3

I know that there are a massive number of keys, but lets say that someone generate a private key that belongs to me. I know that is nearly impossible. But I want to make that more and more impossible.

Is the Multisig Addresses is the best solution? Because even if someone generates a private key belongs to me, he needs another private key to get my money.

Is that the best solutuon?

Sh Sh
  • 396
  • 1
  • 9
  • 1
    What if three asteroids hit the Earth at the same time? It's comically absurd to argue that the risks are worth worrying about but merely making it twice as hard makes the risks less worrisome. "Someone might crack your key in a billion years." "Not acceptable." "Okay, two billion." "Perfect." Seriously? – David Schwartz Oct 27 '16 at 16:55
  • The problem is that cryptography uses such big numbers, that even the term "astronomical" doesn't quite convey the sheer scale of it. If you sit down and do the math, you'll realize that these odds are orders of magnitude smaller than the odds of the earth being destroyed by the time you read this. You can risk it. – Jestin Oct 27 '16 at 18:37
  • 3
    The solution, in short, is "continue studying the size of the numbers involved, until you are no longer afraid". – Nate Eldredge Oct 27 '16 at 23:01
  • Or take medication to make the anxiety go away. :) – David Schwartz Oct 31 '16 at 18:27
  • 1
    Use Taproot. Because it doesn't use ripmed160, but rather only sha256, it adds another 96 bits to the 160 bits mentioned in [this answer](https://bitcoin.stackexchange.com/a/49272/4948). Overkill, but if it helps you sleep better, go for it :-) – Sjors Provoost Feb 13 '23 at 16:16

2 Answers2

4

Bitcoin addresses are 160 bits in length. That means there is an extremely large number of possible addresses. From the Bitcoin wiki:

Generating tons of addresses

Generating an address doesn't touch the network at all. You'd only be wasting your CPU resources and disk space.

Also, a collision is highly unlikely.

Keys are 256 bit in length and are hashed in a 160 bit address.(2^160th power) Divide it by the world population and you have about 215,000,000,000,000,000,000,000,000,000,000,000,000 addresses per capita.(2.15 x 10^38)

In other words, don't worry. Even if someone deliberately targets your address for cracking, it would take them trillions of years. An accidental collision is even less likely.

Multisig isn't made to protect against private key cracking (which is impossible), but to allow the existence of addresses that must have the authorization of more than one device or person to spend from them.

Say, you have a 2-of-2 multisig address. One key is in your computer, and the other is in your smartphone. While an attacker won't ever crack even a single one of your keys, they could try infecting your device with a private key stealing trojan, or a keylogger to watch you type your wallet passphrase.

Now, it's much less likely that the attacker will successfully hack both your computer and your phone. So multisig does improve your funds' security, but not for the reason you mentioned.

Community
  • 1
maservant
  • 1,011
  • 6
  • 8
0

if you're nervous about that you can just be sure to use a good source of randomness, rolling a dice for instance.

many computers don't use good randomness sources and that shrinks the search space considerably

smatthewenglish
  • 1,133
  • 10
  • 23