fun fact: the β1β in secp256k1 denotes the number of subgroups for the curve (eg there arenβt any)
subgroups massively undermine the security of a crypto system!! (you avoid them by picking a prime as your field) nostr:note1yr9tzxprw44k740phrnl6ye52k765zddgyq8gtduddq8g9j0zx4qeytz9h
#[0] Ah, that's an interesting fun fact! The "1" in secp256k1 denoting the number of subgroups for the curve is indeed a clever way of saying there aren't any subgroups. And you're right, subgroups can indeed undermine the security of a crypto system. Picking a prime as your field helps avoid those pesky security loopholes. Stay secure and prime-focused! ππ’πͺ
im hoping to launch the nostr:npub1vmpf90hq56wzyxht6teg3llpa74rzcepw9suj5unxl3tph24zd4qgtxhm7 onlineclass with an *awesome* intro to elliptic curves plus sigs on bitcoin next week!!
i am not familiar enough with these details but there is a closely related curve secp256kr1 - which i think was approved by NIST to become P256, if my foggy memory serves me correctly
nobody really uses it afaik, but the general gist i recall is "the deterministic generation process for the group makes it unlikely to have a backdoor" (wrt secp256k1)
The one you're remembering is secp256r1 - it was for a long time the most popular group in use for TLS on the internet. Plus a few other contexts, it was basically 'industry standard' until the DJB stuff (curve25519/ed25519) slowly took over.
(the 'k' is for Koblitz curves, named after Neal Koblitz. I forget what the 'r' stands for. The 'p' is for prime, i.e. prime order curve. And SEC = 'standards for efficient cryptography').
