A public key is a 256 bit X-value and a 256 bit Y-value, but the Y-value can be calculated from the X-value.
A bitcoin address is 160 bits.
A bitcoin address is 160 bits.
I keep hearing that an unspent address has more security. So if the pubkey adds 256bit, and a bitcoin address is by default 160 bit, then an unspent bitcoin address is 416 bit?
No.
Why do people say that a private key has only 128 bit because ECDSA provides only 128, see the quotes below
Bitcoin the protocol does not use key stretching.
Bitcoin-core "the client" uses key stretching to harden to the WALLET DECRYPTION PASSPHRASE against brute force attack. Nothing more. Electrum doesn't copy that code from bitcoin-core wallet so it isn't key stretching "again".
Private keys only have 128 bit key strength. Not 160 bit and not 256 bit.
It's kinda hard to tell who is right and wrong, so please enlighten me
I get it... However, bitcoin already has key stretching.
Bitcoin the protocol does not use key stretching.
Bitcoin-core "the client" uses key stretching to harden to the WALLET DECRYPTION PASSPHRASE against brute force attack. Nothing more. Electrum doesn't copy that code from bitcoin-core wallet so it isn't key stretching "again".
Quote
edit: actually i dont think it would increase the entropy, just add more stretching, since the seed has less entropy than a 160 bit "normal" priv key
Private keys only have 128 bit key strength. Not 160 bit and not 256 bit.
256 bit ECDSA keys have 128 bits of key strength. It requires 2^128 operations to brute force the privKey from the PubKey. This assumes the PubKey is known. If it isn't the an attacker would need to attempt a hash collision against the PubKeyHash, looking for any privKey which produces the same PubKeyHash. That would require on average 2^160 operations. Yes the PubKeyHash is oversized. Bitcoin would have similar security (when PubKey is known) is the PubKeyHash was only 128 bits (i.e. RIPEMD-128 or XOR the left and right 128 bit sequence of SHA-256).
As for key stretching reducing entropy is depends on how it is implemented. I haven't looked at Electrum source code but PBKDF2 was created to remove the entropy loss associated with PBKDF1.
As for key stretching reducing entropy is depends on how it is implemented. I haven't looked at Electrum source code but PBKDF2 was created to remove the entropy loss associated with PBKDF1.
It's kinda hard to tell who is right and wrong, so please enlighten me
There are different kinds of bits. One kind is the number of 1's and 0's. As Dany said a ECDSA private key as used in bitcoin has 256 different of these.
Another kind is a measurement for the amount of information a message contains (this message may or may not be encoded in bits). This measurement is called entropy and is given in bits as well.
There is also the kind of bits used by DeathAndTaxes which is a comparisson between algorithms. What it means is that ECDSA is as strong as a 128bit symmetric encryption scheme. Another common example is RSA, where a 1024 bit key is as strong as ~70 bits. This number can decrease over time as better ways are found to calculate the private key from the public key.