I am new to Elliptic Curve Cryptography and am working on a CTF challenge that uses Elliptic Curves. Currently, I am trying to find the generator, $G$, and am given the public and private keys, $P$ and $k$, s.t. $P = [k]G$, as well as one other random point on the curve. I know the order, $n$, of the group, and I know the two prime numbers, $p$ and $q$, which are the sole factors of $n$.
I read that if you have the private and public keys, you can compute the generator as ...
$$G = [k^{-1}]P\pmod n$$
... where $k^{-1} = n - k$.
That's all great, but, unfortunately, I do not know the parameters, $a$ and $b$, of the elliptic curve, $y^2 = x^3 + ax + b$, and so I'm having trouble performing EC point multiplication by $k^{-1}$.
I was thinking, since I know the values of two points on the curve, I essentially have the following system of linear equations:
\begin{align}
y_1^2 &= x_1^3 + ax_1 + b\\
y_2^2 &= x_2^3 + ax_2 + b\\
\end{align}
I tried solving this using the z3 theorem solver but was given an answer, asserting that the system is unsatisfiable. I then tried modifying my system of equations so that both sides of the equation are calculated modulo $n$, but this resulted in z3 taking forever to find the solution, presumably because $a$ and $b$ are 128-bit numbers and $n$ is a 512-bit number. This got me thinking back to my undergraduate computer science classes, where I remember learning about various problems in computer science, and this seems similar to Integer Programming, which is NP-complete.
Therefore, is it possible to efficiently compute the parameters, $a$ and $b$, of an elliptic curve if I know the order $n$ and two points $P$ and $Q$ on the curve?