2

Most of the private to public key implementations I've come across do not make use of the equation y^2=x^3+7 (the weierstrass equation defining SECp256k1).

One that i often use is in the link below and does not use any external libraries.[EllipticCurvesPart4-PrivateKeyToPublicKey.py][1]

As you can tell, only the parameters a and b of the equation are used in the code. This brings up the following question :

Are a=0 and b=7 coefficients with special properties?Or they could have been any other number?

This is not about the parameters of SECP256k1 but has more to do with an observation i have come across where the curve under the specific values 0 and 7 translates into a different structure.

I would first appreciate knowing if there are any explanations that are more valid and perhaps verifiable that may negate this observation. [1]: https://github.com/wobine/blackboard101/blob/master/EllipticCurvesPart4-PrivateKeyToPublicKey.py

Moussa Al-Basheer
  • 31
  • 5
  • I failed to find the full satisfactory answer, but I remember reading that these specific values make secp256k1 more computationally efficient. In particular, 7 was chosen because 7 % 4 = 3 and that makes point arithmetic more efficient. – Sachin Meier Jul 13 '22 at 07:27
  • from the various sources i've come across, i learned that the equation sort of defines the smallest subgroup that exists in a cyclic group of a prime order ( i.e group order n in secp256k1). If thats the case, then one does not expect that the smallest subgroup is modulated since the modulus is at the end of the bigger cyclic group and would have to have a prime order, and 4 isn't prime. Also reference the shared b is never used in private to public key derivation. so how does a system running the code knows it is dealing with an EC? – Moussa Al-Basheer Jul 14 '22 at 15:38

0 Answers0