcoin private key is a 256 bit number that contains a numerical address and a key to decrypt numerical messages sent to that address.

The number of key is quite high. The security of the bitcoin system seems to be based on the difficulty of using a public address to work backwords and find the private key. But there seems to be an obvious proof that shows that to be flawed.

In order to show that the current bitcoin key system is flawed, all that a person would need to do is show that there was a correlation between the relative position of a private key and the relative position of its corresponding public address.

In other words, if you took the lowest possible private key, a 256 bit number starting with 00000... etc, and the highest possible private key, a 256 bit number starting with 11111... etc, and you were able to show that the two public addresses for those keys formed hard boundaries, i.e., that all bitcoin public addresses fell between those two numbers in some mathematical formula or progression, then you would be showing that an accessible formula existed to work backwords from the public adrress to the private key.

The obvious question then, does some formula or progression exist that could put bitcoin addresses in sequence? Any set of numbers that are derived from another set of numbers ultimately can be ordered in the same sequence as the original set. Therefore it seems that the "security" of the cryptography used in bitcoin would come not from the size of the number set but rather from the computational difficulty of converting private key to public address or vice versa. Since in bitcoin the conversion in one direction, i.e., private key to public address, requires little effort, there is really no security once a formula or progression rule for addresses is discovered. And such a fomula or progression is easily findable by anyone with a little skill in that kind of thing.

... Is that accurate?