0

I am educating myself on cryptocurrencies and a theme within that community is to use separate "addresses" for each transaction. As I interpret an address as the hash of the public key for the individual, it leads me to believe that you can generate multiple public keys for a private key. I am completely novice on this subject and am using the R PKI package as a jumping off point for this self tutorial.

This line of thinking is counter to the discussion at PKI multiple public keys so I might be well of the mark but if not is there a way to generate an additional public key with the PKI package?

I have a code block below that covers some of my thinking. Now having said all this. I am trying to understand some 9 pages of discussion as to what that implies and I don't think I am up for finite groups discussion nor the compromise of the Private Key if multiple public keys are released. SO if you can correct me via programming or additional reference material I would appreciate. Ultimately, its and exercise to improve my R skills first and foremost.

require(PKI)

# generate 2048-bit RSA key
key <- PKI.genRSAkey(bits = 2048L)

# extract private and public parts as PEM
priv.pem <- PKI.save.key(key)
pub.pem <- PKI.save.key(key, private=FALSE)
# load back the public key separately
pub.k <- PKI.load.key(pub.pem)

# encrypt with the public key
x <- PKI.encrypt(charToRaw("Hello, world!"), pub.k)
# decrypt with private key
rawToChar(PKI.decrypt(x, key))

# So straight from the Package examples I have the public and private keys.

# Additionally, with the same I can sign a message
x <- charToRaw("My message to sign")
sig <- PKI.sign(x, key)
PKI.verify(x, sig, key)

# Now a slight change from the exapmles I will verify that the public key can verify
PKI.verify(x, sig, pub.k)

# Now I would like to generate another public key based on the same private key
# my nieve attempt is 

#PKI.mkRSApubkey(modulus, exponent=65537L, format = c("DER", "PEM", "key"))
pub.k

pub.k2<-PKI.mkRSApubkey(123, exponent=65537L, format =  "key")
pub.k2

PKI.verify(x, sig, pub.k2)

PKI.verify(x, sig, pub.k)

priv.pem
Community
  • 1
  • 1
BabblingREnthusiast
  • 43
  • 6

1 Answers1

0

You are correct in saying that bitcoin addresses should not be reused.

A bitcoin private key only has one public key, but it can be in different formats, compressed or uncompressed. For example, the private key e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

has a corresponding uncompressed public key of 04a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd5b8dec5235a0fa8722476c7709c02559e3aa73aa03918ba2d492eea75abea235

and a compressed public key of 03a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd

Hashing them will result in the address 1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN and 1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV respectively.

You should only use compressed publics keys as uncompressed public keys bloat the blockchain. That being said, since you should only use one of those address for a private key, that means you should also use a different private key for every transaction. Now this creates a host of other problems, like key management becomes a lot more troublesome since you have to generate a new private key every time you want to do a transaction. You should look into hierarchical deterministic wallets as that is an establish standard that is meant to deal with some of these issues.

user1231357
  • 48
  • 6
  • Thanks for the guidance. Trying to program this all up uncovers a lot of hand waving issues. I was actually thinking that a key server would provide the public key (Still just going off the 9 page paper and jumping right to how would I program it) I think my choice of RSA key vice Elliptic Curve Digital Signature Algorithm explains the nice short version of a public key and likely signature you provided examples of. Again thanks. – BabblingREnthusiast Apr 28 '15 at 01:09