from bitcoin import *
Alice_private = 1
Alice_public = privtopub(Alice_private)
Bob_private = 2
Bob_public = privtopub(Bob_private)
#they exchange publics
Alice_message=ecdsa_raw_sign(sha256('Hello'), Alice_private)
Bob_message = ecdsa_raw_sign(sha256('Hello back'), Bob_private)
Alice has her private key, her public key and she has Bob’s public key and the message from Bob.
But the bad guy also has Bob’s public key and Bob’s message.
Where does the magic happen, how do they secure communication from here?
This doesn’t work either:
from bitcoin import *
a = 10
b = 20
a1,a2 = privkey_to_pubkey(a)
b1,b2 = privkey_to_pubkey(b)
a3,a4 = b1*a, b2*a
b3,b4 = a1*b, a2*b
if a3 == b3:
print(True)
It looks like you are using https://github.com/vbuterin/pybitcointools.
What I think you are trying to do is Diffie Hellman key agreement, which is different from ECDSA.
You seem to have the right idea in your second example, but elliptic curve point multiplication isn’t as straightforward as what you are doing.
The library you are using does have a multiply(pubkey, privkey) function, which does what you want:
import bitcoin
# Simple private keys for demonstration
alice_private = 10
alice_public = bitcoin.privkey_to_pubkey(alice_private)
bob_private = 20
bob_public = bitcoin.privkey_to_pubkey(bob_private)
# Exchange public keys
alice_shared_secret = bitcoin.multiply(bob_public, alice_private)
bob_shared_secret = bitcoin.multiply(alice_public, bob_private)
if alice_shared_secret == bob_shared_secret:
print("shared secrets match")
The shared secret is a point on the curve, i.e. an (x, y) coordinate pair (a tuple in this library). You would usually take the X coordinate and hash it to derive a key for symmetric encryption.