Elliptic Curve Cryptography

A look into the cryptography that protects your cryptocurrencies

This article will look into Elliptic Curve cryptography and the math behind it to generate the private keys which keep our bitcoins safe.

Private Keys

First I want to talk about private keys. A large number of people have no idea what a private key is, they may know what it does but they don’t know what it represents. I think a large part of this is to do with the format it is often presented in. Most private keys are presented like this,

0xA0DC65FFCA799873CBEA0AC274015B9526505DAAAED385155425F7337704883E

This is hexadecimal and often leads people to think that private keys are written in some foreign language that they cannot comprehend. In actuality, the text above simply represents a decimal number that you and I encounter every day. In this case, the hexadecimal above represents,

72759466100064397073952777052424474334519735946222029294952053344302920927294

As you can see this is quite a big number and it’s the size of this number that protects cryptocurrencies from brute force attacks. Now would be a good time to take a look at this article on base systems to understand how hexadecimal, binary and decimal all relate to each other.

The range of possible numbers a private key is dictated by the private key size. The size refers to the number of bits in the private key. In bitcoin, the secp256k1 standard is used, note the 256 refers to the size of the private key in this case 256 bits. The corresponding 256 bit key to the number above is shown below,

1010000011011100011001011111111111001010011110011001100001110011110010111110101000001010110000100111010000000001010110111001010100100110010100000101110110101010101011101101001110000101000101010101010000100101111101110011001101110111000001001000100000111110

This is ultimately what the private key is. 256 1’s and 0’s that enable it to be interpreted by a computer. For us, it simply represents a number, a very large number that is virtually impossible to guess. To put how in context how many possible private keys there are out there have a read of this quote,

Create a new Earth for every grain of sand on Earth, and there are 26 billion unique Bitcoin addresses for each grain of sand on each of those Earths.

What's cool is that now that you understand what a private key actually is you can generate one yourself offline with a coin. Heads equals 1, tails equals 0 grab a piece of paper and flip the coin 256 times. Note down the numbers and there you have it, your own private key.

Note while this is cool it’s still best to use a private key generator online if you get a 0 on your first coin toss you lose half of the potential numbers available to you get another and suddenly you’ve lost half of that half. Since the vast size of the domain space is what protects your private key from brute force attacks this is something to keep in mind

Note the valid key range is from 1 to 115792089237316195423570985008687907852837564279074904382605163141518161494336 which is governed by the secp256k1 ECDSA standard.

Elliptic Curve

The elliptic curve provides an equivalent level of security with a smaller key size which reduces the computation miners have to complete to verify them. ECC 256 bit equal to RSA 3072 bit

symmetric about the x-axis, draw straight line through curve will intersect the curve at no more than 3 points

Starting from a generator point you draw a tangential line and note where it intersects the curve. From this point, you mirror it on the x-axis to get a new point. You then draw a line from the generator point to the new point, this will intersect the curve at one other point, you then mirror that point on the x-axis and again draw a line from the generator point to the new point you do this N times where N is your private key. The resultant point after completing this process N times is your public key in the form (x, y). In reality, you only need to know the x value as you can determine the y value from the curve, this is known as a compressed public key and is prepended with a 02 or 03 depending on the polarity of the y corrdinate (+/-). The curve has a domain space based on its key size if a point falls outside of the domain the delta between the max and the point is used as the new value.

y² = x³ + ax + b

asymmetric vs symmetric Diffie-helmen is an ephemeral shared secret rather than a RSA private key which tends to last much longer this means that if someone has our history of encrypted messages and somehow discovers the RSA private key they have access to the entire history whereas with an ephemeral Diffie-helman key if they discover what that shared secret is they will only be able to decrypt information in that session.

Thanks to James Deangelo