[cryptography] Bitcoin observation

lodewijk andré de la porte lodewijkadlp at gmail.com
Fri Jul 8 06:13:12 EDT 2011


I'm aware of the basic functionality of private-public key encryption. Brute
forcing possible private keys should eventually result in a specific public
key (seeing as how there's a limited set of private keys). I think it might
be possible to have public keys that no private key maps to, I'm not sure
however and it would also be hard to prove experimentally seeing how the
universe of private keys is quite large.
Also note that this kind of brute force attack isn't going to be feasible in
the near future. (however in 2100 it's likely an easy trick they teach in
high school's equivalent.)

Lewis

2011/7/8 Nico Williams <nico at cryptonector.com>

> 2011/7/7 lodewijk andré de la porte <lodewijkadlp at gmail.com>:
> > I honestly don't see how. A transaction has an orgin, which is verified
> to
> > have the coins, and a destination, which is a public key that must have a
> > private key. AFAIK every public key has a computable private key
> > counterpart.
> > But please correct me.
>
> In some (most?) public key cryptosystems it's possible to prove that a
> valid public key has a corresponding private key (that is, there
> exists a valid private key for which the given public key *is* the
> public key).  That's used for public key validation.  It's not
> possible, however, to prove that the private key still exists.  Also,
> it's NOT possible to classically compute a private key from a public
> key -- when that is possible we say that the algorithm in question is
> broken :)
>
> Nico
> --
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110708/af195677/attachment.html>


More information about the cryptography mailing list