English

Bitcoin and Public Key Cryptography

  2. Home
  3. Blog
  4. English
  5. Bitcoin and Public Key Cryptography

Bitcoin uses public key cryptography for creating a key pair that gives access to the funds in bitcoin. The private key allows the user to sign transactions and spend bitcoins; therefore, it needs to be kept secret. The public key is used to create a bitcoin address through which the user receives bitcoin. The bitcoin address can be safely shared with anyone willing to send us bitcoins:, public key cryptography does not allow to recover the private key from the public key.

A public key is a cryptographic code generated by a private key: the 2 keys are linked by a matematical relationship which enables to check whether the 2 keys are related without disclosing the private key. In this article we are going to see how bitcoin uses public key cryptography.

Index

What does Bitcoin do with cryptography?

Cryptography was created trying to answer the question: How to make a message intelligible for its intended recipient and unintelligible for everyone else? For centuries the main application for cryptography has been encryption: how to encrypt (and decrypt) messages. Bitcoin does not use cryptography for encryption: even Bitcoin transactions, routed through its network like messages, are not encrypted.

Bitcoin uses public key cryptography to create a bitcoin address, from the public key. As we are going to see, the public key is created from a private key : the bitcoin private key gives access to the funds received through the corresponding bitcoin address.

In short, a bitcoin user has:

  • a bitcoin address (the public key): it can be shared and allows the user to receive bitcoins. A bit like an IBAN.
  • a bitcoin private key by which the user signs transactions and spends bitcoins.

Let's dive in.

How does public key cryptography work

With public key cryptography the user has:

  • a private key, to be kept secret;
  • a public key, derived from the private one through a cryptographic algorithm.

As we have seen, the 2 keys are related to each other, but from the public key it's not possible to find out the private key. This makes it possible to assign the 2 keys different purposes: the private key is to be kept secret while the public key can be safely shared.

Until Bitcoin, public key cryptography has been traditionally used for:

  1. encrypt and decrypt a message;
  2. digital signature, which aims to :
    • prove that a message comes from a particular user;
    • prove that the message hasn't been intercepted and modified after the sender sent it;

Let's see how encryption and digital signature work with public key cryptography.

Encryption

  1. The user shares his or her public key with someone he or she wants to receive an encrypted message from.
  2. The sender uses the recipient's public key to encrypt a message and then send it; the message can be decrypted only by the recipient, or rather by whoever has the private key which generated the public key used to encrypt the message.
  3. The recipient can be sure that nobody will ever guess or find out his or her private key by only knowing the public one: nobody will ever decrypt that message without the private key.

Therefore:

The message is just as secret as the private key: if the key is stolen or lost, the message is either read by someone else or it will remain encrypted and so unreadable for everyone.

Digital signature and the hash

A digital signature is a string that proves that a message is authentic, meaning that it truly comes from its apparent author, and that it's not been altered after it was sent.

A digital signature is produced through a hash algorithm, which takes any input and translates it into a fixed-length, random and impredictable string called hash.

A good hash algorithm is supposed to:

  • produce unique hashes: it won't return the same hash for a different input (an incident called collision);
  • a tiny change in the input produces a different hash and it does so in an unpredictable way;
  • anyone can check that a particular input, using a given hash algorithm, produces a certain hash; however, from the hash you can't find out the input which generated it.

There are different hash algorithms: the one Bitcoin uses is called sha-256

An example: we are going to calculate the hash of the word "ciao" with the sha-256 algorithm, then we add just a number to "ciao" and see how the hash changes.

ciao SHA-256 b133a0c0e9bee3be20163d2ad31d6248db292aa6dcb1ee087a2aa50e0fc75ae2

ciao1 SHA-256 01b2537e787bff61e4518927faee16cfc71f2240bd82fd891c22c7ca9e81b58e

ciao2 SHA-256 21d19e923ae21043fa5810704eab55bda682dc9e036bbf4c50eb732febdff835

ciao3 SHA-256 515275bec0133f4f082f03c3ca0f0f6f44ffdd312b62c1ba930abe6594b98553

It's not possible to guess what the hash of "ciao4" would it be, without trying. You can find hash calculators online, give it a try.

How to sign a message and verify the digital signature?

The sender signs a message by doing this:

  1. calculates the hash of the message;
  2. encrypt the hash with his or her private key;
  3. send the encrypted hash together with the message.

The recipient verifies the signature by doing this:

  1. calculates the hash of the message;
  2. decrypt the encrypted hash (the digital signature) received together with the message using the public key of the sender;
  3. compares the hash with the one he received from the sender: they need to be identical. If they're different, it means that the original message has been altered. If the message changes, the hash changes and so the digital signature: that's because the hash is calculated from the original message.

As we see, the algorithm that creates the public key from the private one is crucial: from the public key should not be possible to find the private key.

Public Key Cryptography and Bitcoin

Let's answer this question now: what does Bitcoin do with public key cryptography?

Just ilke the sender of an encrypted or digitally signed message, a bitcoin user has a private key and a public key; with Bitcoin though:

  • the public key becomes a bitcoin address, to be shared with anyone willing to send us some bitcoins;
  • the private key signs transactions, sending bitcoins to someone else (a bitcoin address): you pay by signing a transaction, moving some of your bitcoins (or fractions) to another address.

Transactions

With Bitcoin there are no encrypted messages to send but transactions to sign: you spend bitcoins by signing transactions. Just like a message, you sign a bitcoin transaction with your private key; the private key gives access to the funds that have been cashed in through the corresponding public key- bitcoin address.

What is a transaction?

A transaction is a set of data; its crucial role is to transfer bitcoins among users, or rather their addresses.
A transaction is signed and the digital signature has to be verified.

Why a transaction has to be verified?

Bitcoin is a decentralized digital currency: there's no authority exercising an oversight or governance, everything runs autonomously according to technical rules.

Therefore, transactions need to comply with some standards to be accepted as valid by the network; most importantly, digital signatures need to be checked in order to prove that the transaction has been signed by the "legitimate" private key: in other words, it has to be proven the link between the digital signature and the private key used to sign the transaction.

How to verify the signature of a transaction?

The procedure is the same than the one we have seen when talking about the public key cryptography in general; the algorithm takes:

  1. the transaction;
  2. its digital signature;
  3. the public key of the user signing the transaction.

That's the same procedure introduced earlier in this article to verify the signature in a digitally signed message: without showing the private key, we reach the conclusion that only the private key, "sister" of the public key provided for the check, could have produced that signature.

Once the transaction is verified, and complies with all the other technical requirements, it is able to transfer sums from address to address. It will then be added to a block in the blockchain : the unmodifiable ledger where all the bitcoin transactions are recorded, which tells who, or rather what address, owns what.

Conclusions

Bitcoin makes use of public key cryptography for a new purpose: not for encrypting messages, but for powering a decentralized digital currency, which runs autonomously with no need of a central bank. A new and ingenious application for cryptography.

About the author

Vincenzo Lalli

Vincenzo Lalli

Founder of Avvocloud.net

Avvocloud is an Italian network of lawyers passionate about law, innovation and technology.
Feel free to reach out for any info: send a message.

Thanks for reading!

Creative Commons License
The Italian Network of Lawyers

Twitter

Linkedin

Message

Support Avvocloud

Our mission is to promote innovation in law: if you like our project, you may consider a small donation.


Donate with Paypal