My understanding of it is that a long string of 
??
?? Actually, the private key, public key, and bitcoin address are all just a numbers. VERY large numbers.
There are many ways to represent numbers. Computers typically use binary (base 2) which results in a "long string of 0's and 1's". In the case of a private key, this binary "string" is 296 digits long. In the case of a bitcoin address, this binary "string" would be up to 200 digits long.
Humans generally use decimal (base 10) which results in a "long string of 0's, 1's, 2's, 3's, 4's, 5's, 6's, 7's, 8's, and 9's". In the case of a private key, this decimal "string" would be 90 digits long. In the case of a bitcoin address, this decimal "string" would be up to 61 digits long
To make it easier to exchange this important information, bitcoin uses base58 which results in a "long string of the numbers 1 through 9 (zero is not used) as well as the capital letters A through Z (but not O or I), and the lower case letters a through z (but not l). In the case of a private key, this base58 "string" is 51 digits long. In the case of a bitcoin address, this base58 "string" is up to 35 digits long.
is passed through sha256 and creates an address (bitcoin address).
First the ECDSA public key is calculated. You can see the mathematical relationship between an ECDSA private key and an ECDSA public key here:
https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm
Bitcoin uses the Secp256k1 curve for its ECDSA keys. You can find the Secp256k1 parameters in section 2.4.1 here:
https://en.bitcoin.it/wiki/Secp256k1
(and here)
http://www.secg.org/sec2-v2.pdf
Then the public key is "passed through SHA256".
Then the result of that SHA256 is passed through RIPEMD160.
Then an 8 bit version number is placed in the front of the number.
Then a 32 bit checksum is calculated and appended to the end of the number.
from the address you can not go backwards and find the original string of ?
?Correct. Given a bitcoin address, it is impossible with current understanding of mathematics to figure out what SHA256 values could be "passed through RIPEMD160" to get that result. Even if you could, then given a SHA256 value, it is impossible with current understanding of mathematics to figure out what ECDSA public keys could be "passed through SHA256" to get that SHA256 value. Even if you could, then given an ECDSA public key, it is impossible with current understanding of mathematics to figure out what ECDSA private key would result in that particular public key.
but if you have the private key which in some way is related to the string ?
?Yes, I think we have now established that relationship.
then you can access the address and the bitcoin stored there. .
.Ok, now things start to get messy. Bitcoins don't actually exist. The concept of a bitcoin is just an abstraction that we humans use to make it easier to talk about the transfer of control over value. For that matter, bitcoin addresses aren't used at the protocol level either. Addresses are something that we humans use to interface with wallet software in order to tell the wallet software how we want it to encumber transaction outputs.
So, when we tell a wallet to "send to address 16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM", the wallet sees that version number "1" at the beginning and understands that what we actually want is a transaction output that is encumbered with a version 1 script using the (base 16) hash value of 00010966776006953D5567439E5E39F86A0D273BEE (represented here in base 16). The wallet verifies the checksum to make sure you didn't make an error writing down the address or typing it in. The wallet knows that all version 1 scripts are of the following format:
Code:
OP_DUP OP_HASH160 hash_value OP_EQUALVERIFY OP_CHECKSIG
This script encumbers the transaction output with a condition that must be met in a transaction input that attempts to spend this output. If the condition is not met, then the transaction attempting to spend this output will not be recognized as valid by any peers on the bitcoin network.
In the case of a version 1 script, the input must supply a public key that hashes to the hash value supplied AND must also supply a digital signature of the transaction that can be validated with that public key. Since it is impossible with current understanding of mathematics to supply a valid digital signature unless you have the private key that is associated with the public key, providing that signature proves that the transaction creator is in possession of the private key.
Note that, given a signature, a public key, and some signed data, it is impossible with current understanding of mathematics to figure out what ECDSA private key was used to create that signature, but it is possible to figure out if the private key that was used is the private key that is associated with the given public key.
