# secp256k1与p256

发表于2016年5月12日，芬肯斯坦

prime256v1不是山寨币的广泛使用曲线，并且被认为非常不安全...

1.-信誉-您信任的一些人这样说

2.-理论-从逻辑上讲可以证明它至少和其他东西一样难

3.-观察-许多人（包括您自己）正在使用它来保护黑客想要的贵重物品

E:y2=x3+ax+b(modp)E:y2=x3+ax+b(modp)

``````ec.secNamedCurves = {
// used by Bitcoin
/*"secp256k1": function () {
// p = 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1
var p = ec.fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F");
var a = BigInteger.ZERO;
var b = ec.fromHex("7");
var n = ec.fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
var h = BigInteger.ONE;
var curve = new ec.CurveFp(p, a, b);
var G = curve.decodePointHex("04"
+ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
return new ec.X9Parameters(curve, G, n, h);
}*/
// used by Woodcoin
"secp256v1": function () {
// p = ???
var p = ec.fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF");
var a = ec.fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC");
var b = ec.fromHex("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B");
var h = BigInteger.ONE;
var curve = new ec.CurveFp(p, a, b);
var G = curve.decodePointHex("04"
+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
+ "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5");
return new ec.X9Parameters(curve, G, n, h);
}
};``````

http://safecurves.cr.yp.to/complete.html

https://tools.ietf.org/html/draft-ietf-msec-mikey-ecc-03

https://perso.univ-rennes1.fr/sylvain.duquesne/master/standards/sec2_final.pdf

http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdfo

http://www.secg.org/sec2-v2.pdf

http://research.microsoft.com/pubs/204914/734.pdf

http://eprint.iacr.org/2015/1018.pdf

https://cryptoexperts.github.io/million-dollar-curve/specifications/2016-02-01_trap-me-if-you-can.pdf