TERM_DEF // KEYS_CRYPTOGRAPHY / ECDH_ELLIPTIC_CURVE_DIFFIE_HELLMAN
ECDH (ELLIPTIC
CURVE DIFFIE-HELLMAN)
CURVE DIFFIE-HELLMAN)
ECDH (Elliptic Curve Diffie-Hellman). A way for two parties to derive a shared secret from their public keys without revealing their private keys.
This page sits in the Keys & Cryptography section — Elliptic curves, hashes, and signatures — the math that lets a 32-byte secret control billions of dollars. Read on for what it is, why it exists, how it works under the hood, and what to watch out for.
This page sits in the Keys & Cryptography section — Elliptic curves, hashes, and signatures — the math that lets a 32-byte secret control billions of dollars. Read on for what it is, why it exists, how it works under the hood, and what to watch out for.
WHAT_ECDH_ELLIPTIC_CURVE_DIFFIE_HELLMAN_IS
ECDH (Elliptic Curve Diffie-Hellman) — at a glance
KEYS
ECDH (Elliptic Curve Diffie-Hellman) is a cryptographic component of Bitcoin. A way for two parties to derive a shared secret from their public keys without revealing their private keys. Like every cryptographic building block in Bitcoin, it is fundamentally a piece of math — not a feature provided by a server, not a permission granted by an authority, but a deterministic function that any machine can compute and any other machine can verify.
Why it exists
DESIGN
Bitcoin has no central authority to vouch for ownership, prove identity, or guarantee that a message has not been tampered with. Cryptography fills all three roles. ECDH (Elliptic Curve Diffie-Hellman) exists because the alternative — trusting a third party with custody, signatures, or random number generation — would re-introduce exactly the single points of failure Bitcoin was designed to eliminate. The security of every coin in existence depends on these primitives behaving as advertised.
HOW_IT_WORKS
Mechanism
HOW IT WORKS
The mechanism rests on a one-way function: easy to compute forward, computationally infeasible to reverse. For signature schemes that asymmetry comes from the elliptic-curve discrete logarithm problem on the secp256k1 curve; for hash functions like SHA-256 it comes from collision-resistance. ECDH (Elliptic Curve Diffie-Hellman) is built on top of these primitives and inherits their security: every node/">full node can independently verify a result in microseconds, but no attacker can fabricate a fake one in any realistic amount of time, even with all the computers on Earth working together.
1. Generate or receive the input bytes (a private key, a message, a public key, a signature — depending on the operation).
2. Apply the cryptographic primitive — typically built on SHA-256, RIPEMD-160, secp256k1, or Schnorr/ECDSA.
3. Encode the result in the expected form: 32-byte hash, 33-byte compressed pubkey, 64-byte Schnorr signature, ~71-byte DER ECDSA signature, etc.
4. Verifiers worldwide re-run the same computation against the public inputs to confirm authenticity — no shared secret required.
WORKED_EXAMPLE
ECDH (Elliptic Curve Diffie-Hellman) — example values
EXAMPLE
concept : ECDH (Elliptic Curve Diffie-Hellman)
role : A way for two parties to derive a shared secret from their public keys without revealing their private keys.
basis : secp256k1 / SHA-256 / RIPEMD-160 — Bitcoin's three cryptographic primitives
verify : every full node re-runs the math against public inputs
forge : computationally infeasible (security in bits ≥ 128)
KEY_PROPERTIES
ONE-WAY
Easy to compute forward in microseconds; infeasible to reverse even with planetary compute resources.
COLLISION-RESISTANT
Finding two distinct inputs that produce the same output requires more work than has ever been done on Earth.
PUBLIC-VERIFIABLE
Anyone can check a signature/hash against public data — no shared secret needed for verification.
COMMON_PITFALLS
Things that catch people out
PITFALLS
- Never reuse a signing nonce — a single nonce reuse leaks the private key permanently and irretrievably.
- Never generate keys with weak randomness (timestamps, user input, Math.random) — predictable seeds have drained millions in past incidents.
- Never paste secrets into a web form, screenshot, or cloud note — anywhere they leave your control they may be copied silently.
- Treat ECDH (Elliptic Curve Diffie-Hellman) like nuclear material: handle it, store it, and dispose of it deliberately.
RELATED_CONCEPTS
Other terms from Keys & Cryptography — click any to read its page:
TERMINOLOGY_INDEX
TERMINOLOGY
ECDH (Elliptic Curve Diffie-Hellman)
A way for two parties to derive a shared secret from their public keys without revealing their private keys.
Private Key
A random 256-bit number that gives full spending authority over the coins locked to its derived public key.
Public Key
A point on the secp256k1 curve, derived from a private key, that others use to verify signatures you produce.
Key Pair
A private key paired with its mathematically-linked public key; one signs, the other verifies.
Elliptic Curve
A curve defined by y² = x³ + ax + b; "adding" two points produces a third, and that operation is easy forward but practically impossible to reverse.
secp256k1
The specific elliptic curve Bitcoin uses, chosen for its lack of suspicious constants and high-performance arithmetic.
Generator Point (G)
A fixed agreed-upon point on secp256k1; multiplying G by your private key gives your public key.
Curve Order (n)
The number of distinct points on secp256k1 reachable from G; private keys are integers modulo n.