See More CryptosHome

ECC

Etherconnect

Show Trading View Graph

Mentions (24Hr)

0

0.00% Today

Reddit Posts

r/BitcoinSee Post

Are P2WSH addresses the most quantum-secure addresses?

r/BitcoinSee Post

Let's have one last discussion about quantum computers.

r/CryptoCurrencySee Post

Brave brings privacy to Web3 with ECC and Filecoin partnership

r/BitcoinSee Post

How is ECC used in Bitcoin?

r/CryptoCurrencySee Post

Hacker Steals 24M from rETH Whale [NEW INFORMATION]

r/BitcoinSee Post

Should I share possible "new " math methods regarding online cryptography?

r/BitcoinSee Post

Clues?

r/CryptoCurrencySee Post

Can quantum computing trivialize cryptocurrency?

r/BitcoinSee Post

Question: need help for book I am writing

r/BitcoinSee Post

比特币能被量子计算机破解吗?

r/CryptoMarketsSee Post

Zcash, the popular privacy-focused Blockchain, released a new version of its full node software on Thursday, according to a post by its creator Electronic Coin Company (ECC). The software version 5.5.0 introduces several bug fixes, a proportional fee mechanism, and lays the groundwork for ...

r/SatoshiStreetBetsSee Post

Empire Capital & Roundable App

r/CryptoMoonShotsSee Post

Empire Capital / Roundable App

r/BitcoinSee Post

Maximalism in the computer era versus bitcoin maximalism. Any parallel possible?

r/CryptoCurrencySee Post

Maximalism in the computer era versus bitcoin maximalism. Any parallel possible?

r/BitcoinSee Post

Difference between ECC and ECDSA

r/CryptoCurrencySee Post

Pulsechain Airdrop - Scam or not?

r/CryptoCurrencySee Post

Zcash to Proof of Stake? Approach, focus, and next steps - Electric Coin Company [ECC]

r/CryptoCurrencySee Post

$4M Size ECC Launching Real-World Crypto Round-up app in the Next Few Months

r/BitcoinSee Post

Encryptogeddon is coming for us all!!!

r/CryptoCurrencySee Post

Bitcoin Advanced System Recovery 2022

r/CryptoMoonShotsSee Post

Fox Inu / Stealth Launched 1h ago — The next 1000X Altcoin — Real Project with solid fundamentals and experienced team - Community Growing so fast!

r/CryptoMoonShotsSee Post

Fox Inu $FInu Just Launched 30min ago!!! Airdrop: 50$ worth of token when we reach 50 members in our official telegram group !

r/CryptoMoonShotsSee Post

Fox Inu $FInu Just Stealth Launched!!! | MemeUtility Token on the BSC Network! LP Locked, New opportunity for a Fox Parabolic Moon shot !

r/CryptoMoonShotsSee Post

Saint Valentine | Stealth Launched!!|Locked Link Provided!|Simply hold Saint Valentine and get paid 10%!|Enter telegram and get in early! | | Auto staking rewards | Voice chat before launch | Amazing Team| Don't Miss This Gem!!|

r/CryptoCurrencySee Post

Understanding ECC, the technology behind Litecoin's new privacy update: Minblewimble

r/CryptoCurrencySee Post

Taking a look at Elliptic Curve Cryptography (ECC), the encryption process behind Litecoin's newfound privacy fortune

r/CryptoMoonShotsSee Post

♑️Paragon Capital💎Micro MC 💎 Your Next Moonshot♑️

r/CryptoMoonShotsSee Post

Empire Capital Token (ECC) – Defi 3.0 Layer of Yield Generating Protocols | True 1% Burn on Every Transaction | Incorporated Investment Firm | Hold ECC and Gain Exposure to Yield on All Chains

r/CryptoMarketsSee Post

$ECC Empire Capital Token Hits #1 Today On CMC

r/CryptoCurrencySee Post

$ECC - Empire Capital Token - This is where my money is going! #1 on CMC today!

r/BitcoinSee Post

CHARITY

r/CryptoMoonShotsSee Post

EmpireCapital (ECC) Fair Launched Yesterday - Low Market Cap - Strong Utility - Based Dev Team - Earn Yield By Holding

r/CryptoCurrencySee Post

Confusion on Public Key Cryptography and digital signatures

r/CryptoMoonShotsSee Post

Reward Switch Everyday♻️ Dev Doxxed ✅ Low MC Gem💎

r/CryptoCurrencySee Post

100 Crypto Quotes - The Good, the Bold and the Ugly

r/CryptoMoonShotsSee Post

Reward Switching Everyday $RSE 🔥| Doxxed dev Video and VC ✅ | 1 Day old Gem 💎 | ADA rewards for Today | Low Cap < 50 K Potential 1 M cap 🚀

r/CryptoMoonShotsSee Post

Doxxed dev 🔥 | Reward Switching Everyday | ADA rewards now ⚠️ | stealth launched today 💎

r/CryptoMoonShotsSee Post

SafeMoonCake is the original next-gen token that rewards you with CAKE airdrops! Only 40k mc!

r/CryptoMoonShotsSee Post

🐱Cake Kitty 🍰 Fair Launched 30 Minutes Ago! Active Community with Low mcap! Earn Cake Rewards just by holding | 1000X Potential!

r/CryptoMoonShotsSee Post

🐱Cake Kitty 🍰 Fair Launched Right Now! Earn Cake Rewards just by holding | 1000X Potential!

r/CryptoMoonShotsSee Post

🐱Cake Kitty 🍰 Fair Launching in just 10 Minutes! Earn Cake Rewards just by holding | 1000X Potential!

r/CryptoMoonShotsSee Post

🐱Cake Kitty 🍰 Fair Launching in only 30 Minutes! Earn Cake Rewards | 1000X Potential!

r/CryptoMoonShotsSee Post

🐱Cake Kitty 🍰 Fair Launch in 1 Hour! Earn Cake Rewards | 1000X Potential!

r/CryptoMoonShotsSee Post

🐱BabyKittyCake 🍰 just Fair Launched!! Earn Cake Rewards when you hold BabyKittyCake | 1000X Potential!

r/CryptoMoonShotsSee Post

🐱 BabyKittyCake just Fair Launched! ! 🍩 Earn Cake Rewards when you hold BabyKittyCake | 1000X Potential! 🚀

r/CryptoMoonShotsSee Post

🍰 CAKE LOVER | 8% Cake Rewards to Holders | Stealthed Launch | SAFU 🍰

r/CryptoMoonShotsSee Post

🥞CakeLover🥞 This Big Daddy just Did a Stealthed - only at 6k Mcap!! Huge Cake rewards!! 100x from here, Join TG: CakeLoverBSC

r/CryptoMoonShotsSee Post

🥞CakeLover🥞 Just stealth launch with low 5k mcap ,cake rewards! SAFU ownership renounced [ tg:Cakeloverbsc ]

r/CryptoMoonShotsSee Post

🥞CakeLover🥞 Is a Heaven for all the cake lovers , join us and get cake rewards! Based dev, safu project [ tg:Cakeloverbsc ]

r/CryptoMoonShotsSee Post

HoneyMoney ! Gains are sweet as Honey 🎂 Stealth Launched just now, marketing push soon

r/CryptoMoonShotsSee Post

FriendOfCake - Stealth launch - Automatic $CAKE reward - LP Locked 100%

r/CryptoMoonShotsSee Post

🍰 UltraCakePrint 🍰 - Stealth Launch - Nano Mcap Gem - LP Locked - Renouced - CAKE reward

r/CryptoCurrencySee Post

Hurry up buy $50 Ecc token and earn free 20:1 eyfi token

r/CryptoMoonShotsSee Post

🚀CornDog 💎Just fair launched with ONLY $500 Market Cap 🤑

r/CryptoMoonShotsSee Post

🦄AstroUnicorn Token - deflationary meme token, not even one hour old, $2k market cap, locked liquidity!

r/CryptoMoonShotsSee Post

🚀 ShibaMoo n 🚀 is now launching! [1 Minute Old] [8k$ market cap]

r/CryptoMoonShotsSee Post

🚀 ShibaMoo n just launched! 8k market cap!

r/CryptoMoonShotsSee Post

🚀 ShibaMoo n just launched! 8k market cap!

r/CryptoMoonShotsSee Post

🚀 ShibaMoo n just launched! 8k market cap!

r/CryptoMoonShotsSee Post

🚀 ShibaMoo n 🚀 is now launching! [1 Minute Old] [3k$ market cap]

r/CryptoMoonShotsSee Post

🚀 ShibaMoo n 🚀 is now launching! [1 Minute Old] [3k$ market cap]

r/CryptoMoonShotsSee Post

🚀 ShibaMoo n 🚀 is now launching! [1 Minute Old] [3k$ market cap]

r/CryptoMoonShotsSee Post

🚀 ShibaMoon 🚀 is now launching! [1 Minute Old] [3k$ market cap]

r/CryptoCurrencySee Post

VENUSIA - Official NFTs Model Content Platform

r/CryptoMoonShotsSee Post

🐱 KITTEN Finance DeFi Platform is Skyrocketing 🚀 Get in while its still early 🔥

r/CryptoMoonShotsSee Post

🧼SoapFarm🧼BSC ULTRA-Aggregator Project🧼$SOAP🧼

r/CryptoMoonShotsSee Post

🧼SoapFarm🧼BSC ULTRA-Aggregator Project🧼$SOAP🧼

r/CryptoMoonShotsSee Post

🧼SoapFarm🧼BSC ULTRA-Aggregator Project🧼$SOAP🧼

r/CryptoMoonShotsSee Post

🧼SoapFarm🧼BSC ULTRA-Aggregator Project🧼$SOAP🧼

r/CryptoMoonShotsSee Post

🧼SoapFarm🧼BSC ULTRA-Aggregator Project🧼$SOAP🧼

r/CryptoCurrencySee Post

Founders of Tezos and ethereum join ECC

r/BitcoinSee Post

I coded a Java application to generate bitcoin addresses, sign transactions and brute force private keys. Is it worth anything?

Mentions

Very interesting history. Thanks for pointing out ECC along with RSA.

Mentions:#ECC

You act very confidently and aggressive, dare I say. Yet all this posturing rests on that tiny "if" the current paradigm is s broken. Small thing. Reversing the hash, as you put it, is the real problem. QC cannot do that, it "only" breaks ECC. But IF that paradigm is broken, your pads are useless because I'm going to drain your bank account directly through online banking. And then some more, since the SHA that wraps a Bitcoin public key is the same used all over. So IF the current paradigm is broken, unless you have gold only and bullets aplenty, you're just as much of a bag holder. Also, Bitcoin's public keys are hashed twice, just in case. And for the love of everything cryptographic, stop throwing vaguely related issues like P and NP out there. Won't even impress armchair cryptographers.

Mentions:#ECC#SHA

There are a few quantum resistant encryption schemes on the way: # 1. Lattice-Based Cryptography: * **How it works**: Lattice-based cryptography uses the hardness of certain mathematical problems related to lattices (geometric structures in multi-dimensional spaces). The security of lattice-based schemes relies on finding short vectors in high-dimensional lattices, which is believed to be difficult for both classical and quantum computers. * **Quantum resistance**: Quantum computers are not expected to have a significant advantage in solving lattice problems due to their design. They would need exponentially more qubits (quantum bits) and operations to break lattice-based cryptography compared to classical computers. This makes lattice-based schemes a strong candidate for post-quantum security. # 2. Code-Based Cryptography: * **How it works**: Code-based cryptography uses error-correcting codes where encoding and decoding messages involve solving specific mathematical problems, such as the syndrome decoding problem. These problems are computationally hard and believed to resist attacks from quantum computers. * **Quantum resistance**: Quantum computers are not known to efficiently solve problems related to error-correcting codes used in code-based cryptography. The algorithms used in this approach are designed to be resistant to quantum attacks by leveraging the complexity of decoding techniques. # 3. Hash-Based Cryptography: * **How it works**: Hash-based cryptography relies on hash functions, which are mathematical algorithms that convert input data into a fixed-size string of bits (the hash value). It uses properties such as collision resistance, where it's hard to find two different inputs that produce the same hash value. * **Quantum resistance**: Quantum computers can theoretically perform faster searches for collisions or pre-images (finding an input that matches a given hash value). However, cryptographic hash functions like SHA-256 are designed with sufficiently large output sizes and complex structures that make finding collisions infeasible, even for quantum computers. # 4. Multivariate Cryptography: * **How it works**: Multivariate cryptography uses systems of multivariate polynomial equations for encryption. Solving these equations to break the encryption requires finding solutions in a large space of possible inputs, which is computationally intensive. * **Quantum resistance**: Quantum computers face challenges in efficiently solving systems of multivariate polynomial equations due to the complexity of operations involved. The security of multivariate schemes relies on the difficulty of solving these equations, which current quantum algorithms are not expected to significantly expedite. # Summary: * **Common theme**: All these quantum-resistant cryptographic approaches rely on leveraging mathematical problems that are believed to be hard for quantum computers to solve efficiently. * **Quantum advantage**: Quantum computers do not provide a substantial advantage in breaking these types of encryption compared to classical computers, ensuring robust security even in the future quantum computing era. * **Development**: Ongoing research and standardization efforts aim to further develop and refine these cryptographic techniques to enhance their efficiency and applicability in securing digital communications and data against potential quantum threats. The real threat from quantum computing is to RSA encryption and ECC. AES-256 will still be fine so long as the password has enough entropy, such as above 100.

Mentions:#SHA#ECC#AES

No it can't, not simply. This is a massive undertaking that will be a minimum of 5 years assuming the core devs can even come to consensus on which algorithm to use There's a real chance we have a sufficiently capable quantum computer by then (IBM says they should have one by early 2030s) running Shor's algorithm which can crack ECC - what BTC, ETH, and all other cryptos are using for their signature scheme. The only projects that have even mentioned it are ETH and ALGO but are still using ECC. Vitalik even said in his blog post that ETH will wait for a quantum attack to occur, then perform a rollback which will damage the immutability of the chain. https://ethresear.ch/t/how-to-hard-fork-to-save-most-users-funds-in-a-quantum-emergency/18901 QRL is leading the small subset of coins actively addressing this problem of being quantum secure from genesis. Bitcoin cannot simply fork to solve the problem

Sure. I suppose that would break all encryption, including blockchain security. I consider quantum computing breaking ECC (using supercomputers) to be a gray swan event that could occur in 100 years, but solving the Riemann Hypothesis seems near-impossible.

Mentions:#ECC
r/CryptoCurrencySee Comment

No bud. Just no. Below are the Network & Hardware reqs for a rpc node. Source: https://docs.solanalabs.com/de/operations/requirements Networking: Internet service should be at least 1GBbit/s symmetric, commercial. 10GBit/s preferred. Hardware Recommendations The hardware recommendations below are provided as a guide. Operators are encouraged to do their own performance testing. CPU 12 cores / 24 threads, or more 2.8GHz base clock speed, or faster SHA extensions instruction support AMD Gen 3 or newer Intel Ice Lake or newer AVX2 instruction support (to use official release binaries, self-compile otherwise) Support for AVX512f is helpful RAM 256GB or more Error Correction Code (ECC) memory is suggested Motherboard with 512GB capacity suggested Disk PCIe Gen3 x4 NVME SSD, or better Accounts: 500GB, or larger. High TBW (Total Bytes Written) Ledger: 1TB or larger. High TBW suggested OS: (Optional) 500GB, or larger. SATA OK The OS may be installed on the ledger disk, though testing has shown better performance with the ledger on its own disk Accounts and ledger can be stored on the same disk, however due to high IOPS, this is not recommended The Samsung 970 and 980 Pro series SSDs are popular with the validator community GPUs Not necessary at this time Operators in the validator community do no use GPUs currently RPC Node Recommendations The hardware recommendations above should be considered bare minimums if the validator is intended to be employed as an RPC node. To provide full functionality and improved reliability, the following adjustments should be made. CPU 16 cores / 32 threads, or more RAM 512 GB or more if account-index is used Disk Consider a larger ledger disk if longer transaction history is required Accounts and ledger should not be stored on the same disk

r/CryptoCurrencySee Comment

>RAM >256GB or more >Error Correction Code (ECC) memory is suggested >Motherboard with 512GB capacity suggested Okay Solana :D

Mentions:#RAM#ECC
r/CryptoCurrencySee Comment

Source: https://docs.solanalabs.com/de/operations/requirements Hardware Recommendations The hardware recommendations below are provided as a guide. Operators are encouraged to do their own performance testing. CPU 12 cores / 24 threads, or more 2.8GHz base clock speed, or faster SHA extensions instruction support AMD Gen 3 or newer Intel Ice Lake or newer AVX2 instruction support (to use official release binaries, self-compile otherwise) Support for AVX512f is helpful RAM 256GB or more Error Correction Code (ECC) memory is suggested Motherboard with 512GB capacity suggested Disk PCIe Gen3 x4 NVME SSD, or better Accounts: 500GB, or larger. High TBW (Total Bytes Written) Ledger: 1TB or larger. High TBW suggested OS: (Optional) 500GB, or larger. SATA OK The OS may be installed on the ledger disk, though testing has shown better performance with the ledger on its own disk Accounts and ledger can be stored on the same disk, however due to high IOPS, this is not recommended The Samsung 970 and 980 Pro series SSDs are popular with the validator community GPUs Not necessary at this time Operators in the validator community do no use GPUs currently RPC Node Recommendations The hardware recommendations above should be considered bare minimums if the validator is intended to be employed as an RPC node. To provide full functionality and improved reliability, the following adjustments should be made. CPU 16 cores / 32 threads, or more RAM 512 GB or more if account-index is used Disk Consider a larger ledger disk if longer transaction history is required Accounts and ledger should not be stored on the same disk

r/BitcoinSee Comment

Well it's not only FUD, it's also false. First, we do not know if QC of that power are even viable to exist. That is still an open question. Then, let's assume that this question is resolved positively, that is that someone at some point finds a way to create such a powerful QC that could produce the signature without having the private key. Advancements like this do not happen over night. Computers of all kinds are incrementally improved and since we are talking about many orders of magnitude, we would first hear about QC being able to break weaker forms of cryptography long before there would be one strong enough to break ECC used in Bitcoin. What that means that we would have enough time to apply a softfork to introduce quantum resistant schemes to protect the coins. And while there is a separate problem with coins that would not upgrade (e.g. lost coins), there have already been discussed schemes based on zero knowledge proofs of having the correct seed that would protect even those coins with a softfork. It's not 100%, but it's close enough. So for all active users, QC will be non-issue, i.e. Bitcoin is safe. For some of unupgraded/lost coins, the attacker could possible spend them and create a temporary disruption of the market, not unlike we've seen with MtGox, FTX and others. And yet, Bitcoin always recovered from this in somewhat short time. Arguably, Bitcoin is more safe than physical gold as it is very hard to move the gold, so you are often stuck to a location, or have a great risk of losing it. And since nation states are arbitrary about changes in their laws, this property makes gold quite insecure for the future in many places in the world including US and EU.

Mentions:#FUD#ECC#FTX
r/CryptoCurrencySee Comment

Most of them post data like this: * L1 or DA Layer: Gets only the hashes of the transactions. * DA Committee: Gets transaction data and hashes. Keep in mind that Validiums are not all the same. I'm not sure why you mentioned all of that mumbo jumbo about elliptic curve cryptography since it seems irrelevant to understanding Validiums. Rollups don't have to use ECC.

Mentions:#ECC
r/BitcoinSee Comment

This is not strictly true. The upgrade from RSA to ECC on the card networks took years. The NSA monitors the resilience to attack of encryption methods. I would imagine that there are few quantum computing sites with the facilities, let alone know-how, to mount a credible attack. Those that will be monitored by the NSA, if not, they should be.

Mentions:#ECC
r/BitcoinSee Comment

While you got some things right you forgot one key thing for the attack to succeed. First you need a quantum computer with 6x qbits of the key length for ECC. which means for bitcoin that uses 256bits keys, you’ll need 1536 qbits. That’s not a small feat, and I won’t get into the details but it’s not coming in 5 years that’s for sure. Second and most importantly you’ll need a public key to try this attack, and this information is not disclosed until you send bitcoin from an address. The address is a hash derived from the public key, and cannot be reversed of course. Basically if you just use an address to accumulate bitcoin, it’s not vulnerable to quantum computers, until you send bitcoins from it. That’s why it’s a recommendation to not reuse adresses and always generate new ones.

Mentions:#ECC
r/BitcoinSee Comment

20 funds selected for monthly dividend distribution: Fund Ticker.....annual Yield ECC.....18.73% ACP..... 17.7% CRF.....17.67% SVOL..... 16.27% IGR...... 13.64% RYLD.... 11.9% RIV..... 12.77% RYLD..... 11.51% THW..... 11.13% MORT..... 10.71% XYLD..... 9.47% SPE..... 8.5% ETJ..... 8.3% EXG..... 8.16% LGI..... 7.88% JEPI..... 7.24% AMZA..... 7.17% EINC..... 3.49% Almost pure ETFs. Some closed ended funds. Main theory behind it was to promote DCA. All the dividends get reinvested to rebalance the portfolio to an even 5% split across 20 funds. I'll prune out the closed ended funds this year and rebalance for pure ETF portfolio. But again, this is about 50% of my brokerage account. With these funds exceed the allocation for it, the dividends buy BTC etfs and other growth focused ETFs that may have quarterly, annual, or no dividend at all.

r/BitcoinSee Comment

Supercomputers cannot break 128-bit cryptography, that is like guessing the one correct atom in the visible universe, and guessing has a cost of energy and computation. However, quantum computers could break ECC cryptography, although all indications point to that being far away or perhaps not possible given the current rate of errors. Bitcoin may need to eventually adopt quantum-secure digital signature schemes, but all lost or unmoved coins could be stolen.

Mentions:#ECC
r/BitcoinSee Comment

Depends on what you're thinking about. I don't think quantum computers will overtake bitcoin mining. It would simply cost too much. One think I tend not to hear actually is about how efficient quantum computing is compared to bit computing. For sure it will be faster, but how much power does it take to reach that speed? If we're talking about cracking addresses, there's SHA256, there's the ECC algorithm, there's usually some SHA512 in HD wallets (which is basically all wallets now) So cracking an address is hard and cracking a wallet is even harder. I just don't think it's worth being worried about right now.

Mentions:#SHA#ECC
r/BitcoinSee Comment

One of the most significant threats quantum computers pose to SHA-256 is their ability to efficiently perform Shor’s algorithm. Shor’s algorithm can factor large numbers exponentially faster than the best-known classical algorithms, which could compromise the security of widely used encryption methods like RSA and ECC. These encryption methods often rely on the difficulty of factoring large numbers for their security. Quantum computers also threaten the security of hash functions like SHA-256 by utilizing Grover’s algorithm. Grover’s algorithm can search unsorted databases quadratically faster than classical algorithms, making brute-force attacks on hash functions more feasible. While a 256-bit hash is still considered secure against classical attacks, it is theoretically as secure as a 128-bit hash against quantum attacks.

Mentions:#SHA#ECC
r/BitcoinSee Comment

Depends how well grounded you are in computer science and cryptography. As a software engineer, I was able to comprehend the paper the first time I read through it, and then diving in to the Bitcoin Core code solidified it all even more. I still don't understand ECC math but I do trust that the cryptography is strong.

Mentions:#ECC
r/BitcoinSee Comment

I also wondered if there is a proof for addresses which cannot have a private key. Where do you have this address from? Link? I guess it falls mathematically into the same category as the eliptic curve cryptography(ECC). BTC relies on the discrete logarithm problem, but there is also no proof for this. So in this sense BTC is as "risky" as the famous N vs NP problem. If you think N=NP, than you should not buy BTC 😎

Mentions:#ECC#BTC
r/BitcoinSee Comment

Hmmm this is what I was thinking as well, sounds like the best possible 'solution'. Backward compatibility is a pretty core feature of Bitcoin, at a minimum it would create another fork, but I don't know how else to do it if ECC and SHA 256 are compromised then those stashes of old coins will crash the market hard. But Bitcoin would still survive, so what's worse, a massive market crash or requiring everyone to recreate their private keys or forfeit their funds.

Mentions:#ECC#SHA
r/CryptoCurrencySee Comment

BTW ECC algorithm used by BTC,ETH,etc is also time constant.

Mentions:#ECC#BTC#ETH
r/CryptoCurrencySee Comment

76302 0xD85C478106D15ECC391409cc212b36Fd07e7B6BD

Mentions:#ECC#BD
r/CryptoCurrencySee Comment

1. 428,929 2. 0x346ca5B85a0eec8FA0ECC59fd0b5aea6Da184055

Mentions:#ECC
r/CryptoCurrencySee Comment

I mean obviously you bought it already and are now trying pump it by posting here...we aren't completely gullible! But I'm glad to have given you some key words to search for. It seems sensible to get a basic understanding of cryptography if you want to invest in quantum resistance projects... otherwise you're just going to get tricked by scammers using impressive sounding buzzwords. A good place to start would be CloudFlare's introduction to ECC: https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/

Mentions:#ECC
r/BitcoinSee Comment

Sha256 is a hashing algorithm. It is not encryption. iMessage used RSA and ECC. Bitcoin priv keys use ecdsa. QC is less of a threat to mining and double sha256 hashes than to ecdsa since there's a difficulty adjustment as well. So no QC "51% attack soon." Sha1 is bad, sha2 still works, and sha3 like keccac already exists for a decade. There is no encryption in bitcoin so there's nothing to replace like what Apple is doing.

Mentions:#ECC
r/BitcoinSee Comment

It all started with ECC, but that is predated by RSA, so in 1977 Ron Rivest, Adi Shamir and Leonard Adleman but wait if you don't mind me taking a 30 second, maybe half-minute, detour - we should first look at prime numbers and the persona of Pitagoras... but to there, did you know that The Rhind Mathematical Papyrus, from around 1550 BC, has Egyptian fraction expansions of different forms for prime and composite numbers

Mentions:#ECC#BC
r/BitcoinSee Comment

> it's not as secure as a long password of random characters. It's every bit as secure *if it has the same entropy*. Which is *exactly* what a mnemonic in a deterministic wallet is about. It may be just a series of unaltered words from a limited dictionary, but it still has 128–256 bits of security. And it's easier to remember. Applying that to your example (), you could take 421 bits of entropy, pad them with 8 checksum bits, and turn them into 39 words from a 2048-word dictionary, and have something just as secure. And not need to be a savant to remember it. But 421 bits is pretty extreme, IMO. You're ignoring that Bitcoin keys have only 128 bits of security (because of a known attack on ECC), so no wallet password is going to provide protection much better than that.

Mentions:#IMO#ECC
r/BitcoinSee Comment

Apologies if I've misunderstood what you're expressing here, but looking at the *NSA kleptographic backdoor in the Dual\_EC\_DRBG PRNG* section you pointed out, we read: "(NSA) inserted a backdoor into a pseudorandom number generator (PRNG) of NIST SP 800-90A...as independent security experts long suspected", citing [a 2007 Wired article by (eminent) cryptographer Bruce Schneier](https://www.wired.com/2007/11/securitymatters-1115/). Put plainly, cryptographers were (publicly!) suspicious of NIST crypto recommendations before Bitcoin was released (2009). Thus the suggestion that *not* using NIST ECC curves implies some kind of NSA insider knowledge is silly.

Mentions:#ECC
r/BitcoinSee Comment

I think you may be right, but I still disagree with his conclusion; it seems an entirely unnecessary assumption that we should dismiss (per Occam's Razor). Do we really believe that the only way someone *wouldn't* choose an ECC curve from the US government's handpicked list is because that person worked for the intelligence agency? Would a dissident use NIST's curves? Would (say) a Russian engineer? There are many plausible explanations that fit the facts, so there's really no basis to make the assumption he does. It's probably not so obvious now, but if you were in software in the 90s, it was a *weird* time. [It was illegal to export "strong cryptography"](https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States) in the US—what we'd now consider totally normal crypto your browser would use to talk to your bank's website was *illegal math*. Which meant normal browsers and other programs had to / were supposed to jump through weird hoops to weaken encryption if it they were available on the internet. The government was trying to [backdoor all voice and data transmissions through a special chip](https://en.wikipedia.org/wiki/Clipper_chip). There was a growing awareness that the Internet would be super important, but also that there was essentially *no* privacy. All of that got even worse after 9/11. My point in mentioning all of that is that the cypherpunks came up in that era, when trust in the US government with respect to all things digital was at an all time low, and the roots of Bitcoin trace back to that world. In a certain way, I'd be shocked if Satoshi *did* pick an off-the-shelf NIST ECC curve.

Mentions:#ECC
r/BitcoinSee Comment

This is not worth taking seriously. Presumably he's referring to the [secp256k1 elliptic curve](https://en.bitcoin.it/wiki/Secp256k1) Bitcoin uses with ECDSA, which *was* an unusual choice at the time. The choice of what curve parameters to use for encryption / signing is a question of *math*, which is to say that a "backdoor" in this sense really just means that someone else (*e.g.* the government) knows a way to make a certain math problem easy that others presume is always hard. A good cryptographer might come to an independent conclusion that a particular form of encryption is not safe, or even just *suspect* it and steer clear. There has been skepticism about government (*e.g.* NIST) suggested encryption algorithms / parameters long before Bitcoin existed—presumably from the *beginning* of published standards. And the cypherpunks (out of which Bitcoin grew) were exactly the type of folks to be skeptical. If Bitcoin was created by a three-letter agency, it would presumably use one of the backdoored algorithms so that the agency could gain advantage. The fact that it *doesn't* lends credence to the idea that it was *not* created by them. If he's just saying that the creator might have worked at one of those agencies at some point and knew which algorithms had vulnerabilities, fine—but what does it matter? There are numerous (perhaps infinite? I'm not intimately familiar with ECDSA) [choices of curves to use for ECC](https://safecurves.cr.yp.to/index.html). If you were aiming to build a secure, global, digital cash system, outside the reach of fiat, and you had the cryptographic proficiency, would you choose your (pivotal) encryption parameters from an opaque menu presented to you by a government, or would you come to an independent conclusion? Even if *you* trusted said government, would future users trust the system, knowing that that government might have a backdoor to that entire financial system? Moreover, "unlike the popular NIST curves, secp256k1's constants were selected in a predictable way, which significantly reduces the possibility that the curve's creator inserted any sort of backdoor into the curve" ([https://en.bitcoin.it/wiki/Secp256k1](https://en.bitcoin.it/wiki/Secp256k1)). This is a *great* quality to have if you're trying to inspire trust in your choice, and some kind of choice needed to be made. It seems like Satoshi made the best, most logical choice available to him / her / them.

Mentions:#ECC
r/BitcoinSee Comment

> My thinking was to use the Ian Coleman "IC" site for its strengths and choose a different language as any hacker getting it from the USA would likely try English Why is English a problem? Are you thinking of dictionary attacks? I don't believe that applies here. Dictionary attacks work with *passwords* because people are not very random with their choice of passwords and like to make short ones based on a word or two. Key word: "choice". Passwords people choose tend to be low-entropy, because people are bad at randomness. However, here you are letting an RNG generate 128–256 bits of entropy. The mnemonic is nothing but an encoding of that entropy. It doesn't make it any easier to guess. But it *does* make it easier for you to handle as a human. That is, *if* you use the mnemonic, as opposed to just copying master keys or whatever. > derivation 84 (I was just saying 32 because earlier because it was the standard and messing it with is a good way to make your coins unrecoverable) thru experimenting I realized only 84 will produce bc1 addresses, which I think is best going into the future. BIP 84 is the standard that specifies the derivation path for P2WPKH (pay-to-witness-public-key-hash) wallets, P2WPKH being the script type that has "bc1q" addresses associated with it. So it makes sense you get those only if you choose BIP 84. Other choices there, other than BIP 32, correspond to other script types. One that is missing on that page is BIP 86, which is for P2TR (pay-to-Taproot) scripts, which have "bc1p" addresses. But then, Electrum doesn't yet support P2TR wallets. > 1. ... > 2. ... > 3. ... I'm not sure I understand what this is about. Were these different things you tried? Did you create multiple wallets using these different steps? Or something else? > if I could get the QR to work that would be great, but getting the laptop camera to snap a picture in a mirrror didnt work. QR codes generally cannot be scanned in mirror image, as they are not designed to make such a distinction apparent to a scanner. A mirrored QR code looks superficially like a non-mirrored one turned a different way, but things are in the wrong places. If you really need to have a device scan a QR code from its own screen, you need to use an even number of mirrors, so the image goes back non-mirrored. However... > However next to the camera button there was the choice to "Read from file". I snapped a screenshot (.png) and went to the .png file and entered it. It took a few seconds but it seemed to load/accept it Yes, this is a lot easier. But is even that really necessary? Does Tails prevent you doing a simple copy-and-paste of the field, instead of going through all that rigamarole? I'm not familiar with use of Tails, so I don't actually know. But surely there is an easier way than what you're trying to do. > enter 12 more custom words (this is another reason im using IC, I get a good set of 12 more words This is your passphrase, then. That's what the "extend with custom words" option in Electrum is referring to. > then the PassPhrase There is no "then" at this point. You have already entered your second 12-word phrase as the passphrase. There is no option to add anything more. If you want to enter 24 words in Electrum (which is of dubious benefit, as Bitcoin keys, being ECC, only have ~128 bits of security, the same as the entropy you get through a 12-word mnemonic), then just generate a 24-word mnemonic, which Electrum will accept as a BIP 39 mnemonic. It's only Electrum mnemonics that must be 12 words. > HERE IS the main reason Im trying to use the IC -as long as it doesn't make my wallet unrecoverable- it generates a 100 digit passphrase, the longest allowable, in my brain I hope you have a savant-level memory, because there is no way *I* would be able to remember something like that. And there is no way I can recommend it to anyone, including you. Word of advice: unless you have superb discipline, don't try to get fancy with your security measures. A lot more people lose their bitcoin by losing or forgetting all the details of what they did than by actually having it stolen.

r/BitcoinSee Comment

Yes the reason is important. It’s important to stay in the loop, and try to be ahead of the news instead of behind it. I know that the amount of seed phrases is more than the atoms in the universe or whatever. But thanks for pointing out ECC, I’ll research it. It would be nice if our personal bank account was something more personal tho… like a feeling only you could have, lol. Thoughts about the future can get pretty wild. But I’ll take one of my atoms for now 😚

Mentions:#ECC
r/BitcoinSee Comment

Depends on the reason it went down. If it was just selling pressure then I’d buy as much as disposable income I could. If it was something way worse like someone figured out how to crack seed phrases… that’s when you’d want to be out. The good thing is that seed phrase cracking won’t be an issue unless some major technological breakthrough happens. Highly unlikely due to the nature of ECC.

Mentions:#ECC
r/CryptoCurrencySee Comment

Are you sure about not using sha 256 for keys? On kraken's website they say: "Bitcoin uses elliptic curve cryptography (ECC) and the Secure Hash Algorithm 256 (SHA-256) to generate public keys from their respective private keys".

Mentions:#ECC#SHA
r/CryptoCurrencySee Comment

Thats an old video but Shor's algorithm could break RSA-256 bit encryption with a quantum computer with about 4098 logical qubits and ECC-256 with around 2330 logical qubits. It's inevitable in the next few years.

Mentions:#ECC
r/CryptoCurrencySee Comment

Not SHA-256. That's the mining puzzle algorithm. Public/private keys are based on ECC.

Mentions:#SHA#ECC
r/BitcoinSee Comment

>We have. Bitcoin will move away from elliptic curve crypto Why? There is no reason to do that. While there are sound reasons to expect space mining of gold could become a reality in the next 15 - 75 years, using already existing technology and methods, there isnt any basis to expect ECC to become broken in the same time frame.

Mentions:#ECC
r/BitcoinSee Comment

Also, there's no cryptography in the Bitcoin blockchain. "The Bitcoin network and database itself does not use any encryption. As an open, distributed database, the blockchain has no need to encrypt data. All data passed between Bitcoin nodes is unencrypted in order to allow total strangers to interact over the Bitcoin network." Also, "ECDSA, which stands for Elliptic Curve Digital Signature Algorithm, uses the same mathematical primitives as ECC (elliptic curve cryptography) and, as such, also uses an asymmetric key pair of public and private keys. This is synonymous with other cryptography algorithms which use a public key to encrypt messages and a private key to decrypt them. However, these keys are not used to encrypt or decrypt anything." So, no cryptography, no anonymity, and no encryption. And being *pseudonymous* isn't worth much if you bought your BTC from a KYC exchange. Seems to me the title of the Wired article is just clickbait.

Mentions:#ECC#BTC
r/BitcoinSee Comment

Pretty sure my barista had a computer science degree this morning. It doesn’t change the fact that you’re wrong. You clearly don’t even know what you are talking about since you repeated my error in mentioning sha256 instead of ECC But please continue to parrot and misrepresent memes that were proven to be misleading over a decade ago.

Mentions:#ECC
r/BitcoinSee Comment

Mathematical shortcut being discovered for ECC.

Mentions:#ECC
r/CryptoCurrencySee Comment

The whole blockchain doesn't need kept or stored. It says so right in the Bitcoin Whitepaper: > 7. Reclaiming Disk Space > Once the latest transaction in a coin is buried under enough blocks, the spent transactions before it can be discarded to save disk space. To facilitate this without breaking the block's hash, transactions are hashed in a Merkle Tree, with only the root included in the block's hash. Old blocks can then be compacted by stubbing off branches of the tree. The interior hashes do not need to be stored. > A block header with no transactions would be about 80 bytes. If we suppose blocks are generated every 10 minutes, 80 bytes * 6 * 24 * 365 = 4.2MB per year. With computer systems typically selling with 2GB of RAM as of 2008, and Moore's Law predicting current growth of 1.2GB per year, storage should not be a problem even if the block headers must be kept in memory. Also, Satoshi said: > Long before the network gets anywhere near as large as that, it would be safe for users to use Simplified Payment Verification (section 8) to check for double spending, which only requires having the chain of block headers, or about 12KB per day. Only people trying to create new coins would need to run network nodes. At first, most users would run network nodes, but as the network grows beyond a certain point, it would be left more and more to specialists with server farms of specialized hardware. A server farm would only need to have one node on the network and the rest of the LAN connects with that one node. > > The bandwidth might not be as prohibitive as you think. A typical transaction would be about 400 bytes (ECC is nicely compact). Each transaction has to be broadcast twice, so lets say 1KB per transaction. Visa processed 37 billion transactions in FY2008, or an average of 100 million transactions per day. > > That many transactions would take 100GB of bandwidth, or the size of 12 DVD or 2 HD quality movies, or about $18 worth of bandwidth at current prices. > > If the network were to get that big, it would take several years, and by then, sending 2 HD movies over the Internet would probably not seem like a big deal. > > Satoshi Nakamoto > https://www.mail-archive.com/cryptography@metzdowd.com/msg09964.html

Mentions:#MB#RAM#ECC
r/CryptoCurrencySee Comment

The majority didn't decide the keep the blocks small. Over 85% of nodes were signalling for a blocksize increase. I think your scenario of 1gb blocks is unrealistic, but if it were the case, the whole blockchain doesn't need kept or stored. It says so right in the Bitcoin Whitepaper: > 7. Reclaiming Disk Space > Once the latest transaction in a coin is buried under enough blocks, the spent transactions before it can be discarded to save disk space. To facilitate this without breaking the block's hash, transactions are hashed in a Merkle Tree, with only the root included in the block's hash. Old blocks can then be compacted by stubbing off branches of the tree. The interior hashes do not need to be stored. > A block header with no transactions would be about 80 bytes. If we suppose blocks are generated every 10 minutes, 80 bytes * 6 * 24 * 365 = 4.2MB per year. With computer systems typically selling with 2GB of RAM as of 2008, and Moore's Law predicting current growth of 1.2GB per year, storage should not be a problem even if the block headers must be kept in memory. Also, Satoshi said: > Long before the network gets anywhere near as large as that, it would be safe for users to use Simplified Payment Verification (section 8) to check for double spending, which only requires having the chain of block headers, or about 12KB per day. Only people trying to create new coins would need to run network nodes. At first, most users would run network nodes, but as the network grows beyond a certain point, it would be left more and more to specialists with server farms of specialized hardware. A server farm would only need to have one node on the network and the rest of the LAN connects with that one node. > > The bandwidth might not be as prohibitive as you think. A typical transaction would be about 400 bytes (ECC is nicely compact). Each transaction has to be broadcast twice, so lets say 1KB per transaction. Visa processed 37 billion transactions in FY2008, or an average of 100 million transactions per day. > > That many transactions would take 100GB of bandwidth, or the size of 12 DVD or 2 HD quality movies, or about $18 worth of bandwidth at current prices. > > If the network were to get that big, it would take several years, and by then, sending 2 HD movies over the Internet would probably not seem like a big deal. > > Satoshi Nakamoto > https://www.mail-archive.com/cryptography@metzdowd.com/msg09964.html

Mentions:#MB#RAM#ECC
r/BitcoinSee Comment

To make it more challenging there is no mathematical proof saying a shortcut is not possible in theory for ECC. Such a proof exists for DH on the other hand.

Mentions:#ECC
r/BitcoinSee Comment

An encryption algorithm takes an input value that you want to encrypt and an encryption key. It produces an unreadable series of letters and numbers. Anyone with the key can unlock that unreadable string and get the initial value. Encryption is a two-way thing. Hashing is a one-way thing. You take a value and a hashing algorithm like SHA-256 and you produce an unreadable string of characters. Once you do, there is no going back. You can test it out here [https://emn178.github.io/online-tools/sha256.html](https://emn178.github.io/online-tools/sha256.html) The same algorithm will always produce the same hash for the same input. Encryption is used when the information needs to be transferred through an untrusted medium and decrypted on the other end. Most common use case is SSL. When you put your credit card details in a web portal, they are encrypted to be sent to let's say MasterCard and decrypted there. Hashing is used when knowledge of the actual value is not needed on the other end. Best example is passwords on online platforms. Reddit for example does not store your password in clear text. It hashes it. Every time you login, they hash the password you provided and compare the hashes. The actual password is never stored on their servers. If someone steals the password hash they cannot derive the password. ( To be more precise, they can if the algorithm is weak, google SHA-1 or rainbow tables) &#x200B; In the context of Bitcoin, many people think that SHA-256 is used for private key generation but that's not true. In very simplified terms, a bitcoin private key is a very large random number. So random that it would take you millions of years to guess an existing one. A public key is a hash of the private key using Elliptic Curve Cryptography. This is different than SHA-256 and even more powerful and hard to crack. Finally, a part of the public key is used along with some other info to generate your wallet's addresses using SHA-256. For someone to crack Bitcoin they would have to first crack SHA-256 to acquire the public key and then crack ECC to get to your private key and spend your Bitcoin.

Mentions:#SHA#ECC
r/CryptoCurrencySee Comment

Can you be more specific? ECC is pretty common and Ed25519 is considered safer than secp256k1 or whatever.

Mentions:#ECC
r/CryptoCurrencySee Comment

I'm very much a person who is here because of the decentralisation. Solana does not fit that category. Even if someone wants to make the case that by definition it is decentralised because its not running on one machine, sure, but it is so far on the scale of being centralised that it wouldn't even be a good point to make. What they will say is that this allows the network to process more TPS, but on the flip side, look at how many times the chain has been switched off because of the central control. Not to mention most of the TPS aren't actually TPS, but rather consensus messages added onto that metric so it looks like it being used far more than it actually is. The hardware requirements to run a node is off the charts, for example suggested 256GB of ECC ram but recommended 512GB ECC "or more". At that point you're basically building your own mini data centre. They also recommend a 10GBit/s asymmetric commercial internet connection, so at that point you might as well just buy a machine in a datacentre anyway given that type of internet connection must cost a fortune. For me this isn't even possible, the highest I can get is 1Gbit/s. They need to pay node operators a huge amount of money because of the huge upfront and ongoing costs, and the Solana network barely makes any revenue in fees anyway, so where do they pay the node operators from? Via new coin issuance, which means high inflation, which means the network security is quite literally dependent on the price of Solana.

Mentions:#ECC
r/CryptoCurrencySee Comment

It's the private keys themselves that are no longer secure (ECC is not quantum resistant, meaning there is an algorithm). Mining is the least of the problems. Bitcoin would simply become worthless.

Mentions:#ECC
r/CryptoCurrencySee Comment

the math checks, shouldn’t be any issue unless the basic arithmetic of ECC were vulnerable

Mentions:#ECC
r/CryptoCurrencySee Comment

There's no way this "ECC offset" strategy is secure for EOAs vanity addresses are already inherently less secure (eoa only, does not apply to contracts), and allowing others to generate the private keys using an offset is a terrible idea. It is only a matter of time until there are victims from this.

Mentions:#ECC
r/BitcoinSee Comment

Bitcoin stood on the shoulders of giants. It might have seemed sudden, but the groundwork for Bitcoin was being built decades before the white paper. Blockchains have actually been around since the 90's (although fairly different in design) . There were many breakthroughs in the decades before the white paper. Hash cash, reusable proof of works, elliptic curve cryptography (ECC), Wei dei's b-money. Digital cash has been the holy grail of Cypherpunks for a long time prior to bitcoin. It can feel like bitcoin appeared out of thin air, but there's a fascinating history to dig through of previous break through.

Mentions:#ECC
r/CryptoCurrencySee Comment

Bitcoin uses ECC private keys and SHA256 hashes, it's crypto

Mentions:#ECC#SHA
r/BitcoinSee Comment

Well, you heard it from OP first. IBM is now capable of breaking RSA or ECC in seconds. If only this 1.6T dollar industry full of the brightest engineers, mathematicians, scientist, and other academics could have seen this coming. All these roadmaps to upgrading to quantum resistant encryption, but we never stood a chance without OP. If only OP could just borrow one of these academics for a lesson on how to Google "How to short Bitcoin?". Feels bad.

Mentions:#OP#ECC
r/BitcoinSee Comment

Another question, if I may: Am I correct in the assumption, that the security of a 160bit P2WPKH address is 159bit against a classical computer and 129bit against a quantum computer? The classical computer simply has to try different private/public keys until it finds a suitable one that produces the address. So, this should take on average (2^160)/2 trys, that is 159 bit security. The quantum computer can use Grover's algorithm to find the preimage of the address (which is a RIPEMD-160 hash) within 2^80 iterations. But then it still has to find the preimage of the Sha256 hash. Again, using Grover's algo, this halves to 128bits. Finally, it has to break the ECC to find the private key corresponding to the public key, which is again 128bits. So in total, approx. 129 bits. PS: To preemptively defend myself, because often people get mad when you mention quantum computers: I know we are far away from this being a concern. In fact, we don't even know if quantum computers this strong are even possible to build. I don't mean to spread FUD, just asking out of curiosity.

Mentions:#ECC#FUD
r/BitcoinSee Comment

True, that's best practice. However, if an attacker really were able to beat the ECC, he may be able to frontrun your transaction, so nothing will be sent to your change address. That assumes that he can break the ECC and thus find your private key, before the next block is mined, so he has approx 10 minutes time. Obviously all very unrealistic, but still fun to think about.

Mentions:#ECC
r/BitcoinSee Comment

1) Very much info, thank you! Do I understand this link correctly, that P2WPKH addresses only have 160 bits of brute-force resistance, since they again use RIPEMD-160? I would've thought they are considered "modern" and thus have 256 bits. https://en.bitcoin.it/wiki/Bech32 2) Another thing: afaik from reading some pages in Mastering Bitcoin, the ECC is only used to create public keys from private keys, while the address is then a hash of the public key, as explained in the link above. As long, as you don't spend from an address, the public key remains secret and the ECC security is not relevant. Obviously, at the moment you broadcast a signed transaction, your pubkey is leaked, so if you ever want to spend Bitcoin (its money after all), the ECC security is what matters.

Mentions:#ECC
r/BitcoinSee Comment

P2WSH addresses are 256 bits. But the length of the address isn't the limiting issue for security ECC key pairs have a mathematical shortcut which reduces bruce force effort by the square root. A 256-bit ECC secp256k1 Bitcoin key can be brute forced with 2^128 iterations, is 128-bit secure, not 256 There's no need for more than 90 bits. Round up to 128 bits because 128 is a power of 2, and make a 12 word mnemonic by adding 4 checksum bits The passphrase has purposes apart from increasing the entropy. It also adds a usability risk, but that's a separate topic

Mentions:#ECC
r/BitcoinSee Comment

Thank you for this answer! Can you explain to someone with limited knowledge on ECC why ECC only has the security equivalent to half the bits?

Mentions:#ECC
r/BitcoinSee Comment

Modern addresses have 256-bits, so really your question is basically done at that point. But ignoring that, it depends on how those 160 bits of seed are turned into an address. ECC only has security equivalent to half the bits. So normally a 256-bit key has 128 bits of security. But if you make a 160-bit key which lies in a regular subspace of the curve (as would be the case for just using a 160-bit private key) then you will only have 80 bits of security. This isn't the product of any kid of obscure attack, the *ordinary* and sensible attack against ECC (or any cryptosystem in a finite cyclic group) works via a collision search rather than an enumeration of all possible keys. So even in the 160-bit address case the ECC strength itself was already security-limiting against someone trying to find your private key. Why are modern addresses longer? For a couple reasons but the big one is that an attacker that tries to generate two different private keys that share a single address (like a multisig key involving you and one just involving them) only need to do work equivalent to half the address length.. so 160 bit addresses result in 80-bit security. 80-bits is not considered an acceptable level of security today (bitcoin's mining, to give a not very applicable example has done many times 2^80 operations).

Mentions:#ECC
r/CryptoCurrencySee Comment

ECC doesn't realy on multiplying prime numbers. Also you're totally ignoring the very basis of math. People found proof that these methods are secure. There are no patterns we can't see if there's mathematical proof.

Mentions:#ECC
r/CryptoCurrencySee Comment

It's more theoretical, isn't the Shor-Algorithm suitable to crack RSA but not ECC? I've read in a paper that quantum computers would be more of a threat to other types at first. There might also be a solution for ECC to become 100% quantum resistant, even though it isn't right now

Mentions:#ECC
r/CryptoCurrencySee Comment

Nothing more :D There are several different ways to create private keys, but ECC is pretty common and it's also supposedly quantum computer safe (at least right now)

Mentions:#ECC
r/CryptoCurrencySee Comment

SHA256 is NOT encryption. It's the hash being used for creating blocks. SHA might be used at some point, but Bitcoin's private key is an ECC key.

Mentions:#SHA#ECC
r/CryptoCurrencySee Comment

Why do so many people talk about encryption and AI without having a basic understanding of how it all works? AI can barely do math, and math has already shown that this kind of encryption is secure. People try to make themselves more interesting by spreading bullshit like this. A good indicator of bullshit is that they don't distinguish between different types of encryption. For example, there is RSA and there is ECC (which is what Bitcoin uses).

Mentions:#ECC
r/BitcoinSee Comment

Only the ECC is quantum vulnerable. When the time comes for core to release a quantum secure signing algorithm, just your coins to a new quantum secure wallet.

Mentions:#ECC
r/BitcoinSee Comment

Meh. How worried? Zero or a bit less. There is no encryption in Bitcoin. SHA256 and ECDSA on Secp256k1 are both "simple". SHA256 can be done on paper and its easy to see that the incoming message gets hashed and is unrecoverable. Similarly ECC taking a private key to a public key for example is easy to do one way and not back. I think its very unlikely chatgpt will spit out vulnerabilities in either given the right prompt.

Mentions:#SHA#ECC
r/BitcoinSee Comment

Bitcoin is a cryptocurrency as are all the Altcoins. Bitcoin was just first and the best version. The coins all use cryptography. Bitcoin uses elliptic curve cryptography (ECC) and the Secure Hash Algorithm 256 (SHA-256) to generate public keys from their respective private keys

Mentions:#ECC#SHA
r/BitcoinSee Comment

Bitcoin is a cryptocurrency as are all the Altcoins. Bitcoin was just first and the best version. The coins all use cryptography. Bitcoin uses elliptic curve cryptography (ECC) and the Secure Hash Algorithm 256 (SHA-256) to generate public keys from their respective private keys

Mentions:#ECC#SHA
r/BitcoinSee Comment

I know this isn't popular here but Bitcoin is a cryptocurrency as are all the Altcoins. Bitcoin was just first and the best version. The coins all use cryptography. Bitcoin uses elliptic curve cryptography (ECC) and the Secure Hash Algorithm 256 (SHA-256) to generate public keys from their respective private keys

Mentions:#ECC#SHA
r/CryptoCurrencySee Comment

ECC is not quantum resistant.

Mentions:#ECC
r/CryptoCurrencySee Comment

Bitcoin uses ECC with 256 Bit and quantum computers aren't a threat for it

Mentions:#ECC
r/BitcoinSee Comment

They're not useless, but I don't keep alot of stuff on password managers. Including bank info. The cryptography used to secure bitcoin (ECC) allows you to have much greater cybersecurity than ever before, if you use it properly. Putting it on a Diffie-Hellman/RSA secured database defeats the purpose. If you have 25 BTC tied up in cold storage, you should definitely follow good custody standards (like air gapping, and generating keys offline).

Mentions:#ECC#BTC
r/CryptoCurrencySee Comment

SHA256 is just the hash algorithm used by the miners, the keys are ECC and I'm not sure about that (I see different opinions about whether it's secure or not). A lot of our communication may be broken in the future, that's a real problem. Let's just hope it lasts long enough that most of the data is no longer relevant. I've also heard that AES is considered to be safe. I must dig deeper into this topic because I can only rely on stuff I read somewhere

Mentions:#SHA#ECC#AES
r/CryptoCurrencySee Comment

I am not exactly a cryptographer, but there might be an RSA-specific flaw, not affecting ECC in general.

Mentions:#ECC
r/CryptoCurrencySee Comment

AI is still doing the same thing it did 30 years ago, just with more data and computing power, by the way. Don't fall for all the hype Musk and others are doing. There is no strong AI i sight, sometimes it can't even tell if a sign says 30 or 80. Of course, if a government agency can crack ECC or RSA, they won't publish a paper about it, that's true. But it doesn't seem likely that public science has taken baby steps while they've taken giant leaps. They'd need the best scientists and people in science would know that something was going on. People also knew about the nuclear program.

Mentions:#ECC
r/CryptoCurrencySee Comment

The nuclear bomb is not quantum computers. Quantum computers really only endanger asymmetric or public key cryptography algorithms such as RSA, ECC, and Diffie Helman. These are proven to be broken by quantum computing using Shors algorithm. NIST has already announced 4 quantum resistant algorithms.

Mentions:#ECC
r/CryptoCurrencySee Comment

Well, ECC (Bitcoin and others) may be fucked, but we'll need a Quantum Computer with an estimated minimum of 6,000 entangled quantum bits (QBits). Right now the biggest has 51. As far as I know, Shor's Algorithm could do it. It seems like the effort exponential. The next 51 QBits are much harder to achieve, even more the 51 QBits after that... But I'm no expert

Mentions:#ECC
r/CryptoCurrencySee Comment

Have you considered using [DVDisaster?](https://en.wikipedia.org/wiki/Dvdisaster) It basically modifies the ISO and embeds an error-correcting code on the unused space of the disc. So if there's any bit-rot or damage the ECC can be used to recover corrupted data. Supposedly it's even good enough to work even with DVDs that have been [intentionally drilled holes into](https://np.reddit.com/r/DataHoarder/comments/ikt606/dvdisaster_0796_semirevival/g802umn/) (!).

Mentions:#ECC
r/CryptoCurrencySee Comment

I know what you mean, but you don't have to understand the technology, just how to use it. The technology is very similar to what happens when you look at a https website (except it's ECC for BTC and not RSA, I think?). I don't necessarily have to understand that either. "Be your own bank" is a bit exaggerated. All you do is keeping your own private key.

Mentions:#ECC#BTC
r/BitcoinSee Comment

> I don't see this as a rational response Your claims are not rational. You made them up. There is no risk to AES. A quantum computer is not a cracking tool. RSA is not relevant to Bitcoin. Bitcoin has no encryption > If in 10 years quantum computers can break 32 bit ECC There's no such thing as 32-bit ECC > Peter Shor has already solved the discrete logarithm problem back in 1994, theoretically at least. And it will probably take another 30 years before any practical application of his algorithm can be used Most likely never going to happen. The "30 years from now" estimates are now more than 30 years old. In 30 years, we will still be predicting useful quantum computers in 30 years time. Eventually, the infinite 30-year timeframe leads to a realization that it's not possible > will the bitcoin protocol have time to switch Ask again in 30 years

Mentions:#AES#ECC
r/BitcoinSee Comment

Satoshi said: > Long before the network gets anywhere near as large as that, it would be safe for users to use Simplified Payment Verification (section 8) to check for double spending, which only requires having the chain of block headers, or about 12KB per day. Only people trying to create new coins would need to run network nodes. At first, most users would run network nodes, but as the network grows beyond a certain point, it would be left more and more to specialists with server farms of specialized hardware. A server farm would only need to have one node on the network and the rest of the LAN connects with that one node. > > The bandwidth might not be as prohibitive as you think. A typical transaction would be about 400 bytes (ECC is nicely compact). Each transaction has to be broadcast twice, so lets say 1KB per transaction. Visa processed 37 billion transactions in FY2008, or an average of 100 million transactions per day. > That many transactions would take 100GB of bandwidth, or the size of 12 DVD or 2 HD quality movies, or about $18 worth of bandwidth at current prices. > > If the network were to get that big, it would take several years, and by then, sending 2 HD movies over the Internet would probably not seem like a big deal. > > Satoshi Nakamoto https://www.mail-archive.com/cryptography@metzdowd.com/msg09964.html

Mentions:#ECC
r/CryptoCurrencySee Comment

Nothing, Quantum computers are expected to be able to efficiently factor large numbers and solve discrete logarithm problems, which are the foundation of many encryption algorithms like RSA and ECC, through algorithms like Shor's algorithm. When this will happen depends on the progress of quantum technology development, which is challenging to predict precisely and what exactly will break is also highly uncertain. The security of Bitcoin, in particular, is based on elliptic curve cryptography (ECC). So far these 2 approaches seem to be not breakable but also remain uncertain, but can be quite good for btc for example. Lattice-based cryptography: This is a class of mathematical problems that are believed to be hard for both classical and quantum computers. Algorithms like NTRUEncrypt and Ring-LWE fall into this category. Also algorands falcon keys fall under this category. Hash-based cryptography: Hash-based digital signatures, like the Lamport and Winternitz one-time signature schemes.

Mentions:#ECC
r/CryptoCurrencySee Comment

"*at least until someone cracks the SHA-256 encryption that secures it*" That's nonsense. SHA256 is being used (in mining for example) but the encryption is ECC (elliptic curve cryptography).

Mentions:#SHA#ECC
r/CryptoCurrencySee Comment

No, it can't break everything. A QC can't solve every problem faster than bit-based computers. There's an algorithm for ECC (Bitcoin) though.

Mentions:#ECC
r/BitcoinSee Comment

QC can search with sqrt(N), N being the number of bits in your key. That is the optimum. No exponential speedup there. But they can break ECC in poly time with poly many qubits. Does this help?

Mentions:#ECC
r/BitcoinSee Comment

You are correct. Bitcoin uses ECC, not RSA, and the hash algorithms do not depend on factoring. Sorry. But I do see that these features make Bitcoin impervious to quantum computing algorithms as well.

Mentions:#ECC
r/CryptoCurrencySee Comment

Quite some but one stands out ECC (ether connect coin), I was new to crypto and was advised to seek crypto information from telegram and Reddit, I chose telegram and long story short, I bought the coin on pancake swap using BNB with it's two sister coins. I watched the coins x1000 but couldn't sell since they're locked up in the company's website and by the time they open up withdrawal months later, they have pulled liquidity and everything went to x -10000 and their site went down for some days before coming on again but by then it has already dawned on us that they've dumped the tokens on us and my $100 investment that shot up to $10k is now worth less than a buck. That was how I learnt about liquidity and rugpull.

Mentions:#ECC#BNB
r/CryptoCurrencySee Comment

>Bitcoin != Crypto Bitcoin uses private keys based on ECC (elliptic curve cryptography) and mining is being done using the SHA256 hash algorithm. It's definitely crypto.

Mentions:#ECC#SHA
r/CryptoCurrencySee Comment

This is a bit of a nitpick, but I'll post it bc you seem interested. While it is true that you use 256 bits to generate a 24 key phrase, and the corresponding private key generated from the key phrase are 256 bits in length. The strength of ECC in general is approximately half of the bits used to make the key, bc the fastest known algo to work backwards from a public key to. a private key is sq-root k. So in general when talking about the statistics of anything related to the strength, or odds of uncovering a private key, one should refer to actual strength of the encryption, which in this case is slightly less than 2\^128. While it's true that 2\^256 is true for the type of collision you responded to, people can infer incorrectly that 2\^256 is the strength of their private key, when it's actually a little less than half of that.

Mentions:#ECC
r/CryptoCurrencySee Comment

In theory, when it's made by humans, it can be broken by humans. And once it breaks, shit will hit the fan. Users of 'crypto phones' like EncroChat, Sky ECC and Exclu thought they were safe as well. It's a matter of time and the amount of resources used, also for Monero I'm afraid..

Mentions:#ECC
r/BitcoinSee Comment

Dude, just no. You are still young. Apple has AI since 2010 implemented in their phones. Quantum won't be ready to break ECC even in 10 years. It's not the first time they think they are close.

Mentions:#ECC
r/CryptoCurrencySee Comment

This is a really great post! Glad to see people spreading this knowledge. If I had anything of value to add, just a few things. First, I have a playlist of videos that break down Encryption and how it works, ECC, hashing, and relating these to blockchain and their use cases, and more. I don't know if I can post links, so I won't try. But if you go to "EpochSec" on YouTube (multi blue round logo), you can find the playlist "Encryption and Hashing". Or you can find that via my website, (I don't even know if I can post that in here). This would be a great complimentary set of knowledge, to go along with this post. SECP = Standard for Efficient Cryptography. This has been around a very long time. secp256k1 is an elliptical curve, as mentioned. You also have ECDSA and Schnorr. Then you also have ed25519 (EdDSA + Curve25519). And there are others. ECDSA and ed25519 are often used in many other things. You might be familiar with what is derived. Public and Private Keys. Folks use them for their SSH keys, they are used in blockchain. They are also used (asymmetric encryption) to transfer your symmetric key, when you are typing in your password to login to a site, for example. There are plenty of other examples, and analogies. Then hashing plays a big role as well. To save this reply from becoming long, I'll stop there and just refer back to my video playlist I mentioned above. I'll also share a general message. This option is very secure, indeed. However, as the OP mentioned, many people might say "I have no idea what I am doing". I generally recommend to not stress about using the most secure thing immediately (it depends). That is a good end goal though. So if you are nervous, start out with an easy method, or something you are comfortable with. In parallel, start using a more secure option, in a testing/learning manner. Once you are comfortable with that, then move to that option. This is also a security vs availability, individual decision to be made by each person. Though it is important to at least know the pros/cons/etc of the option you are using. In any aspect of your personal security. I left a WHOLE lot out of this reply. It was just some basic thoughts I wanted to share. Again, great post and thanks for sharing that with the community.

Mentions:#ECC#OP
r/BitcoinSee Comment

Chapters one, two and three from "Programming Bitcoin" by Jimmy Song explains ECC in terms that don’t require all that much more prior mathematical knowledge than, say, algebra. He also open-sourced the [book](https://github.com/jimmysong/programmingbitcoin).

Mentions:#ECC
r/CryptoCurrencySee Comment

That though doesn't have to mean a lot. Or as Satoshi said: "When you generate a new bitcoin address, it only takes disk space on your own computer (like 500 bytes).  It's like generating a new PGP private key, but less CPU intensive because it's ECC.  The address space is effectively unlimited.  It doesn't hurt anyone, so generate all you want."

Mentions:#CPU#ECC
r/BitcoinSee Comment

If ECC was broken it would not allow double spends (which is what I think you mean by "duplicate transactions"). It would allow the attacker to spend coins of other people (in some specific circumstances). Anyway, should that threat had any non-trivial chance of happening any time soon, migration from ECC to post-quantum algorithms could happen quite quickly. The only major problem would be with lost coins, whose owners are dead, or can't access the coins, thus those could not migrate. But even for that scenario there are some possible mitigations that have been invented years ago as this topic is well studied for a long time.

Mentions:#ECC
r/BitcoinSee Comment

Uh, ya. It poses an EXTREME problem for all ECC Cryptography. From the entire web to your bitcoin wallet. The difference is, it's relatively easy to change a whole internet cryptography standard than it is to change Bitcoin. That's besides the fact that any such change will see the loss of millions of coins that may or may not be "dead" which would call into question the permanence of peoples holdings. Take a hedge in Quantum Resistant Ledger. Sleep easy.

Mentions:#ECC
r/BitcoinSee Comment

Quantum-resistant encryption algorithms are cryptographic algorithms designed to be resistant against attacks by quantum computers. These algorithms are developed to secure data against potential threats from quantum computing advancements that could easily break traditional cryptographic systems, such as RSA and Elliptic Curve Cryptography (ECC). * Lattice-based Cryptography * Code-based Cryptography * Multivariate Cryptography * Hash-based Cryptography * Supersingular Isogeny-based Cryptography

Mentions:#ECC
r/CryptoCurrencySee Comment

This 1. "As a thought experiment, imagine there was a base metal as scarce as gold but with the following properties: - boring grey in colour - not a good conductor of electricity - not particularly strong, but not ductile or easily malleable either - not useful for any practical or ornamental purpose and one special, magical property: - can be transported over a communications channel If it somehow acquired any value at all for whatever reason, then anyone wanting to transfer wealth over a long distance could buy some, transmit it, and have the recipient sell it. Maybe it could get an initial value circularly as you've suggested, by people foreseeing its potential usefulness for exchange. (I would definitely want some) Maybe collectors, any random reason could spark it." And this 1. "Long before the network gets anywhere near as large as that, it would be safe for users to use Simplified Payment Verification (section 8) to check for double spending, which only requires having the chain of block headers, or about 12KB per day. Only people trying to create new coins would need to run network nodes. At first, most users would run network nodes, but as the network grows beyond a certain point, it would be left more and more to specialists with server farms of specialized hardware. A server farm would only need to have one node on the network and the rest of the LAN connects with that one node. The bandwidth might not be as prohibitive as you think. A typical transaction would be about 400 bytes (ECC is nicely compact). Each transaction has to be broadcast twice, so lets say 1KB per transaction. Visa processed 37 billion transactions in FY2008, or an average of 100 million transactions per day. That many transactions would take 100GB of bandwidth, or the size of 12 DVD or 2 HD quality movies, or about $18 worth of bandwidth at current prices. If the network were to get that big, it would take several years, and by then, sending 2 HD movies over the Internet would probably not seem like a big deal."

Mentions:#ECC
r/BitcoinSee Comment

>high qubit quantum computer (which doesn't exist and no one is sure if will ever exist) ECC breaking QC is sci-fi for now.

Mentions:#ECC
r/BitcoinSee Comment

Exchanges won't help if the underlying asset is broken. But let's focus on Bitcoin for a second. Firstly, power (afaik) isn't the factor holding back quantum computers. Secondly, no quantum computer can break hashing which is what most of Bitcoin's security relies upon. Hashing is a lossy process, and also not all Cryptography is broken because of quantum. Quantum computing can theoretically break ECC which is what the secp256k1 algorithm used for bitcoin key pairs. Fortunately, public keys are not typically revealed on the blockchain until an address has been spent from, and a best practice we've all been following is "no address re-use". Therefore the effectiveness of breaking it is very limited. Of course, even if quantum can break ECC, it may not be able to break secp256k1 specifically or may take time to do so. At the same time, to think that there are not quantum resistant algorithms that can be used in its place if necessary is misguided. We just don't want to change anything that isn't likely to be broken any time soon. To be clear, quantum resistant algorithms don't need to be run on a quantum computer, despite what many think: as you said yourself. So all in all, what you are spreading here is just fud and worse still your advice is awful either way.

Mentions:#ECC
r/BitcoinSee Comment

SHA256 is not encryption, it's a hashing algorithm. And no, even a strong quantum computer would not be able to find preimage of SHA256 hash. A strong quantum computer might be able to break ECC used in Bitcoin, and there finally you are right on something - to find a private key from a public key. So it seems like you have just heard couple of terms and you're not sure what they are and then it leads you to make such claims that make no sense and are obviously wrong. Bitcoin protocol does not use encryption (some communication encryption has been suggested as BIP but not implemented widely at the moment). What you probably meant to ask is whether it is possible to replace underlying cryptographic elements used in Bitcoin (not for encryption, but for signing and verifying) with quantum-resistant cryptographic elements. And the answer is yes, but it's not completely straightforward, has its problems and it is definitely not a problem to be solved today as strong quantum computers are too far from available. If such a transition occurred, however, it would not affect past transactions as it would be done, as always, from some point on (think block number or time) and would not apply to what happened before. This is standard way of upgrading and in fact Bitcoin implemented a similar kind of new cryptographic primitives recently with Taproot. Taproot introduced Schnorr signatures which were not present before. And nothing happened to pre-Taproot transactions.

Mentions:#SHA#ECC#BIP
r/BitcoinSee Comment

Also, in vector based crypto such as ECC the selection of the key vectors is also random, so again vulnerable .

Mentions:#ECC