Elliptic curves are fundamental mathematical objects defined by the equation y squared equals x cubed plus ax plus b. These smooth curves have special properties that make them ideal for cryptography. The curve shown here demonstrates the characteristic shape, with points P and Q representing elements that can be combined using the group operation. The point at infinity, though not visible, completes the mathematical structure needed for cryptographic applications.
Point addition is the fundamental operation that gives elliptic curves their group structure. To add two points P and Q, we draw a line through them and find where it intersects the curve again at point R. The sum P plus Q is then the reflection of R across the x-axis. This geometric construction has elegant algebraic formulas. For point doubling, we use the tangent line instead. This operation is associative and commutative, making elliptic curves perfect for cryptographic applications.
Bitcoin uses the secp256k1 elliptic curve, defined by the equation y squared equals x cubed plus 7, computed over a finite field modulo a large prime p. This specific curve was chosen for its security properties and efficient implementation. The prime p is approximately 2 to the 256th power, providing a massive finite field. The generator point G creates a cyclic subgroup of order n, also close to 2 to the 256th power. This gives secp256k1 a security level of 128 bits, meaning it would take approximately 2 to the 128th operations to break the cryptography using current methods.
Private key generation is the foundation of Bitcoin wallet security. A private key is a cryptographically secure random 256-bit number between 1 and n minus 1, where n is the order of the secp256k1 curve. The generation process requires high-quality entropy from sources like hardware random number generators, mouse movements, or system noise. The key space is enormous, containing approximately 2 to the 256th power possible keys, which is larger than the number of atoms in the observable universe. This makes it computationally infeasible for anyone to guess a properly generated private key. The key can be represented in different formats: binary, hexadecimal, or decimal, but must never be shared or reused.
Public key derivation transforms the private key into a public key using elliptic curve scalar multiplication. The formula is P equals k times G, where k is the private key scalar, G is the generator point, and P is the resulting public key point. Scalar multiplication involves repeated point addition - for example, 5 times G equals G plus G plus G plus G plus G. This can be computed efficiently using techniques like double-and-add. The operation is easy to compute in the forward direction but computationally infeasible to reverse due to the elliptic curve discrete logarithm problem. Public keys can be stored in uncompressed format with both x and y coordinates, or compressed format with just the x coordinate and a parity bit. Unlike private keys, public keys are safe to share as they cannot be used to derive the original private key.