The randomness of vanitygen is secure enough?

1

If two people running vanitygen 1abcdefg What is the chance that both of the person will get the same public key & private key?

I hope that the answer is less than 0.0000001. But for this vanigygen need to use random algorithm (not simple while(true){ i++; test()}).

My question is: Usually when I create wallet, using http://bitaddress.org I need to Move your mouse around to add some extra randomness, but vanitgygen do not do this method.

By inspecting the code of vanitygen in GitHub I see that they use random functions. Can I trust it? Is it really random? How it can be secure? Is it use the machine time or what?

Aminadav Glickshtein

Posted 2016-07-27T08:10:48.507

Reputation: 250

1http://bitcoin.stackexchange.com/questions/46538/vanity-generator/46540#46540hartmut 2016-07-27T08:22:35.023

Answers

2

If two people running vanitygen 1abcdefg What is the chance that both of the person will get the same public key & private key?

If a billion supercomputers each tried a billion keys per second for a billion years, the odds of a key collision would still be less than one in a billion.

I hope that the answer is less than 0.0000001.

Yes, much less.

But for this vanigygen need to use random algorithm (not simple while(true){ i++; test()}).

It just needs a random starting place. You can increment from there if you want to. The number of possible starting places has 77 digits when expressed in decimal notation.

David Schwartz

Posted 2016-07-27T08:10:48.507

Reputation: 46 931

How computer can get genreate random starting place, that have 77 digits...? If it is just new Date().valueOf() it is not real randomAminadav Glickshtein 2016-07-27T13:01:01.183

@Aminadav: You may want to read about cryptographically secure pseudorandom number generators.

Nate Eldredge 2016-07-27T15:27:07.353

1@Aminadav This is a very well understood problem! Getting randomness right is hard and extremely important and the developers or crypto-currency software (at least, the competent ones) are very careful to get it right. Often sources of real physical randomness are used such as shot noise, microscopic zone temperature variations, and turbulent shear forces. (Real computers are not theoretically perfect machines, they meet the analog physical world in measurable ways.)David Schwartz 2016-07-27T16:12:55.180

That my question if I can trust this open source software vanitygen. How the choose a random problem? What is it based on?Aminadav Glickshtein 2016-07-27T18:09:13.143

@nate. I have read the wiki. It tally about security. It doesn't explain how machine computer can Behar the forest initial state random numberAminadav Glickshtein 2016-07-27T18:12:53.633

@Aminadav Vanitygen follows current best practices, including using the system's entropy pool on platforms that have one. The system's entropy pool mines physical randomness caused by things like jitter in the CPU clock signal caused by temperature variations in its quartz crystal. (Vanitygen didn't implement this themselves, that would have been foolish.)David Schwartz 2016-07-27T18:14:45.570

@Aminadav It also uses multiple sources of randomness and an algorithm that ensures the result is as at least as strong as its strongest input. So you can mix in system memory information, disk timing, and all kinds of other things without fear that using too many weak sources will produce a weak result.David Schwartz 2016-07-27T18:24:32.290

I have found that it is a real secret how those random number generators works. But some people reverse engineer this: https://en.wikipedia.org/wiki/CryptGenRandom#Method_of_operation

Aminadav Glickshtein 2016-07-27T20:15:29.027

Asked: 2016-07-27T08:10:48.507

Viewed: 414 times

Active: 2016-07-27T12:42:03.870