Bitcoin Forum
November 15, 2024, 06:37:55 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How do I calculate the Exponent for public/private keys  (Read 294 times)
Anti-Cen (OP)
Member
**
Offline Offline

Activity: 210
Merit: 26

High fees = low BTC price


View Profile
January 30, 2018, 11:25:38 AM
 #1

I am using Microsoft Windows RSACryptoServiceProvider just to generate the keys for now but it also calculates the Exponent
at the same time and I want to cut RSACryptoServiceProvider out of the loop so I am doing encryption/decryption with BigInt
which I have got working just fine.

strange thing is the keys keep changing with RSACryptoServiceProvider but the Exponent always stays as "AQAB" on a 512 bit key
and unless you set PersistKeyInCsp = false; then the key pairs get saved by spy-master general  so basically just don't trust Microsoft one bit here

The code I use for now in C# to create keys/Exponent is shown below

Quote
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512);  // Key bits length
 rsa.PersistKeyInCsp = false;
 RSAParameters RParams = rsa.ExportParameters(true);
 this.PublicAddress = Convert.ToBase64String(RParams.Modulus);
 this.PrivateAddress = Convert.ToBase64String(RParams.D);
 this.Exponent = Convert.ToBase64String(RParams.Exponent);
 this.KeySize = rsa.KeySize;

Later I want to generate my own key pairs and compress the size of the public key down without using a million lines of code


Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
mvrcrypto
Newbie
*
Offline Offline

Activity: 9
Merit: 4


View Profile
January 30, 2018, 12:47:37 PM
Merited by AGD (1)
 #2

Bitcoin don't use RSA but ECDSA.
Your private key D is a 256bits unsigned integer.
Then, you can calculate your public key by multiplying D with a generator point G on an elliptic curve.
On bitcoin, the standard is https://en.bitcoin.it/wiki/Secp256k1.
There is no exponent, or i don't understand what you call exponent (since it's not RSA).
nullius
Copper Member
Hero Member
*****
Offline Offline

Activity: 630
Merit: 2614


If you don’t do PGP, you don’t do crypto!


View Profile WWW
January 30, 2018, 01:58:23 PM
Last edit: January 30, 2018, 02:09:08 PM by nullius
Merited by hatshepsut93 (5), Lutpin (5), pebwindkraft (3), DooMAD (2), AGD (1), Xynerise (1)
 #3

I am using Microsoft Windows RSACryptoServiceProvider just to generate the keys for now but it also calculates the Exponent
at the same time and I want to cut RSACryptoServiceProvider out of the loop so I am doing encryption/decryption with BigInt
which I have got working just fine.

strange thing is the keys keep changing with RSACryptoServiceProvider but the Exponent always stays as "AQAB" on a 512 bit key
and unless you set PersistKeyInCsp = false; then the key pairs get saved by spy-master general  so basically just don't trust Microsoft one bit here

The code I use for now in C# to create keys/Exponent is shown below

Quote
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512);  // Key bits length
 rsa.PersistKeyInCsp = false;
 RSAParameters RParams = rsa.ExportParameters(true);
 this.PublicAddress = Convert.ToBase64String(RParams.Modulus);
 this.PrivateAddress = Convert.ToBase64String(RParams.D);
 this.Exponent = Convert.ToBase64String(RParams.Exponent);
 this.KeySize = rsa.KeySize;

Later I want to generate my own key pairs and compress the size of the public key down without using a million lines of code

Folks, I know that you desire to be helpful in “Development & Technical Discussion”; but please look at who is posting here.

After literally over 900 posts mostly bashing Bitcoin whilst boasting of his superior technical knowledge and extensive development experience, Anti-Cen has—tried to use RSA for Bitcoin.  512-bit RSA, at that (!).


Edit:  And he has done so in multiple threads, including one explicitly titled “Elliptic curve point of R”:

With microsoft RSACryptoServiceProvider the Exponent always stays as "AQAB" on 512 bit key
and i need to work it out going backwards from public/private key pairs if I can and i think this
is based on the curve


I don't trust microsoft on anything and really just want something simple to generate
keys and the Exponent that written in C# without having much code.
End edit.


He has now gone from flaunting arrogant ignorance to self-satirizing it.  As if it were not enough to posit that CPUs were useful for Bitcoin mining, which has not been the case for over half a decade:

Quote from: Anti-Cen (current signature)
Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.

Maybe the development team needs to go back to school and learn what distributed computing is all about because clearly
the development team have dropped the ball and they are going about the fix in the wrong way entirely.

The BC is a linked list so take the headerID and just point that to a list of nodes who have the full block details if you don't hold it yourself
so think about it as storing a reference in <LIST> to other objects. Distributed system is not what they do best and no one can argue that
I am wrong because we know the wheels are falling of the current BTC block-chain

Few people like me have seen what starts to happen to a database when you push the size too high and the index
becomes too big to hold in memory and that's with spreading the DB over several drives.

Quote
You don't know how it works, basically. Please learn, you sound crazy.

I can always tell when I am winning and the other side resorts to insults but you did
not answer my points and want to talk around them so please let me know what
specific point you would like to disagree on and also note that I am not against
Segwit which kinds of brings file compression to the blocks using "Extended blocks" to
store data in BC because short term it is a good fix

You can say that again because Segwit is not implemented for Bitcoin and has been dropped but
it is confusing because I hear about Segwit wallets and I am not talking about Segwit2x here that uses B2X

Bitcoin is free software and any developer can contribute to the project.
The first: Code Review

Bitcoin Core is security software that helps protect assets worth billions of dollars, so every code change needs to be reviewed by experienced developers

I am not so sure that it this easy and Mr J Poon who's running the lightning network project won't answer his emails
and I once tried this "Open Source" approach with firefox and code related to google but they would not take the offending
code out.

My code for Bitcoin Core is only one line long so do you think they will put it in to the project for me

public static money MaxFee=1.5 // Miners that do not like it are free to leave because we have ten timed more than we need

this 200gb problem a year growth in the size of the block-chain will result in having to use a AS-400 computer
to process that amount of data because to balance a wallet you need to walk back down the chain (Link list)
and trace all the part coins in the wallet back to the original mined coins which more or less involves scanning
all 200gb for each transaction and this process gets repeated by all 20,000 nodes on the network.

Distributed systems are not built like this as i am sure many of you here already know and they are not even trying
to clear down the mempool that stands at 115,564,705 bytes and we need to do a bit of house clearing ourselves
and it's time to call out the garbage collector to dump 90% of the full nodes because we don't need this many

if they continue to refuse to implement code shown below
public static money MaxFee=1.50 // Less miners because not enough cream to go around
or
public CONST int32 BlockSize=4 //Just like any decent programmers would use

Then we need to publicly name and shame BTC and it's developers and try to salvage Cryptocoins by backing
one of the other forks because as we speak it's our money and effort that is being dragged down by this mess

Anyone that writes a financial system and needs to protect against a 51% attack needs to find another job as do any
programmers that need CPU-wars between miners to keep Intel and AMD rich along with big oil and the icing on the
cake is Bitcoin will not scale and they knew this from day one, like nine years ago.

80% of the Bitcoin code is about mining, the miners and developers are one and the same and no one works for free
but now they have got greedy and are offering us bread today and jam tomorrow but it's too little, too late IMHO

[...]

I am aware my posts are being watched but they dare not drop by and have it out with me so do they
fear developers that are "Not on the team" and how long will it be before the masses see that huge
transactions fees is the real reason for $6,000 being knocked off the price of BTC

public static money MaxFee=1.50 // Less miners because not enough cream to go around

That is one of the stupidest ideas I have ever seen in my whole life; and it has plenty of competition between the four corners of this world.

Your reply does compute and you are angry about the price of your coins going down but you should
get out more from the church and read other development forums to see what they are saying instead
of trying to insult people because you lack the skill to debate and don't write code for a living

Anti-Cen (OP)
Member
**
Offline Offline

Activity: 210
Merit: 26

High fees = low BTC price


View Profile
January 30, 2018, 05:38:41 PM
 #4

He has now gone from flaunting arrogant ignorance to self-satirizing it.  As if it were not enough to posit that CPUs were useful for Bitcoin mining, which has not been the case for over half a decade:

Not my fault if your in love with an outdated steam engine is it now


Quote
That is one of the stupidest ideas I have ever seen in my whole life; and it has plenty of competition between the four corners of this world.

Hope you liked stalking me, I am cool with it because I eat little boys like you for breakfast who's only concern
is their "Investment" playing the slot machines  

Quote
After literally over 900 posts mostly bashing Bitcoin whilst boasting of his superior technical knowledge and extensive development experience, Anti-Cen has—tried to use RSA for Bitcoin.  512-bit RSA, at that (!).

What on earth made you think that I wanted the code to work with Bitcoin given that I often point
out that the design is wrong, hence it won't scale ?  Development here is not just about Bitcoin you know
so stop making yourself look silly with your ramblings

Quote
Your reply does compute and you are angry about the price of your coins going down but you should
get out more from the church and read other development forums to see what they are saying instead
of trying to insult people because you lack the skill to debate and don't write code for a living

Just admit the question I asked went over your head and I know this might be hard for you
to understand but you know when I make a post because it usual will have my name at the top of it.

Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
nullius
Copper Member
Hero Member
*****
Offline Offline

Activity: 630
Merit: 2614


If you don’t do PGP, you don’t do crypto!


View Profile WWW
January 30, 2018, 06:20:42 PM
Last edit: January 30, 2018, 08:24:48 PM by nullius
 #5

[snip]

(Nothing worth replying to.)

What on earth made you think that I wanted the code to work with Bitcoin given that I often point
out that the design is wrong, hence it won't scale ?  Development here is not just about Bitcoin you know
so stop making yourself look silly with your ramblings

Oh, please.  Just because you’re stupid, don’t assume that I am—or that I was born yesterday.

(And I must ask, why do you post literally an average of 20 times per day on the Bitcoin Forum if you so loathe it?  Why yes, this forum is for Bitcoin development.)

But just in case any observer has any doubt about your transparent, juvenile excuse:  About 50 minutes after you started this thread, you posted substantially the same question in a different thread explicitly titled “Elliptic curve point of R” amidst discussion of secp256k1 (archive; red colour is added to highlight in the following):

With microsoft RSACryptoServiceProvider the Exponent always stays as "AQAB" on 512 bit key
and i need to work it out going backwards from public/private key pairs if I can and i think this
is based on the curve



I don't trust microsoft on anything and really just want something simple to generate
keys and the Exponent that written in C# without having much code.

Thus in the world according to Anti-Cen, RSA is explicitly “based on” a “curve”.

I should also note, anybody who uses 512-bit RSA for any purpose whatsoever is a moron.  512-bit RSA is breakable, not only in theory but as repeatedly demonstrated in reality.

Now, a clarification for those reading this:

Quote
Your reply does compute and you are angry about the price of your coins going down but you should
get out more from the church and read other development forums to see what they are saying instead
of trying to insult people because you lack the skill to debate and don't write code for a living

Just admit the question I asked went over your head and I know this might be hard for you
to understand but you know when I make a post because it usual will have my name at the top of it.

Here, you are replying to your own words which you directed at me on 2018-01-02 11:36:57.  Don’t put words in my mouth.

I quoted you with proper attribution in the post to which you replied.  But you habitually strip attribution from quotes; and it is evident that you here confused yourself.

Regardless—really, regardless—I will handily admit that the question of how to use 512-bit RSA objects for Bitcoin secp25k1 ECDSA keys does indeed go over my head.  Whoosh.


You edited your post immediately after you posted it.  Following is the original version; I replied to the latest version I have seen.  Please be advised that I am archiving this thread.  (Edit:  Thus far, snapshots at web.archive.org: 0, 1, 2, 3 and archive.is: 0, 1, 2, 3.)

Now shoo, go away.

He has now gone from flaunting arrogant ignorance to self-satirizing it.  As if it were not enough to posit that CPUs were useful for Bitcoin mining, which has not been the case for over half a decade:

Not my fault if your in love with an outdated steam engine is it now

Quote
That is one of the stupidest ideas I have ever seen in my whole life; and it has plenty of competition between the four corners of this world.

Hope you liked stalking me, I am cool with it because I eat little me like you for breakfast who's only concern
is their "Investment" playing the slot machine

Quote
Your reply does compute and you are angry about the price of your coins going down but you should
get out more from the church and read other development forums to see what they are saying instead
of trying to insult people because you lack the skill to debate and don't write code for a living

Just admit the question I asked went over your head and I know this might be hard for you
to understand but you know when I make a post because it usual will have my name at the top of it.

Anti-Cen (OP)
Member
**
Offline Offline

Activity: 210
Merit: 26

High fees = low BTC price


View Profile
January 30, 2018, 06:47:24 PM
 #6

Bitcoin don't use RSA but ECDSA.
Your private key D is a 256bits unsigned integer.
Then, you can calculate your public key by multiplying D with a generator point G on an elliptic curve.
On bitcoin, the standard is https://en.bitcoin.it/wiki/Secp256k1.
There is no exponent, or i don't understand what you call exponent (since it's not RSA).

I tried the Secp256k1.Core project written in C# but the signature won't verify but it does do
compressing and checksum and to be honest it looks good code, not too long but what can I do.

Microsofts RSA is not something I like so I am using BigInts for encryption like this.

Quote
         
            BigInteger numEncData = new BigInteger(cipherData);
            BigInteger Exponent = StringToBig(Keys.Exponent);
            BigInteger Modulus = StringToBig(Keys.PublicAddress);
            BigInteger D = StringToBig(Keys.PrivateAddress);
            if (UsePublicKey)
                decData = BigInteger.ModPow(numEncData, Exponent, Modulus);
            else
                decData = BigInteger.ModPow(numEncData, D, Modulus);

So for now I am just using microsofts .NET framework DSA to get me going and took it that the  
Exponent could be calculated from the public/private keys that I get from one like of code just now.

out of the box RSACryptoServiceProvider won't even encode using the private key so really I have
just be forced to jump in and get my hands dirty and that's when I hit this problem and if you think
needing three parts is bad then take a look at Microsoft's bloated ways

Code:
<RSAKeyValue><Modulus>okyvVpYxEtswLqjaoOv6syr6sKeRac05EBdNJirWPAYFmMWor4m2s04M27plDQH7mP12eBx6rZAvvaHRps3YwQ==</Modulus>
<Exponent>AQAB</Exponent>
<P>wRNeMhagqUMMtwqJB4MQOZL0TFYk0Ha6IEgGccYUWfs=</P>
<Q>1zGdJfAIYgMh6nBIPt5yGjk2mGAV75JY4AALpI1Vt3M=</Q>
<DP>PeBCINVFmdkmGwciUSj8qybgahJ1a+WQ0sWiYxXy8b8=</DP>
<DQ>t4mBVtIa1D2Ht8R8WeKvvt39SojpLKPNWX+wbnB9IzE=</DQ>
<InverseQ>Lc+5THLhkpee6DQnsloTNy6vdNIDbGs/6jXas+xuIxg=</InverseQ>
<D>cj0sBfR94lnqVk2AZlj0A/0yq/mm/yP3EH52TXFFjsVG9v2nPNe3kn3VJUex0OFwCVoGQsRSjcmYCFX9czr+aQ==</D></RSAKeyValue>

in fact the Exponent must only be related to the public key or else you would be forced to issue a copy of the private key so
clients could read a signature but like I said it always stays the same so that seem wrong too  










Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
Anti-Cen (OP)
Member
**
Offline Offline

Activity: 210
Merit: 26

High fees = low BTC price


View Profile
January 30, 2018, 06:56:53 PM
 #7

Thus in the world according to Anti-Cen, RSA is explicitly “based on” a “curve”.

I asked if it was based on a curve and you seem to have a bit of a metal condition and accusing me of all kind things because like I
so often do I edited a post moments after it was posted.

Please archive this post too and I am happy your hanging around watching this thread because it stops you
disturbing other members and making a total fool of yourself in the process.

I found this on your site "RSA: 0xA232750664CC39D61CE5D61536EBB4AB699A10EE"

Please help me to encode a message to send to the address because so far I've got

yutyurtyurtyurtyutryurtyurtyurtyu4tytryrtyurtrtu
rtyurtyurturtyu-GROW-UP-LITTLE-BOY ttyurtyurt
rtyurtyurtyurtyurtyutryurtyurtyurtyurtyurtyurtyu

And it does not seem to post

 

Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
nullius
Copper Member
Hero Member
*****
Offline Offline

Activity: 630
Merit: 2614


If you don’t do PGP, you don’t do crypto!


View Profile WWW
January 30, 2018, 08:18:15 PM
 #8

Thus in the world according to Anti-Cen, RSA is explicitly “based on” a “curve”.

I asked if it was based on a curve and you seem to have a bit of a metal condition and accusing me of all kind things because like I
so often do I edited a post moments after it was posted.

Quotable.

For the benefit of any newbies reading this—and I mean, people who do not brag about development knowledge or experience, and have never even read the Wikipedia article on RSA—the answer is:  No, RSA is not based on a curve.  RSA is not elliptic-curve cryptography.  RSA is based on the RSA problem, which is closely related to (but not identical with) the problem of factoring large integers.  Elliptic curve cryptography such as Bitcoin’s secp256k1 is based on the elliptic curve discrete logarithm problem (ECDLP).  Bitcoin does not use RSA anywhere for any purpose whatsoever.

I found this on your site "RSA: 0xA232750664CC39D61CE5D61536EBB4AB699A10EE"

Please help me to encode a message to send to the address because so far I've got

yutyurtyurtyurtyutryurtyurtyurtyu4tytryrtyurtrtu
rtyurtyurturtyu-GROW-UP-LITTLE-BOY ttyurtyurt
rtyurtyurtyurtyurtyutryurtyurtyurtyurtyurtyurtyu

And it does not seem to post

After decades of disdain on my part, I finally understand why people use the term “LOL”.  Did you just try to use a PGP public key fingerprint as an RSA key?  Why yes, it seems you did (or at least, you claimed to).

That is a 160-bit SHA-1 hash, calculated as specified by RFC 4880 § 12.2.  Depending on how those bits hashed out, you perhaps may only have slightly more luck finding in it a minuscule RSA modulus plus public exponent than you would using RSA-512 to generate Bitcoin keys.

Carlton Banks
Legendary
*
Offline Offline

Activity: 3430
Merit: 3080



View Profile
January 30, 2018, 10:25:00 PM
 #9

He has now gone from flaunting arrogant ignorance to self-satirizing it.

In fairness, I think the Anti-Cen account *is* satire. The posts are often quite funny pastiches of genuine attempts to troll Bitcointalk.org.

That's actual state of the art trolling if so; trolling the trolls with, uh, imitative trolling. I've been tempted to award some merit points Cheesy


I sincerely hope Anti-Cen starts hanging out with the other trolls, oh and meriting their posts!! Anti-Cen might be a kind genius of a sort after all!

Vires in numeris
nullius
Copper Member
Hero Member
*****
Offline Offline

Activity: 630
Merit: 2614


If you don’t do PGP, you don’t do crypto!


View Profile WWW
January 30, 2018, 11:14:30 PM
 #10

He has now gone from flaunting arrogant ignorance to self-satirizing it.

In fairness, I think the Anti-Cen account *is* satire. The posts are often quite funny pastiches of genuine attempts to troll Bitcointalk.org.

You think?  If so, it’s still a troll—and that would not be the first time I may have been trolled here, though the other one was much less plausible.  Thus, the possibility had occurred to me; but yet every time I have ever imagined that there must be an upper bound on human stupidity, a greater idiot has proved me wrong.

In any case, I am a long term-thinker; and I do anticipate that this thread may be a handy reference.  Much of Anti-Cen’s spew about Bitcoin and Lightning is delivered in such a manner as may be effective FUD to scare and confuse newbies.  That was my first thought when I saw this thread.  There are enough bottom-feeders serving as paid shills to post such things; we don’t need more from someone who does it for jollies due to lack of any higher aim or greater pleasure in life.

Well, anyway, I appreciate the tip.  Perhaps I ought return to my usual occupation of manufacturing MD5 ASICs for Bitcoin mining, or doing carpentry with a screwdriver to put in nails.

Anti-Cen (OP)
Member
**
Offline Offline

Activity: 210
Merit: 26

High fees = low BTC price


View Profile
January 30, 2018, 11:53:19 PM
Last edit: January 31, 2018, 10:05:01 AM by Anti-Cen
 #11

That is a 160-bit SHA-1 hash, calculated as specified by RFC 4880 § 12.2.  Depending on how those bits hashed out, you perhaps may only have slightly more luck finding in it a minuscule RSA modulus plus public exponent than you would using RSA-512 to generate Bitcoin keys.

You keep making assumptions about what I am working on but i am not trying to talk to the Bitcoin
network and have some work to do with coordinators and
four way transactions that all need to be secure and I know this is strange but its windows based so I tend
to use the tools to hand and the 512 bit key your banging on about is not significant to me at this point in time.

it said "The code I use for now in C# to create keys/Exponent is shown below" so put your glass on please.

Secp256k1 from what I can see does not allow encryption with the private key so it can be read with the public key
because the signature signing needs to encode something from the public key to work but it does offer some advantages
over RSA but i want you to know that I could not have managed to get this far without expert help from yourself    

Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
Anti-Cen (OP)
Member
**
Offline Offline

Activity: 210
Merit: 26

High fees = low BTC price


View Profile
January 30, 2018, 11:55:44 PM
Last edit: January 31, 2018, 12:06:50 AM by Anti-Cen
 #12

In fairness, I think the Anti-Cen account *is* satire. The posts are often quite funny pastiches of genuine attempts to troll Bitcointalk.org.

What you really mean is the wheels are falling off the bus and you cannot bear to be reminded about it
mr no bankers around here when it comes to lightning

Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
Anti-Cen (OP)
Member
**
Offline Offline

Activity: 210
Merit: 26

High fees = low BTC price


View Profile
January 31, 2018, 12:01:41 AM
 #13

You think?  If so, it’s still a troll—and that would not be the first time I may have been trolled here, though the other one was much less plausible.  Thus, the possibility had occurred to me; but yet every time I have ever imagined that there must be an upper bound on human stupidity, a greater idiot has proved me wrong.

In any case, I am a long term-thinker; and I do anticipate that this thread may be a handy reference.  Much of Anti-Cen’s spew about Bitcoin and Lightning is delivered in such a manner as may be effective FUD to scare and confuse newbies.  That was my first thought when I saw this thread.  There are enough bottom-feeders serving as paid shills to post such things; we don’t need more from someone who does it for jollies due to lack of any higher aim or greater pleasure in life.

Well, anyway, I appreciate the tip.  Perhaps I ought return to my usual occupation of manufacturing MD5 ASICs for Bitcoin mining, or doing carpentry with a screwdriver to put in nails.

You can pat each other on the bums all you like but you won't be turning truth into treason and winning any debate unless you face up to
facts and may I suggest that you have been trolling this thread all day and these people you call trolls I suspect are just better educated
than you.

Did the boss send you in ?

Mining is CPU-wars and Intel, AMD like it nearly as much as big oil likes miners wasting electricity. Is this what mankind has come too.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!