Even in the bear market of 2018, the bitcoin prices have fallen by about 85% from the peak, however, the bitcoin is still worth about US $3,000 in the market. Therefore, all the investors must be very concerned about the security of bitcoin.
So, is bitcoin safe? In other words, can hackers easily steal the bitcoin away from the wallet?
Private Key, Public Key, Address
Just like withdrawing money from banks or online account transfers, the password is always needed. To spend the bitcoin in the wallet also requires a password. This password is called a “private key.”
Compared to the “private key”, there is the “public key”, which is like your bank account(refer to: What Are Public Key, Private Key and Bitcoin Address?). Each bank account has its unique serial number, the bank card number. In the bitcoin network, this bank card number is known as the “address”. People can transfer bitcoin to you so long as they know your “bank card number” (i.e. address).
In the bank, the process of account opening usually includes “to open bank account – obtain bank card number – set bank card password – account opening done”. But in the world of blockchain, people need to set the “password” (private key), then open the “bank account” (public key) and finally obtain the “bank card number” (address).
If you pick up a piece of paper with bank card password only, even if the password is valid, you cannot withdraw the money out of relevant account.
But in the world of blockchain, once you know the “bank card password” (private key), you can obtain the information about the “bank account” (public key) and “bank card number” (address), then withdraw all the coins.
How come it happens?
In the blockchain, the public key was generated by private key through encryption, and the public key converts the format to generate the address. That is to say, the private key can derive the public key while the public key can derive the address.
Reverse derivation? No way!
Since “the private key can derive the public key while the public key can derive the address”, spending the bitcoin in the account requires the “password (private key)”, then the hacker must obtain your “private key” to steal the bitcoin from your wallet.
In theory, the hackers have two ways to steal your private key:
- To derive the private key reversely by means of address/public key.
- To try private key one by one, that is, violent cracking.
The first way is not feasible, because the encryption algorithm adopted by bitcoin has “very low tolerance rate”! If the input content has been changed a little, the result of the encrypted output will be greatly different without any rules to follow.
Therefore, this encryption algorithm is “one-way” and “irreversible”. The hackers cannot derive the input (private key) by means of the output (address/public key).
How difficult to violently crack the private key of bitcoin?
Since the first way is not feasible, what about the second one? Before answering this question, let’s have a look at how the private key is generated first.
Suppose you toss a coin, face up means 1 and the reverse side means 0. Toss 256 times continuously and record the result of each toss and then convert to a hexadecimal number, which becomes a private key of bitcoin.
That’s right, the private key of bitcoin is randomly generated by the program of “tossing coin 256 times”. Therefore, the essence of private key is a 256-bit binary number.
Every coin tossing, there is equal probability of both sides, so when you toss 256 times, there will be “2 x 2 x2 x 2…2 x 2×2”, that is, “2256” results. Therefore, the total number of private keys of bitcoin is “2256” theoretically. (Note: The actual total number of private keys is slightly lower than the theoretical value, because a small number of private keys are not useable, but the impact on the total number is very little.)
What is the value of “2256“? It is equal to “1077“. Then, how large is “1077”?
If all the oceans, the rocks and the magma underground were filled with sand, the total amount of sand on the earth is probably “1030“. In other words, if a planet as large as the Earth is made up of sands, about “1030” grains of sand would be used.
“1077” is more than “1037” larger than “1030”, a total of 37 zeros. In a group of bitcoin private keys which are more than 1037 larger than the total number of sands on Earth, it’s completely incredible to try one by one and crack one private key corresponding to an address.
Therefore, even if a hacker has a supercomputer, it is impossible to violently crack the private key of bitcoin.
Therefore, many people claim that “bitcoin adopts the technical method for the first time to ensures that the private property is sacred and inviolable”.
What if it’s more powerful than supercomputer?
Although nobody can predict the future of science and technology, if humans invent the computer more powerful than supercomputer and quantum computer one day, does it mean the private key of bitcoin is no longer safe?
Indeed, many people want to know whether quantum computer will pose a threat to the security of bitcoin. If yes, what countermeasures can bitcoin adopt?
Since this question is hard to be explained with a few words, we will issue a separate article for detailed explanation some time later.
Of course, the security involves not only technical issues, but also the preservation of private keys. If the private key is not properly stored, or if the computer is infected with virus, or if the wallet software has the bug or a backdoor, the private key may be stolen by the hacker. Then, the security of bitcoin in the wallet will be meaningless.
Therefore, if the private key is stolen due to the mistake of coin holder, it really has nothing to do with the bitcoin, hasn’t it?
So, if someone questions the security of bitcoin with the theft incident, how would you answer?