HomeОбразованиеRelated VideosMore From: 3Blue1Brown

How secure is 256 bit security?

25903 ratings | 767475 views
Supplement to the cryptocurrency video: How hard is it to find a 256-bit hash just by guessing and checking? What kind of computer would that take? Cryptocurrency video: https://youtu.be/bBC-nXj3Ng4 Thread for Q&A questions: http://3b1b.co/questions Several people have commented about how 2^256 would be the maximum number of attempts, not the average. This depends on the thing being attempted. If it's guessing a private key, you are correct, but for something like guessing which input to a hash function gives a desired output (as in bitcoin mining, for example), which is the kind of thing I had in mind here, 2^256 would indeed be the average number of attempts needed, at least for a true cryptographic hash function. Think of rolling a die until you get a 6, how many rolls do you need to make, on average? Music by Vince Rubinetti: https://vincerubinetti.bandcamp.com/album/the-music-of-3blue1brown ------------------ 3blue1brown is a channel about animating math, in all senses of the word animate. And you know the drill with YouTube, if you want to stay posted on new videos, subscribe, and click the bell to receive notifications (if you're into that). If you are new to this channel and want to see more, a good place to start is this playlist: http://3b1b.co/recommended Various social media stuffs: Website: https://www.3blue1brown.com Twitter: https://twitter.com/3Blue1Brown Patreon: https://patreon.com/3blue1brown Facebook: https://www.facebook.com/3blue1brown Reddit: https://www.reddit.com/r/3Blue1Brown
Html code for embedding videos on your blog
Text Comments (1206)
So using WinRar to encrypt my "family friendly G-rated movies" is pretty safe, eh? XD
loui rey (4 days ago)
The question is what if the computer guessed the code at the first try XD
Sraj U (5 days ago)
Number of tries for the 2 contexts are not the same 1) Verify the message using random signatures and known public key so that we can generate a valid signature without knowing the private key. Verify (Message, "256 bit signature", pk) In the worst case this would take 2 to the power of 256 tries, so the explanation is fine for the first context. 2) Find the message whose sha256 is a known hash value (known 256 bits) Find "Message" such that sha256("Message") = known 256 bits. Brute force number of tries required for solving this is not 2 to the power of 256. We dont even know the number of characters in the "Message" to begin with. On 0:36 it is mentioned as 2 to the power of 256 tries. Can you take a look or explain?
Jonathanus Sträterus (6 days ago)
so niiiiice
Kevin Andersson (7 days ago)
wow, you've gained >8*10^5 subscribers in about a year. goes to show you're creating good content, no doubt about that.
Siranat usawasutsakorn (12 days ago)
Quantum computer will break this thing. Good luck.
0x1A3C3E7 (12 days ago)
Now the sub button says you have >2^20.069073 subs.
Himanshu Pal (12 days ago)
Thanks for describing how #DIGICERT came to that Conclusion
Tyson Holyfield (13 days ago)
Quantum computing will crack this easy
Akshay Soni (14 days ago)
Mind boggling
Alvi Hysa (15 days ago)
oor just guess on your first try
SplendorMan (21 days ago)
damn, this might be the best video I have ever seen about cryptos
Wudy Ng (22 days ago)
Amazing!It would be very helpful if you make more video on bitcoin. Thank you!
Claudiu B. (22 days ago)
I have one question. What is the "million dollar question" will be solved? More exactly, prime numbers formula problem. How much time it'd take then? Thanks
The jupiter (29 days ago)
My rusty old padlock 🔒 does me good for security.
Whalesters (1 month ago)
My teacher told my class that bitcoin has nothing behind its value like money with gold, and that because we invest in bitcoin our economy will collapse. -_-
Mark Johnston (1 month ago)
So you are saying it's possible.
Christina Kirschner (1 month ago)
"The Enigma machines were a series of electro-mechanical rotor cipher machines developed ..... to be around 3 x 10114 (approximately 380 bits); with known wiring and other operational constraints, this is reduced to around 1023 (76 bits)." from Wikipedia . Yet it was cracked. While I am not saying 256 bit encryption is insecure, I am saying it is much less secure than presented in this video, which practically says it is impossible to break.
Time Is Crypto (1 month ago)
Soo your sayin theres a chance!!?
Bossin Shid (1 month ago)
But can all these computers combined able to run crysis?
donotlike 4 anonymus (1 month ago)
and it's just brute force... with spcific algoritems it's way faster... (defending on the encryption...)
Justin C (1 month ago)
what if every monetary transaction in the world is creating the hashes?
shivakumar doddamani (1 month ago)
FYI, if you don't understand 1billion then, 33 years of human life on Earth has 1billion seconds...
Neal Pandit (1 month ago)
I can possibly break this AES-256 Bit.
orp0piru (1 month ago)
2^{256}=(10^{lg2})^{256} \approx (10^{0.301029996})^{256}=10^{77.06367889}=10^{77} \cdot 10^{0.06367889} \approx 1.15792 \cdot 10^{77} https://latex.codecogs.com/eqneditor/editor.php
Tttt Tt (1 month ago)
But can the quantum computer find the answer?
The Outback Tinker (1 month ago)
but can it run crysis?
uninstalldotexe (1 month ago)
Almost 2^20 subscribers now
Дон Поролон (1 month ago)
Название ролика по-русски, а сущность повествования по-аглицки. Что за херня?
Thomas Winckelman (1 month ago)
Would you please be able to do one or more videos on economics??? So much great content is available online for physics, engineering, etc, but econ seems to be missing. Everyone says that there is a lot of advanced math in economics (game theory, combinatoric optimization, using differential equations to model economic growth, etc), but I've yet to really see it in a context that I felt like I could understand. Could you please give us some applications of fairly advanced math in economics? PS. I'm an undergraduate student. I'm also wondering what math courses would best prepare me for grad school in economics. Will you please make a video on these subjects? Thank you btw for all your wonderful videos. Your linear algebra series has really been helpful for me.
Kyle Higgins (1 month ago)
i think if you just said a number i would be able to comprehend it better like what -illion it is
Bernardo Riper (2 months ago)
I dunno about 256bit security, but the 256TB encryption system is pretty useful
TypicalHog (2 months ago)
My encryption program can do 256^256, thats 2048 bits. Overkill in every way, shape or form.
Prateek (2 months ago)
But what if Iam lucky and get the correct no. in the first try🤔
Just Underage (2 months ago)
That's why my electricity bill skyrocketed when I started mining BTC 😒
H Al (2 months ago)
Hi, I would like to know how to contact you for further  educational materials.
Leandro Iamele (2 months ago)
Awesome video!
spacejunkjim (2 months ago)
I must say, you have a brilliant way of explaining things!
Aaron Hollander (2 months ago)
So you're telling me there's a chance
pstrzel (2 months ago)
Eye-opening, but it still reminds me of the time when people thought that future computers as powerful as the ones we have today would need to be the size of the earth. That, of course, was before the invention of the microchip. What future invention will turn 256-bit security into something as laughable as a bolt lock?
louisphilippe1100 (2 months ago)
Assuming the only way to break the cipher is by brute force and there are no known weakness that would weaken the key, it is impossible to brute force a 256 bit key. But it's not the case and often, brute force can be accelerated with known weakness in ciphers. Also, people are sometimes just plain stupid and use common words like someones name and it's much more efficient to crack the key from a dictionary.
Doc Mephphisto (2 months ago)
What if I proof P=NP?
lee Roberts (3 months ago)
I feel like your videos would be very informative and entertaining and I would love to listen to them however you when you talk your whispering and it feels creepy
Farmer'sTanBrand (3 months ago)
Networking galaxies....hmm.
oran solomon (3 months ago)
and still ppl get hacked.
J C M W (3 months ago)
But my 1 GPU could "technically" crack SHA-256 within the first 30 seconds of trying right? I mean this could happen.
Gabbe (3 months ago)
Turns out it is pretty secure! Until quantum computers came along...
Soapy (3 months ago)
For comparison, the chance of one hash being correct is 0.0000000000000000000000000000000000000000000000000000000000000000000000000000863%
G1K777 (3 months ago)
But is is secure ?
Ruben Hogendoorn (3 months ago)
Doesnt 2^256 different combinations mean that on avarage you would need half that ammount of guesses ;) Lets simplify it, if you have 10 possibilitues is also wouldn't take 10 guesses on avarage.
Wrog (3 months ago)
just hit 700,000 views!
Magnus Juul (3 months ago)
huh. you're not far from 2^20 subscribers now :P
Nku (3 months ago)
My dick photo is safe
Mateja Petrović (3 months ago)
God, I love this channel
QuBit Gaming (3 months ago)
Quantom Computer nibbas be like
vector tito (3 months ago)
حلو فشخ
Tom Jerry (3 months ago)
Hello, I'm quantum computer.
Codingmaster (3 months ago)
But there is a tech called quantum computing .
AzJezz (3 months ago)
tip: don't use sha256,sha512 ... for password hashing, these algorithms were meant to be fast, password hashing should never be done fast, use Bcrpyt, Blowfish or Argon2i. for php users, check out the php password api : https://secure.php.net/manual/en/ref.password.php
Wasaled (3 months ago)
Alot of miners don't use ASIC miners though, because they don't have alot of re-sale value.
Real WeiFi (3 months ago)
what if we every pc had sli gtx 1180 ti's (when they come out) how sucure is that?
TuSei Micio (3 months ago)
let's be honest, AES 256 bit is not secure, that is why ransomwares use AES and RSA and in the future they will use RSA and ECC or something
Rik Schaaf (3 months ago)
You're pretty close to 2^20 subs now. Not bad
Ado Haz (3 months ago)
Brain crashed😂
uday kiran (3 months ago)
Just loved it 😘😘
Tushar Maurya (3 months ago)
is it secure enough for quantum computers?
Jowat (3 months ago)
mc mundn (3 months ago)
or you just get lucky on your first shot...
James Rowe (3 months ago)
Meh, this video makes the exact same mistake people in the 90's made with computers. "20MBs is all anyone will ever need." Hint, technology and processing power do NOT stay still. He also doesn't mention quantum computers AT ALL.
yokmp1 (3 months ago)
Quantum Computing will break the current encryption but at the same time they establish a better and more advanced system. So it's more like a trade. The main reason (for me) mto say our current encryption is unsecure is that you have a chance to guess right. Even if its incredibly low, it's still there. So it is possible to guess even a SHA 512 at first try ...
John Doe (3 months ago)
So you're saying there's a chance...
Salim Alloun (3 months ago)
Your work is wonderful, thank you !
patrick zhang (3 months ago)
When it running square root of 2^256 hashes it would exceed 50% of chance collision. So at around 2^128 of hashes you would finding two input giving a same output, which might reveal some defective aspect of the hash function.
ACAB\\ Mela BAKAta (3 months ago)
ok i understand it's trash!
Paul Murray (3 months ago)
I enjoy expressing this in terms of the absolute theoretical minimum amount of power it would take to run. To "forget" one bit, a computing device has to dissipate Boltzmann's Constant (about 2^-76) * the absolute temperature joules of energy. At liquid helium temperatures (4 degrees), that's 2*10-74 Joules. To check a single hash, the device would have to forget 256 bits. So to brute-force a 256 bit key, we are looking at 2 ^ (256 + 8 - 74), 2^190 Joules. Oh - divided by 2 to get an average. About 10^57, aka 1000^19. The Sun releases about 3.846×10^26 Watts, so we are talking about 10^31 seconds on average. The universe is about 10^18 seconds old. So if we could harness the *entire* output of the sun to power a computational device running at liquid helium temperatures, we'd expect it to take around 10 trillion times the age of the universe (probably) to crack a single SHA hash. -- damn: it's not Boltman's constant, it's Boltzman's constant times the natural log of 2. But the natural log of 2 is pretty close to 1, so 10 trillion it is.
BlueCrowN (4 months ago)
But in the end the password is "password123" and all the security is thrown out bc of human error
DeadlyGreenSpirit (4 months ago)
Really good representation, cheers!
Tarik Merzkani (4 months ago)
Would this kind of security become irrelevant if Quantum Computers come to exist and become functionally practical?
Matas (4 months ago)
You know, regardless how you try to explain it, if a number is bigger than roughly a million it's becoming *incomprehensive* . So people can try all they want, but for our human-sized brains 1000000 = 2^256 = 10^100 = 10^100^100 = pretty big.
thedarkone123123 (4 months ago)
1+2 is 3, quick mafs
ASimpleSample (4 months ago)
So you're saying there's a chance...
Rayan Behr (4 months ago)
We have those good old antminer s9 with 14tera hash. Lets decode this small 256 bit.
Rayan Behr (4 months ago)
10x titan volta have 1 petaflop.
TNTSquid (4 months ago)
Introducing, quantum computers! (all traditional security screwed up)
Ferdinand S (4 months ago)
2^18 subs? This channel is growing fast
Jens8502 (4 months ago)
Yeah... Or 1s on a quantum computer some 30 years down the road.
mrdandansan (4 months ago)
If there are 2^256 possible outcomes wouldn't it take on average 2^255 guesses to find the right one not 2^256? Twice as fast!!
Sher Khan (4 months ago)
Which software do you use to make these videos?
Anonymous Anonymous (4 months ago)
Fly a drone pass the window when the password is being entered.
vze4p6c2 (4 months ago)
Bitcoin Goes Physical: Swiss Start-Up Launches Pilot Sale Of BTC "Banknotes"
vze4p6c2 (4 months ago)
Bitcoin Goes Physical: Swiss Start-Up Launches Pilot Sale Of BTC "Banknotes"
Everest Network (4 months ago)
Visita nuestra Web : https://noticiasbitcoin.io/
Akira Phoenix (4 months ago)
eddwardo (4 months ago)
I wish you do the walk-through of the SHA256 calculation itself.
Patriot Samurai (4 months ago)
Answer: Its pretty secure
Virtuox3 (4 months ago)
We are not alone;)
Godzilla (4 months ago)
I guessed it, it's 10101010010101010010010101000101011110100010100111010110000010101010110101000100101110100111101000100010010101010110110100101001010101101010010010100101010101110111001000101011010100010010010101010101010010101010100101010010101001010101000100100100101010011010010100010101011010110100101010101010101101110101101010111010101000101111010111010001010100101010101010110010101010101010101010110101101010010110
erikpurne (4 months ago)
Wouldn't it be, on average, 2^255 guesses (i.e., half of the total)?
FireyDeath4 (4 months ago)
I heard that quantum computers are gonna ruin it all.
Reid Arwood (5 months ago)
The estimated number of guesses should be 2^255 rather that 2^256. Doesn't make the number much smaller, but would make it a little more doable
N3Xii (5 months ago)
What about when quantum computers become more of a thing? How would this change this, assuming quantum computers were ever to become a household computer and not just for universities and the like.

Would you like to comment?

Join YouTube for a free account, or sign in if you are already a member.
The miners are interested in finding a nonce which will create a hash with certain characteristics. Lastly, they have to find a random value that they included in the header, which makes the computed hash over that header a value below a particular target. In other words, they do not have to agree to change the protocol. Though there are a few gold diggers attempting to fill their pockets and certain projects that aren`t viable and shouldn`t be encouraged in any way. For users running a complete node, it is a fairly painless procedure to upgrade the software to the newest version. The process of locating a new block to extend the blockchain is known as mining. Proof-of-Work systems utilize cryptographic hashing algorithms to create the action of mining a block a complicated computation. Our software is totally incompatible with altcoins. Changes and modifications to how that it works need to be approved by consensus and every CPU gets a vote. To start with, it`s essential to realize that hardware wallet users control entirely their private keys. Whether you`re bullish or bearish on Bitcoin Gold, you ought not lose your coins as a result of careless mistakes! On the 1 hand, it may result in making a coin that solves all the pending issues. There`s no currency or digital asset named Bitcoin Core. Bitcoin Cash increases the range of transactions that may be processed per block. You could send any quantity of money, any place in the Earth, almost at no cost. You`ve made some great money already on the market, but you want more. For a wealthy individual, BTC`s price premium may be viewed as a plus. For someone without lots of money, BCH`s low price may look like a great deal for Bitcoin. If you have some concerns about the worth of Bitcoin after all forks, you need to be ready for a drop. The distinction is that not all of these suffer the chain split. The primary problem is Bitcoin imposes a hard limit on the magnitude of a block, the location where transaction information becomes stored. The end result is many straightforward wallets, called SPV wallets and very commonly found on your phone, will be quite confused about which chain is Bitcoin. In Bitcoin, the most important reason is known as the network effect.