Topic: Please can one say private key is 100% secure (Read 323 times)

Private key is 100% secured and the progress to create private key to public key and lastly to public address are one way. You can not reverse the progress and retrieve private key from public address or public key.

If the reversed progress is possible, bitcoin is unsafe and your bitcoin already was stolen.

It is safe but IF you don't secure your private key, its backup safely and secretly, and IF some others know those information, they will import your bitcoin private key and get access to that address. They will be able to steal your bitcoin.

Key, Addresses in Mastering Bitcoin

As far as I know, when we enter the private key, it means that the key is in a position without 2FA which if someone gets the key without being encrypted with folder locker, then he can easily enter the wallet. It will be different when what is stored on the PC is a json file or a .dat extension or an Electrum exported wallet version, we can complete this with an active 2FA.

As encrypted as they seem, private keys are not 100% secure else they would have been called "secure keys". If the operating system of the computer or device containing your private key's is compromised, your so called encrypted keys can be obtained. To make and create a more secure system for your wallet, two factor authentication is adviced. So in a case where paraventure your private keys falls into the wrong hands, they will not be able to gain complete access to your wallet.

If you think that there was a leak of private keys, then simply move your Bitcoin wallet on the other.

Bitcoin does not use any encryption at all.
And definitely no symmetric cipher (what you are referring to here).




There are no messages encrypted.
You seem to be confused with encryption and signatures.

Bitcoin is using the ECDSA. This is a Digital Signature Algorithm on Elliptic Curves.

There is no encryption envolved.




If the private key has been generated randomly, yes.
If it has been derived from something (e.g. from a seed), then it still can be recovered as long as the necessary information (e.g. seed and way of deriving) is available.

This infographic is somewhat old.. I have seen it many times, and I never saw its "truly" source.

I got it from this topic, which I found just googling "bitcoin univese private keys"

It can also be found here, in this reddit topic:
Bitcoin - your money is secured by the laws of the universe (from 7 years ago)
https://www.reddit.com/r/Bitcoin/comments/1ohwvu/bitcoin_your_money_is_secured_by_the_laws_of_the/

I will add this last one as the source of the image.

Nice infographic! Where did you get this one?

Good points given by @Welsh, as far as we are remember our key, we can recover it anytime. phishing or virus may can take our key from digital zone, but as far as we have offline backup you can open wallet again. but if you are lose offline wallet/backup key, its mean you lose your money forever till you find the key.

So,conclusion about #4, We can recover wallet if we have another backup, but not guaranty we can recover the asset inside of wallet if hacker already moving up your tokens.

I think the majority of your questions have been answered fairly well, however I'm going to try, and answer the above question in a way that you might understand.

Basically, a private key if stolen can be recovered. However, I don't think your understanding exactly what "recovered" means. Basically, if your private key is lost or stolen then it can still be recovered if you later stumble upon it or remember it. However, the funds that might have existed in the address that the private key belonged too, might have already been cleared out.

Think of a private key as your password or entry point to your funds. If its lost, then the only way your getting to those funds is if you find it. in this sense, you could be recoverable depending on what you mean by "lost", and to what degree its been "lost". However, if the private key has been stolen, or exposed to someone other than yourself the addresses that the private key belonged too, are essentially breached for life. Basically, even if you your funds are not moved yet, but the private key has definitely been exposed to someone else, they are vulnerable to be taken at any point, which means that your funds might be recoverable at the moment, but in 7 days the malicious attacker might well take them out, because they have a permanent access point (the private key) to that address.

Therefore, if your private key has been exposed to someone else, you should move your coins out as soon as possible to another address that you own, and have the associated private key which has not been exposed to someone else. There's a common saying, if you don't own the private key, you don't own the Bitcoin. The same saying is applicable if your private key has been stolen, basically its vulnerable at that point, and that address will never be considered safe again.

This is totally right, and this makes private key to be safe. With the present day technology, no computing can brute force private key, while it is also 100% impossible to reverse the elliptic curve multiplication, it is one-way function and can not be divided to get the private key from the public key, the private/public key cryptography is also called asymmetric cryptography in this regard in a way private key is able to create digital signature to unlock bitcoin from blockchain with the corresponding address in which only the owner of the private key can do this. This is not related to any form of encryption, in which secret is made in form of password to protect the private key, though making such encryption is possible but encryption is not the process to generate private key, this makes asymmetric cryptography to have nothing to do with encryption.

I wouldn't call it a variable, it is constant for the user that selects it.

Private keys (in bitcoin) aren't used for encryption. In fact there is no encryption in bitcoin protocol at all. Instead private keys are used to create "signatures" using an algorithm called ECDSA.

It is not hidden anywhere least of which in the code, it is "private" and is stored privately by the user.

I don't know what you mean by this.
The security of a private key comes from 2 things:
1. The size of the key which means the total range in which you can select the key is so big that it makes searching it impossible.
2. Randomly selected keys. Think of private key as a random number that you choose in an enormous range.

Bitcoin private keys are only used in asymmetric cryptography.

Private keys are safe as long as they are randomly selected using a strong RNG.

Again there is no encryption or decryption in bitcoin at all.
You generate a signature and that signature can be validated using the "message" (usually the transaction) and your public key.

It is neither fast no simply. It would take hundreds of years to only check a very small portion of this space.

Again x3 there is no encryption in bitcoin.

You are reading stuff that has nothing to do with bitcoin. Cryptography is much larger topic than bitcoin. Not to mention that this is a poorly written article.

Private keys are not 100% secure until you keep them safe to yourself only, private keys can't keep themselves safe so this makes them vulnerable, they need to be handle with care

Once a private key is stolen the security is no longer there. The private key is really a secured way to protect our funds but the key also is we must protect it from letting others know what our PKs cause its just a tip of a finger once they knew it and can retrieve all our funds from wallet.

Stolen it means you are not careful cause a private key is really hard to guess or randomly generate by guessing what could be the words or numbers there. The only way it can be known is when they got it from you on other ways.

No.
Bitcoin private keys are long enough so that they cannot be brute force, as long as they are properly generated.

It is vital that you use a decent wallet which has a decent source of randomness so your private key is properly generated.

If your private keys are properly generated, they cannot be guessed or brute forced. Take a look at this infographic so you have an idea about the size of combinations:


source: https://www.reddit.com/r/Bitcoin/comments/1ohwvu/bitcoin_your_money_is_secured_by_the_laws_of_the/

At the moment, yes. Private key is very secured looking from the perspective that, even the app or wallet from which the private key is generated has no reference or backup storage for any form of alteration or retrieval of a lost key.
It is the closest thing to a perfect security setup which is more complicated or difficult than the traditional human compiled or formed password. Even still, it gives you a room to set your password but then, the private key has a way to override all that which makes it the most important.
That's why the popular saying goes, "not your keys, not your coins".

Keep your key private and your security is next to 100%.

It means the longer the bit of the private key, the more harder you will try to brute force it. The present ones are 256 bits, the size of bitcoin’s private key space, (2^256) is an unfathomably large number. It is approximately 10^77 in decimal. For comparison, the visible universe is estimated to contain 10^80 atoms. Reversing the elliptic curve calculation is impossible, while the present day technology can not brute force such large number as 10^77. Also, the brute force you meant here is when the public key is revealed and used to brute force the private key, not yet when the address is reveal which is now what public should know. If only the address is known, this will be more difficult. I do not want to go much depper into this. But, just know private keys are 100% safe, only what makes them not safe is when you reveal your seed phrase or the private key to another person, it can also be revealed through malware attack on devices.

https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch04.asciidoc#base58

Encryption is not necessary, private key is safe but just for additional protection, and it is optional.

No, protecting it is right word here.

If the private key is known to another person, the person will use it to access the bitcoin the private key controls and used it to unlock the bitcoin on blockchain.

HD wallets is enough for this.

Yes, you are right. But private key does not represent addresses, but private key generates digital signature used to unlock funds stored on blockchain through public key using a digital fingerprint called addresses.

You are also right, but we should also mention send seed phrase as very important, it can generate the private key which means it should be protected like private key, any access to seed phrase also means the private keys can also be accessed and can lead to coin lost.

I will go into 2 main parts that I think I can understand correctly  

The private key cannot be changed, each Bitcoin address you own is represented by a different Private Key. What does this mean? You are not allowed to reveal your Private Key under any circumstances. If you lose the Private Key, you have lost all Bitcoin in that address.

Yes, the Private Key is the most important factor in keeping your money safe. It cannot be recovered.

---

Others please explain more carefully if my answer is wrong

---

One small comment, the OP should be presented in list form, like this

I saw this post and got a bit confused can i get clarity. private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt code. Meaning this key is hidden behind blocks of codes only unique to the user. Secret keys are only shared with the key’s generator, making it highly secure. Private keys play an important role in symmetric cryptography, asymmetric cryptography and cryptocurrencies.

The complexity and length of the private key determine how feasible it is for an interloper to carry out a brute force attack and try out different keys until the right one is found. question 1. Please does this mean that the private key isn't 100% secure since interlopers can carry out attacks on wallet.

How to choose a private key
Private key encryption is referred to as symmetric encryption, where the same private key is used for both encryption and decryption purposes. A private key is typically a long, randomly generated number that cannot easily be guessed. Question 2. If this be the case why would interloper force an attack on this encrypted key Since only one key is involved, the process is fast and simple.

Secret key ciphers generally fall into one of two categories: stream ciphers or block ciphers. A block cipher applies a private key and algorithm to a block of data simultaneously, whereas a stream cipher applies the key and algorithm one bit at a time. Symmetric-key encryption is much faster computationally than asymmetric encryption but requires a key exchange.

Most cryptographic processes use private key encryption to encrypt data transmissions but used public key encryption to encrypt and exchange the secret key.

Challenges of private key encryption
While private key encryption does ensure a high level of security, the following challenges must be considered:

Encryption key management can become too complex if each user has their own private key.
Private keys need to be changed frequently to avoid being leaked or stolen.
Question 3. Please I don't understand this section can I get clarity.
If the private key is forgotten or lost, the system is broken and messages stay encrypted.
Question 4. Does this mean once a private key is stolen or lost it can never be recovered?
Significant computing resources are required to create long, strong private keys.
Source:
https://searchsecurity.techtarget.com/definition/private-key