Topic: Why are private keys safe? - page 3. (Read 5022 times)

On which software/operating system did you generate your private key?

It is much more likely there was a weakness in how your key was generated, rather than a true random collision.

It sounds more like you stole his private key than the other way around.

Current world population is approximately 7.152 X 10⁹

Average global population growth rate is 1.14%

If I've got the math correct, that means that in 189 years, there will be approximately 6.1 X 10¹⁰ people on earth.

If address use were to continue increasing X10 every 3 years, that means that 9.99 X 10²³ addresses would have to be generated in the final 3 years of this calculation.  That's 1.63 X 10¹³ addresses per person for every man, woman, and child on the face of the earth.

172,132 addresses per second per human being every second continuously for three years straight.

That's assuming I've got my math correct and assuming that your calculation that 10^24 addresses results in a 50% chance of address collision.


Of course, since there are only 2.1 X 10¹⁵ discrete units of currency, the odds of either of those 2 addresses actually having anything in them at all are also exceedingly small.

Ahh yes, so that's about 189 years before we can expect a collision.  Of course I'm making a big assumption about the rate of address creation, so that number will probably be very different.  Good points about the other hurdles to such a huge number of addresses.

Totally agree. Private key is important.

Yes, if something like the Android RNG bug was used (e.g. if blockchain.info generated this and they have/had a RNG bug) then something similar could occur.  I am not sure if that portion of blockchain.info is on github yet.  Of course it could be something else, but if the private key wasn't compromised somehow, it could be a RNG bug.

Nay, if such computer or device exists for that reason (which do, check for websites that gives you addresses that have words of your choice to be in front of the address) they'll just be generating new wallets

Address 17G7VMdNvAMc6fyvB1C2PxtVVvWgsJ9Mp7 was in the signature lines of user "jongameson" at one time, too.

Suspicious - looks like the address was somehow not generated in a truly random way.

Onkel Paul

I see, but I was directly answering op's question, which was about private keys 

As another poster has already noted, searching for the private key to a given address is different from encountering a collision between two random addresses which is much more likely due to the birthday paradox. However, the probability that such a collision happens, is being noticed, and leads to undesired transfer of bitcoins is extremely small.

Onkel Paul

Yeah it might be it, was on mobile so couldn't visualize images when I wrote before, sorry for repeating

I believe you're referring to the image posted at the beginning of this thread.

I don't know if I'm off topic, but I read somewhere (can't remember the article) that approximately the number of possible private keys is similar to the numer of atoms in the universe, and running a computer capable of cracking a private key would require the energy produced by a star...obviously there is always luck, but seems unlikely

There's an elephant in the room and it's in a state of superposition.

You mean 3*63 years.  If there were to be 1e24 addresses in use there would be a much bigger problem:  blockchain storage, transaction volume, and the aliens who have come and generated 1e16 address each.

This problem is a generalization of the birthday problem.

What is the chance that you and I were born on the same day of the year??  1 in 365.  Seems small, yet if you have 23 people in a room there is a 50% chance that two of them will share a birthday.

If we extend this to larger numbers, there is a 50% chance of a collision occurring when the sqrt root (roughly) of the space is filled.  Since we care about addresses, rather than private keys, the space is 2^160.  So when 2^80 addresses have been used we can expect a collision, or when roughly 10^24 addresses have been made.

According to this thread: https://bitcointalk.org/index.php?topic=441336.0;all

The current rate of address increases is x10 every three years, and we're at about 10^7

which means that 63 years from now there is a 50% chance that a collision will have happened.  The rate of collision will continue to creep up after that.

Half a dozen collisions in the 21st century does not mean that bitcoin has suddenly become insecure.  It just means that - worst case scenario - half a dozen addresses are compromised.  Right now more than 90% of addresses in the blockchain are empty, and this percentage is almost certain to increase.  So if you create a colliding address you probably won't get any free money.

What about the person who had the address before?  You fund the address and now it shows up in his wallet... or does it?  I imagine that the wallet software of the future won't check the balance of addresses that have been emptied.  The old owner might never know that you are now using an address that he has a key to.

At some point the rate of collisions will climb to unacceptable levels.  That's more than a century away, probably several centuries.  People will have time to come up with solutions.

Actually, they do, but it is encrypted.  If you happen to choose a very weak password, and someone gains access to the encrypted private key from blockchain.info, they could brute-force the decryption.

Since Blockchain.info does not have your private key, that makes it somewhat less likely that your private key was stolen from Blockchain.info. 
It would be truly amazing if they could.

Key logger? Virus? Trojan? Another user on your PC? Zero day vulnerability? You have eliminated all of these, and must therefore lose confidence in the technology of private key encryption? 

Can you just post both public keys here, instead of spreading rumours?

But let me guess...

i always thought blockchain.info stored wallet data as a hash of your identifier/password.

and that password is not saved on any blockchain.info database

the only way to get into you wallet is using your identifier to locate which hashed wallet belongs to you.. and then using the password to unhash the wallet..

so if a hacker got in.. he "should" only see identifiers and hashed wallets. still requiring him to then use password cracking tools to crack wallets open.

also needing 2 factor authentication.

if i was blockchain info and they didnt have this. then i would hope to change their user database have 2 columns.
1. identifier
2. hashed wallet(of all imported privkeys)
and have 2 factor authentication enabled as default

then the only way a hacker would get to coins is through using key loggers in some of those dodgy altcoins (i know it may be a coincidence due to popularity, but most thefts, people admit to having a DOGEcoin client) roslinpl, did you have DOGEcoin client software?