Pages:
Author

Topic: Can a bitcoin address can be recovered from public key??? (Read 2716 times)

sr. member
Activity: 350
Merit: 250
Guys Thanks for your replies....it helped me a lot !!!!!

SO I AM LOCKING THIS TOPIC....

THANK YOU AGAIN!!!!  Smiley
full member
Activity: 162
Merit: 109
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???
Bitcoin address is Base58 encoded a hash of public key. So if you have a public key you can calculate bitcoin address ;-)
But you will not be able spend bitcoins - you will need a private key  Tongue
legendary
Activity: 2884
Merit: 1115
Leading Crypto Sports Betting & Casino Platform

It explains how a TX is created and confirmed, it does not explain how addresses are created.


I see what you meant there made an error, but the info-graphic still is handy.
It took me a while there to get the question misread it your right the private key comes first the bitcoin address comes last not that the bitcoin address is deduced backwards to find the master public key then the private key.

Was thinking of a strange configuration where the master public key reveals a private key through a hash in a deterministic wallet exploit.
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276
https://en.bitcoin.it/wiki/BIP_0032

Posting the proper one:



Op's question was
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

The answer is NO
-snip-

Your answer is wrong, same as 90% of others here that have no idea what they are talking about. The address is the hash the of public key. Of course anyone can hash the public key in the correct way and get the address. Thus the address can be "recovered" from the public key.

What you are possibly refering to is the private key. The chain goes one way like this:

private key -> public key -> address

not (!) the other way around

address -\> public key -\> private key

but thats not the question asked by OP.

In that case, I am confused (!) Following the Process it is Private -> Public -> Address
EDIT: Read it as no its the other way around nvm your fine.

How to create Bitcoin Address
https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses

0 - Having a private ECDSA key

   18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725

1 - Take the corresponding public key generated with it (65 bytes, 1 byte 0x04, 32 bytes corresponding to X coordinate, 32 bytes corresponding to Y coordinate)

   0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A 299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6

2 - Perform SHA-256 hashing on the public key

   600FFE422B4E00731A59557A5CCA46CC183944191006324A447BDB2D98D4B408

3 - Perform RIPEMD-160 hashing on the result of SHA-256

   010966776006953D5567439E5E39F86A0D273BEE

4 - Add version byte in front of RIPEMD-160 hash (0x00 for Main Network)

   00010966776006953D5567439E5E39F86A0D273BEE

(note that below steps are the Base58Check encoding, which has multiple library options available implementing it)
5 - Perform SHA-256 hash on the extended RIPEMD-160 result

   445C7A8007A93D8733188288BB320A8FE2DEBD2AE1B47F0F50BC10BAE845C094

6 - Perform SHA-256 hash on the result of the previous SHA-256 hash

   D61967F63C7DD183914A4AE452C9F6AD5D462CE3D277798075B107615C1A8A30

7 - Take the first 4 bytes of the second SHA-256 hash. This is the address checksum

   D61967F6

8 - Add the 4 checksum bytes from stage 7 at the end of extended RIPEMD-160 hash from stage 4. This is the 25-byte binary Bitcoin Address.

   00010966776006953D5567439E5E39F86A0D273BEED61967F6

9 - Convert the result from a byte string into a base58 string using Base58Check encoding. This is the most commonly used Bitcoin Address format

   16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM

http://security.stackexchange.com/questions/54136/possible-to-derive-private-key-from-public-key-given-enough-computing-power
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
-snip-
Simple Answer: NO
-snip-

Did you even look at the picture you posted? OP is talking about the public key.

It's in the picture did you read each part of the process ?
And the infographic shows the process.

It explains how a TX is created and confirmed, it does not explain how addresses are created.

Op's question was
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

The answer is NO
-snip-

Your answer is wrong, same as 90% of others here that have no idea what they are talking about. The address is the hash the of public key. Of course anyone can hash the public key in the correct way and get the address. Thus the address can be "recovered" from the public key.

What you are possibly refering to is the private key. The chain goes one way like this:

private key -> public key -> address

not (!) the other way around

address -\> public key -\> private key

but thats not the question asked by OP.
legendary
Activity: 2884
Merit: 1115
Leading Crypto Sports Betting & Casino Platform
-snip-
Simple Answer: NO
-snip-

Did you even look at the picture you posted? OP is talking about the public key.

It's in the picture did you read each part of the process ?
And the infographic shows the process it merited posting.

Op's question was
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

The answer is NO
However you can try  if your looking for an atom in the sun or run a defective client.
(you cannot compute the public key without the private key).  A problem is that if one private key is leaked the others can easily be computed, but there is no general way to avoid it. )

---
By publishing Kp, a customer should be able to combine Kp and n, in such a way he gains a public key Kp(1013853254).
If a customer sends Money to the associated adress of this public key Kp(1013853254), then the funds
should be spendable by combining Ks with n in such a way I gain Ks(1013853254).

How is this possible with lets say EC primitives?

The associative law and the distributive law hold for EC and can be used.  Kp = Ks * G, hence
   (1013+Ks) * G = 1013*G + Ks*G = 1013*G + Kp
and
   (1013*Ks) * G = 1013 * (Ks * G) = 1013 * Kp

Note that + and * have two different meanings above.  Operator + is point addition or number addition modulo group order.  Operator * is point multiplication or number multiplication modulo group order.

So 1013+Ks is the private key for 1013*G + Kp  and 1013*Ks is the private key for 1013 * Kp.

I think it doesn't really matter which method you use.  See also BIP32, which uses a variant of the first method for non-hardened derivation  (hardened derivation is not what you want, because then you cannot compute the public key without the private key).  A problem is that if one private key is leaked the others can easily be computed, but there is no general way to avoid it.

--


We are talking about Private Key generations... Can some guru out there have a look at my posts and give some scientific answer to my concerns?

I think not only me, but the Bitcoin community would appreciate that.

https://bitcointalksearch.org/topic/m.10511395

Satoshi, you there?

So lets do the math.  vanitygen can generate about 1 MKey/s with a few tweaks (e.g. try positive/negative, compressed and uncompressed keys at the same time) on today's computer.    Lets assume that using ASIC technology (which you have to build from scratch, since SHA-256 is not enough to generate private/public key pairs) you can get a speedup of a trillion (the current Bitcoin network has significantly less than a trillion times more computing power than Satoshi's computer).  Lets assume there are about 100 million addresses that currently have a non-zero balance (I think it's less).  There are only 2^160 addresses (since we hash to 160 bits).  So you need on average

Code:
2^160 addresses / (100 million non-empty addreses) / a trillion speedup / 1 million (keys/s) /31.5 million (s/year) = 464*10^12 years/key
This are around 465 trillion years to find a single key for a non-empty address, if I'm not mistaken.

Okay, if Moore's law will still hold for 75 years, then this method might become feasible -- if you want to invest as much money as all miners together and let the computer work for half a year to find a fraction of a Bitcoin in some random address.

BTW, there are faster ways than brute-forcing all addresses. You could take an address with lot of funds where the public key is known (e.g. Bitstamp's cold wallet) and use the big-step, baby-step algorithm that "only" has complexity 2^128.  That may be 100 times faster.

And since you asked for quantum computers:  The current quantum computers can probably not be used, but if you have a real 65000-qbit quantum computer that can do complex computations without decoherence for a few seconds, then you can probably crack a public key in a few seconds.

--
Since that does not happen in most use cases the simple answer is NO

legendary
Activity: 3248
Merit: 1070
Not unless quantum computers (even just a few) have taken off. Until then, no.

And even if quantum computers take off soon, there are mathematically proven ways to protect data even from them...but not the current form of BTC keys (or SSL, TLS, PGP, etc.). Still, that's a long way off by most estimates. And they would go after much, much bigger targets than a BTC wallet.

So, no.

just hope that quantum computer would be revealed to the public first, otherwise they can break ecdsa easily, and determinate public key from address

for the op this can be useful https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses

no youcan not crack private key by knowing public key.
But i think by using botnets it would be possible.

this is a public key, with a quantum computer you can easily determinate it form an address

and sha256 is impossible to crack for now, even satoshi said that there is a possibility in the future that something unknown could break it

like quantum computer could pose a serious threat, surely not something which i call impossible
hero member
Activity: 850
Merit: 1000
Not unless quantum computers (even just a few) have taken off. Until then, no.

And even if quantum computers take off soon, there are mathematically proven ways to protect data even from them...but not the current form of BTC keys (or SSL, TLS, PGP, etc.). Still, that's a long way off by most estimates. And they would go after much, much bigger targets than a BTC wallet.

So, no.
legendary
Activity: 3878
Merit: 1193
As a couple people have mentioned, a poorly-chosen private key can be recovered. This includes some brain wallets and bugs in private key generation. Anybody claiming to be able to recover any private key is lying or he would have done so with any number of multi-million dollar addresses readily available in the blockchain.
legendary
Activity: 4522
Merit: 3426
no youcan not crack private key by knowing public key.
But i think by using botnets it would be possible.

Even a botnet would not be powerful enough to crack private keys.

Skipping the physics and doing back-of-the-envelope math ...

There are 2160 addresses. Just to count up to 2159 (half the possible keys) would consume at least 4.8x1025 joules. The energy consumption of the entire world is 5.6x1010 joules.

TL;DR Using all the electricity generated by the entire world, it would take 1015 (1,000,000,000,000,000) years to just to count through half the possible keys.
legendary
Activity: 1302
Merit: 1068
No it is not.

Yes it is - do you understand that the question does not mention "private key" but instead "public key" or did you simply not read it?

It is a mess but if you put information like that, you will just cause confusion, and thus, a mess.

Unfortunately it is you (and most other posters in this topic) that are causing the mess and confusion by not even bothering to read the OP.

To the @OP - unfortunately this is why this forum is no longer very useful for any sort of technical advice. Sad


Looks like you are the only one to actually read the question indeed.

I think people just automatically assume private key whenever someone starts talking about recovering something from an address.

Are you guys done bashing? You cannot recover an address from another Bitcoin address. The whole process need to go back to the privkey, hence the comment of me and other users.

"That" is what was asked "Can you recover address from address" in broken English and that is the proper answer.
copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
-snip-
Simple Answer: NO
-snip-

Did you even look at the picture you posted? OP is talking about the public key.
legendary
Activity: 2884
Merit: 1115
Leading Crypto Sports Betting & Casino Platform
As long as someone does not have a weak R value cough blockchain tinkering with code.
If I recall correctly there was an exploit that was patched similar to that in the area of address reuse
https://en.bitcoin.it/wiki/Address_reuse
https://bitcointalksearch.org/topic/reused-r-values-again-581411

Simple Answer: NO

copper member
Activity: 1498
Merit: 1528
No I dont escrow anymore.
Guys the things are now messing up here...

Just lock the thread. You will only get more answers from people that do not even bother reading your question properly.

i asked only the question that CAN A BITCOIN ADDRESS CAN BE RECOVERED FROM PUBLIC KEY??

and i got the answer - "NO"

and I thought we have been over this.


Has nothing to do with bitcoin.

there is only two-three points that can recover your address:-
1) private key

Private key -> pubkey -> address

2) mnemonic

That only works for HD wallets and

mnemonic -> master private key -> private key -> pubkey -> address

3) email address and phone no. that was linked to the address(if you had made via blockchain)

Thats service specific and has nothing to do with the inner workings of bitcoin.

legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???

Guys the things are now messing up here...

i asked only the question that CAN A BITCOIN ADDRESS CAN BE RECOVERED FROM PUBLIC KEY??

and i got the answer - "NO"

reason:-https://www.comodo.com/resources/small-business/digital-certificates2.php

there is only two-three points that can recover your address:-
1) private key
2) mnemonic
3) email address and phone no. that was linked to the address(if you had made via blockchain)

Your question is misleading. Normally the public key is the address. And for full access, to spend the funds, you need the private key.

Now, you forgot about "vanity generator" which in theory can give you the private key of a bitcoin address you want (or at least based on a pattern).
But you will not live long enough for that to come out from vanity gen.

As somebody said, only Chuck Norris can help, since he already counted to infinite and back, twice Smiley
sr. member
Activity: 350
Merit: 250
and talking about evil-kennevel guy, i think it was his own address and he made it seem like other account.

IF NOT I CHALLENGE HIM TO CRACK MY ADDY.
sr. member
Activity: 350
Merit: 250
Guys the things are now messing up here...

i asked only the question that CAN A BITCOIN ADDRESS CAN BE RECOVERED FROM PUBLIC KEY??

and i got the answer - "NO"

reason:-https://www.comodo.com/resources/small-business/digital-certificates2.php

there is only two-three points that can recover your address:-
1) private key
2) mnemonic
3) email address and phone no. that was linked to the address(if you had made via blockchain)
legendary
Activity: 2282
Merit: 1023
Talking about chances:

Finding the same bitcoin address (with private key) = 1 in 2^160

Compare to: [BAD THINGS]
1. Being killed by a vending machine. (1 in 112 million)
2. Being killed in a terrorist attack on an airline. (1 in 25 million)
3. Dying from a bee, hornet or wasp sting. (1 in 6.1 million)
4. Dying from being left-handed and using a right-handed product incorrectly. (1 in 4.4 million)
5. Dying in a plane crash. (1 in 1 million)
6. Being killed by flesh-eating bacteria. (1 in 1 million)
7. Getting Struck by Lightning. (1 in 1 million)
8. Drowning (1 in 2,000,000)
9. Drowning specifically in a bathtub. (1 in 840,000)
10. Dying in an on-the-job accident. (1 in 48,000)
11. Being murdered…just in general. (1 in 18,000)

Compare to: [GOOD THINGS]
1. Having identical quadruplets. (1 in 15 million)
2. Becoming US president. (1 in 10 million)
3. Becoming a Movie Star. (1 in 1,505,000)
4. Becoming an astronaut. (1 in 12,100,000)
5. Getting a royal flush in a first hand of poker. (1 in 649,740)
6. Winning an Olympic gold medal. (1 in 662,000)
7. Becoming a pro athlete. (1 in 22,000)
8. Winning an academy award. (1 in 11,500)
8. Finding out your child is a genius. (1 to 250)
9. Dating a millionaire. (1 to 215)

HOWEVER, the chance of finding the same bitcoin address (with private key) is still higher than the chance that YOU exist:



So, there is still a chance!!!
legendary
Activity: 3066
Merit: 1129
Only Chuck Norris can, and I tell you, he just need to blink once to find the private key!
But returning on the natural world: Only if you can win 3 max prize lotteries in a row you can find it.
legendary
Activity: 3976
Merit: 1421
Life, Love and Laughter...
Can a bitcoin address can be recovered from public key... If not so how is it related to bitcoin address???



Only he can.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
The only way you could do such a thing is if you know the public key originated from a brain wallet and you are able to figure out the words used on the wallet by possibly being very close to that person.

So thats why brainwallet is closed permanently for these security issues...
Nope, brainwallet is known not only for their possible lapse in human mind but also the insecure algorithm used to generate them. There was recently a hacking tool that was revealed and it could potentially cause people to lose money.
Pages:
Jump to: