Odds of address collision with vanitygen

raphma

sr. member

Activity: 350

Merit: 250

Quote from: Sir Alpha_goy on August 14, 2016, 08:45:38 AM

Most likely quantum computing will be the death of BTC.

Quote from: Sir Alpha_goy on August 14, 2016, 09:05:58 AM

Wasn't that the whole purpose of the blockchain?

Make the database so big and make mining (transaction verifications) so intense that only high end computing (quantum) could handle it in the future without the need for so much power.

IMO BTC will breathe more life into AI.

It was designed that way from the beginning.

On second thought disregard my statements.

I'm only trolling right?

so, in the first statement you say it(quantum) will kill bitcoin and in the other you say it was "needed" to bitcoin work properly?
doest that make sense?

if i understood wrong, please, correct me.

DannyHamilton

legendary

Activity: 3472

Merit: 4801

Quote from: YIz on August 14, 2016, 09:21:23 AM

yeah, it might be a better title after all.

Removed my complaints

YIz

hero member

Activity: 686

Merit: 502

Quote from: ?? on ??

Quote from: YIz on August 14, 2016, 09:17:03 AM

Pick an appropriate title for the thread and I'll change it then, if you are so annoyed by the title.

Odds of address collision with vanitygen

There you go, yeah, it might be a better title after all.

YIz

hero member

Activity: 686

Merit: 502

Quote from: ?? on ??

Quote from: YIz on August 14, 2016, 09:05:19 AM

- snip -
why couldn't I call it an attack, even if the chances are almost 0%? it's still some kind of attack.

Sure. In the same way that I could say that "reading Green Eggs and Ham in my bed in the U.S. is a theoretical attack on the people of France"

It may not accomplish anything, and be entirely harmless, but if I want to call it an "attack" then it is still some kind of attack.

If generating addresses and checking to see if those addresses have a balance is "some kind of attack" then every bitcoin user is "attacking" bitcoin every time they use bitcoin. Nonsense!

Pick an appropriate title for the thread and I'll change it then, if you are so annoyed by the title.

DannyHamilton

legendary

Activity: 3472

Merit: 4801

Quote from: Sir Alpha_goy on August 14, 2016, 09:05:58 AM

disregard my statements.

I'm only trolling

I was going to respond, but then you said that and I realized that it's a bad idea to feed the trolls.

Sir Alpha_goy

sr. member

Activity: 448

Merit: 250

Quote from: Lauda on August 14, 2016, 08:58:33 AM

Quote from: Sir Alpha_goy on August 14, 2016, 08:45:38 AM

Most likely quantum computing will be the death of BTC.

No, it won't. Stop trolling.

Quote from: YIz on August 14, 2016, 08:49:51 AM

Will it actually change the odds of finding a private key drastically? I've heard that it makes a lot more calculations in comparison to a traditional computer, but the question is, how many more.

Not necessarily. Generally (summarized), 256 bit for a standard computer is 'treated' as 128 bit for a quantum computer. However, keep in mind that while they are more faster in doing some calculations, they are much slower at doing others. The only potential vulnerability (so far) may be ECSDA. Bitcoin can fork and move away to quantum resistant algorithms. I'm not sure how exactly it may influence key generation, albeit I'd say doing so with a GPU would still be faster.

Wasn't that the whole purpose of the blockchain?

Make the database so big and make mining (transaction verifications) so intense that only high end computing (quantum) could handle it in the future without the need for so much power.

IMO BTC will breathe more life into AI.

It was designed that way from the beginning.

On second thought disregard my statements.

I'm only trolling right?

YIz

hero member

Activity: 686

Merit: 502

Quote from: ?? on ??

Quote from: YIz on August 14, 2016, 08:38:19 AM

- snip -
It's not that I'm actually going to try because I know the odds are ridiculously low.

And yet you use a subject for the thread of "Theoretical bitcoin attack"?

If you know that the odds are "ridiculously low", then you know it's not a "Theoretical bitcoin attack".

This would seem to imply that you chose that subject line to troll or try to start a flame war.

I was just curious dude, I wasn't trying to start a "flame war" or troll. and why couldn't I call it an attack, even if the chances are almost 0%? it's still some kind of attack.

YIz

hero member

Activity: 686

Merit: 502

Quote from: DannyHamilton on August 14, 2016, 08:31:32 AM

I don't know how many addresses per second an i7-6700K can generate per second. But lets go with an unrealistically large number. Lets pretend that number of hashes that are computed by the entire worldwide bitcoin mining network is the same as the number of addresses you could generate. (In other words, let pretend like your computer all by itself could mount an effective 51% attack on the bitcoin network)

That would mean that you could generate 1648994603000000000 (1.65 X 10¹⁸)addresses every second.

There are about 31557600 (3.16 X 10⁷) seconds in a year.

That means after running your super powerful machine for a full year, you would have generated a total of:

1.65 X 10¹⁸ * 3.16 X 10⁷ =

5.214 X 10²⁵ addresses (approximately 52140000000000000000000000).

Now, there are a total of 2¹⁶⁰ possible bitcoin addresses.
2¹⁶⁰ = 1.46 X 10⁴⁸

So, you will have generated
1.46 X 10⁴⁸ / 5.214 X 10²⁵ =

1 / 2.8X10²²th of all possible addresses.

If you now choose a completely random address, that address has an equal chance of being in the 1 / 2.8X10²²th that you generated or any of the remaining 2.8X10²²ths that you haven't yet generated.

Therefore, "the probability of finding that random address and its private key in there" with the imaginary supercomputer is:
1 / 2.8X10²² =

3.57 X 10^-23
or 0.00000000000000000000357%

While we haven't computed what your i7-6700K could do, it should be clear that it will do MUCH worse that this.

Alright the number is even more ridiculous than I thought it's going to be, and this is the best possible case.. and damn dude, you have some fine math skills, I wish I knew how to make those calculations myself Cheesy

Lauda

legendary

Activity: 2674

Merit: 2965

Terminated.

Quote from: Sir Alpha_goy on August 14, 2016, 08:45:38 AM

Most likely quantum computing will be the death of BTC.

No, it won't. Stop trolling.

Quote from: YIz on August 14, 2016, 08:49:51 AM

Will it actually change the odds of finding a private key drastically? I've heard that it makes a lot more calculations in comparison to a traditional computer, but the question is, how many more.

Not necessarily. Generally (summarized), 256 bit for a standard computer is 'treated' as 128 bit for a quantum computer. However, keep in mind that while they are more faster in doing some calculations, they are much slower at doing others. The only potential vulnerability (so far) may be ECSDA. Bitcoin can fork and move away to quantum resistant algorithms. I'm not sure how exactly it may influence key generation, albeit I'd say doing so with a GPU would still be faster.

DannyHamilton

legendary

Activity: 3472

Merit: 4801

Quote from: DannyHamilton on August 14, 2016, 08:31:32 AM

- snip -

I've updated my post above with actual math.

Since I didn't know how many addresses an i7-6700K could generate per second I rounded WAY up to a ridiculously high number.

If you want to know the actual chances with an i7-6700K, then let me know how many addresses an i7-6700K can generate in a second (or hour) and I'll update my post with the actual numbers.

YIz

hero member

Activity: 686

Merit: 502

Quote from: Sir Alpha_goy on August 14, 2016, 08:45:38 AM

Most likely quantum computing will be the death of BTC.

All part of the stairway to heaven.

Will it actually change the odds of finding a private key drastically? I've heard that it makes a lot more calculations in comparison to a traditional computer, but the question is, how many more.

Sir Alpha_goy

sr. member

Activity: 448

Merit: 250

Most likely quantum computing will be the death of BTC.

All part of the stairway to heaven.

Sir Alpha_goy

sr. member

Activity: 448

Merit: 250

Quote from: Lauda on August 14, 2016, 08:28:05 AM

Quote from: YIz on August 14, 2016, 08:22:36 AM

Intel i7-6700K

That's a weak way of generating random addresses. I will leave this picture here and it should hopefully explain why this attack isn't feasible:

https://i.imgur.com/VjtG3.jpg

People are generally bad with probabilities. It is more probable that an asteroid will wipe out humanity, than someone generating a collision in the future. I was going to provide some sort of numbers but it seems that DannyHamilton is on it.

"Bitcoin - Your money is secured by the laws of the universe"

Tongue

The Virgin Mary herself would be so proud of you all.

NorrisK

legendary

Activity: 1946

Merit: 1007

A picture speaks more than a thousand words. The numbers are so astronomically huge, that your odds will be insanely small.

Here is a calculation posted by DeathAndTaxes a few years ago:

Quote from: DeathAndTaxes on August 29, 2012, 12:35:42 PM

The odds in colliding with a specific address is 1 in 2^160.

If there are a billion users and each have one million active addresses (1 quadrillion funded addresses in the blockchain) the odds in colliding with any address would be roughly 1 in 2^110 (1*10^33).

Vanitygen can produce 20 million keypairs per second. Lets say you build a super ASIC on 12nm (4 generations ahead of current tech) process that could create, validate, and steal one trillion keypairs per second (1 TK/s). That would be about 50,000x more powerful than faster GPU today. Lets also say you built a thousand of them and ran them continually with no downtime 24/7/365. In 1 year you could brute force 3*10^28 possible addresses.

If there are 1 quadrillion funded addresses you would still have a ~1% chance of colliding with a random funded address in the next 1,000 years.

Those numbers should make it clear that the chance of a collision are so negliable. If 100 CPUs would be able to produce a collision, it would have been done a ton of times by now, as there are a lot of people that have this kind of computing power at their disposal. Especially look at the requirement of having 1 quadrillion funded addresses in this calculation..

YIz

hero member

Activity: 686

Merit: 502

Quote from: Lauda on August 14, 2016, 08:28:05 AM

Quote from: YIz on August 14, 2016, 08:22:36 AM

Intel i7-6700K

That's a weak way of generating random addresses. I will leave this picture here and it should hopefully explain why this attack isn't feasible:

People are generally bad with probabilities. It is more probable that an asteroid will wipe out humanity, than someone generating a collision in the future. I was going to provide some sort of numbers but it seems that DannyHamilton is on it.

Yeah, I know that picture, but I'm looking for numbers, haha. It's not that I'm actually going to try because I know the odds are ridiculously low.

Chris!

legendary

Activity: 1382

Merit: 1122

Haha Lauda got it up first... but yes it's impossible. If you find a bitcoin address with someone else's funds in it you would have been better off buying a lottery ticket! At least that way you know you get ~$1million whereas you my only find a bitcoin address with a few Satoshis in it if you're the luckiest person on earth and you live a quadrillion years. Don't bother trying! Go buy a lottery ticket! The odds are way better.

7788bitcoin

legendary

Activity: 2282

Merit: 1023

It's not possible, even if you own all the computers in the world!!

There is a youtube video that I like very much that explains how it is not possible: https://www.youtube.com/watch?v=ZloHVKk7DHk

Quote from: YIz on August 14, 2016, 08:22:36 AM

Yeah, I know some of you will start saying "It's not possible" before I even click the post button, but I'm just curious.

If I had a hundred computers with an Intel i7-6700K running vanitygen generating random addresses running 24/7 for a year, and after that I would search a random address in the database I created (assuming that I can load a file that huge) what would be the probability of finding a random address and its private key in there?

DannyHamilton

legendary

Activity: 3472

Merit: 4801

I don't know how many addresses per second an i7-6700K can generate per second. But lets go with an unrealistically large number. Lets pretend that number of hashes that are computed by the entire worldwide bitcoin mining network is the same as the number of addresses you could generate. (In other words, let pretend like your computer all by itself could mount an effective 51% attack on the bitcoin network)

That would mean that you could generate 1648994603000000000 (1.65 X 10¹⁸)addresses every second.

There are about 31557600 (3.16 X 10⁷) seconds in a year.

That means after running your super powerful machine for a full year, you would have generated a total of:

1.65 X 10¹⁸ * 3.16 X 10⁷ =

5.214 X 10²⁵ addresses (approximately 52140000000000000000000000).

Now, there are a total of 2¹⁶⁰ possible bitcoin addresses.
2¹⁶⁰ = 1.46 X 10⁴⁸

So, you will have generated
1.46 X 10⁴⁸ / 5.214 X 10²⁵ =

1 / 2.8X10²²th of all possible addresses.

If you now choose a completely random address, that address has an equal chance of being in the 1 / 2.8X10²²th that you generated or any of the remaining 2.8X10²²ths that you haven't yet generated.

Therefore, "the probability of finding that random address and its private key in there" with the imaginary supercomputer is:
1 / 2.8X10²² =

3.57 X 10^-23
or 0.00000000000000000000357%

While we haven't computed what your i7-6700K could do, it should be clear that it will do MUCH worse that this.

Lauda

legendary

Activity: 2674

Merit: 2965

Terminated.

Quote from: YIz on August 14, 2016, 08:22:36 AM

Intel i7-6700K

That's a weak way of generating random addresses. I will leave this picture here and it should hopefully explain why this attack isn't feasible:

People are generally bad with probabilities. It is more probable that an asteroid will wipe out humanity, than someone generating a collision in the future. I was going to provide some sort of numbers but it seems that DannyHamilton is on it.

YIz

hero member

Activity: 686

Merit: 502

Yeah, I know some of you will start saying "It's not possible" before I even click the post button, but I'm just curious.

If I had a hundred computers with an Intel i7-6700K running vanitygen generating random addresses running 24/7 for a year, and after that I would search a random address in the database I created (assuming that I can load a file that huge) what would be the probability of finding a random address and its private key in there?

Topic: Odds of address collision with vanitygen (Read 987 times)