[cryptography] Bitcoin observation

Nico Williams nico at cryptonector.com
Thu Jul 7 17:10:08 EDT 2011

2011/7/7 lodewijk andré de la porte <lodewijkadlp at gmail.com>:
> I honestly don't see how. A transaction has an orgin, which is verified to
> have the coins, and a destination, which is a public key that must have a
> private key. AFAIK every public key has a computable private key
> counterpart.
> But please correct me.

In some (most?) public key cryptosystems it's possible to prove that a
valid public key has a corresponding private key (that is, there
exists a valid private key for which the given public key *is* the
public key).  That's used for public key validation.  It's not
possible, however, to prove that the private key still exists.  Also,
it's NOT possible to classically compute a private key from a public
key -- when that is possible we say that the algorithm in question is
broken :)


More information about the cryptography mailing list