5
Since a vanity address discards many "valid" keys in order to find one that matches a pre-determined string, I think that the "randomness" of the data would be reduced, thus weakening the key.
Is there any cryptographic proof that indicates how this is / is not a factor in reducing the security of a given address & private key combination?
... or at the very least calculate the degree of "lost randomness"?
So a malicious attacker that write a program for you to run offline that seems secure but deliberately generates 'vanity' addresses in this way. – AndyM – 2017-02-21T11:35:50.480
5It is possible to generate vanity keys in a way that destroys their security. For example, if you searched through the private key space starting with zero and adding one until you found the first private key that gave the desired vanity address, an attacker could replicate that process to find your private key. However, barring boneheaded idiocy like that, an attacker still has the very same problem to solve and it should be precisely as hard. (There is a formal proof that choosing a private key such that its public key falls a group doesn't affect the security properties.) – David Schwartz – 2013-01-07T11:52:38.920