He says that because Bitcoin has been around so long now, it should be possible to crowd source a private key for almost any specific public address as he reckons there will now be databases out there with trillions upon trillions of matched key pairs.
Just show him this video: How secure is 256 bit security?However, this isn't the real security of a bitcoin address. A bitcoin address is an encoding of a 160-bit number, which is calculated by hashing a 256-bit one. Therefore, a collision would only require about 2159 searches. But, to be even more pedantic, you don't have to find a RIPEMD-160 collision to steal bitcoins you don't own. The early bitcoin blocks have been paid in public key, meaning that if can you can solve the discrete logarithm problem, you could find those public keys' private keys.
Given that the known algorithms that can solve ECDLP (BSGS, Pollard's rho etc.) require O(sqrt(n)) steps where n the order of G in secp256k1 (n~=2^256), the security of a public key is 128 bits.
So, instead, give him this public key:
Code:
024b83426cf9bff257261d87f2f2858b51b2eea756c0123c7e05bc0a007425c9f2
Whose owner possesses 126,116.53901432 BTC at the time of writing this:
Code:
1P5ZEDWTKTFGxQjZphgWPQUpe554WKDfHQ
It's 2^128 times easier.
