A Bluffer’s Guide to secp256k1

It is wasn’t for Satoshi Nakamoto, you probably would never have heard of the secp256k1 Elliptic Curve Cryptography (ECC) method. But…

A Bluffer’s Guide to secp256k1

If it wasn’t for Satoshi Nakamoto, you probably would never have heard of the secp256k1 Elliptic Curve Cryptography (ECC) method. And so, Satoshi used it to take a private key and then produce a public key.

At the core of the adoption of Bitcoin is the usage of the ECDSA (Elliptic Curve Digital Signature Algorithm), and where it was possible to verify a transaction from the public Bitcoin identifier. A key advantage of this is that it did not use PKI (Public Key Infrastructure) and where users did not have to distribute their public key, but where the public key is exposed with trusted transactions.

The standard for secp256k1 was published in 2010 [here]:

It uses the Weierstrass form of an elliptic curve:

y²=+7 (mod p)

and has a base point of g=(0x79be667ef9dcb … 959f2815b16f81798, 0x483ada77 … 8ffb10d4b8) and a prime number of 2²⁵⁶−2³²−2⁹−2⁸−2⁷−2⁶−2⁴−1. The order of the curve is n=0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141. Overall, the order of the curve relates to the number of possible points for the elliptic curve. Operations on secp256k1 often involve a (mod n) operation, and where n is the order of the curve.

Overall. we have a private key of a and then produce a public key of a.G. We do this though point addition (G+G … +G) and point doubling (2.G). For secp256k1, we have a 256-bit private key value (32 bytes), and a 512-bit public key value (and which is a point on the elliptic curve). Although, we can compress the public key into an x-coordinate value and a sign value. This reduces the public key to 33 bytes.

The main applications of secp256k1 are in digital signing (ECDSA) and key exchange (ECDH)

Points on secp256k1

  • Elliptic Curve points for common curves in an x-range. Elliptic Curve points. This example uses Curve 25519, secp256k1, P256 and P512 to show the range of points for a given x-coordinate range.
  • First 20 Elliptic Curve points in Finite Field for common curves. Elliptic Curve points. Locating the first 20 points in an elliptic curve in a finite field for curves including Curve25519 (Tor), secp256k1 (Bitcoin) and NIST P-256.

Montgomery Ladder with secp256k1

  • Montgomery Ladder in calculating kG in a fixed time.. Ladder. Calculates kG for secp256k1.

Charting

  • Draw =x³+7(mod p) [here].

Point multiplication

  • Real ECC curves for (1G, 2G and nG). Elliptic Curve real. Curve 25519, secp256k, and so on.
  • Inverse of private key for secp256k1 with Python. Inverse of private key secp256k1. In this example Alice sends aG and Bob sends back abG. Alice then calculates a−1(mod n) and can then determine a^{−1}abG=bG. The secp256k1 curve is in the Weierstrass curve form (=x³+ax+b).

Key generation

  • Elliptic Curve (OpenSSL Key Generator). Elliptic Curve (Keys). Elliptic Curv is a public key method. This page outline the generation of ECC key, including secp128r1.
  • Elliptic Curve (Keys). Elliptic Curve (Keys). Elliptic Curv is a public key method. This page outline the generation of ECC keys in Bitcoin.
  • Elliptic Curve (Key pair). Elliptic Curve (Key pair). Elliptic Curv is a public key method. This page generates various ECC key sizes.
  • 02, 03 or 04? So What Are Compressed and Uncompressed Public Keys?. Compressed and Uncompressed Public Keys. Compressing and uncompressing the public key in secp256k1.

ECDH with secp256k1

  • Elliptic Curve Diffie-Hellman (ECDH) with secp256k1. ECDH. Elliptic Curve Diffie Hellman is used to create a shared key.
  • Elliptic Curve Diffie-Hellman (ECDH) with different curves. ECDH. Elliptic Curve Diffie Hellman is used to create a shared key using different curves, including secp256k1, p192 and p224.
  • secp256k1 ECDH with Python. secp256k1 ECDH. Elliptic Curve Diffie Hellman using secp256k1 with Python. The secp256k1 curve is in the Weierstrass curve form (y²=x³+ax+b).
  • Authenticated secp256k1 ECDH with Python. Authenticated secp256k1 ECDH. Elliptic Curve Diffie Hellman using secp256k1 with Python, and where we use a long-term key for Bob and Alice to create a shared session key. The secp256k1 curve is in the Weierstrass curve form (y²=x³+ax+b).

ECDSA

  • Elliptic Curve Digital Signature Algorithm (ECDSA). ECDSA. Elliptic Curve Digital Signature Algorithm (ECDSA) is used to sign data.
  • Elliptic Curve Digital Signature Algorithm (ECDSA) with core operations. ECDSA. Elliptic Curve Digital Signature Algorithm (ECDSA) is used to sign data with core operations.
  • Crack ECDSA from leak of nonce (SECP256k1). ECDSA with nonce. This outlines ECDSA how the private key can be recovered with a leak of the nonce value for SECP256k1.