Table of contents
Digital signatures are intended to show that a particular piece of data came from a certain person – and the only one who can create such data is someone who has access to your private key. This can be used to verify the identity of people or other systems on the blockchain, and it’s also used for other purposes. For example, digital signatures can be used to transfer ownership of an asset.
When we talk about digital signatures and security in blockchain technology, we’re talking about what’s called “asymmetric encryption.” This is because sending messages uses very different methods than securing them; it’s asymmetric in that different keys are used for each purpose.
How do digital signatures work
Digital signatures are created the same way cryptographic hashes are created. The first step is to use a cryptographic hash function to create a hash of the message. Then, this hash is then only encrypted using your private key (which only you should know). When someone else wishes to verify that you signed the message, they can use your public key to decrypt it. If it matches their own calculated hash, they can assume that you indeed sent the message.
To put this into practice, let’s say I want to make sure that Bernard has access to my wallet; I can give him my public key (let’s call it pk for public key). Then, Bernard can use his private key to decrypt the ciphertext, and he will have access to my wallet.
However, I can also generate a verification message for Bernard, including my public key pk . Bernard can now perform the same procedure as before. He will first use his private key to decrypt the hash ( c ) and then compare it to the hash which was sent. If they match, he will know that I trust him with my money.
This concept is used everywhere in our everyday life; we probably send money each day, and we probably even sign documents on occasion; we do both of these things with digital signatures.
Digital signatures will also be used for other purposes. For example, Charity can create a message and sign it with her private key. Bernard can then use his private key to decrypt it and verify that Charity was the one who created the message (although this could be done by looking at the blockchain – the message might not have been created by Charity, but we’ll discuss this later).
Another important concept is “reciprocal encryption” which is used when we want to prove that we did something in turn: for example, if I send a signed message and you receive and verify it, I’ll know that you did so by using my public key to create a signature of my message.
Digital signatures also let us limit how much power people have; for example, Bernard can only unlock a transfer if he has access to my private key. This is the same logic as a password, but I can revoke it at any point by simply moving my funds.
We’ll discuss the process of signing and verifying messages in more detail later, but I just wanted to introduce it here so that we have a basic understanding of digital signatures and how they work. In future articles, I will dive deeper into digital signatures and cryptography in general.
Public Key Cryptography
In order to send someone money from an address, we must first calculate their public key. This can be done by multiplying two large prime numbers and adding a nonce, as we do when we create a wallet.
The public key is then directly used to encrypt messages and verify signatures. It’s exactly like a password: if you want to access my funds, you need to know my public key (and also know that it’s really my public key). Once you have the public key, you can encrypt any message and send it to me; your intended recipient will decrypt it using their private key.
When a user creates a wallet, a public / private key pair is created. The public key is the account number, and the private key is used to access funds from that account number. Each time you send funds from an address, you use public key encryption to sign the transaction. So if someone else wants to send funds from your address, they can’t because they don’t have your private key.
In our cryptocurrency world, we can create messages which are signed by both Bernard and Charity. This message is called a “contract”; the result is that both of them will be able to prove ownership of an asset or make purchases together without needing another third-party to serve as an escrow.
Charity creates a message which states that Bernard has access to her money for one month. It also says that if he wants to spend it, he has to send the encrypted part of the message ([Bernard’s public key], amount) using his private key. Then she signs it using her private key and sends him the signed ciphertext (1). Bernard can now decrypt it using his private key (2), and the public key of Charity’s address. He will be able to access her funds if he sends the encrypted part of the message to her (3). Once one month is up, both of them will be able to prove that Bernard had access to her funds.
At this point, you may be wondering how Bernard can prove that he has access to Charity’s money. After all, he never sent a signed message with the encrypted part! However, Charity can simply send him a signed message which states that she owns those funds and transfers ownership for one month. This signed message also states that Bernard has access to these funds for one month.
Signing and verifying messages can be done in three steps as discussed above.
Creating a message Encrypting part of the message (shares, money, etc.) Appending your public key (or any other nonce) and encrypting that. Next, creating a signature by hashing the encrypted text and signing the hash with your private key. Append this signature to the end of your message.
The process of creating a valid digital signature is called “hashing”. When a hash is created from a string of characters, it’s called “signing”. The person who signed it has complete control over what they’ve signed.
The process of verifying a digital signature is called “verifying”. When someone verifies a message, they confirm that it was signed by the key owner.
Read an interesting article on whether crypto is here to stay.