# Gavin Andresen
# 2011-04-25 23:04:45
# https://bitcointalk.org/index.php?topic=6503.msg95387#msg95387

To steal your bitcoins by breaking crypto (as opposed to getting your private key), somebody would have to: @p{par}

1. Break RIPEMD160.  Because your bitcoin address is a RIPEMD160 hash...  AND @p{brk}
2. Break SHA256.  Because your bitcoin address is a RIPEMD160 hash of the SHA256 hash... AND @p{brk}
3. Break the ECDSA elliptic curve @p{(so}encryption@p{so)} signature algorithm, to figure out the private key that corresponds to the public key that they got from breaking (1) and (2). @p{par}

That's assuming that you don't re-use bitcoin receiving addresses (your public key is revealed the first time you spend coins that were sent to that address).  If you do re-use the same receiving address, then they just need (3). @p{par}

I don't spend any time worrying about whether or not the NSA (or anybody else) can break ECDSA. @p{brk}