Related articles:

  1. Cryptography — Elliptic Curve Cryptography algorithm (ECC)
  2. Elliptic curve algorithms: An introduction
  3. ECC elliptic curve details (with specific examples)
  4. Who can explain the elliptic curve algorithm, secP256K1 how to generate public and private keys?

The encryption algorithm

Symmetric encryption

Concept: that is, encryption, decryption key is the same.

Advantages: High encryption and decryption efficiency (fast speed, small space occupation), high encryption intensity.

Disadvantages: All parties involved need to hold the key, once someone leaks the security will be destroyed; There is also the problem of distributing keys over insecure channels.

Indicates algorithms, including DES, 3DES, AES, and IDEA.

Asymmetric encryption

Concept: The encryption key and decryption key are different and are called public key and private key respectively. Public keys are generally public and accessible to all, while private keys are generally owned by individuals and cannot be accessed by others.

Advantages: The public and private keys are separated, and insecure channels can be used. Disadvantages: encryption and decryption speed is slow, generally slower than symmetric encryption and decryption algorithm 2 to 3 orders of magnitude; At the same time, the encryption strength is worse than symmetric encryption. The security of asymmetric encryption algorithm often needs to be guaranteed based on mathematical problems. At present, there are mainly several ideas based on large number factor decomposition, discrete logarithm, elliptic curve and so on.

Representative algorithms: RSA, ElGamal, Elliptic Curve Crytosystems (ECC) series algorithms.

Hybrid secret mechanism

Both parties negotiate a temporary encryption key (session key, which is generally much shorter than the content) using computationally complex asymmetric secrets, and then use symmetric encryption to encrypt and decrypt the large amount of data transmitted. The typical scenario is the now-common HTTPS mechanism.

That is, short asymmetric encryption is used to confirm permissions, and symmetric encryption is used to encrypt and decrypt large amounts of transmitted data.

Introduction to Blockchain Elliptic Curve Crytosystems (ECC)

The import

Suppose everyone in the world could multiply, but no one could divide. One day zhang SAN picked out two numbers, 123,456. Since Jack can multiply, jack can calculate:

123 * 456 = 56088
Copy the code

So Zhang SAN tells you:

123 * ??? =56088
Copy the code

You’re a genius, but you can’t help it. You’re not allowed to divide, so you can’t know what John said. What it is. Of course, no one else knew, because Joe didn’t tell anyone. What is. One day, you are going to tell John a secret. But you don’t want anyone to know. So, as smart as you are, you pick the number 222.

Calculate the:

123 * 222 = 27306
Copy the code
56088 * 222 + 67 = 12451603
Copy the code

Then you say to John:

123 *??? = 27306Copy the code
56088 *??? + x = 12451603Copy the code

Of course, you’re smart. John’s smart and bald, so John thinks,

123 *??? * 456 = 56088 *?Copy the code

If I subtract this from the next one,

x = 12451603 - 27306 * 456 = 67
Copy the code

Oh, my god, the X has just been passed on. If we write this down mathematically,

G * k = k (G, k open, k confidential) c1 = G * Mc2 = k * M + x (M randomly selected, x is the number to be encrypted, M and x are confidential) x = C2-C1 * k = K * M + x-g * M * k = G * M * k + x-g * M * k (eliminating G * M * k on the left and right sides) = xCopy the code

Conclusion:

So what we want to do is make it easy to encrypt, easy to verify, but hard to decrypt, and really just find a set of operations that add, subtract, multiply is easy, but divide is hard, and that’s not easy. Because addition, subtraction, and multiplication can do encryption and verification, but except we want it to be hard, so hard that it’s almost impossible to solve. One of the operations that meets this condition is the elliptic curve equation, whose addition, subtraction, multiplication and division refers to the addition, subtraction, multiplication and division of the field, the concept of the field is abstracted from our rational number, real number operations, see recent algebra for a strict definition of the number. Simply speaking, the elements in the domain, like rational numbers, have their own addition, multiplication, division, identity element (1), zero element (0), and meet the exchange rate, distribution rate.

Elliptic curve equation

The value can be ECC, ECDH, or ECDSA. ECC is the abbreviation of Elliptic Curve Cryptography, which is the Elliptic encryption algorithm. ECDH and ECDSA are different implementations of ECC.

Elliptic cryptography has a wide range of applications, being used by the three main technologies TLS, PGP, and SSH, not to mention Bitcoin and other cryptocurrencies.

Elliptic curve equation :(briefly understood as a formula describing a set of specific points)

Y squared is equal to x cubed plus ax plus b

Addition in elliptic curve geometry

Take any two points P and Q on the elliptic curve (if P and Q coincide, it will be regarded as the tangent line of point P), make a straight line crossing at another point R’ on the elliptic curve, and make a parallel line crossing the Y-axis through R’ crossing at R, and define P+Q=R. Thus, the sum of addition is also on the elliptic curve and has the commutative and associative laws of addition.

Encryption/decryption on elliptic curves

Public-key algorithms are always based on a mathematical puzzle. RSA, for example, relies on the fact that given two prime numbers P and q are easy to multiply to produce n, whereas factoring n is relatively difficult. So what’s the problem with elliptic curves?

Consider the following equation: K=kG [where K,G is a point on Ep(a,b) and K is an integer less than n (n is the order of point G)] It is not difficult to see that given K and G, it is easy to calculate K according to the rule of addition; But given K and G, it’s harder to find K. This is the problem of elliptic curve encryption algorithm.

We call point G the base point,

K (k<n, where n is the order of base g) is called the privte key,

K is called the public key (public=”” key). <=”” p=””>

Now we describe a process for encrypted communication using elliptic curves:

1. User A selects an elliptic curve, Ep(A, B), and takes A point on the elliptic curve as base point G. 2. User A selects A private key k and generates A public key k =kG. 3. User A sends Ep(A, B) and points K and G to user B. 4. After receiving the message, user B will encode the plaintext to be transmitted to the point M on Ep(a, B) (there are many encoding methods, which will not be discussed here), and generate a random integer r (r<n). User B’s point C1=M+rK; C2 = rG. 6. User B sends C1 and C2 to user A. 7. After receiving the message, user A calculates C1-kC2, resulting in point M.

Because C1-kc2 =M+ Rk-K (rG)=M+ rk-R (kG)=M and then decode the point M to get the plaintext.

In this encrypted communication, if there is a voyeur H, he can only see Ep(a, B), K, G, C1, C2 and finding K through K and G or r through C2 and G is relatively difficult. Therefore, H cannot obtain the plaintext information transmitted between A and B.

Conclusion:

Set the private key and public key to k and k respectively, that is, K = kG, where G is the G point.

Public key encryption: Select a random number R to generate a ciphertext C. The ciphertext is a point pair, that is, C = {rG, M+rK}, where K is the public key

Decrypt private key: M + rK -K (rG) = M + R (kG) -k (rG) = M K and K are private keys and public keys respectively.

Elliptic curve signature and verification signature

Elliptic curve signature algorithm, namely ECDSA. Set the private key and public key to k and k respectively, that is, K = kG, where G is the G point.

1. Select a random number r and calculate point rG(x, y). 2. According to the random number r, hash H of message M and private key K, calculate S = (h + kx)/r. 3. Send the message M and signature {rG, s} to the receiver.

Public key authentication signature: 1. The receiver receives the message M and the signature {rG=(x,y), s}. 2. Hash h according to the message. 3. Use the sender’s public key K to calculate: hG/s + xK/s, and compare with rG. If it is equal, the signature is successful.

Principle is as follows: hG/s + xK/s = hG/s + x (kG)/s = (h + xK) G/s = (h + xK) G/r (h + kx) = rG

The origin and relationship of bitcoin private key, public key and wallet address

Secp256k1 is selected for the Bitcoin system

Qcxruoxwo5bya9nxhavbarbqyhathjru7 COINS wallet address example: 1

So how was the wallet address generated?

It takes nine steps to get the bitcoin wallet address we use for our daily transfers from the bitcoin private key, using SHA256 encryption, RIPEMD160 encryption and BASE58 encoding.

1. Generate a random private key

The private key is a random number, a random 32-byte number, The range of this number is between 1 and 0xFFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48A03B BFD2 5E8C D036 4141. We randomly generate a valid private key:

8F72F6B29E6E225A36B68DFE333C7CE5E55D83249D3D2CD6332671FA445C4DD3
Copy the code

2. Calculate the public key of elliptic curve

After generating the private key, we use elliptic curve encryption algorithm (ECDSA-SECP256K1) to calculate the uncompressed public key corresponding to the private key. The generated public key has a total of 65 bytes, including one byte 0x04, where 32 bytes are X coordinates and the other 32 bytes are Y coordinates:

Public key P.X: 06 ccae7536386da2c5add428b099c7658814ca837f94fade365d0ec6b1519385Copy the code
Public key P.Y: FF83EC5F2C0C8F016A32134589F7B9E97ACBFEFD2EF12A91FA622B38A1449EEBCopy the code

3. Calculate the SHA-256 hash value of the public key

The public key addresses above are pieced together to obtain the standard address:

0406CCAE7536386DA2C5ADD428B099C7658814CA837F94FADE365D0EC6B1519385FF83EC5F2C0C8F016A32134589F7B9E97ACBFEFD2EF12A91FA622B 38A1449EEBCopy the code

Align the sha-256 hash to get the result:

2572e5f4a8e77ddf5bb35b9e61c61f66455a4a24bcfd6cb190a8e8ff48fc097d
Copy the code

4. Calculate the ripEMD-160 hash value

Take the results of the previous step and calculate RIPEMD-160, and the results are as follows:

0b14f003d63ab31aef5fedde2b504699547dd1f6
Copy the code

5. Add address version (Bitcoin main network version number “0x00”)

Take the result of the previous step and add the hexadecimal 00 in front, i.e. :

000b14f003d63ab31aef5fedde2b504699547dd1f6
Copy the code

6. Calculate the SHA-256 hash value

Take the results of the previous step and calculate SHA-256. The following results can be obtained:

ddc2270f93cc84cc6869dd373f3c340bbf5cb9a8f5559297cc9e5d947aab2536
Copy the code

Then, the SHA-256 hash value is computed again against the above results, resulting in:

869ac57b83ccf75ca9da8895823562fffb611e3c297d9c2d4612aeeb32850078
Copy the code

7. Take the first 4 bytes of the result of the previous step (8-bit hexadecimal)

869ac57b
Copy the code

8. Append these four bytes to the result of Step 5

As a check bit, these four bytes are loaded after the result of step 5. This is the hexadecimal form of the bitcoin address:

869ac57b000b14f003d63ab31aef5fedde2b504699547dd1f6
Copy the code

9. Change the address using Base58 encoding

Base58 encoding is carried out for the results of the previous step to obtain:

1QCXRuoxWo5Bya9NxHaVBArBQYhatHJrU7
Copy the code

This is the traditional bitcoin wallet address we often see.

Delos blockchain uses elliptic encryption

Two different elliptic encryption implementations are used on the Delos blockchain, both written in go

  • ed25519 gitlab.zhonganonline.com/ann/ann-module/lib/ed25519

  • secp256k1 github.com/btcsuite/btcd/btcec

The delOS chain generates the private key

privkey crypto.PrivKeyEd25519
Copy the code

Delos/API project calls ethereum’s DELos /eth/ Crypto ECDSA ellipse encryption method to generate private keys and addresses

Generate the account private key and address

result.Privkey = ethcmn.Bytes2Hex(crypto.FromECDSA(privkey))
result.Address = ethcmn.Bytes2Hex(crypto.FromECDSAPubCompressed(&privkey.PublicKey))
Copy the code

Breadwallet- Ellipse encryption for Android

Secp256k1 is used in Android, which is written in C language

In the app/SRC/main/secp/secp256k1

Generate the private key

app\src\main\jni\breadwallet-core\Java\root\com\breadwallet\core\BRCoreKey.java
Copy the code
private static native long createJniCoreKey ();
Copy the code

The JNI C library is called

/*
 * Class:     com_breadwallet_core_BRCoreKey
 * Method:    createJniCoreKey
 * Signature: ()J
 */
JNIEXPORT jlong JNICALL
Java_com_breadwallet_core_BRCoreKey_createJniCoreKey
        (JNIEnv *env, jclass thisClass) {
    BRKey *key = (BRKey *) calloc (1, sizeof(BRKey));
    return (jlong) key;
}
Copy the code

To generate a public key

Mnemonic words or sequences can be used

src\main\jni\breadwallet-core\Java\root\com\breadwallet\core\BRCoreMasterPubKey.java
Copy the code
private static native long createJniCoreMasterPubKeyFromPhrase (byte[] phrase);

private static native long createJniCoreMasterPubKeyFromSerialization(byte[] pubKey);
Copy the code

The JNI C library is called

/* * Class: com_breadwallet_core_BRCoreMasterPubKey * Method: createJniCoreMasterPubKeyFromPubKey * Signature: ([B)J */
JNIEXPORT jlong JNICALL
Java_com_breadwallet_core_BRCoreMasterPubKey_createJniCoreMasterPubKeyFromSerialization
        (JNIEnv *env, jclass thisClass, jbyteArray serialization) {
    jsize serializationLength = (*env)->GetArrayLength (env, serialization);
    jbyte *serializationBytes = (*env)->GetByteArrayElements (env, serialization, 0);
    assert (serializationLength == sizeof(BRMasterPubKey));

    BRMasterPubKey *key = (BRMasterPubKey *) calloc (1.sizeof (BRMasterPubKey));
    memcpy(key, serializationBytes, sizeof(BRMasterPubKey));

    return (jlong) key;
}
Copy the code