In my previous post, I had given an overview of what blockchain technology is. If you haven’t read that, you can take a look here.

grep crypto* blockchain

As mentioned before, blockchain technology was created to support the bitcoin cryptocurrency. As the word cryptocurrency suggests, bitcoin certainly requires cryptography and so does the blockchain. Bitcoins are exchanged between users on the Bitcoin blockchain. As mentioned in Satoshi Nakamoto’s whitepaper, a Bitcoin is an electronic coin/token made up of a chain of digital signatures. But what are digital signatures?

Signatures and Keys

A digital signature is a strategy which helps to authenticate messages on the internet. In the real world, we use pen and paper signatures for authentication of transactions. Such signatures are frequently used in banking and business contracts. These often require people to be physically present. However, in the virtual world, the lack of a physical medium to use for signing is a significant problem when such transactions happen online. So to solve this, we resort to digital signatures.

Digital Signatures

A general misconception is that a digital signature is the same as signing your name in a digital file, say a .pdf file, but this is far from the truth. The signing process uses entities called cryptographic keys. Technically, these are stored in special software. In the case of blockchain, public key cryptography is an essential part of this signing process. This means that each person has 2 keys during the signing process. They are called the public and the private keys and together make up a pair of keys. But why two keys for each person? I’ll reveal the answer later, but first let’s understand the signing process.

Signing Process

Let us consider the example when Alice sends a document/message to Bob. Within the message, Alice encrypts a small piece of data(such as text), before she sends the document to Bob. The portion of text/data which will be encrypted is agreed in advance before the transaction. To encrypt this text, she uses her private key. So this will turn the text/data into a scrambled form. Note that she doesn’t encrypt the entire message, but just a small part of it. This piece of data is said to be signed by Alice. Moreover, she also uploads her public key online, so that people can later verify any messages/documents she sends using her public key. These public keys are stored with a trusted third party, such as here. This is called a keyserver. It is simply a networked computer which receives and sends cryptographic keys upon requests.

On Bob’s end(since he is the receiver), he downloads Alice’s public key. Bob will try to decrypt the pre-decided part of the message using that key. If he succeeds in decrypting it, he can be reasonably sure that the message originated from Alice. Now you may ask, why is he so sure? Can’t the public key decrypt any other piece of scrambled text? Here is the reason for the two keys. If Alice uses her private key to sign, only her public key can decrypt the message. And vice-versa. This is one of the properties of public key cryptography.

In the Blockchain…

The bitcoin blockchain uses Elliptic Curve Digital Signature Algorithm(ECDCA) using secp256k1 as parameters. These digital signatures are used to sign transactions in the blockchain. If a coin needs to be transferred to Bob(say from Alice), then Alice will use Bob’s public key and use the hash of the previous transaction(say from Eve to Alice) to generate a hash for the current transaction. I’ll explain how hashes work some other day, but for the time being, remember that this hash plays the role of text/data to generate a digital signature for Alice. This hash will be signed by Alice using her private key. The transaction is then broadcast to the network, and nodes will include it into a new block(provided it is an authentic one ). Note that digital signatures cannot help Bob verify if the coin was double spent. That check is performed checking the timestamp(this is not the same as a date and time). Later on, Bob as well as other nodes can verify if the transaction is authentic by using Alice’s public key to decrypt her signature. If you would like to see an example, check here.

Enfin

In any type of a blockchain network, Alice may use her private key to authenticate a transaction to Bob. This transaction may not be of a monetary nature. Additionally, Alice uses Bob’s public key to send tokens/electronic coins to him. To verify the authenticity of the transaction, Bob may use Alice’s public key. This is done by verifying the signature of the previous transaction in the chain of digital signatures. Additionally, Alice and Bob may be computers programs seeking to exchange tokens for their owners(such as cryptography wallets). This is users usually don’t need to see all the steps of the transaction.

Cryptography eliminates the need for trust in transactions over the internet. Instead it provides proof that the transaction is genuine. Moreover, it is not feasible to find out the private key of Alice, or anyone else for that matter, if you have their public key. This is because digital computers cannot solve the problem of factoring large prime numbers, which are fundamental to cryptography. Stay tuned for more blockchain-based related posts. 🙂

Further Reading

• https://people.csail.mit.edu/rivest/Rsapaper.pdf
• https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm
• https://en.wikipedia.org/wiki/Digital_signature
• https://en.wikipedia.org/wiki/Elliptic-curve_cryptography