Pages:
Author

Topic: What guarantees that no two address are ever the same ? (Read 2313 times)

hero member
Activity: 518
Merit: 521
D&T that is perfect.  Grin
newbie
Activity: 33
Merit: 0
great image.
maybe in future that can be the first post to topics like this!
donator
Activity: 1218
Merit: 1079
Gerald Davis
note: DSV refers to the program grue mentioned above. For whatever reason, DSV is castrated by the developer (it only searches for addresses beginning with 1DSV). This assumes there is a non-castrated, optimized DSV which may include botnets or NSA super computers (really, super-duper theoretical computers from the land of Oz).
Assuming 500K addresses which either have funds or will have funds within next three months,
0.0000000000000000000000000000000000000000034211388289180104270598866779539% chance per check (or address creation).

Assuming average computer can do 250 optimized DSV-like checks per second,
0.00000000000000000000000000000000000000085528470722950260676497166948848% chance per second.

Assuming a "theft pool" is formed, and 500 of these computers averaging the above click/s,
0.00000000000000000000000000000000000042764235361475130338248583474424% chance per second.

Assuming each theft pool is one botnet, and 20 botnets, exactly the same, exist in these theft pools,
0.0000000000000000000000000000000000085528470722950260676497166948848% chance per second.

Per minute,
0.00000000000000000000000000000000051317082433770156405898300169309%

Per hour,
0.000000000000000000000000000000030790249460262093843538980101585%

Per day,
0.00000000000000000000000000000073896598704629025224493552243804%

Per month (30D),
0.000000000000000000000000000022168979611388707567348065673141%

Per year,
0.00000000000000000000000000026972258527189594206940146568988%


Assume worst-case scenario, DSV-like software can check 5000 addresses (10M of which are funded or will be funded within 6 months) per second, and 100 botnets of 50,000 computers each...
Per day,
0.000000000000000000000000014779319740925805044898710448761%

Per month,
0.00000000000000000000000044337959222777415134696131346283%

Per year,
0.0000000000000000000000053944517054379188413880293137978%

Per century,
0.00000000000000000000053944517054379188413880293137978%


ETA: Worse-than-worst case scenario. NSA can check 1T addresses per second, 1T addresses are funded.
Per century,
0.0000000000000021577806821751675365552117255191%

Per billion centuries,
0.0000021577806821751675365552117255191%

donator
Activity: 1218
Merit: 1015
note: DSV refers to the program grue mentioned above. For whatever reason, DSV is castrated by the developer (it only searches for addresses beginning with 1DSV). This assumes there is a non-castrated, optimized DSV which may include botnets or NSA super computers (really, super-duper theoretical computers from the land of Oz).
Assuming 500K addresses which either have funds or will have funds within next three months,
0.0000000000000000000000000000000000000000034211388289180104270598866779539% chance per check (or address creation).

Assuming average computer can do 250 optimized DSV-like checks per second,
0.00000000000000000000000000000000000000085528470722950260676497166948848% chance per second.

Assuming a "theft pool" is formed, and 500 of these computers averaging the above click/s,
0.00000000000000000000000000000000000042764235361475130338248583474424% chance per second.

Assuming each theft pool is one botnet, and 20 botnets, exactly the same, exist in these theft pools,
0.0000000000000000000000000000000000085528470722950260676497166948848% chance per second.

Per minute,
0.00000000000000000000000000000000051317082433770156405898300169309%

Per hour,
0.000000000000000000000000000000030790249460262093843538980101585%

Per day,
0.00000000000000000000000000000073896598704629025224493552243804%

Per month (30D),
0.000000000000000000000000000022168979611388707567348065673141%

Per year,
0.00000000000000000000000000026972258527189594206940146568988%


Assume worst-case scenario, DSV-like software can check 5000 addresses (10M of which are funded or will be funded within 6 months) per second, and 100 botnets of 50,000 computers each...
Per day,
0.000000000000000000000000014779319740925805044898710448761%

Per month,
0.00000000000000000000000044337959222777415134696131346283%

Per year,
0.0000000000000000000000053944517054379188413880293137978%

Per century,
0.00000000000000000000053944517054379188413880293137978%


ETA: Worse-than-worst case scenario. NSA can check 1T addresses per second, 1T addresses are funded.
Per century,
0.0000000000000021577806821751675365552117255191%

Per billion centuries,
0.0000021577806821751675365552117255191%
hero member
Activity: 518
Merit: 521
If addresses are actually generated using a truly random source, the probability of hitting an address already in use is orders of magnitude smaller than the risk of life on earth being eradicated by an asteroid impact. You can safely ignore that risk.
However, when addresses are generated from "random" passphrases there is a nontrivial risk of collision. If you use "correct horse battery staple" as a passphrase, you might think that you're really clever, but you're certainly wrong...

Onkel Paul

One of the keys to security is the uniform distribution of the hash. This is why if there is any (e.g. cyclical) pattern or any non-uniformity in a random number generator (RNG), then the attacker can potentially crack your Bitcoin.

This is what happened with Mike Hearn's java version of Bitcoin client for Android, because the stock RNG was faulty. Apparently this was quickly fixed.

Many people don't trust the hardware RNG in Intel chips, because they suspect the NSA planted a backdoor in it.

https://www.schneier.com/blog/archives/2012/02/lousy_random_nu.html
donator
Activity: 1218
Merit: 1079
Gerald Davis
I'm sure you have at least one online account with money, yes? what is its defence that someone be it a bot or a person can type your exact user id and your exact password and if you have it your exact two-factor dongle code, and then transfer your funds somewhere? This too is a possibility.

And many many many magnitudes more likely then generate a key which matches a funded addresses.
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
This question has been asked and answered more times than I care to count.

The basic problem is that the human brain cannot truely comprehend the number 2160 = the number of possible Bitcoin addresses.

The answer is that it is "impossible" given reasonably random numbers to hit another address.  When I say impossible I mean impossible in the lifetime of the solar system.

This is not something that should keep you up at night.
newbie
Activity: 33
Merit: 0
Why 1BTC?
are you pulling that number randomly out of the air?

It isn't an "attack" that needs to be "protected against" it would be a coincidence so impossibly remote that the only conclusion to come to would be that there is a fatal flaw in the implementation of the software that created the wallet, and the original wallet (that got dup''d) was created with the same software with the same flaw.

Either that or it was mundane case of wallet A losing its keys and being used by malicious person B.

What are the chances that the guy carrying the presidents nuclear briefcase can enter launch codes by guessing them, first time correctly, while prez is on the toilet? that is far more probable.

The "defense" against the "attack" is the far extremity of maths probability where the numbers become indistinguishable from "impossible".

edit: another way to think about things, I'm sure you have at least one online account with money, yes? what is its defence that someone be it a bot or a person can type your exact user id and your exact password and if you have it your exact two-factor dongle code, and then transfer your funds somewhere? This too is a possibility.
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
What happens if someone was to generate an address with 1BTC in it?
I actually think this is the biggest flaw in bitcoin, and one of the few things that would crash the price to 0.

As i understand the walled uses elyptic curve algorithms starting from a set of "pseudorandom data" the most random of them is, mouse, certain computer stats and time.

Could it be possible that someone creates a program that generates millions of address and verify's them against the blockchain. ?
 I think this already happens (mainly with brain wallets and using a dictionary attack but also deep space vagabond program), so far no reports of stolen bitcoins,
but it in theory could happen.

in the future there will be asics for alt-coins , maybe one of them is proved to be safe agains this kind of attack. then btc will just upgrade to it.



feel free to try for bitcoin riches:
https://bitcointalksearch.org/topic/2256-deep-space-vagabond-107172

Thank you for the read it was interesting. But my question still stands. What happens if someone was to generate an address with 1BTC in it? If that question is to hard for you to answer or out of your bitcoin understanding  I would appreciate if you kept your presumptuous comments to your self.

That staff tag worries me.

Statistically unlikely but it is still possible.

I hope that people are not so short-sited that they fail to understand how devastating the wrong address getting randomly generated would be to the network. If the "generator" of the previously owned address gains full control of the wallet how can we go about securing against these attacks?

If you generate an address with 1BTC, you can spend it, yes. Or you can ignore it.

However, it's been said many times. Even if you generate one trillion addresses per second for a 1000 years you still probably wouldn't hit a key with a balance.
sr. member
Activity: 1008
Merit: 250
What happens if someone was to generate an address with 1BTC in it?
I actually think this is the biggest flaw in bitcoin, and one of the few things that would crash the price to 0.

As i understand the walled uses elyptic curve algorithms starting from a set of "pseudorandom data" the most random of them is, mouse, certain computer stats and time.

Could it be possible that someone creates a program that generates millions of address and verify's them against the blockchain. ?
 I think this already happens (mainly with brain wallets and using a dictionary attack but also deep space vagabond program), so far no reports of stolen bitcoins,
but it in theory could happen.

in the future there will be asics for alt-coins , maybe one of them is proved to be safe agains this kind of attack. then btc will just upgrade to it.



feel free to try for bitcoin riches:
https://bitcointalksearch.org/topic/2256-deep-space-vagabond-107172

Thank you for the read it was interesting. But my question still stands. What happens if someone was to generate an address with 1BTC in it? If that question is to hard for you to answer or out of your bitcoin understanding  I would appreciate if you kept your presumptuous comments to your self.

That staff tag worries me.

Statistically unlikely but it is still possible.

I hope that people are not so short-sited that they fail to understand how devastating the wrong address getting randomly generated would be to the network. If the "generator" of the previously owned address gains full control of the wallet how can we go about securing against these attacks?
legendary
Activity: 2058
Merit: 1452
What happens if someone was to generate an address with 1BTC in it?
I actually think this is the biggest flaw in bitcoin, and one of the few things that would crash the price to 0.

As i understand the walled uses elyptic curve algorithms starting from a set of "pseudorandom data" the most random of them is, mouse, certain computer stats and time.

Could it be possible that someone creates a program that generates millions of address and verify's them against the blockchain. ?
 I think this already happens (mainly with brain wallets and using a dictionary attack but also deep space vagabond program), so far no reports of stolen bitcoins,
but it in theory could happen.

in the future there will be asics for alt-coins , maybe one of them is proved to be safe agains this kind of attack. then btc will just upgrade to it.



feel free to try for bitcoin riches:
https://bitcointalksearch.org/topic/2256-deep-space-vagabond-107172
newbie
Activity: 33
Merit: 0
have at it!

You can download electrum then create many wallets with random 128 bit numbers.

These are potentially real wallets, spaced on average 4 billion addresses apart in the space of all possible wallets.

So start churning away starting at 0, and generating these wallets, if you find one with a balance, it is yours! quick spend it before the owner does.

Who knows you might strike one of the Satoshi wallets.

Unfortunately if you checked a million of these electrum wallets a second, for one million years, you'd need another 1.07e19 other people on your team doing the same thing.

And then, you'd only have checked a 4 billionth of all available wallets, so it is highly likely that by the time you're done with this you'd have 2^128 empty wallets and a huge electricity bill, not to say 1.07e19 people (that is, 1 billion planets each with 10 billion people) asking you WTF dude.

(minor math errors only I hope and I am ignoring that a single electrum wallet creates a few addresses, not just one address).
sr. member
Activity: 1008
Merit: 250
What happens if someone was to generate an address with 1BTC in it?
member
Activity: 133
Merit: 26
I actually think this is the biggest flaw in bitcoin, and one of the few things that would crash the price to 0.

As i understand the walled uses elyptic curve algorithms starting from a set of "pseudorandom data" the most random of them is, mouse, certain computer stats and time.

Could it be possible that someone creates a program that generates millions of address and verify's them against the blockchain. ?
 I think this already happens (mainly with brain wallets and using a dictionary attack but also deep space vagabond program), so far no reports of stolen bitcoins,
but it in theory could happen.

in the future there will be asics for alt-coins , maybe one of them is proved to be safe agains this kind of attack. then btc will just upgrade to it.


newbie
Activity: 19
Merit: 0
This is a variation of "The Birthday Problem," which goes like, What are the odds of having two people with the same birthday in a group of 'n' people? (With 23 people it's 50%.)  Except instead of 365 days to be matched, we have a 34 character string with 62 choices for each (I think, 26 lower case, 26 caps and ten digits.) That's 34^(62) = 8.9*10^(94), and instead of 'n' people we have probably several hundred million wallets.

There's a chart at http://en.wikipedia.org/wiki/Birthday_problem#Probability_table which shows the odds for a 32 character string, which is close.  Odds of a dupe are only slightly higher than 34 characters.

Number of WalletsNumber in EnglishOdds of Duplication
22,000,000,000,000,000,00022 Quintillion50%
   830,000,000,000,000,000830 Quadrillion0.1%
     26,000,000,000,000,00026 Quadrillion.0001%
                26,000,000,00026 Billion.0000000000000001%
                  7,000,000,000Population of the Earth

So every human would need three or more wallets for a probability of 10 ^(-18).

But unlikely things do happen and spreading your risk is still a good idea.  Because this probably isn't the only risk out there.

msc
sr. member
Activity: 284
Merit: 250
Each wallet.day file contains many addresses and private keys, so you could mitigate this risk if you just spread your bitcoins across several addresses within your one wallet.dat file. Am I correct?
Yes.  A seed also can lead to many addresses, and I think a brain wallet is a seed.
sr. member
Activity: 266
Merit: 250
If addresses are actually generated using a truly random source, the probability of hitting an address already in use is orders of magnitude smaller than the risk of life on earth being eradicated by an asteroid impact. You can safely ignore that risk.
Yes, but even so, you can mitigate the risk by spreading your wealth across multiple addresses.


yeah, but for me at least, that creates a burden of having to remember multiple seeds/brain wallets, and having to store multiple wallet.dat or private keys, in addition to long passwords that you'd create.

Each wallet.day file contains many addresses and private keys, so you could mitigate this risk if you just spread your bitcoins across several addresses within your one wallet.dat file. Am I correct?
sr. member
Activity: 434
Merit: 250
If addresses are actually generated using a truly random source, the probability of hitting an address already in use is orders of magnitude smaller than the risk of life on earth being eradicated by an asteroid impact. You can safely ignore that risk.
Yes, but even so, you can mitigate the risk by spreading your wealth across multiple addresses.


yeah, but for me at least, that creates a burden of having to remember multiple seeds/brain wallets, and having to store multiple wallet.dat or private keys, in addition to long passwords that you'd create.
msc
sr. member
Activity: 284
Merit: 250
If addresses are actually generated using a truly random source, the probability of hitting an address already in use is orders of magnitude smaller than the risk of life on earth being eradicated by an asteroid impact. You can safely ignore that risk.
Yes, but even so, you can mitigate the risk by spreading your wealth across multiple addresses.
member
Activity: 98
Merit: 10
Interesting indeed. But this chance is so small that you can easily ignore it as already said.
Pages:
Jump to: