I am afraid of private key collision... What is the solution?

3

1

I know that there are a massive number of keys, but lets say that someone generate a private key that belongs to me. I know that is nearly impossible. But I want to make that more and more impossible.

Is the Multisig Addresses is the best solution? Because even if someone generates a private key belongs to me, he needs another private key to get my money.

Is that the best solutuon?

Sh Sh

Posted 2016-10-27T16:33:43.200

Reputation: 366

1What if three asteroids hit the Earth at the same time? It's comically absurd to argue that the risks are worth worrying about but merely making it twice as hard makes the risks less worrisome. "Someone might crack your key in a billion years." "Not acceptable." "Okay, two billion." "Perfect." Seriously?David Schwartz 2016-10-27T16:55:49.660

The problem is that cryptography uses such big numbers, that even the term "astronomical" doesn't quite convey the sheer scale of it. If you sit down and do the math, you'll realize that these odds are orders of magnitude smaller than the odds of the earth being destroyed by the time you read this. You can risk it.Jestin 2016-10-27T18:37:45.470

2The solution, in short, is "continue studying the size of the numbers involved, until you are no longer afraid".Nate Eldredge 2016-10-27T23:01:16.230

Or take medication to make the anxiety go away. :)David Schwartz 2016-10-31T18:27:25.893

Answers

3

Bitcoin addresses are 160 bits in length. That means there is an extremely large number of possible addresses. From the Bitcoin wiki:

Generating tons of addresses

Generating an address doesn't touch the network at all. You'd only be wasting your CPU resources and disk space.

Also, a collision is highly unlikely.

Keys are 256 bit in length and are hashed in a 160 bit address.(2^160th power) Divide it by the world population and you have about 215,000,000,000,000,000,000,000,000,000,000,000,000 addresses per capita.(2.15 x 10^38)

In other words, don't worry. Even if someone deliberately targets your address for cracking, it would take them trillions of years. An accidental collision is even less likely.

Multisig isn't made to protect against private key cracking (which is impossible), but to allow the existence of addresses that must have the authorization of more than one device or person to spend from them.

Say, you have a 2-of-2 multisig address. One key is in your computer, and the other is in your smartphone. While an attacker won't ever crack even a single one of your keys, they could try infecting your device with a private key stealing trojan, or a keylogger to watch you type your wallet passphrase.

Now, it's much less likely that the attacker will successfully hack both your computer and your phone. So multisig does improve your funds' security, but not for the reason you mentioned.

maservant

Posted 2016-10-27T16:33:43.200

Reputation: 891

0

if you're nervous about that you can just be sure to use a good source of randomness, rolling a dice for instance.

many computers don't use good randomness sources and that shrinks the search space considerably

smatthewenglish

Posted 2016-10-27T16:33:43.200

Reputation: 1 063