A bit more detail.
The points on the eliptical curve form a group. Being a group means that there is a defined addition operator.
P2 = P0 + P1
Since there is a defined way to add two points to get a third point there is a way to add a point to itself and get a second point:
P1 = P0 + P0
You can also do this as many time as you need to so
P1 = P0 + P0 + ... + P0 + P0
So this defines the scalar multiplication operation:
Pn = P0 + P0 + ... + P0 + P0 = n * P0
Where n is the number of times you added point P0 to itself.
To finish up we define the exact curve we are going to use, the exact starting point we are going to use to generate all the key pairs and the finite field we are going to use for the private keys.
If G is the agreed to starting point then the public key (point) P, private key (scalar) p, keypair (P, p) is simply defined as P = p * G where * is the scalar multiplcation defined above.
I hope that helps. Let me know if you have any more questions.
Topic: Why is it hard to track backwards from public address to private key? - page 3. (Read 4321 times)
January 16, 2013, 07:25:40 PM
January 16, 2013, 07:07:43 PM
Not exactly.
The public key is calculated by "multiplying" the private key (a very large random number) by a point on the curve. The multiplication operation is not trivial but it basically involves starting at a known point on the curve and then moving to another point on the curve n times where n is the private key so a very large number of moves.
So the operation you are talking about is: given a seemingly totally random point on the eliptical curve exactly how many times did I "move" from the original point to get here.
Without more grounding in finite field math, etc. at some point you have to trust that given a point on the curve it is, for all practical purposes, impossible to figure out how many moves it took to get there.
The public key is calculated by "multiplying" the private key (a very large random number) by a point on the curve. The multiplication operation is not trivial but it basically involves starting at a known point on the curve and then moving to another point on the curve n times where n is the private key so a very large number of moves.
So the operation you are talking about is: given a seemingly totally random point on the eliptical curve exactly how many times did I "move" from the original point to get here.
Without more grounding in finite field math, etc. at some point you have to trust that given a point on the curve it is, for all practical purposes, impossible to figure out how many moves it took to get there.
January 16, 2013, 07:04:05 PM
The one-way function is the basis of public-key cryptography generally. A simple example: take two extremely large primes p and q. Multiplying them yields a composite N but it is very difficult to derive p and q if given N.
From a mathematical non-super expert.
From a mathematical non-super expert.
January 16, 2013, 06:59:32 PM
I've gotten so many good replies for technical questions before that I have to abuse the good brains on this forum some more.
Why is it hard to track backwards from public address to private key?
I don't have a higher degree in math, but in the kind of math I'm used to, if I have a formula and the unknowns, I'm usually able to solve this given a little time.
Why doesn't this hold true in cryptography, and especially in elliptic curve cryptography?
Why is it hard to find the private key when you have both the formula and the output?
Why is it hard to track backwards from public address to private key?
I don't have a higher degree in math, but in the kind of math I'm used to, if I have a formula and the unknowns, I'm usually able to solve this given a little time.
Why doesn't this hold true in cryptography, and especially in elliptic curve cryptography?
Why is it hard to find the private key when you have both the formula and the output?
Jump to: