# Questions tagged [cryptography]

Concerning the broad subject of cryptography and its narrow application in Bitcoin protocol and applications.

208
questions

**3**

votes

**2**answers

128 views

### Are BTC Private Keys evenly distributed in 256bit space?

If we assume that there are ~2^96 private keys for EACH bitcoin address (2^256-160) and we assume that in cryptography it is considered good property of every hash function if it evenly distributes ...

**-2**

votes

**0**answers

21 views

### Bitcoin ballet cold wallet ( card ) [on hold]

Ok so when using paper wallet you always want to get a new passphrase everytime you spend. I understand.
But isnt the ballet keeping you on same passphrase? Isnt this less secure?
It states its ...

**3**

votes

**1**answer

39 views

### I need to know about wallets in cryptocurrency, how do exchanges generate deposite address per user?

In exchanges like Binance when a user wants to deposit coins in bitcoin or in other coins, per user receives a unique public key? Do they have to generate pair key private/public key for each user in ...

**0**

votes

**1**answer

17 views

### Learning to trade iOS user friendly crypto wallet safety when stored in and transfer for trading or use to purchase or get cashed

iPhone users best crypto wallet in bitcoin currency trading and transfer for easy access to use and keep safe deposit and profits as a new and first time trading experience to the trading crypto ...

**0**

votes

**0**answers

21 views

### What does Google's quantum supremacy mean to Bitcoin? [duplicate]

Recently, there has been a heated discussion on the internet about a paper published by Google on NASA's website saying that Google has achieved the so-called "quantum supremacy", which generates ...

**0**

votes

**0**answers

20 views

### At what step does the private key is transformed to mnemonic phrase [duplicate]

If I am correct to make a private key you have to first generate a random 256 bit number then transform it to a WIF private key using base 58 check encode, does the mnemonic phrase is generated from ...

**4**

votes

**0**answers

47 views

### Can ECDH peers waste each other's time at will?

Peter Dettman notes that ECDH peers can waste each other's time at will. What does he mean? Can this be weaponized against Lightning nodes?

**0**

votes

**2**answers

83 views

### Is there any blockchain explorer available to track the trades of cryptocurrency exchange?

I haven't seen any decentralized exchange that provides the information of trades and can track the record of transaction history and time.
I am looking forward to that exchange which can provide ...

**0**

votes

**0**answers

35 views

### BIP32 HD Wallet vs HMAC vs Hashing

I've been working on a website which will be caring out various cryptographic operations. On the website users can post Ads. Each Ad has a monotonically increasing unique ID. For each Ad, I would like ...

**-1**

votes

**1**answer

34 views

### Is IQmining worth the investment? [closed]

I am interested in investing in crypto-contracts, is IQmining worth the investment?

**0**

votes

**1**answer

43 views

### Consider using Bitcoin but just heard the IRS is sending tax notices to 10k plus users

article: https://www.cnn.com/2019/07/26/tech/irs-cryptocurrency-taxes/index.html
My background: Good understanding of RSA cryptography, some elliptic curve, Number Theory and I am a (real)programmer
...

**0**

votes

**1**answer

33 views

### How public-key cryptography secures bitcoin transactions from 51% attacks and Mining Attacks

I wanted to better understand how public-key cryptography avoids 51% attacks and mining attacks, also if this question is wrong please correct so that i can improve my research and provide me with ...

**0**

votes

**0**answers

24 views

### What role does public-key cryptography play in bitcoin transaction? [duplicate]

Explain in one word and kindly tell what is it exactly that public-key cryptography does in bitcoin.

**3**

votes

**2**answers

301 views

### To what extent does asymmetric cryptography secure bitcoin transactions?

Is there a specific attack or bug which asymmetric cryptography prevents during bitcoin transactions?

**2**

votes

**2**answers

97 views

### Are there valid transactions which are impossible to mine?

Is it possible to have a bitcoin transaction T that is valid with a very generous transaction fee for which it is impossible for T to be included in the next block, or even in all subsequent blocks?
...

**0**

votes

**0**answers

38 views

### How to integrate bitcoin address generator into website

I want to integrate a bitcoin accounts and address generator into my website, similar to those found on crypto exchanges. Users can generate addresses and have their own accounts. Is there an open ...

**0**

votes

**0**answers

42 views

### Shamir SSSS how to split the example if i want to use 12 Bits instead of 11 Bits?

Shamir Mnemonics are encoded into 3 components - the Version, the Parameters, and the Shamir Share.
The encoded components are concatenated together to form a Shamir Mnemonic.
First Component is ...

**0**

votes

**1**answer

37 views

### What's the purpose of CSHA256::Write and CSHA256::Finalize

Looking at Bitcoin Core implementation of SHA256, I noticed it was a bit different from OpenSSL's implementation.
In OpenSSL, you would initialize a variable with SHA256_CTX when in Bitcoin Core it's ...

**0**

votes

**1**answer

61 views

### Confused on using SHA256 code from Bitcoin Core

I was looking at Bitcoin Core code to use its SHA256 code but am confused on where I should be looking at.
In bitcoin/src/crypto/sha256.h there is CSHA256
and in bitcoin/src/crypto/sha256.cpp there ...

**4**

votes

**1**answer

154 views

### What are the 3 arguments called in function SHA256?

void sha256(struct sha256 *sha, const void *p, size_t size)
{
struct sha256_ctx ctx;
sha256_init(&ctx);
sha256_update(&ctx, p, size);
sha256_done(&ctx, sha);
}
I'm trying ...

**3**

votes

**1**answer

64 views

### ECDSA - why not using the cyclic additive group

As I understand things so far, the ECDSA scheme used by Bitcoin uses a group G generated by a point on the elliptic curve y^2 = x^2 + 7.
Now G is a cyclic group of finite order n and is, hence, ...

**1**

vote

**0**answers

37 views

### Schnorr Fiat Shamir Transformation

In the Schnorr identity protocol, we can transform the interactive ZKP into a non-interactive one by replacing the role of the verifier (i.e. providing a random challenge value) with a hash function ...

**0**

votes

**1**answer

65 views

### How to verify signature of multisig transaction

How to verify signature of multisig transaction (2-2) after it being signed by first owner? How can I understand if that owner used wrong private key => wrong signature?

**2**

votes

**1**answer

85 views

### How to make a homomorphic preimage/payment hash with current lightning network / Bitcoin implementations?

If I remember / understand it correctly by using the mechanisms from the scriptless scripts paper we could easily create homomorphic preimages / paymenthashes.
I think this would be a very desirable ...

**4**

votes

**1**answer

101 views

### Low-s value in bitcoin signature

What are the problems related in using the "normal" ( bigger than N/2) value of the s number in transaction signature and why we use the lower one?
Is it about the math behind the ecdsa?

**0**

votes

**1**answer

106 views

### how to place a bitforex api buy order

I have read the documentation for BitForex on placing a buy order here:
https://github.com/bitforexapi/API_Doc_en/wiki/Order
Then after understanding that, I read the API Call Description ...

**0**

votes

**1**answer

72 views

### Private key generation doubt

I read that the private key pk has to be any number between 1 and n, where n is almost 10^77.
Since pk' s function is practically to be used as a scalar for multiplying the generator point G, why does ...

**2**

votes

**2**answers

398 views

### How can my private key be revealed if I use the same nonce while generating the signature?

I know it is well understood that it is not a good practice to use the same nonce while generating the signatures, but I am not getting the math right.
Assume I have some UTXOs that are controlled ...

**0**

votes

**1**answer

48 views

### Are transactions with the same ScriptSig a security problem?

For instance while looking at the transaction stack of my address, tracing it to exchanges I use, I came across this:
https://www.blockchain.com/btc/tx/...

**2**

votes

**1**answer

99 views

### What is the current computing speed of performing an elliptic curve multiplication?

Hi I was just looking for some information on how long it would take to crack a private key in bitcoin using a brute force approach and I couldn't find a very good answer for how long it takes to ...

**0**

votes

**2**answers

98 views

### The order of the generator point G used in bitcoin

Hi I was just wondering how the order of the generator point G used in bitcoin was actually calculated.
From the specification listed http://www.secg.org/SEC2-Ver-1.0.pdf for secp256k1 I can see ...

**0**

votes

**1**answer

69 views

### Bitcoin Signatures are susceptible to quantum attacks - how exactly and with what practical impact? [duplicate]

@PieterWuille wrote in another thread:
""
The hashing algorithm is probably the most quantum-resistant piece of cryptography right now in Bitcoin. Barring any specific breaks, SHA256 and RIPEMD160 ...

**1**

vote

**1**answer

114 views

### How can you calculate the inverse of S component of signature, while you cannot do it in ECC to calculate private key from public key?

When verifying the signature in bitcoin, we calculate S^(-1) * hash(m) * G + S^(-1) * R * pub_key and verify that this is equal to the temporary public key. Given the same logic, why can't we use it ...

**2**

votes

**1**answer

124 views

### What is so special about chacha20 stream cipher along with poly1305 for message authentication codes?

I am currently trying to dissect the low level cryptography protocols of the lightning network and I realize that in many places chacha20 is being used. I tried reading about it in the Wikipedia ...

**3**

votes

**1**answer

125 views

### ECDSA signature with r value of 31?

occasionally on Android we are generating an ECDSA signature. This turns out to have a "r" length of 31 bytes. Is that valid?
For reference here is a nice diagram outlining the ASN.1 structure of ...

**-1**

votes

**2**answers

149 views

### How would one prove he is Satoshi Nakamoto if he lost his private keys

Assume you're Satoshi Nakamoto, completely, and that you've forgotten your private key/s. How do you prove that this is true, using the BTC blockchain? Is there a transaction you can make, or a ...

**0**

votes

**1**answer

442 views

### BITCOIN SCRIPT: Write the bitcoin ScriptPubKey script for a transaction that can be redeemed by anybody who supplies a square root of 1764?

Bitcoin script: For the following questions, you're free to use non-standard transactions and op codes that are currently disabled. You can use as a shorthand to represent data values pushed onto the ...

**0**

votes

**0**answers

42 views

### Correct breakdown of the name of secp256k1?

sec Standards for Efficient Cryptography
256 256bit prime
k1 Koblitz curve no. 1
?

**1**

vote

**1**answer

161 views

### How specific are ASIC's design? Can they single hash SHA256?

I understand that Bitcoin's ASICs are a highly optimized piece of equipment and, therefore, are also very specific.
My question: are they able to do a single (or triple?) SHA-256 hash at all? And, ...

**0**

votes

**0**answers

20 views

### Private Blockchains: Blocks’ validation

I’m a software developer and I’m trying to understand blockchain at a code level
I have the following issue:
There’s a private blockchain, this private blockchain does not have any relation to ...

**7**

votes

**2**answers

2k views

### Is a bitcoin address collision possible if generating 90 million addresses every 4 hours?

I am running a test to see if I can obtain a successful bitcoin address collision after generating billions of addresses. I am not entirely sure how I would check them yet. Basically I have an extra ...

**14**

votes

**1**answer

2k views

### What is the origin of insecure 64-bit nonces in signatures in the Bitcoin chain?

In Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in Cryptocurrencies Joachim Breitner and Nadia Heninger use a lattice based algorithm to recover private keys from signatures in ...

**1**

vote

**1**answer

55 views

### Security implications of removing CHECKSIG in a test

If I conduct an htlc transaction on testnet that does not include OP_CHECKSIG will it still cost an attacker more than (say) $10 in processing power or storage to subvert my tests?
Details: I'm ...

**2**

votes

**1**answer

478 views

### Bitcoin Core Old Wallet.dat Vulnerability

Own a wallet.dat file from 2010-2011. Yesterday I saw there was a vulnerability which is makes attacking somewhat easier if your wallet is generated by old client and I'm pretty sure my wallet is ...

**1**

vote

**1**answer

69 views

### Setup bitcoin-seeder

I wanna setup a dnsseed for a crypto currency using sipa/bitcoin-seeder on my VPS.
The server is hosted at NetCup and running the software as root, and also listening on port :53 UDP.
My domain is ...

**0**

votes

**2**answers

44 views

### In theory could a pubkeyhash script be solved without the public key in the scriptSig?

When signing a pubkeyhash UTXO, it is required to provide both a signature and a public key. The public key is duplicated and one copy is provided to op_checksigverify to ensure the signature is valid,...

**0**

votes

**2**answers

39 views

### How bitcoin gets monetary value [duplicate]

This looks like a complex thing but I am trying hard to understand it. Why would any one in the world honor a crypto currency till it is backed by a government with monetary value? How does a crypto ...

**0**

votes

**1**answer

862 views

### Looking for code generate bitcoin address from passphase in C++

i'm try to write a program which generate bitcoin address from given hash sha256 of passphase as private key or given hex private key. I've found a library for this but it required Boost package in ...

**0**

votes

**1**answer

39 views

### Is hashing an optional step to use with public key cryptography for blockchain

I am confused by the public key cryptography versions that I've read so far. Are the steps optional, dependable on the types of blockchain or they are referring to different methods?
Version 1 =======...

**0**

votes

**2**answers

60 views

### I am just wondering what are the methods which can hide all the transactions and also able to validate transactions in an block chain?

I am new to block chain and was looking at how block chain work mainly proof of stake based . They check validity by going through all the transactions which is something concerning as everyone can ...