Single address accounts - page 2. | Bitcointalksearch.org

kjj

legendary

Activity: 1302

Merit: 1026

Quote from: JoelKatz on July 11, 2011, 09:31:34 AM

Quote from: kjj on July 11, 2011, 09:12:06 AM

I already said that we don't think the our modern systems have this problem, but every other PK cryptosytem goes to great lengths to minimize usage of the actual private key, just in case.

Bitcoin only uses the actual private key when something has to be signed to prove it was generated by the owner of that private key. I can't imagine how you could minimize it further or why you would want to.

You minimize it further by not needing to sign multiple transactions with the same key.

Again, I'm not saying that an attack is likely from this direction, I'm just saying that key reuse is considered harmful in general, and should be minimized unless there is a very compelling reason.

bitlotto

hero member

Activity: 672

Merit: 500

BitLotto - best odds + best payouts + cheat-proof

I was thinking that perhaps in the future it becomes plausible to brute force some keys. When it occurs it could be some time to switch to different encryption. So if it took say 100,000 USD of computer resources to brute force an address and **IF** Cheesy

I was a Bitcoin millionaire I'd rather having many addresses with 1,000 than 1 with a million.

JoelKatz

legendary

Activity: 1596

Merit: 1012

Democracy is vulnerable to a 51% attack.

Quote from: kjj on July 11, 2011, 09:12:06 AM

I already said that we don't think the our modern systems have this problem, but every other PK cryptosytem goes to great lengths to minimize usage of the actual private key, just in case.

Bitcoin only uses the actual private key when something has to be signed to prove it was generated by the owner of that private key. I can't imagine how you could minimize it further or why you would want to.

kjj

legendary

Activity: 1302

Merit: 1026

Quote from: ByteCoin on July 11, 2011, 08:27:31 AM

Quote from: kjj on July 11, 2011, 12:44:00 AM

Pick up any book on cryptography, open it to any page, stab your finger into any paragraph, and you will find a warning about key re-use.

Such concerns are not relevant for the security of modern cryptosystems. In particular, public key cryptography relies on the public key being published and used multiple times. Please cite any modern technical publications which claim otherwise.

Codemojo's scheme is simple, viable and secure.

I already said that we don't think the our modern systems have this problem, but every other PK cryptosytem goes to great lengths to minimize usage of the actual private key, just in case.

ByteCoin

sr. member

Activity: 416

Merit: 277

Quote from: kjj on July 11, 2011, 12:44:00 AM

Pick up any book on cryptography, open it to any page, stab your finger into any paragraph, and you will find a warning about key re-use.

Such concerns are not relevant for the security of modern cryptosystems. In particular, public key cryptography relies on the public key being published and used multiple times. Please cite any modern technical publications which claim otherwise.

Codemojo's scheme is simple, viable and secure.

ByteCoin

kjj

legendary

Activity: 1302

Merit: 1026

Pick up any book on cryptography, open it to any page, stab your finger into any paragraph, and you will find a warning about key re-use. We don't think that our current systems have any serious weaknesses in this department, but virtually every cryptosystem in history has been weakened and then broken because keys were used multiple times.

Best practice for security: use each key once, and only once.
Not best practice, but still pretty good: allow multiple uses, but discourage.
Worst practice: design a system that keeps using one key over and over and over again.

codemojo

jr. member

Activity: 35

Merit: 4

Quote from: davux on July 10, 2011, 07:39:55 PM

Should the title be "single address wallets" instead, or would multiple-account wallets with single-address accounts work with your idea?

Yeah, the idea is to have one wallet with multiple "accounts", as the client calls them. And only one address per account.

davux

sr. member

Activity: 288

Merit: 263

Firstbits.com/1davux

Should the title be "single address wallets" instead, or would multiple-account wallets with single-address accounts work with your idea?

patvarilly

newbie

Activity: 42

Merit: 0

Quote from: codemojo on July 10, 2011, 07:07:53 PM

My question is, would this have any serious drawbacks, other than loss of anonimity?

The current system of change isn't even very anonymous to begin with. Take a look at any block in blockexplorer, and you'll find that it's terribly easy in most cases to pick out, with reasonable certainty, which output is change and which is a real transfer from A to B. I've boiled it down to a set of three rules that work almost all of the time here: https://forum.bitcoin.org/index.php?topic=27472.msg346658#msg346658. It's only a matter of time before somebody puts together an alternative block explorer that works around the supposed anonymity of "change" being sent to a new address.

codemojo

jr. member

Activity: 35

Merit: 4

Hi,

suppose there was an online wallet service with a patched version of the official client:

The patch would:
- prevent the client to generate a new address every time it needs to put the money change somewhere
- instead, it would always put the change back to the source address

The benefit would be for the users to be able to check their total balance by simply checking their address on blockexplorer.

My question is, would this have any serious drawbacks, other than loss of anonimity?

Topic: Single address accounts - page 2. (Read 2135 times)