Video: How Secure is 256 Bit Security?

Grant Sanderson • 3Blue1Brown • Boclips

How Secure is 256 Bit Security?

04:17

Video Transcript

In the main video on cryptocurrencies, I made two references to situations where, in order to break a given piece of security, you would have to guess a specific string of 256 bits. One of these was in the context of digital signatures and the other in the context of a cryptographic hash function.

For example, if you wanna find a message whose SHA-256 hash is some specific string of 256 bits, you have no better method than to just guess and check random messages. And this would require, on average, two to the 256 guesses. Now this is a number so far removed from anything that we ever deal with that it can be hard to appreciate its size. But let’s give it a try. Two to the 256 is the same as two to the 32 multiplied by itself eight times. Now what’s nice about that split is that two to the 32 is four billion, which is at least a number we can think about, right? It’s the kinda thing you might see in a headline.

So what we need to do is appreciate what multiplying four billion times itself eight successive times really feels like. As many of you know, the GPU on your computer can let you run a whole bunch of computations in parallel incredibly quickly. So if you were to specially program a GPU to run a cryptographic hash function over and over, a really good one might be able to do a little less than a billion hashes per second. And let’s say that you just take a bunch of those and cram your computer full of extra GPUs so that your computer can run four billion hashes per second.

So the first four billion here is gonna represent the number of hashes per second per computer. Now, picture four billion of these GPU-packed computers. For comparison, even though Google does not at all make their number of servers public, estimates have it somewhere in the single-digit millions. In reality, most of those servers are gonna be much less powerful than our imagined GPU-packed machine. But let’s say that Google replaced all of its millions of servers with a machine like this. Then four billion machines would mean about a thousand copies of this souped-up Google. Let’s call that one kiloGoogle worth of computing power.

There’s about 7.3 billion people on Earth. So next, imagine giving a little over half of every individual on Earth their own personal kiloGoogle. Now, imagine four billion copies of this Earth. For comparison, the Milky Way has somewhere between 100 and 400 billion stars. We don’t really know, but the estimates tend to be in that range. So this would be akin to a full one percent of every star in the galaxy, having a copy of Earth where half the people on that Earth have their own personal kiloGoogle.

Next, try to imagine four billion copies of the Milky Way. And we’re gonna call this your gigagalactic supercomputer, running about two to the 160 guesses every second. Now four billion seconds? That’s about 126.8 years. Four billion of those? Well, that’s 507 billion years, which is about 37 times the age of the universe. So even if you were to have your GPU-packed kiloGoogle per person multiplanetary gigagalactic computer guessing numbers for 37 times the age of the universe, it would still only have a one in four billion chance of finding the correct guess.

By the way, the state of bitcoin hashing these days is that all of the miners put together guess and check at a rate of about five billion billion hashes per second. That corresponds to one-third of what I just described as a kiloGoogle. This is not because there are actually billions of GPU-packed machines out there. But because miners actually use something that’s about a thousand times better than a GPU, Application Specific Integrated Circuits. These are pieces of hardware specifically designed for bitcoin mining, for running a bunch of SHA-256 hashes and nothing else. Turns out, there’s a lot of efficiency gains to be had when you throw out the need for general computation and design your integrated circuits for one and only one task.

Nagwa uses cookies to ensure you get the best experience on our website. Learn more about our Privacy Policy.