Den 1 feb 2015 00:05 skrev "Brian Erdelyi" <brian.erdelyi@gmail.com>:
>>
>> See vanitygen. Yes, 8 characters can be brute forced.
>
> Thank you for this reference.  Interesting to see that there is a tool to generate a vanity bitcoin address.
>
> I am still researching viruses that are designed to manipulate a bitcoin address.  I suspect they are primitive in that they use a hardcoded rogue bitcoin address as opposed to dynamically generating one.
>
> As a start, this would help protect against malware that uses a static rogue bitcoin address.  The next thing would be for the malware to brute-force the legitimate bitcoin address and generate a rogue bitcoin address that would produce the same 8 digit code.  Curious to know how long this brute force would take?  Or perhaps, before converting to 8 digits there is some other hashing function that is performed.
>
> Brian Erdelyi

To bruteforce 8 decimals, on average you need (10^8)/2 = 50 000 000 tries. log(50M)/log(2) = 25.6 bits of entropy.

One try = generate a random number, use it to generate an ECDSA keypair, SHA256 and RIPEMD160 hash the public key per Bitcoin specs, then run that OCRA hashing code, then compare strings. Considering the ECDSA operations is by a large margin slower than all the hash functions, consider them to just add a small percentage in performance drop vs regular vanitygen usage.

My non-gaming laptop performed IIRC at *a few million keys per second* with OpenCL. I've used it to search for 6 character strings in the base58 Bitcoin addresses with it in 15 minutes to half an hour or so. That's about 35 bits of entropy (rough estimate, there's some details with padding in the base58 representation that alters it).

So 2^(35-26) ~= 1 in 500 of that time, and that's if you use a laptop instead of a GPU rig. Seconds at worst. Milliseconds if done on a rig.