I think you are looking for security not entropy.
The two is the same, because i was not asking for keysizes which can be arbitrary if the underlying function only provides so much.
The values might be the same, but they are not the same thing.
For example creating a 4096 bit private key is useless (and probably invalid) if the ECDSA gives only 128 bit. So therefore the entropy is what matters not the keysize.
Well you cant use a 4096 bit private key with ECDSA as used by bitcoin and 4096 bit RSA keys are not useless even though they only provide a security level of 128 bit[1].
Scenario #1: You have spend coins received on the address in the past and thus the public key is stored in the blockchain. In this case the attacker would need 2128 elemantary operations to find the correct private key. Aka a security level of 128 bit. This ignores randomness and chance, e.g. the birthday paradox.
Scenario #2: You have never spend coins received on the address, ever. You also have not otherwise published your private key (e.g. due to a payment to pubkey instead of to an address). In this case the attacker has to break the RIPEMD160 hash in order to get to the SHA256 of the public key. Since there are no known attacks to improve from simple brute force its security is 160 bit. Once RIPEMD160 is done, an attacker would need to break SHA256 (256 bit security, unless used with reduced number of rounds) in order to get to the public key and from there try to find the private key. This however makes no sense as its way faster to just try private keys until you found one that results in the same address. As there are only 2160 different (version 1) addresses due to the 160 bits of RIPEMD160 there are 296 different private keys for each address. As such you have a total security level of 160 bits.
Yes I've heard this variant before. We need some more expert's confirmations on this.
Also are you sure the operations are elementary, there is a lot of hashing going on, It looks like this, and there are many operations going on, not just elementary, so I think there is more security here:
-pic here-
True calculating a bitcoin address from a private key is not an elemantary operation. It would make an attack even slower for an unused address. I dont think it matters much though. 2
160 or 2
128 are both very large search spaces.
[1] might not be the exact correct value, cant find a table atm.