Pages:
Author

Topic: Why is it hard to track backwards from public address to private key? - page 3. (Read 4342 times)

legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
A bit more detail.

The points on the eliptical curve form a group.  Being a group means that there is a defined addition operator.  

    P2 = P0 + P1

Since there is a defined way to add two points to get a third point there is a way to add a point to itself and get a second point:

    P1 = P0 + P0

You can also do this as many time as you need to so

    P1 = P0 + P0 + ... + P0 + P0

So this defines the scalar multiplication operation:

    Pn = P0 + P0 + ... + P0 + P0 = n * P0

Where n is the number of times you added point P0 to itself.

To finish up we define the exact curve we are going to use, the exact starting point we are going to use to generate all the key pairs and the finite field we are going to use for the private keys.

If G is the agreed to starting point then the public key (point) P, private key (scalar) p, keypair (P, p) is simply defined as P = p * G where * is the scalar multiplcation defined above.

I hope that helps.  Let me know if you have any more questions.
legendary
Activity: 2646
Merit: 1137
All paid signature campaigns should be banned.
Not exactly.

The public key is calculated by "multiplying" the private key (a very large random number) by a point on the curve.  The multiplication operation is not trivial but it basically involves starting at a known point on the curve and then moving to another point on the curve n times where n is the private key so a very large number of moves.

So the operation you are talking about is:  given a seemingly totally random point on the eliptical curve exactly how many times did I "move" from the original point to get here.

Without more grounding in finite field math, etc. at some point you have to trust that given a point on the curve it is, for all practical purposes, impossible to figure out how many moves it took to get there.
hero member
Activity: 784
Merit: 1000
Annuit cœptis humanae libertas
The one-way function is the basis of public-key cryptography generally. A simple example: take two extremely large primes p and q. Multiplying them yields a composite N but it is very difficult to derive p and q if given N.

From a mathematical non-super expert.
newbie
Activity: 22
Merit: 0
I've gotten so many good replies for technical questions before that I have to abuse the good brains on this forum some more.

Why is it hard to track backwards from public address to private key?
I don't have a higher degree in math, but in the kind of math I'm used to, if I have a formula and the unknowns, I'm usually able to solve this given a little time.
Why doesn't this hold true in cryptography, and especially in elliptic curve cryptography?
Why is it hard to find the private key when you have both the formula and the output?
Pages:
Jump to: