Bitcoin Forum
May 15, 2024, 05:40:05 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Development & Technical Discussion / Why do you think G/2 is so strange? on: January 03, 2023, 09:07:10 PM
The generator G of secp256k1 is the point
Code:
(0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)
or
Code:
(55066263022277343669578718895168534326250603453777594175500187360389116729240, 32670510020758816978083085130507043184471273380659243275938904335757337482424) in base10

if you divide this point by 2 with a group operation => a multiplication by the modular inverse of 2  

you obtain this point:

Code:
inv2=inverse_mod(2,N)=57896044618658097711785492504343953926418782139537452191302581570759080747169
G*inv2= (86918276961810349294276103416548851884759982251107, 87194829221142880348582938487511785107150118762739500766654458540580527283772)

a x coordinate in the range of 10^50 - 10^51 occurs only around every 10^(77-51) = 1 on 10^26  


So for me it's a proof that it is extremely unlikely that G was chosen randomly
It's not what we can called a weakness because normally every generator generate an high entropy between every scalar multiplication 1.G 2.G 3.G etc...
you can for example choose the point :
Code:
G: (1,29896722852569046015560700294576055776214335159245303116488692907525646231534)

without problem, because this "extreme" generator will be untraceable after many modulus operation

But anyway what do you think about the goal of this anomaly?
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!