If you create such a backdoor then it is likely that the encryption algorithm you have chosen is a backdoor as well. I am not a mathematician but the solution to the problem of the elliptic curve can be solved even by a student in the first year of high school.
~snip
The solution that is in your link applies to curves formed from congruent numbers only. Like if you have a,b,c = 3,4,5 the sides of a right triangle, or 2,4,sqrt(12) [<-- a set of sides with a fractional c shouldn't be used because x and y have to be integers], then that can be used to construct a point on this special curve.
Similarly you can get all the x and y coordinates on your curve constructed from measuring the hypotenuses of a bunch of triangles with different side lengths.
But - and this is the big part -
this is not the secp256k1 curve. The equations are totally different. This curve uses y
2 = x
3 - n
2x, while secp256k1 is y
2 = x
3 + 7. The term with n (which is supposed to represent area AFAIK) isn't even there, so for your curve that would make an invalid triangle with an area 0. There is no a and b /= 0 that satisfies a*b/2 = n = 0, so that implies
right triangle sides cannot be made for Bitcoin's curve. So this solution totally collapses on its head for secp256k1.
To answer your first remark of an encryption algorithm being chosen is "likely ... a backdoor as well", Dual_EC_DRBG uses two curve points to generate a random number:
Image source: https://blog.0xbadc0de.be/archives/155 (equations are images with transparent background; use your browser's Reader Mode to read them).The backdoor was that somebody made one of the points a multiple of the other, Q = dP, and P is already a known generator point. So where one of the points was supposed to be unknown,
none of them are unknown now and the random number can be guessed easily if you know the initial seed.
This bug cannot be used on RNGs (hash/HMAC/block cipher) that don't use ECC!
