The Bluffers Guide to secp256k1 … When Satoshi Said Goodbye To PKI
If it wasn’t for Satoshi Nakamoto, you probably would never have heard of the secp256k1 Elliptic Curve Cryptography (ECC) method. But, Satoshi used it to take a private key and then produce a public identifier.
At the core of the adoption of Bitcoin is the usage of the ECDSA (Elliptic Curve Digital Signature Algorithm), and where it was possible to verify a transaction from the public Bitcoin identifier. The standard for secp256k1 is published [here]:
This is a Weierstrass form of elliptic curve, and uses:
y²=x³+7 (mod p)
It has a base point of g=(0x79be667ef9dcb … 959f2815b16f81798, 0x483ada77 … 8ffb10d4b8) and a prime number of ²²⁵⁶−²³²−²⁹−²⁸−²⁷−²⁶−²⁴−1. The order of the curve is n=0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141.
Overall we have a private key of a and then produce a public key of aG. We do this though point addition. For secp256k1, we have a 256-bit private key value, and a 512-bit public key value (and which is a point on the elliptic curve).