_ Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top up vote 0 down vote favorite This question already has an answer here: Is it possible to brute force bitcoin address creation in order to steal money?Would one of the better methods to crack Bitcoin be to start creating a massive database of key pairs?It would then be possible to reference the Private key required off the public key from the DB.encryption marked as duplicate by Murch, Stéphane Gimenez, dchapes, Salvador Dali, cdecker This question has been asked before and already has an answer.If those answers do not fully address your question, please ask a new question.up vote 4 down vote It will take significant resources (probably more electricity than can be generated by all fossil fuels on Earth) and time (orders of magnitude greater than the age of the universe) to generate a complete Bitcoin address "rainbow table".

See these answers for more details.up vote 1 down vote You would hit the heat death of the universe before you came anywhere close to generating even a single already used key pair.If you don't understand the math in the key pair generation you should take that as an indicator of the uncertain ground on which you tread.Browse other questions tagged encryption or ask your own question.A simple utility for creating high entropy bitcoin private keys.Only generate keys on an offline computer.At the most basic level, run an Ubuntu LiveUSB (instructions).A more advanced user should use an airgapped machine.Follow Mircea Popescu's "How to airgap.A $ at the beginning of a command means you enter it in the terminal.Do not actually type the $.Entropic allows you to create deterministic keys based on your back up phrase.Use the -n or --numaddrs option to specify how many keys to make.For example: $ python main.py 351456135165132154654651324654321324646312654651321654632165 -n 3 This would produce 3 private keys based on the following phrases: In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes a password or passphrase.

The primary function of salts is to defend against dictionary attacks versus a list of password hashes and against pre-computed rainbow table attacks.Since a sufficiently strong diceware passphrase inherently protects the user from dictionary attacks, a salt is unnecessary for these purposes.However, a salt can be useful for adding other security protections.By adding a easy to remember salt to a diceware wallet, a user can protect his bitcoins even in the case of the passphrase being revealed to another person, because the keys will not be accessible without also adding the salt.When a salt is used, the key is generated by producing a SHA-256 hash of the passphrase concatenated with the salt: sha(passphrase + salt) A salt can be added using the -s or --s flag.Using the above example, the user might decide to use an email address as a salt: $ This would produce 3 private keys based on the following phrases: An attacker would need to access the original phrase and the salt, which the user might choose to write down somewhere else or just remember.

If you decide to use a salt, choose something that is simple and easy to remember, especially if you choose to not write it down.When using the -s flag, quotation marks are optional, unless your salt includes a space.If you wish to use a quotation mark in the salt, use an escape character: \" or \'._ Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top up vote 2 down vote favorite I understand that the public key is kept hidden until a bitcoin transaction is made, at which point the public key has to be revealed to prove that you created the transaction with your private key.bitcoin based kickstarterUntil then, only a hash of your public key is ever shared, know as your bitcoin address.diy bitcoin mining machine

Once my public key is known, would it be possible for someone to lookup my private key in a rainbow table ?security private-key public-key up vote 6 down vote No.A rainbow table is simply a memory-cpu tradeoff that allows you to find preimages of a function faster by having a precomputed table with some of the entries.In order to construct a rainbow table for bitcoin private/public keys, you still have to first iterate through all the keys at least once.twitter litecoin priceIt doesn't matter that only part of the keypairs will end up in your rainbow table - you still have to go through all them.bitcoin cold storage walletThat is an impossible task.bitcoin a peso chilenoThere are 115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336 valid private keys to go through.ethereum rally

To put that in perspective: if you would put a computer on every square micrometer of earth (1/1600th of the cross section of a human hair) that can compute as many public keys per second as the entire Bitcoin mining network does hashes per second at the time of writing (4 exahash/s), it would take you 120000 times the age of the universe to go through all keys.And, even if somehow you had an oracle that could give you the rainbow table, it would need to be impossibly large to make cracking private keys practical.bitcoin buy uaeIf your table had a trillion entries, it would only make cracking a trillion times faster.bitcoin mining pluginThat's still utterly impossible.bitcoin market cap comparisonup vote 1 down vote Thanks for the large bitcoin collider (LBC) link.

Had a long look at it but it's way over my head.Seems they are finding private keys regularly that fit active accounts with some BTC on them.That's an an alarming sight.Especially since this is still running on a tiny scale.Then I came across this excellent post: /r/btc/comments/65mjm3/bitcoin_wallets_under_siege_from_collider_attack/dgbudsk/ As to why the LBC seems to have already found private keys to active accounts, he answered: The wallets they've attacked so far are not generic random-private-key bitcoin wallets as the usual ones, but they've been specifically crafted to be broken.They belong mostly to the puzzle transaction which contains many "easy" private keys.What does that mean?I'm not entirely sure these are all talking about the same approach/problem, but I think it's similar in the end: How hard is it to find a private key to a specific active bitcoin address or any of the active bitcoin addresses?I hope dyoniziz from reddit is correct.up vote down vote indeed that would theoretically be possible.

such a table luckily is very large.for more read e.g.on the large bitcoin collider.if an active address means that is spends money, then the pubkey is revealed which makes it easier to attack.as long as an address only received money it is protected better by the 2nd hashing layer.lbc can be ignored but they walk systematically through the keyspace from small difficulty to large by entropy.easy to find keys are just a bait to have more people involved.@Pieter: of course weak RNG is a problem, but that was not in question; we better get some open hardware standards for TRNG.interestingly people vote this down.we have to face it: there are problems with the implementation of bitcoin apart from just scalability.the hashing was not well thought through and the ecc algo (Secp256k1: T=(p,a,b,G,n,h); a=0, b=7 … h=1.see slide by ruedi) got the parameter a nulled without any good reason (performace is not a good argument at all in means of crypto).cryptography does not honor weaknesses, small they may be.