Add private and public key WiP articles

This commit is contained in:
Piotr Włodarek 2018-01-07 17:47:12 +01:00
parent 0f07b2e9a3
commit fdc9af1ea9
4 changed files with 76 additions and 15 deletions

View file

@ -3,7 +3,7 @@
!!! danger !!! danger
Article author is nowhere close to being a cryptographer. Be sceptical on accuracy. Article author is nowhere close to being a cryptographer. Be sceptical on accuracy.
Before we get to Monero, a little bit of context. We are talking asymmetric cryptography here. Before we get to Monero specific stuff, a little bit of context. We are talking asymmetric cryptography here.
The "asymmetric" simply means the are two keys: The "asymmetric" simply means the are two keys:
* the private key (used primarily for signing data and for decrypting data) * the private key (used primarily for signing data and for decrypting data)
@ -16,15 +16,3 @@ back into prime numbers (which is practically impossible for large enough intege
Recently, asymmetric cryptography is based on a mathematical notion of elliptic curves. Recently, asymmetric cryptography is based on a mathematical notion of elliptic curves.
Ed25519 is a specific, well researched and standardized elliptic curve used in Monero. Ed25519 is a specific, well researched and standardized elliptic curve used in Monero.
## Private key
Private key is a **large integer**, like:
`115792089237316195423570985008687907853269984665640564039457584007913129639930`
Private key is a **scalar**, meaning it is a single value.
In equations scalars are represented by **lowercase letters**.
In user-facing contexts, private keys are encoded in little-endian hexadecimal form, like:
`35187c5096d10db8a57be93885f28694ac9dcaa09d6b1fb1903aec07e168430a`

View file

@ -0,0 +1,33 @@
# Private keys in Monero
!!! danger
Article author is nowhere close to being a cryptographer. Be sceptical on accuracy.
!!! warning
Article is a work in progress.
Private key is generated [randomly](/cryptography/prng).
Private key must be kept secret.
Private key is a **large integer** impossible to guess, like:
`108555083659983933209597798445644913612440610624038028786991485007418559037440`
Private key is 256 bits long.
Private key is a **scalar**, meaning it is a single value.
In equations scalars are represented by **lowercase letters**.
In user-facing contexts, private key is encoded in a [little-endian](https://en.wikipedia.org/wiki/Endianness#Little) hexadecimal form, like:
`b3588a87056fb21dc4d052d59e83b54293882e646b543c29478e4cf45c28a402`
## Relation to Ed25519
Being a simple random integer, private key is not specific to any particular asymmetric cryptography scheme.
However, before deriving Ed25519 public key, the private key is subject to modulo `l`,
where `l` is the maximum scalar allowed by [Ed25519 scheme](/cryptography/asymmetric/ed25519).
The `l` is on the order of 2^252, so the effective key strength is technically 252 bits, not 256 bits.
This is standard for EC cryptography and is more of a cosmetic nuance than any real concern.

View file

@ -0,0 +1,38 @@
# Public keys in Monero
!!! danger
Article author is nowhere close to being a cryptographer. Be sceptical on accuracy.
!!! warning
Article is a work in progress.
Public key is deterministically derived from private key based on [Ed25519 curve](/cryptography/asymmetric/ed25519) with a little Monero-specific twist.
Public key is meant to be shared. Assuming correct implementation, it is not practically possible to recover private key from public key.
Public key is a **point (x,y)** on the elliptic curve.
In equations points are represented by **uppercase letters**.
In user-facing contexts, public key is encoded in a [little-endian](https://en.wikipedia.org/wiki/Endianness#Little) hexadecimal form, like:
`016a941812293cf9a86071060fb090ab38d67945e659968cb8cf30e1bc725683`
## Deriving public key
Say:
* P is a public key
* x is a private key
* G is a "base point"; this is simply a constant specific to [Ed25519](/cryptography/asymmetric/ed25519); this point lies on the elliptic curve
Then:
P = xG
The public key is simply the base point (G) multiplied by the private key (x).
Multiplying the point is adding the point to itself a number of times.
However, the addition is **not** a simple vector addition. It has a very specific
definition nicely described in [this article](https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/).
What is important is that result of addition is always a point on the curve.
For example, G + G is another point on the curve.

View file

@ -13,8 +13,10 @@ pages:
- PRNG: 'cryptography/prng.md' - PRNG: 'cryptography/prng.md'
- 'Keccak-256': 'cryptography/keccak-256.md' - 'Keccak-256': 'cryptography/keccak-256.md'
- Asymmetric: - Asymmetric:
# - Overview: 'cryptography/asymmetric/intro.md' - Overview: 'cryptography/asymmetric/intro.md'
- 'Ed25519 curve': 'cryptography/asymmetric/ed25519.md' - Private keys: 'cryptography/asymmetric/private-key.md'
- Public keys: 'cryptography/asymmetric/public-key.md'
- Ed25519 curve: 'cryptography/asymmetric/ed25519.md'
# - CryptoNight PoW: 'cryptography/cryptonight.md' # - CryptoNight PoW: 'cryptography/cryptonight.md'
- Base58: 'cryptography/base58.md' - Base58: 'cryptography/base58.md'
- Address: - Address: