Determine if a public key point y is negative or positive, odd or even?

bjpark

jr. member

Activity: 32

Merit: 3

Quote from: COBRAS on January 18, 2025, 09:01:10 PM

It is impossible to match the sign of the y-values of all public keys.
However, it is possible to align the signs of the public keys generated by the program I provided.
I am just continuing my research.

Code:

import random
import ecdsa
import binascii

# Define the range
def generate_random_values():
   a = random.randint(2**134, 2**135)
   am = 10**37
   b = a - am

   # Set pma and pmb: both values must have the same sign
   sign = random.choice([1, -1]) # Set as positive or negative
   pma = sign * a
   pmb = sign * b

   return a, b, am, pma, pmb

# Define the order N of the secp256k1 curve
N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141

# Function to generate public key from private key
def generate_public_key(private_key_int):
   # Convert the private key to 32-byte format
   private_key_bytes = abs(private_key_int).to_bytes(32, byteorder="big", signed=True)

   # Generate elliptic curve public key (secp256k1)
   sk = ecdsa.SigningKey.from_string(private_key_bytes, curve=ecdsa.SECP256k1)
   vk = sk.verifying_key

   # Create uncompressed public key format
   public_key_bytes_uncompressed = b"\x04" + vk.to_string()

   # Determine the prefix of the compressed public key based on the sign of the private key
   if private_key_int < 0:
   public_key_bytes_compressed = (
   b"\x03" + vk.to_string()[:32] if vk.to_string()[-1] % 2 == 0 else b"\x02" + vk.to_string()[:32]
   )
   else:
   public_key_bytes_compressed = (
   b"\x02" + vk.to_string()[:32] if vk.to_string()[-1] % 2 == 0 else b"\x03" + vk.to_string()[:32]
   )

   # Convert the public key to a hexadecimal string
   public_key_uncompressed = binascii.hexlify(public_key_bytes_uncompressed).decode()
   public_key_compressed = binascii.hexlify(public_key_bytes_compressed).decode()

   return public_key_uncompressed, public_key_compressed

# Adjust private key representation
def adjust_private_key(private_key_int):
   if private_key_int < 0:
   adjusted_key = N + private_key_int
   return f"0x{adjusted_key:064x}"
   else:
   return str(private_key_int)

# Generate and output results 10 times
all_public_keys = [] # List to store public keys
for i in range(1, 31):
   print(f"\n=== Random Output {i} ===")
   a, b, am, pma, pmb = generate_random_values()
   public_key_a_uncompressed, public_key_a_compressed = generate_public_key(pma)
   public_key_b_uncompressed, public_key_b_compressed = generate_public_key(pmb)

   print("a:", a)
   print("b:", b)
   print("am:", am)
   print("pma (Private Key a):", adjust_private_key(pma))
   print("pmb (Private Key b):", adjust_private_key(pmb))

   print("public_key_a (Compressed Public Key a):", public_key_a_compressed)
   print("public_key_b (Compressed Public Key b):", public_key_b_compressed)

   # Store public keys
   all_public_keys.append((public_key_a_compressed, public_key_b_compressed))

   # Add sign of pma and pmb
   sign_a = "+" if pma > 0 else "-"
   sign_b = "+" if pmb > 0 else "-"

   print("Sign of pma:", sign_a)
   print("Sign of pmb:", sign_b)

# Additional public key output
print("What has been printed above is what you have, and if you provide only what is printed now, I can match positive and negative signs.")
print("\nAdditional public key output:")
for i, (pub_a, pub_b) in enumerate(all_public_keys, start=1):
   print(f"\n=== Random Output {i} ===")
   print("public_key_a (Compressed Public Key a):", pub_a)
   print("public_key_b (Compressed Public Key b):", pub_b)

If my friends give me 30 problems, I can submit the answers for the signs of pma (Sign of pma:) within 30 minutes. You can easily test me.

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

N = 115792089237316195423570985008687907852837564279074904382605163141518161494337

def inv(v): return pow(v, N-2, N)
def divnum(a, b): return ( (a * inv(b) ) % N )

x =0xfffffffffffff# 0x123456789

b = 1

c = (0x123456789 *(-1%N)%N)%N

print("c",hex(c))

Xx =(x + b %N)%N

Xx = (Xx - c %N)%N

# = 0x2345678a

print("x+Xx",hex((x+Xx%N)%N))

res:

c 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8bacf0d9b8
x+Xx 0x20000123456788

N = 115792089237316195423570985008687907852837564279074904382605163141518161494337

def inv(v): return pow(v, N-2, N)
def divnum(a, b): return ( (a * inv(b) ) % N )

x =0xfffffffffffff# 0x123456789

b = 1

c = (0x123456789 *(1%N)%N)%N

print("c",hex(c))

Xx =(x + b %N)%N

Xx = (Xx - c %N)%N

# = 0x2345678a

print("x+Xx",hex((x+Xx%N)%N))

result:

c 0x123456789
x+Xx 0x1ffffedcba9876

[Program finished]

edcba9876 !=0x123456789

Huh

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

Quote from: mjojo on January 18, 2025, 08:07:59 PM

Quote from: COBRAS on January 18, 2025, 08:02:58 PM

Quote from: mjojo on January 18, 2025, 08:00:29 PM

Quote from: COBRAS on January 18, 2025, 07:57:41 PM

Quote from: mjojo on January 18, 2025, 07:55:51 PM

Quote from: hexan123 on January 17, 2025, 11:48:35 AM

can you write something more about these calculation methods

in ecc secp256k1

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

57896044618658097711785492504343953926418782139537452191302581570759080747172 / 57896044618658097711785492504343953926418782139537452191302581570759080747169 = 7

So the above method from @sss555 is not work to define the pubkey is odd or even. I already try many use method to separate odd and even but pattern to cyclic odd and even is always same.

7/2 - 1/2 = 3,

7 -3 = odd

Huh

remember we just have the pubkey as known variable, no decimal or pvkey

I talk abot this

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

just run ecctools from @Alberto

I using ecctools

another situation:

x = 0x123456789

b = 1

c = 0x100000000

Xx = x + b

Xx = Xx - c

# = 0x2345678a

print(hex(x-Xx))

output:

0xffffffff

[Program finished]

if know range of pubkey after subtraction it is posible or not, verify with brute in range ffffff,like in scrypt , brute 0xffffffff

anyone try their examples and you get fffff too ffff will be know range

but what about if "c" in my code wrong ?

N = 115792089237316195423570985008687907852837564279074904382605163141518161494337

def inv(v): return pow(v, N-2, N)
def divnum(a, b): return ( (a * inv(b) ) % N )

x =0xfffffffffffff# 0x123456789

b = 1

c = (0x123456789 *(-1%N)%N)%N

print("c",hex(c))

Xx =(x + b %N)%N

Xx = (Xx - c %N)%N

# = 0x2345678a

print("x+Xx",hex((x+Xx%N)%N))

res:

c 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8bacf0d9b8
x+Xx 0x20000123456788

N = 115792089237316195423570985008687907852837564279074904382605163141518161494337

def inv(v): return pow(v, N-2, N)
def divnum(a, b): return ( (a * inv(b) ) % N )

x =0xfffffffffffff# 0x123456789

b = 1

c = (0x123456789 *(1%N)%N)%N

print("c",hex(c))

Xx =(x + b %N)%N

Xx = (Xx - c %N)%N

# = 0x2345678a

print("x+Xx",hex((x+Xx%N)%N))

result:

c 0x123456789
x+Xx 0x1ffffedcba9876

[Program finished]

edcba9876 !=0x123456789

Huh

[moderator's note: consecutive posts merged]

mjojo

newbie

Activity: 15

Merit: 0

Quote from: COBRAS on January 18, 2025, 08:02:58 PM

Quote from: mjojo on January 18, 2025, 08:00:29 PM

Quote from: COBRAS on January 18, 2025, 07:57:41 PM

Quote from: mjojo on January 18, 2025, 07:55:51 PM

Quote from: hexan123 on January 17, 2025, 11:48:35 AM

can you write something more about these calculation methods

in ecc secp256k1

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

57896044618658097711785492504343953926418782139537452191302581570759080747172 / 57896044618658097711785492504343953926418782139537452191302581570759080747169 = 7

So the above method from @sss555 is not work to define the pubkey is odd or even. I already try many use method to separate odd and even but pattern to cyclic odd and even is always same.

7/2 - 1/2 = 3,

7 -3 = odd

Huh

remember we just have the pubkey as known variable, no decimal or pvkey

I talk abot this

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

just run ecctools from @Alberto

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

Quote from: mjojo on January 18, 2025, 08:00:29 PM

Quote from: COBRAS on January 18, 2025, 07:57:41 PM

Quote from: mjojo on January 18, 2025, 07:55:51 PM

Quote from: hexan123 on January 17, 2025, 11:48:35 AM

can you write something more about these calculation methods

in ecc secp256k1

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

57896044618658097711785492504343953926418782139537452191302581570759080747172 / 57896044618658097711785492504343953926418782139537452191302581570759080747169 = 7

So the above method from @sss555 is not work to define the pubkey is odd or even. I already try many use method to separate odd and even but pattern to cyclic odd and even is always same.

7/2 - 1/2 = 3,

7 -3 = odd

Huh

remember we just have the pubkey as known variable, no decimal or pvkey

I talk abot this

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

mjojo

newbie

Activity: 15

Merit: 0

Quote from: COBRAS on January 18, 2025, 07:57:41 PM

Quote from: mjojo on January 18, 2025, 07:55:51 PM

Quote from: hexan123 on January 17, 2025, 11:48:35 AM

can you write something more about these calculation methods

in ecc secp256k1

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

57896044618658097711785492504343953926418782139537452191302581570759080747172 / 57896044618658097711785492504343953926418782139537452191302581570759080747169 = 7

So the above method from @sss555 is not work to define the pubkey is odd or even. I already try many use method to separate odd and even but pattern to cyclic odd and even is always same.

7/2 - 1/2 = 3,

7 -3 = odd

Huh

remember we just have the pubkey as known variable, no decimal or pvkey

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

Quote from: mjojo on January 18, 2025, 07:55:51 PM

Quote from: hexan123 on January 17, 2025, 11:48:35 AM

can you write something more about these calculation methods

in ecc secp256k1

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

57896044618658097711785492504343953926418782139537452191302581570759080747172 / 57896044618658097711785492504343953926418782139537452191302581570759080747169 = 7

So the above method from @sss555 is not work to define the pubkey is odd or even. I already try many use method to separate odd and even but pattern to cyclic odd and even is always same.

7/2 - 1/2 = 3,

7 -3 = odd

Huh

mjojo

newbie

Activity: 15

Merit: 0

Quote from: hexan123 on January 17, 2025, 11:48:35 AM

can you write something more about these calculation methods

in ecc secp256k1

1/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747169

7/2 = 57896044618658097711785492504343953926418782139537452191302581570759080747172

57896044618658097711785492504343953926418782139537452191302581570759080747172 / 57896044618658097711785492504343953926418782139537452191302581570759080747169 = 7

So the above method from @sss555 is not work to define the pubkey is odd or even. I already try many use method to separate odd and even but pattern to cyclic odd and even is always same.

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

I don know ...

If subtract 21 -10 = 11, -10 = 1, -10 = -9 ,-10 = -19.

how come to -21 subtracting 10 from 21? because middle of a number of subtraction is a transfer from positive to negative zones.

kTimesG

member

Activity: 165

Merit: 26

Odd: y mod 2 == 1
Even: y mod 2 == 0
Negative: always (subtract P until y < 0)
Positive: always (add P until y > 0)
Relation between scalar parity and y odd/even: not proven to exist, but also not proven to not exist. Perhaps a quantum super-computer the size of our solar system may come up with some equation. The solution obviously needs to consider G.x, G.y and the absurdly high degrees of polynomials involved with each new group addition.

mjojo

newbie

Activity: 15

Merit: 0

simply method to derive pubkey to private key is divide the known pubkey..but the first challenge must be make sure pubkey is even or odd. I hope the creator of this thread its OK after 10 years and starting discussion again.

odolvlobo

legendary

Activity: 4522

Merit: 3426

Quote from: sss555 on September 22, 2015, 04:07:12 AM

Take a bitcoin public key (x, y) and its additive inverse (x, -y). How do you identify which is the positive point and which is the negative point?

The sign (or more precisely even/odd) is determined simply by the value of the least-significant bit Notice that the values of the LSBs for Y and -Y are opposites in all of your examples. That's why they are referred to as even/odd and not positive/negative.

To answer your question, there is no "positive/negative". All numbers are positive.

AlexanderCurl

newbie

Activity: 5

Merit: 168

Quote from: hexan123 on January 17, 2025, 11:48:35 AM

can you write something more about these calculation methods

The most SIMPLE ONE for example.

Search Range: 2^24 .. 2^25
Sequence Length : 24
Total Bruteforce steps : 16777216 sqrt(16777216) = 4096
Steps taken : 34578
Value2 hit : 031aedeb569c5312c4a3370fca49be76f6f0ae1d3fb04dd68b037c151a0ae799f4 Odd Point
Combo sum: 16592754
Combo : (8388608, 4194304, 2097152, 1048576, 524288, 262144, 65536, 8192, 2048, 1024, 512, 256, 64, 32, 16, 2)
Combo Length : 16
Private Key : 33185509
Time taken : 1.68 sec

range 2^10...2^11 (1024...2048)
scalars used for demonstration
point(1955) ODD
1955 / 2 = 977,5 977,5 - 0,5 = 977
value1 = 977,5
value2 = 977
using powerOfTwoValues combos
512+256+128+64+16+1=977
value2 hit point 1955 is ODD we know that before knowing scalar of it.
since we know sum of combo 977 and that point is ODD
977 + 0,5 = 977,5
977,5 * 2 = 1955

point(1786) EVEN
1786 / 2 = 893 893 - 0,5 = 892,5
value1 = 893
value2 = 892,5
using powerOfTwoValues combos
512+256+64+32+16+8+4+1=893
value1 hit point 1786 is EVEN we know that before knowing scalar of it.
since we know sum of combo 893 and that point is EVEN
893 * 2 = 1786

This is simple single-threaded python version.
Tells if point is even/odd and lower/higher range position according to bloomfile hit without calculating the scalar first.

[07:29:17] S_table and P_table generated
[07:29:17] Loading bloomfilter bloom1.bf
[07:29:17] Loading bloomfilter bloom2.bf
[07:29:17] Search Range: 2^45 .. 2^46 [35184372088832-70368744177664]
[07:29:19] BloomFilter Hit bloom1.bf (Even Point) [Lower Range Half]
[07:31:05] Privatekey: 51408670348612
[07:31:05] Time taken : 107.91 sec

[18:05:39] S_table and P_table generated
[18:05:39] Loading bloomfilter bloom1.bf
[18:05:40] Loading bloomfilter bloom2.bf
[18:05:40] Each BloomFilter size: 2^27 (134217728)
[18:05:40] Stride size: 2^27 (134217728)
[18:05:40] Search Range: 2^54 .. 2^55 [18014398509481984-36028797018963968]
[18:11:10] Save Data written to File
[18:11:18] BloomFilter Hit bloom1.bf (Even Point) [Higher Range Half]
[18:23:01] Privatekey: 30045390491869460
[18:23:01] Time taken : 1041.05 sec

hexan123

newbie

Activity: 26

Merit: 0

can you write something more about these calculation methods

AlexanderCurl

newbie

Activity: 5

Merit: 168

If one could tell if pubkey has even or odd preimage(scalar) and had a fast method for it that would be the successful ECC Break.
And in practice simple methods exist when you can through certain calculations tell if point is even or odd without knowing its scalar.
But they are time-consuming and not suitable for large ranges. Since the deviation will be enormous.
And for the most part such methods lead to complete private key recovering with no need for even/odd knowledge.

mjojo

newbie

Activity: 15

Merit: 0

Quote from: sss555 on September 22, 2015, 04:07:12 AM

Take a bitcoin public key (x, y) and its additive inverse (x, -y). How do you identify which is the positive point and which is the negative point?

Example

Private key 1 -> (x, y)

x = 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798L

y = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8L

-y = 0xb7c52588d95c3b9aa25b0403f1eef75702e84bb7597aabe663b82f6f04ef2777L

Private key 2 -> (x, y)

x = 0xc6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5L

y = 0x1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52aL

-y = 0xe51e970159c23cc65c3a7be6b99315110809cd9acd992f1edc9bce55af301705L

Private key 3 -> (x, y)

x = 0xf9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9L

y = 0x388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672L

-y = 0xc77084f09cd217ebf01cc819d5c80ca99aff5666cb3ddce4934602897b4715bdL

--------------------------------------------------------------------------------------------------------------------------

Also, how can you identify which pub key is odd and which is even?

ex: private key 1 x,y is odd , private key 2 x,y is even (based with pub key)

--------------------------------------------------------------------------------------------------------------------------
addition info :

bitcoin doubling pub key

In normal math number 7/2 results are 3 and 1 if we need 7 back 3*2 = 6 + 1 = 7

elliptical curve cryptography

private key 7 pub key are

x = 0x5cbdf0646e5db4eaa398f365f2ea7a0e3d419b7e0330e39ce92bddedcac4f9bcL

y = 0x6aebca40ba255960a3178d6d861a54dba813d0b813fde7b5a5082628087264daL

Getting 7 pub key back by , just doubling below given pub key to get 7 pub key

x = 0x592152c398d6c719636a03a6dad64246a5a6814aa62c156b0ce5332f6759b031L

y = 0x72dd2e1d26c233337760c49122a1df67d0aa792b453f97bd29765c83b47ba01dL

Like the same for 3,5,9,11......etc

Just education

--------------------------------------------------------------------------------------------------------------------------

How about to calculation larga number/large private key?

sss555

newbie

Activity: 16

Merit: 1

Take a bitcoin public key (x, y) and its additive inverse (x, -y). How do you identify which is the positive point and which is the negative point?

Example

Private key 1 -> (x, y)

x = 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798L

y = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8L

-y = 0xb7c52588d95c3b9aa25b0403f1eef75702e84bb7597aabe663b82f6f04ef2777L

Private key 2 -> (x, y)

x = 0xc6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5L

y = 0x1ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52aL

-y = 0xe51e970159c23cc65c3a7be6b99315110809cd9acd992f1edc9bce55af301705L

Private key 3 -> (x, y)

x = 0xf9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9L

y = 0x388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672L

-y = 0xc77084f09cd217ebf01cc819d5c80ca99aff5666cb3ddce4934602897b4715bdL

--------------------------------------------------------------------------------------------------------------------------

Also, how can you identify which pub key is odd and which is even?

ex: private key 1 x,y is odd , private key 2 x,y is even (based with pub key)

--------------------------------------------------------------------------------------------------------------------------
addition info :

bitcoin doubling pub key

In normal math number 7/2 results are 3 and 1 if we need 7 back 3*2 = 6 + 1 = 7

elliptical curve cryptography

private key 7 pub key are

x = 0x5cbdf0646e5db4eaa398f365f2ea7a0e3d419b7e0330e39ce92bddedcac4f9bcL

y = 0x6aebca40ba255960a3178d6d861a54dba813d0b813fde7b5a5082628087264daL

Getting 7 pub key back by , just doubling below given pub key to get 7 pub key

x = 0x592152c398d6c719636a03a6dad64246a5a6814aa62c156b0ce5332f6759b031L

y = 0x72dd2e1d26c233337760c49122a1df67d0aa792b453f97bd29765c83b47ba01dL

Like the same for 3,5,9,11......etc

Just education

--------------------------------------------------------------------------------------------------------------------------

Topic: Determine if a public key point y is negative or positive, odd or even? (Read 1083 times)