EC Cryptography Tutorials - Herong's Tutorial Examples

∟EC (Elliptic Curve) Key Pair

∟Generate secp256k1 Keys with OpenSSL

This section provides a tutorial example on how to generate EC (Elliptic Curve) private and public key pairs using secp256k1 domain parameters.

You can also use OpenSSL command line tool to generate EC (Elliptic Curve) private and public key pairs using secp256k1 domain parameters. For example:

herong> openssl ecparam -genkey -name secp256k1 \
   -out ec_key.pem -param_enc explicit

herong> openssl ec -in ec_key.pem -noout -text

read EC key
Private-Key: (256 bit)
priv:
    00:90:f4:55:61:b5:a4:3d:a2:7f:35:70:63:48:bf:
    86:a4:75:9b:23:8a:58:a0:ed:db:24:2a:a2:64:d0:
    f0:2f:55
pub:
    04:f2:56:c6:e6:c8:0b:21:3f:2a:a0:b0:17:44:23:
    5d:51:5c:59:44:35:be:65:1b:15:88:3a:10:dd:47:
    2f:a6:46:ce:62:ea:f3:67:0d:c5:cb:91:00:a0:ca:
    2a:55:b2:c1:47:c1:e9:a3:8c:e4:28:87:8e:7d:46:
    e1:fb:71:4a:99
Field Type: prime-field
Prime:
    00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:fe:ff:
    ff:fc:2f
A:    0
B:    7 (0x7)
Generator (uncompressed):
    04:79:be:66:7e:f9:dc:bb:ac:55:a0:62:95:ce:87:
    0b:07:02:9b:fc:db:2d:ce:28:d9:59:f2:81:5b:16:
    f8:17:98:48:3a:da:77:26:a3:c4:65:5d:a4:fb:fc:
    0e:11:08:a8:fd:17:b4:48:a6:85:54:19:9c:47:d0:
    8f:fb:10:d4:b8
Order:
    00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:fe:ba:ae:dc:e6:af:48:a0:3b:bf:d2:5e:8c:d0:
    36:41:41
Cofactor:  1 (0x1)

Note that OpenSSL prints out the generator point G as single value by combining its 2 coordinates in a format of: 0x04<G.x><G.y>. So the above Generator value is really:

G = (x, y)
  = (0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,
     0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)

The public key is also a point and printed as a single value by combining its 2 coordinates in a format of: 0x04<x><y>. So the above "pub" value is really:

pub = (x, y)
  = (0xf256c6e6c80b213f2aa0b01744235d515c594435be651b15883a10dd472fa646,
     0xce62eaf3670dc5cb9100a0ca2a55b2c147c1e9a38ce428878e7d46e1fb714a99)

This private is called a 256-bit key, because it has 64 hexadecimal digits, which is 32-byte/256-bit long, or 2²⁵⁶ large. Note that the first two 0x00 digits should not be counted.

Table of Contents

 About This Book

 Geometric Introduction to Elliptic Curves

 Algebraic Introduction to Elliptic Curves

 Abelian Group and Elliptic Curves

 Discrete Logarithm Problem (DLP)

 Finite Fields

 Generators and Cyclic Subgroups

 Reduced Elliptic Curve Groups

 Elliptic Curve Subgroups

 tinyec - Python Library for ECC

►EC (Elliptic Curve) Key Pair

 EC Private and Public Key Pair

 Is EC Private Key Secure

 EC Private Key Example - secp256k1

►Generate secp256k1 Keys with OpenSSL

 EC Key in PEM File Format

 EC Key File with Curve Name

 Create EC Public Key File

 ECDH (Elliptic Curve Diffie-Hellman) Key Exchange

 ECDSA (Elliptic Curve Digital Signature Algorithm)

 ECES (Elliptic Curve Encryption Scheme)

 EC Cryptography in Java

 Standard Elliptic Curves

 Terminology

 References

 Full Version in PDF/EPUB

Generate secp256k1 Keys with OpenSSL - Updated in 2022, by Dr. Herong Yang