From fdc9af1ea9e7d1566c129859b09f42cee595cd7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Piotr=20W=C5=82odarek?= Date: Sun, 7 Jan 2018 17:47:12 +0100 Subject: [PATCH] Add private and public key WiP articles --- docs/cryptography/asymmetric/intro.md | 14 +------- docs/cryptography/asymmetric/private-key.md | 33 ++++++++++++++++++ docs/cryptography/asymmetric/public-key.md | 38 +++++++++++++++++++++ mkdocs.yml | 6 ++-- 4 files changed, 76 insertions(+), 15 deletions(-) create mode 100644 docs/cryptography/asymmetric/private-key.md create mode 100644 docs/cryptography/asymmetric/public-key.md diff --git a/docs/cryptography/asymmetric/intro.md b/docs/cryptography/asymmetric/intro.md index 1d457af..92465b0 100644 --- a/docs/cryptography/asymmetric/intro.md +++ b/docs/cryptography/asymmetric/intro.md @@ -3,7 +3,7 @@ !!! danger Article author is nowhere close to being a cryptographer. Be sceptical on accuracy. -Before we get to Monero, a little bit of context. We are talking asymmetric cryptography here. +Before we get to Monero specific stuff, a little bit of context. We are talking asymmetric cryptography here. The "asymmetric" simply means the are two keys: * the private key (used primarily for signing data and for decrypting data) @@ -16,15 +16,3 @@ back into prime numbers (which is practically impossible for large enough intege Recently, asymmetric cryptography is based on a mathematical notion of elliptic curves. Ed25519 is a specific, well researched and standardized elliptic curve used in Monero. - -## Private key - -Private key is a **large integer**, like: -`115792089237316195423570985008687907853269984665640564039457584007913129639930` - -Private key is a **scalar**, meaning it is a single value. - -In equations scalars are represented by **lowercase letters**. - -In user-facing contexts, private keys are encoded in little-endian hexadecimal form, like: -`35187c5096d10db8a57be93885f28694ac9dcaa09d6b1fb1903aec07e168430a` diff --git a/docs/cryptography/asymmetric/private-key.md b/docs/cryptography/asymmetric/private-key.md new file mode 100644 index 0000000..32724da --- /dev/null +++ b/docs/cryptography/asymmetric/private-key.md @@ -0,0 +1,33 @@ +# Private keys in Monero + +!!! danger + Article author is nowhere close to being a cryptographer. Be sceptical on accuracy. + +!!! warning + Article is a work in progress. + +Private key is generated [randomly](/cryptography/prng). + +Private key must be kept secret. + +Private key is a **large integer** impossible to guess, like: +`108555083659983933209597798445644913612440610624038028786991485007418559037440` + +Private key is 256 bits long. + +Private key is a **scalar**, meaning it is a single value. + +In equations scalars are represented by **lowercase letters**. + +In user-facing contexts, private key is encoded in a [little-endian](https://en.wikipedia.org/wiki/Endianness#Little) hexadecimal form, like: +`b3588a87056fb21dc4d052d59e83b54293882e646b543c29478e4cf45c28a402` + +## Relation to Ed25519 + +Being a simple random integer, private key is not specific to any particular asymmetric cryptography scheme. + +However, before deriving Ed25519 public key, the private key is subject to modulo `l`, +where `l` is the maximum scalar allowed by [Ed25519 scheme](/cryptography/asymmetric/ed25519). + +The `l` is on the order of 2^252, so the effective key strength is technically 252 bits, not 256 bits. +This is standard for EC cryptography and is more of a cosmetic nuance than any real concern. diff --git a/docs/cryptography/asymmetric/public-key.md b/docs/cryptography/asymmetric/public-key.md new file mode 100644 index 0000000..2ecd143 --- /dev/null +++ b/docs/cryptography/asymmetric/public-key.md @@ -0,0 +1,38 @@ +# Public keys in Monero + +!!! danger + Article author is nowhere close to being a cryptographer. Be sceptical on accuracy. + +!!! warning + Article is a work in progress. + +Public key is deterministically derived from private key based on [Ed25519 curve](/cryptography/asymmetric/ed25519) with a little Monero-specific twist. + +Public key is meant to be shared. Assuming correct implementation, it is not practically possible to recover private key from public key. + +Public key is a **point (x,y)** on the elliptic curve. + +In equations points are represented by **uppercase letters**. + +In user-facing contexts, public key is encoded in a [little-endian](https://en.wikipedia.org/wiki/Endianness#Little) hexadecimal form, like: +`016a941812293cf9a86071060fb090ab38d67945e659968cb8cf30e1bc725683` + +## Deriving public key + +Say: + +* P is a public key +* x is a private key +* G is a "base point"; this is simply a constant specific to [Ed25519](/cryptography/asymmetric/ed25519); this point lies on the elliptic curve + +Then: + + P = xG + +The public key is simply the base point (G) multiplied by the private key (x). +Multiplying the point is adding the point to itself a number of times. + +However, the addition is **not** a simple vector addition. It has a very specific +definition nicely described in [this article](https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/). +What is important is that result of addition is always a point on the curve. +For example, G + G is another point on the curve. diff --git a/mkdocs.yml b/mkdocs.yml index ace704d..3e5e536 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -13,8 +13,10 @@ pages: - PRNG: 'cryptography/prng.md' - 'Keccak-256': 'cryptography/keccak-256.md' - Asymmetric: -# - Overview: 'cryptography/asymmetric/intro.md' - - 'Ed25519 curve': 'cryptography/asymmetric/ed25519.md' + - Overview: 'cryptography/asymmetric/intro.md' + - Private keys: 'cryptography/asymmetric/private-key.md' + - Public keys: 'cryptography/asymmetric/public-key.md' + - Ed25519 curve: 'cryptography/asymmetric/ed25519.md' # - CryptoNight PoW: 'cryptography/cryptonight.md' - Base58: 'cryptography/base58.md' - Address: