How secure is bitcoin?

Private key, public key, address

I. Wallet

The wallets in blockchain are different from those used in our daily life. The wallets we usually use are used to hold money. In blockchain, our assets are various tokens or tokens like BTC and eth. The wallets in blockchain are not used to hold these assets, but as key management tools. Some people may disagree here. I see all kinds of tokens in my wallet. How can I say that they are not used to hold money? I have to tell you first, your token is put in the secret key. Even if your wallet can't be used, as long as you know your secret key, you can continue to manage your assets in other places, and you can calculate the public key and the address indirectly according to the private key. When you create a wallet, a pair of public and private keys will be generated. After a certain algorithm, the public key will get your wallet address, which is the address used for the transaction when others give you money; and the private key is the digital signature of the transaction when the transaction is conducted, so as to prove that you have the output right of the transaction. Therefore, the address can be disclosed to anyone, and the private key can never be shown to others. Whoever owns the private key will have control over the wallet assets._DJMINER


II, address

In the process of digital currency transaction, as long as you know the other party's wallet address, you can transfer money to the other party. Everyone knows that a wallet address will be generated after the wallet is created, so how does this address come from? When the wallet is created, the private key and public key are generated by ECDSA. Based on the principle of elliptic encryption, the public key can be calculated from the private key, and then the wallet address can be obtained from the public key through the operation of digital signature and hash algorithm. Now it's clear that address is not equal to public key, or address is another form of public key. With this wallet address, you can use it to receive other people's money transfer.

III, Public key


The public key is generated by the private key through the elliptic curve encryption algorithm. After transformation, it is an array of 65 bytes, which is generally displayed through the hexadecimal processing. Early bitcoin developers didn't know how to compress the public key. After compression, the public key has 33 byte arrays. With a private key, you can work out the public key. The public key can not calculate the private key, so the digital cryptocurrency has a high security.

IV, private key

The private key is essentially a random number with 64 bits:
For example:6KYZdSDo39z3GDrtuX2QcowGnNP5zTd7yfr2SC1j239sBCnWjee。

The private key is randomly generated. The random number may be 256 times of 2. You can feel the number. It is almost impossible to traverse the possible private key one by one in a timely manner by "brute force cracking", even with the most advanced quantum computer.

The private key can only be generated by the wallet itself. When creating a wallet, enter the password and you can export the private key. Note: a wallet address has only one private key. Whoever owns the private key will have the control of these digital currencies. The private key cannot be forgotten. It must be backed up. Remember!_DJMINER

V. mnemonics

In the process of creating a wallet, a mnemonic will be generated, and we will make a backup. Mnemonic words are generally composed of 12 words, and two words are separated by a space. These words come from a fixed vocabulary, which is obtained by the private key according to a certain algorithm. Therefore, the conversion between private key and mnemonic words is intercommunication. Mnemonic words are actually another form of private key 。 It's better to write down mnemonics on paper. You can't save them with anything connected to the Internet, nor can you save photos. The mnemonic function is the same as the private key. If someone gets your mnemonic, it can be used to import the wallet, then enter the wallet and have the control of the wallet.

Vi. keystore

Keystore looks like a string in JSON format, which is usually stored as a file. The essence of keystore is the encrypted private key. Keystore must be used with your wallet password to be effective.

The following is an example of bank card transfer to illustrate the above concepts to help you better understand.



For example, the well-known Bao Erye in the currency circle now, because investing in digital currency is wealth freedom. One day, Bao Er ye saw that I was his loyal fan. He wanted to transfer money to me with a bank card. Bao Er ye had a VIP gold card, and I had a common card. We both had our own card number and password, and the password was only known by ourselves. Now I supply my card number (address) to Bao Er Ye. Bao Er Ye used his gold card, input my address, and transferred money to me. I Input my password, and I saw a transfer from baoerye on the ATM. In this process, the card number is the address; baoerye inputs my card number to transfer to me, which is to encrypt with my public key; baoerye inputs his own password and transfer amount, which is to digitally sign the transaction with his private key, indicating that he has control over that account, and in this way, he will also leave records on the blockchain, which can be checked later; I am on the ATM Enter your own password and check the receipt, that is, use your own private key to decrypt the details of the transaction; because I can see the address of Bao Erye, so I am equivalent to saying that the public key of Bao Erye decrypts the money from Bao Erye._DJMINER

Reverse derivation? No way!

Since "private key can deduce public key, public key can deduce address" and "password (private key)" must be input when using bitcoin in account, the hacker must and only need to get "private key" to steal bitcoin in your wallet.

In theory, hackers have two ways to steal your private key:

1. Through the address / public key, the private key is derived in reverse.

2. Try the private key one by one, that is, brute force cracking.

The first method is not feasible because the encryption algorithm used by bitcoin is "a little bit missing, a thousand miles away!". The input content, even a little change of things, encrypted output results and the previous output results are also very different, and these results have no rules to follow.

Therefore, this encryption algorithm is "one-way" and "irreversible", and hackers cannot deduce the input (private key) through the output (address / public key)._DJMINER

How hard is it to brutally crack the private key of bitcoin?

Since the first method is not feasible, what about the second? Before answering this question, let's see how the private key is generated.

Suppose you flip a coin, face up is 1, face up is 0, 256 times in a row, record the result of each toss, and then convert it to hexadecimal number, which is a bitcoin private key.

What? So simple? So headstrong?

Yes, bitcoin's private key is randomly generated by the program "toss 256 coins". Therefore, the essence of bitcoin private key is 256 bit binary number.

Every time you toss a coin, there are two sides, positive and negative, so you can toss 256 times, and a total of 2 x 2 x 2 x 2 2 x 2x 2, that is, 256 2 multiplication, that is, 256 power of 2. Therefore, the total number of bitcoin private keys, in theory, has "2 256 power".

Note: the actual value of the total number of private keys is slightly lower than the theoretical value above, because a small number of private keys are not available, but the impact on the total number is negligible.

What is the 256 power of 2? It is about equal to the 77th power of 10. How big is the "77th power of 10"?

If the earth we live in, the ocean, the rock and the underground magma are all filled with sand, the amount of sand in the whole earth is about "10 to 30 times". That is to say, a planet as big as the earth, which is made up of sand, needs to use "the 30th power of 10" grain of sand.

The 77 power of 10 is larger than the 30 power of 10 by the 37 power of 10. There are 37 zeros. In a set of bitcoin private keys that is 10 times more than the amount of sand on the earth, it is more difficult to crack the private key corresponding to an address one by one than to look for a needle in a haystack.

So even if hackers have supercomputers, they can't brutally crack bitcoin private keys.

That's why many people say that "bitcoin, for the first time, guarantees the inviolability of personal private property through technical means"._DJMINER

What if it's more powerful than a supercomputer?

Although no one can predict exactly how technology will develop in the future, if one day, human beings invent computers that are more powerful than supercomputers and quantum computers, isn't the private key of bitcoin unsafe?

Indeed, many people want to know whether quantum computers are a threat to the security of bitcoin, and if so, what measures bitcoin can take to deal with it.

Since this problem can not be explained clearly in three words, we will open a separate article later to discuss this problem. Please look forward to it.


epilogue

Of course, security concerns not only technical issues, but also the storage of private keys. If the private key is stolen by hackers due to improper storage of the private key, virus in the computer, loophole in the wallet software or backdoor, the security of bitcoin in the wallet will be impossible to talk about.

However, the private key is stolen due to his own mistakes. This pot can't let bitcoin carry it, can't it?_DJMINER