How private keys are generated and their security : Simply Explained
We all know that your private key is the main power in your hands over your funds. If anyone gets to your keys, it's not your funds anymore. But how are they generated?
Simply Explained :
What are hash functions?
They're just a function/process that assigns unique output to a unique input. Like a person and their ID number or SSN.
And then we really want them to not break!
How do they "break"? Well a hash function is broken when a clever guy figures out how we're assigning values to our inputs.
Example: If our hash function is just "Add 1 to whatever is the input number", then some clever kid will easily say that we're just adding 1 and the hash function is broken!
Enter the curve:
So, from our previous example, we just can't trust simple functions to not break! So we need complicated ones. And the curve here is one of the complicated ones, it's called Elliptic Curve cuz it looks like an Ellipse.
Enough theory, where's the keys?
Okay so the elliptic curve works this way. Imagine the curve as a golf track.
On the golf track, everyone knows and starts at the same point something like the start position. Then, people hit the first shot, move to where the ball hit the track and second shot and so on...every person will hit the ball till a RANDOM NUMBER OF TIMES and then LEAVE THE TRACK WITH THEIR LAST BALL LOCATION AND ALSO THEIR BALL. It looks something like this,
You keep hitting the ball till you want but the max chances/times you can hit is the below number. Big enough IMO lol
What's the power of the curve?
Well the power of the curve or our golf track is that YOU CAN TELL EVERYONE WHERE THE BALL LANDED IN THE END. EVERYONE ALSO KNOW WHERE YOU STARTED....YET, THEY CAN'T KNOW HOW MANY HITS/HOPS THE BALL TOOK!
That's obvious right? The ball might've landed there on first shot or 1000000th shot, no one knows except YOU! Makes sense? Simple right?
Putting it all together:
In the above example, the number of times you hit the ball is your private key! The final position where you landed is your public key!
Some hidden details:
This explanation was a really simplified one. The idea is correct and some properties of this idea are:
- Unless 2 persons choose the same number of shots, they won't land at same spot
- The elliptic curve digital signature algorithm (ECDSA) is another idea that lets you prove you are the owner of your private key given your public key and your signature. That's a whole another idea
Security?:
What if 2 people get the same public key(same landing spot)?
This is very very hugely infinitely unlikely. There's so many spots**(public keys)** on the curve and so many numbers to choose number of your hits**(private key)** that almost every atom in the universe(yes, not just earth) can have a shots hit/landing spot pair!
What if a person tries all the number of shots like 1, 2, 3 and so on...?
This is possible but really the person is in for a bad ending. Because all the atoms in the universe can have unique hits and still have nothing in common, 7.8 billion humans can easily fit in the number space and chance to find something is really really low.
ANY PERSON WITH THE WORLD'S MOST FASTEST SUPERCOMPUTER (Sunway TaihuLight) IT WOULD TAKE APPROXIMATELY:
27,337,893,038,406,611,194,430,009,974,922,940,323,611,067,429,756,962,487 years.
That’s 27,337,893 trillion trillion trillion trillion years and age of universe is 15 Billion lmao. Unless quantum computers arrive, no one can break the BIG BOII CURVE!
Still, how do we decide the number of shots?
Well, that's just choosing a random 256 bit number. The wallets you use generate such numbers from a secure random source that can't be guessed. So you are safe, chill!
But still here's one in HEX format,
0000000000000000000000000000000000000000000000000000000000000001 which is just number 1.
Enter that in the bitaddress.org website and you get...,
A quick search for that address on block explorer you get..
In reality I think that address is just a decoy one teasing people or some faucet known to all. It's the first number you can choose(number 1)
Now don't try to find all such keys, cuz you can't..it's just a demo here lol