And what is referred by "symmetrie" of seck256k1?
An elliptic curve in theory will always look
like this;
In bitcoin, it's just slightly different.
https://bitcoin.stackexchange.com/questions/21907/what-does-the-curve-used-in-bitcoin-secp256k1-look-likeWhich means that there are (obviously) 2 "
solutions" for every X(?) (
Which i think are the compressed vs uncompressed keys he is referring to?)
I have no clue what the difference between them is, apart from the different byte sizes (resulting in only the compressed version being used in bitcoin nowadays(?)).
(EDIT;
http://learnmeabitcoin.com/glossary/public-key)
This is really were my (already limited) understanding of it all stops. I'm not entirely sure how credible his answer is, (or mine
) especially since he is doubling the number twice for "symmetry"?
I mean: 30 million uncompressed public keys, or 60 million (if you accept both uncompressed and compressed format) keys in 1 second.
If you exploit then the symmetrie of the secp256k1 curve, you can double this number for free (120 million public keys in 1 second). If you use endomorphism too, you could get over 220 million of public keys in 1 second. Only via CPU.
Aren't you already exploiting the symmetrie of the curve by using both uncompressed and compressed public keys?
How can he just double that number for uncompressed v compressed keys as described in the first sentence of his answer...?
As per
http://learnmeabitcoin.com/glossary/public-key;This is an uncompressed key
04fe53c78e36b86aae8082484a4007b706d5678cabb92d178fc95020d4d8dc41ef44cfbb8dfa7a593c7910a5b6f94d079061a7766cbeed73e24ee4f654f1e51904
This is a compressed one;
03df51984d6b8b8b1cc693e239491f77a36c9e9dfe4a486e9972a18e03610a0d22
I don't get how he just comes up with these out of thin air as per his answer of "simply doubling/"accepting" them"....?
I feel like i'm completely misunderstanding this...
Per Pieter Wuille;
From an EC point of view, you have one private key with one corresponding public key.
The problem is, public keys can be serialized in two ways - compressed (33 bytes) or uncompressed (65 bytes). One is slightly harder to deal with, but as storage space is more critical in Bitcoin, we prefer to use the compressed one. Thus, we now have one private key that corresponds to (from Bitcoin's point of view, as we deal with the serialized versions) two public keys. Each of these public keys has an address (as the hash is calculated from the serialized public key). So, 1 private key, 2 public keys, 2 addresses.
So when you want to import a private key, the software has to know which of the public keys (with corresponding address) should be used. The solution is to add a flag bit to the base58 encoding of the private key, notifying the importer whether or not to use the compressed public keys. Typically, these get called compressed and uncompressed private keys - but it's really just a bit saying whether the corresponding public key is compressed or not.
The only reason not to use a compressed public key is that not all software supports it (they were introduced in Bitcoind/Bitcoin-Qt 0.6 only).
@MoonShadow: EC public keys are actually not numbers but a pair of numbers (X and Y coordinate), and the Y coordinate can be calculated from the X coordinate. That is how "compression" works - it's just a somewhat less redundant encoding. Testnet is unrealted to this.
