public key infrastructure – GPG Questions About Exporting Subkeys to File

GPG novice here so please bear with me.

From what I understand, when you generate a keypair with GPG it will automatically create a subkey pair (sub, ssb).

If I wanted to give these to another party where they could encrypt messages with the public subkey (sub), and send messages over HTTP/REST so I can decrypt with the sub private key (ssb) and sign with the subkey, would all I need to do is just export these keys and use the keys when decrypting or signing programatically?

The main point of the question is if what i explained above is correct, I am unsure of how to export just the subkey pair to file in plain text (aka beginning with —-BEGIN PGP PRIVATE/PUBLIC KEY BLOCK—–). if this is not the case, I would like to be pointed in the right direction

Would the master key (SC) ever come into play in this flow? Is it possible to just do the flow with just the subkeys.

Thank you in advance.

script – How does the sender know the receiver’s public keys in a m-of-n transaction?

Assume that Alice is controlling an address that requires multisig to spend bitcoins. Someone wants to send Alice bitcoins and this sender needs to create a scriptPubKey as part of the output paying Alice.

The scriptPubKey in the sender’s transaction should look like this:

m pubKey_1, pubkey_2, ...pubKey_m n OP_CHECKMULTISIGVERIFY

How does the sender know the public keys to send funds to Alice? And further more, how does the sender know the value of m? Isn’t it more logical that Alice determines what the minimal number of signatures is?

If I understood correctly this output format is not used anymore, but I still want to understand how it worked.

script – How does the sender knows reciever’s public keys in m of n transaction

In modern times, this problem is solved using P2SH (and later P2WSH). It means the sender only needs to know a hash of the actual script the receiver wants to use, which has its own address format so it’s easy to convey.

If your question is how was this done before P2SH: the answer is simply that multisig was not used in practice. Note that P2SH was introduced in 2012; Bitcoin was relatively young at the time and not as much was built on top. There were probably a few experiments that used multisig, but I doubt anything practical.

secp256k1 – In compressed public keys, is the 2 or 3 the parity or the sign?

According to, points are encoded in compressed format as:

  • 0x02 + X coordinate: implicit Y coordinate is even
  • 0x03 + X coordinate: implicit Y coordinate is odd

You can call this parity or sign – it doesn’t matter; they’re the same thing in a finite field (and arguably, both are inaccurate). As the coordinates are numbers modulo an odd prime p (the field size; p = 2256 – 232 – 977 for the secp256k1 curve used in Bitcoin), -x and p-x are the same coordinate. One of these will always be odd, and the other will be even. One of them will be negative and the other will be positive.

The convention is that “even” refers to the coordinate which manifests as an even number when seen as an integer in the range (0..p-1), and “odd” the opposite. This is an arbitrary choice, as another range could be chosen (such as (-(p-1)/2..(p-1)/2)) in which different coordinates would be seen as even or odd.

Yet, it helps distinguish. If (x,y) satisfies y2 = x3 + 7 mod p, so does (x,y) = (x,p-y). To identify the solution, the criterion of “even/odd when restricted to (0..x-1)” is used in practice.

customs and immigration – UK Public Health Passenger Locator Form: Privacy and Data Retention Period

How long is any information supplied through the UK Public Health Passenger Locator Form kept for, when some EU citizen travels from the EU to England by plane, as of now (or 12 July 2020: it doesn’t matter because the information supplied through the form may vary, but the retention policy will probably stay)?
The form says that

the information you provide will be used by the Home Office and Public Health England, as described in the privacy policy.

Now such privacy policy, under section “How long we keep your personal information for”, is rather vague. I will analyze some relevant portions here below:

We will keep your personal information for as long as it is necessary for permitted purposes.

This doesn’t convey anything.

In the borders, immigration and citizenship system, we maintain a long-term record of immigration history and immigration offending to support future decision-making and enforce penalties.

This suggests they can keep this data forever.

Personal data will be typically retained for 25 years after a decision to grant settlement or naturalisation and for 15 years after the last action in other cases.

This suggests they might keep this data for 15 years.

At the border, passenger name records data is retained for up to 10 years. Advance passenger information may be retained for 10 years.

This is unclear, because “advance passenger information” is generally used as a technical term, often abbreviated by API, which until the start of this year essentially meant “Passport No / ID No”.

However, it should be noted that the Jay Inquiry, which commenced in February 2015, has placed a moratorium on the disposal of all records throughout the Home Office, including all operational records and case files. This is currently in force and will remain so until further notice. It does not apply where there is a statutory requirement to delete data.

This again implies they can keep the data forever.

I haven’t tried calling the “Form and self-isolation helpline” yet, but I doubt they’ll provide any further information. Furthermore, I’d prefer reading some published governmental policy paper rather than hearing by phone from some unknown employee.

Incidentally, the Republic of Ireland is extremely clear instead:

This form and any copies of it, and any updates that you send using the (email) email address, will be destroyed 28 days after your arrival, unless the form is required for law enforcement purposes.

blockchain – All Bitcoin Public Keys with non-zero balance

You can’t get a database of all such public keys, but you can get some of them.

An address, as you know, is a hash of a public key. When somebody sends coins to an address, you can think of the associated public key as having a positive balance, but nobody else necessarily knows what the public key actually is. (You can’t compute the public key directly from the address, because hash functions are effectively one way.)

However, in order to spend the coins from that address, the spending transaction has to reveal the public key (so that the spending transaction’s signature can be verified). So what you need to look for are addresses with a positive balance that have also had some coins spent. I am not aware of any simple way to do this short of making an index of all transactions. It is possible you could rig up a way to produce such a list by querying a fully-synced bitcoind using -txindex (so that all transactions are indexed), but it seems likely to be inefficient.

But as a randomly chosen example, consider the address 1Q6NNpHM1pyh6kEqzinBhEgsRc3nmpTGLm. It is associated with some public key which has a balance of BTC 259.7299, but since (as of this writing) no coins have been spent from that address, nobody except the owner of the address knows what the public key is. So your database will necessarily be incomplete; probably very incomplete.

In particular, most people use a new address for each of their transactions (including change addresses), in which case the transaction that reveals the public key for an address also spends all its coins (so that the balance is now zero), and that public key will likely never be used again. This strategy is used partly because certain theoretical cryptographic attacks are easier if the public key is known, and this strategy mitigates the risk from such attacks; it also increases privacy by making it harder to look at patterns of transactions to try to deduce who the address belongs to.

Another case in which you can learn the public key is so-called P2PK transactions, where the output script includes the actual destination public key, instead of merely its associated address. These were common in the past, but these days all standard clients use the P2PKH transaction type, in which only the address is used.

Where can i change image but not change URL link of public image?

i use for image upload,

but now i want use static image link, ex:

After change image, but this dont change.

What host or solution can i do it?


public key infrastructure – How is the digital certificate sent alongside digital signatures?

Most tutorials on the net only mention sending the digital signature attached to the document, but without the digital signature certificate, it’ll be impossible for receivers to verify the signature. I’m assuming that the digital certificate is somehow sent alongside the signature but I can’t seem to find any source mentioning that.