Pages:
Author

Topic: Can we please stop saying that it is improbable to generate an inuse key? - page 3. (Read 3566 times)

legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
Even if you produced an address collision, you still need a private key that can sign the tx.

Yes, but it does not have to be the same public/private key pair.
sr. member
Activity: 287
Merit: 250
Technically, addresses are only 160bit hashes.

If that RNG is not working properly, that is a bug in the RNG. Bitcoin has already exposed problems with the Android RNG.

Even if you produced an address collision, you still need a private key that can sign the tx.
legendary
Activity: 1008
Merit: 1001
Let the chips fall where they may.
Technically, addresses are only 160bit hashes.

If that RNG is not working properly, that is a bug in the RNG. Bitcoin has already exposed problems with the Android RNG.
sr. member
Activity: 287
Merit: 250
Make your own key by hand then Smiley
Pretty sure my RNG would be very easy to bruteforce.


Facts and maths are great, but you never know do you!

That's why I've had my vanitygen running on the satoshi wallets since 2011.  

I really want you to be telling the truth, and I really want you to succeed, just to prove that it can be done.
donator
Activity: 1218
Merit: 1079
Gerald Davis
No those of us that understand math won't keep saying that because it is accurate.  Of course is you are worried about flawed PRNG then use a true hardware random number generator (quantum effect or avalanche noise).

There is no known bias to the distribution of ECDSA public keys.  Even if some bias did exist 2^256 is a large space it would take a rather massive bias in distribution in order for there to even be a 1% chance of collision in the thousand years.
legendary
Activity: 978
Merit: 1001
Make your own key by hand then Smiley
sr. member
Activity: 476
Merit: 251
Facts and maths are great, but you never know do you!

That's why I've had my vanitygen running on the satoshi wallets since 2011.  
sr. member
Activity: 287
Merit: 250
I don't think you fully understand how large a 2^256 is:



That image is exactly what I'm talking about it.

And I don't think you understand how easily a flawed RNG can shorten the work required to bruteforce a key, let alone generate an inuse one on accident.
legendary
Activity: 978
Merit: 1001
I don't think you fully understand how large 2^256 is:

sr. member
Activity: 287
Merit: 250
Because I'm sure we're all aware that due to the nature of random number generators, and implementations, the more widespread the adoption of Bitcoin, the more likely it is that we will see key collisions.

Are we even sure that ECDSA even has an unbiased distribution?
Pages:
Jump to: