Calculate public key from private

[JPage]

I am not so sure about this ECSDA stuff.  But I do know it is a bit difficult to calculate the private key from a public key.

However, I understand the other way around is quite easy.  Does anyone have a formula for that?

How do I calculate the public key when I am already in possession of the private key?

[micaman]

Check this topic:
https://bitcointalk.org/index.php?topic=78132.0

I believe it's the same question.

[rz20]

In bitaddress you have all the tools to make it https://www.bitaddress.org/

[TimS]

In mathematical terms: pubKey = privKey * G, where G is a specific base point on the elliptic curve y^2 = x^3 + 7 mod (2^256 - 2^32 - 977) (privKey is a number, G and pubKey are points on the curve)
In programmatic terms (the C# one is about as simple as it goes, for self-contained solutions): http://bitcoin.stackexchange.com/a/25039/12034
If you just want an easy, do-it-for-me sort of thing, enter your private key at https://brainwallet.github.io/

[R2D221]

If you just want an easy, do-it-for-me sort of thing, enter your private key at https://brainwallet.github.io/

You should NEVER enter you private key in any website. If you want to use it, you should download it and run it locally first.

[bigasic]

Im not sure how this secure is, but I get a computer that I never use for bitcoin purposes, go to bitaddress.org then disconnect my internet connection and then do the random thing, then print out X amount of public and private keys that is directly connected to my printer. I think thats about as secure as im going to get.

[JPage]

In mathematical terms: pubKey = privKey * G, where G is a specific base point on the elliptic curve y^2 = x^3 + 7 mod (2^256 - 2^32 - 977) (privKey is a number, G and pubKey are points on the curve)
In programmatic terms (the C# one is about as simple as it goes, for self-contained solutions): http://bitcoin.stackexchange.com/a/25039/12034
If you just want an easy, do-it-for-me sort of thing, enter your private key at https://brainwallet.github.io/

Thanks TimS - you are awesome.  That's what I wanted.

[tianshiqmdvb147]

Check this topic:
https://bitcointalk.org/index.php?topic=78132.0

I believe it's the same question.

What？what said?

[bigasic]

i hope the guy that used this address 1Q7f2rL2irjpvsKVys5W2cmKJYss82rNCy doesn't use it anymore.. the passphrase for the private key, etc is satoshi nakamoto, lol...... I wonder how many easy addresses were made.. this is just another great reason to make sure its fucking secure...

[ForgottenPassword]

i hope the guy that used this address 1Q7f2rL2irjpvsKVys5W2cmKJYss82rNCy doesn't use it anymore.. the passphrase for the private key, etc is satoshi nakamoto, lol...... I wonder how many easy addresses were made.. this is just another great reason to make sure its fucking secure...

There are a couple of bots that are "mining" brain wallets. They're using common password dictionaries to generate thousands of brainwallets and emptying any funds.

Here is the address of one of them:
https://blockchain.info/address/1brain7kAZxPagLt2HRLxqyc3VgGSa1GR

Currently 12.4BTC profit for the owner.

Apparently some unlucky guy accidentally sent 10BTC to the address "correct horse battery staple" (default on some brainwallet sites):
https://blockchain.info/tx/31ff3dc5a0b490e0dc709a27fc50b1dc9c6d17a82b7bae36244293464352fb38

It was taken by the 1brain bot.

[amaclin]

the passphrase for the private key, etc is satoshi nakamoto, lol...... I wonder how many easy addresses were made.

[offtopic]
Do not wonder. You can calc them yourself. About 18k are already seen in the blockchain.
Read this reddit article http://www.reddit.com/r/Bitcoin/comments/1zti1p/17956_hacked_brainwallet_passwords/
and visit http://chbs.esy.es
[/offtopic]

Answering the subject question.
Here is my code for Qt/C++/openssl (rewritten from original bitcoin-qt)

Code:

static EC_KEY* EC_KEY_regenerate_key ( const quint8* priv )
{
  static EC_KEY* eckey = EC_KEY_new_by_curve_name ( NID_secp256k1 );
  static const EC_GROUP* group = EC_KEY_get0_group ( eckey );
  BIGNUM* privkey = BN_bin2bn ( priv, 32, BN_new ( ) );
  BN_CTX* ctx = BN_CTX_new ( );
  EC_POINT* pubkey = EC_POINT_new ( group );
  EC_POINT_mul ( group, pubkey, privkey, 0, 0, ctx );
  EC_KEY_set_private_key ( eckey, privkey );
  EC_KEY_set_public_key ( eckey, pubkey );
  EC_POINT_free ( pubkey );
  BN_CTX_free ( ctx );
  BN_clear_free ( privkey );
  return eckey;
}
//--------------------------------------------------------------
const char* MyKey32::getPublicKey ( char* buf ) const
{
  quint8 pubkey [65];
  quint8* pbegin = pubkey;
  i2o_ECPublicKey ( EC_KEY_regenerate_key ( constPtr ( ) ), &pbegin );
  fassert ( pubkey [0] == 0x04 );
  memcpy ( buf, pubkey + 1, 64 ); // without 0x04 prefix
  return (const char*)buf;
}
//--------------------------------------------------------------
const QByteArray MyKey32::getPublicKeyClassic ( ) const
{
  char buf [65];
  getPublicKey ( buf + 1 );
  buf [0] = 0x04;
  return QByteArray ( buf, 65 );
}
//--------------------------------------------------------------
const QByteArray MyKey32::getPublicKeyCompressed ( ) const
{
  char buf [65];
  getPublicKey ( buf + 1 );
  buf [0] = 0x02 + ( buf [64] & 1 );
  return QByteArray ( buf, 33 );
}