Bitcoin Forum
October 15, 2024, 09:29:26 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: how to pow work with elliptic curve  (Read 128 times)
ecdsa123 (OP)
Jr. Member
*
Offline Offline

Activity: 50
Merit: 107


View Profile
October 01, 2024, 07:20:54 PM
 #1



HI , it is maybe silly questions.

I have something like in pure python:

d = pow(g, f*(n-2) ,n)

where:  g - generator as integer
            f -  some int value
            n - order

I would like to know how to write in elliptic curve where g is a point?

COBRAS
Member
**
Offline Offline

Activity: 991
Merit: 23


View Profile
October 01, 2024, 08:35:05 PM
 #2

hi is can do


https://duckduckgo.com/?q=DuckDuckGo+AI+Chat&ia=chat&duckai=1

[
goldkingcoiner
Legendary
*
Offline Offline

Activity: 2198
Merit: 1958


A Bitcoiner chooses. A slave obeys.


View Profile WWW
October 01, 2024, 08:55:52 PM
Last edit: October 01, 2024, 09:32:51 PM by goldkingcoiner
 #3



HI , it is maybe silly questions.

I have something like in pure python:

d = pow(g, f*(n-2) ,n)

where:  g - generator as integer
            f -  some int value
            n - order

I would like to know how to write in elliptic curve where g is a point?



You mean something like this?: https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication

COBRAS is right, it is easy to find out the answer on this one. Literally just inserted your question into ChatGPT:

Code:
from ecdsa import SECP256k1, ellipticcurve

# SECP256k1 curve
curve = SECP256k1.curve
G = SECP256k1.generator

# Parameters
f = 5  # some integer value
n = G.order()  # the order of the generator point

# Scalar multiplication on elliptic curve
scalar = f * (n - 2)

# Perform scalar multiplication with the generator point
D = scalar * G

# The result D is a point on the elliptic curve
print(f"Resulting point D: ({D.x()}, {D.y()})")


███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
ecdsa123 (OP)
Jr. Member
*
Offline Offline

Activity: 50
Merit: 107


View Profile
October 01, 2024, 09:35:57 PM
 #4

I will explain:


let n -> order of the group - choosed as secp256k1

 n = 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141


we have our generaror as G in secp256k1:

G.x = 55066263022277343669578718895168534326250603453777594175500187360389116729240
G.y = 32670510020758816978083085130507043184471273380659243275938904335757337482424


now when I do :
res = G * (n-2)

result  is  -2*G but with negate y.


now lets :
generator is 2 as DLP:

when I will do with the same order:
pow(2,n-2,n)

I got resultat 57896044618658097711785492504343953926418782139537452191302581570759080747169

which is half point of G of secp256k1

why not n-2?
goldkingcoiner
Legendary
*
Offline Offline

Activity: 2198
Merit: 1958


A Bitcoiner chooses. A slave obeys.


View Profile WWW
October 01, 2024, 09:45:36 PM
 #5

scalar multiplication on elliptic curves and exponentiation modulo n are governed by different mathematical structures.

That is why you got two different results.

Ain't ChatGPT a beautiful thing?

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
ecdsa123 (OP)
Jr. Member
*
Offline Offline

Activity: 50
Merit: 107


View Profile
October 01, 2024, 09:52:22 PM
 #6

GPT is silly:)

I have readed a lot of sources.

in all exponential in ecdlp is rewriten as multiplicative in the group.

and I really do not know why.
goldkingcoiner
Legendary
*
Offline Offline

Activity: 2198
Merit: 1958


A Bitcoiner chooses. A slave obeys.


View Profile WWW
October 01, 2024, 10:17:06 PM
 #7

GPT is silly:)

I have readed a lot of sources.

in all exponential in ecdlp is rewriten as multiplicative in the group.

and I really do not know why.


Are you sure? It is supposed to be additive. DLP is multiplicative. I think your issue lies in notation (as mentioned, due to different mathematical structures).

g*g*g =/= 3g

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
pooya87
Legendary
*
Offline Offline

Activity: 3598
Merit: 10932


Crypto Swap Exchange


View Profile
October 02, 2024, 05:29:43 AM
 #8

Is "pow" power? That's just modular exponentiation https://en.wikipedia.org/wiki/Modular_exponentiation and all "bigint" libs and ECC libraries should have a function that computes ModPow() for you. There are a couple of algorithms that can be used but I don't know what would be best for N-2 though...

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
garlonicon
Copper Member
Legendary
*
Offline Offline

Activity: 882
Merit: 2114


Pawns are the soul of chess


View Profile
October 02, 2024, 06:35:11 AM
Merited by ABCbits (2)
 #9

Quote
I would like to know how to write in elliptic curve where g is a point?
ECDSA is not DSA. This is not how it works. You have DSA, and you want to convert it into ECDSA, but you won't, because in DSA, you have just some numbers, while in ECDSA, you have points.

Which means, that if you work only on private keys, then you can of course compute all things there. But: when you want to do the same thing on public keys, then you won't multiply two public keys alone. And also, you won't raise a given generator, to a given power, because exponentiation is just repeated multiplication.

My old topic about it: https://bitcointalk.org/index.php?topic=5460766.0

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!