out of range private keys

Bitcoin Forum

May 22, 2024, 06:59:59 AM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Bitcoin Forum > Bitcoin > Development & Technical Discussion > out of range private keys

Pages: [1]

« previous topic next topic »

Author

Topic: out of range private keys (Read 110 times)

akaki (OP)

Newbie

Offline

Activity: 22
Merit: 35

out of range private keys

December 19, 2021, 05:51:15 PM

Hi,

we can read in [https://en.bitcoin.it/wiki/Private_key] the following:

Quote

Range of valid ECDSA private keys
Nearly every 256-bit number is a valid ECDSA private key. Specifically, any 256-bit number from 0x1 to N=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140 is a valid private key.
The range of valid private keys is governed by the secp256k1 ECDSA standard used by Bitcoin

However, in reality even the full 256 bits range and beyond work.
For Example, using 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF, we get the address 1PRWyFKTsQSJaUdX9VKgQNw8JERPw2kMFm that is valid (even transacted before).

As far as I understood, in ECDSA calculations we use %N, therefore we loop, and there is also a prviate key < N that also gives the same address 1PRWyFKTsQSJaUdX9VKgQNw8JERPw2kMFm.

am I right ?

BlackHatCoiner

Legendary

Offline

Activity: 1526
Merit: 7401

Farewell, Leo

Re: out of range private keys

December 19, 2021, 06:09:16 PM

Merited by pooya87 (2)

Well, no. We can't use anything beyond 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140. The fact that k∈[1, N] with m > N doesn't make m - N a number outside that range.

The private key of this address is m - N with m = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF. Specifically, it's

Code:

0x14551231950B75FC4402DA1732FC9BEBE

With a compressed public key of:

Code:

039166C289B9F905E55F9E3DF9F69D7F356B4A22095F894F4715714AA4B56606AF

WIF:

Code:

KwDiBf89QgGbjEhKnhXJuH7grrzmjVFJVSqqLimWN6cB6k6v8AAF

.
.^{BLACKJACK^♠FUN.}

███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████

CRYPTO CASINO &
SPORTS BETTING

│

.
REWARD SYSTEM
.ELITE SEAT..

│

▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████

Whitepaper
JACK

pooya87

Legendary

Offline

Activity: 3458
Merit: 10572

⇾ Re: out of range private keys

December 19, 2021, 06:14:49 PM

Quote from: akaki on December 19, 2021, 05:51:15 PM

No, they don't work because they are technically invalid. You are just using a tool that decided not to show you any error or warning message that the key you gave it is out of range, and instead handles it silently under the hood.

Quote from: akaki on December 19, 2021, 05:51:15 PM

As far as I understood, in ECDSA calculations we use %N, therefore we loop, and there is also a prviate key < N that also gives the same address 1PRWyFKTsQSJaUdX9VKgQNw8JERPw2kMFm.

am I right ?

In ECC we are working in a finite field so the operations are always modulo m.
Any private key > N is invalid, you can modify its value to make it valid. One way is to compute is mod N.

.
.^{BLACKJACK^♠FUN.}

CRYPTO CASINO &
SPORTS BETTING

│

.
REWARD SYSTEM
.ELITE SEAT..

│

Whitepaper
JACK

Pages: [1]

Bitcoin Forum > Bitcoin > Development & Technical Discussion > out of range private keys

« previous topic next topic »

Jump to: