This post will cover details of the type of cryptography used in Bitcoin and similar Blockchain protocols. Please note that other Blockchains might use alternative cryptographic algorithms. Some Blockchains, for example, use more privacy-preserving cryptography, like for example Zcash (Zero-knowledge proofs), Monero (Ring Signatures). For a general introduction the history of cryptography please check out our previous blog post (here).
Type of Cryptography used in Bitcoin
The Bitcoin blockchain protocol for uses public key cryptography for digital signatures and cryptographic hash functions, details of which will be explained below. The cryptographic algorithm used in Bitcoin is called elliptic curve cryptography. It is a type of asymmetric cryptography that is considered more efficient compared to classic RSA cryptography. While elliptic curve cryptography provides the same level of security like RSA, it needs less computation and smaller key size, thus reducing storage and transmission requirements.
Public Key Cryptography: Cryptographic keys
If two or more people want to securely transact over the internet, they can use asymmetric cryptography also referred to as public-private key cryptography. This technology allows them to prove their identity with a set of cryptographic keys: a private key and a public key.
The combination of these keys creates a digital signature. The main purpose of using public private key cryptography for the Bitcoin blockchain is to create a secure digital reference about the identity of a user. The Identity of a wallet holder is therefore based on possession of a combination of private and public cryptographic keys. Digital Signatures prove ownership of your assets and allow you to control your funds.
Similar to a handwritten signature, a digital signature is used to verify that you are who you say you are. In Bitcoin and other Blockchains, digital signatures are mathematical functions that are matched to a specific wallet. It is a digital identification of a wallet. By attaching a digital signature to a transaction, no one can dispute that that transaction came from the wallet it purports to have come from, and that wallet can’t be impersonated by another wallet.
The private key is used for the encryption of transactions, while the public key is used for the decryption. The private key has to be kept private at all times, it acts as your “password”. The public key is meant to be shared with third parties and ensures that you are the owner of an address that can receive funds. The sending party encrypts the transaction with their private key, which can only be decrypted by the recipient with the the public key of the sender. If the sending party’s public key doesn’t work to decrypt the transaction, it means that the transaction isn’t from that wallet. Both public and private key are needed to move your coins around the network and to signing transactions.
Bitcoin Wallet – No coins, just keys!
Contrary to common belief, a cryptocurrency wallet does not store any coins, only the public-private key pair associated with your bitcoin address. The same applies to other cryptocurrency wallets. A wallet simply acts as secure key storage, and as a communication tool with the blockchain. When you send or receive Bitcoin, you use your cryptocurrency wallet to sign the transaction with your public-private keypair stored in the wallet. Subsequently, your personal Bitcoin balance work.
A bitcoin address is like an email address that funds can be sent to. The public key is used by the wallet to generate a bitcoin address.
Addresses can be obtained at no charge, using any kind of wallet provider. A wallet in the context of Bitcoin is an application – a piece of software that stores your private key, public key, Bitcoin Adress, and interacts with the Bitcoin Blockchain. That wallet software can run on your computer or mobile phone (like Bitcoin Core, Electrum, etc.), or a dedicated hardware device (like Tezos, Ledger, etc.)
Public and private keys are hidden unless manually exported. Make sure to export your keys and address. If you lose your wallet, without having a backup to your address and private key, you will lose access to your funds! Suppose someone sends some funds to your bitcoin address, but your computer broke down with the wallet app. Your funds won’t be lost if you have a backup as simple as this:
“address, private key”
Hashes, Digital Signatures & Wallets
The Bitcoin Network uses hashes in combination with digital signatures to protect the integrity of the data flowing through the blockchain. When launched for the first time a cryptocurrency wallet generates a key pair. This key-pair consists of a private key and a corresponding public key. The private key (password) is a randomly generated 256-bit integer. The public key is derived from the private key and acts like the user’s “bank account” number. Both the private key and the public key are never displayed to the user unless exported. The private key must always be kept secret and never shared with other people.
There is a mathematical relationship between both keys. The relationship between public and private keys is determined by one-way cryptographic algorithms. In computer science, a one-way function is a function that is easy to compute on every input, but hard to invert given the image of a random input. This means that the public key is mathematically derived from your private key, but using reverse mathematics to derive the private key would take the world’s most powerful supercomputer trillion years to crack, making it practically impossible. There are some additional steps in between before the final version of the public key is displayed. In order to generate the Bitcoin address, the public key gets hashed more than once using RIPEMD160 (RACE Integrity Primitives Evaluation Message Digest) and SHA-256 (SHA: Secure Hash Algorithm). The generated string is the only thing a user sees in the wallet.
Note! You can’t retrieve the public key from a bitcoin address and you can’t retrieve the private key from a public key.
Hashing in Bitcoin
Cryptographic hashing is a method for transforming large amounts of data into short numbers that are difficult to imitate. Hashes are mostly used in combination with digital signatures. These functions ensure data integrity. The Bitcoin network uses SHA ( Secure Hash Algorithm) such as SHA-256. In a nutshell, hashes are a one-way cryptographic functions which take any type of input (string, files, etc.), digest the input and spit out a fixed size output string called hash. An important property of hashes is that if a tiny amount of input data is changed the output changes significantly.
The corresponding SHA-256 of the sentence “How to buy Bitcoin?” looks like this:
If we remove only one symbol – for example the question mark “?” – the hash of “How to buy Bitcoin” looks like this: 4314d903f04e90e4a5057685243c903fbcfa4f8ec75ec797e1780ed5c891b1bf
As you can see, an entirely different hash gets generated, when we change only one letter. It’s base on the so-called “avalanche effect”, and it is useful for easily providing data integrity.
If we hash the existing hash here is the result:
Again entirely different string but always the same length.
Hashing is used for four processes
- Encoding wallet addresses (see above)
- Encode transactions between wallets (see below)
- Verifying and validating the account balances of wallets.
- Mining or “Proof of Work” (see below)
Hashes are often used in combination with signatures. Blockchains use signatures for signing transactions. Signatures are used to prove that – for example, a certain user – is the owner of the inputs corresponding to a certain hash. Signing inputs is not efficient, therefore signatures are used for signing hash-values. In general, signing works like that:
- A hash of a transaction gets generated by user A
- Using the private key user A encrypts the hash thus signing the document
- The signed hash is sent to user B together with the public key of user A
- User B takes the inputs which were used before the hash got generated and re-generates the hash. This hash will be used as a comparison.
- Using a cryptographic algorithm user B is able to decrypt the signed hash from user A with the provided public key
- User B compares the hashes and verifies that user A owns the inputs.
In this system, the public key is distributed freely and is paired secretly to a private key. It is not a problem if a public key is known, but the private key must always be kept a secret. Even though the two are paired, calculating someone’s private key based on their public key is computationally so challenging that it’s financially and technically infeasible. If you lose your private key, you lose your funds. Protecting the key is the main disadvantage of this method.
Mining Algorithm – Proof of Work
Mining Bitcoin also involves cryptographic algorithms. The act of mining in the Bitcoin network, incentivizes network validators (also called Miners) to validate Bitcoin transactions truthfully and incentivizes them with newly minted Bitcoin. Hashing is used to create mathematical puzzles that need to be solved to create a block.
How does it work in detail? Miners compete with each other to generate a valid block of transactions. This competition is driven by a cryptographic puzzle where all miners compete to be the first to find a solution to a mathematical problem – the competition to find an input that gives a specific hash value. By doing so, the miners perform computational work to solve the puzzle, this is why the process is referred to as Proof of Work (POW) based on the Idea of Adam Back and Hashcash. Solving the mathematical problem requires that a miner collects all recent transactions + some metadata, verify the transactions and run all the data through a SHA256 algorithm. The miner must come up with a number matching a predefined one by the algorithm.
In order for a block to be accepted by network participants, miners must find that specific hash value, and by doing so they covers all of the data in the block. The miner who is the first to find a the number, wins the competition. This generates a new block of transactions, which represent a bundle of the recent transactions that were sent over the network. The miners make sure that all transactions included in a block are valid. Every time a valid block is generated miners get a reward in the form of newly minted BTC. The coding of the blockchain algorithm is set up to reward the person for doing the mining and thus helping to verify the blockchain transactions while keeping the network safe. Every time more miners join the network the algorithms adjust the difficulty of the network.
The difficulty of this work is adjusted so as to limit the rate at which new blocks can be generated by the network to one every 10 minutes. This method makes it unpredictable to know which computer in the network will be able to generate the next block. Each new block generated contains the hash of the preceding block, thus each block has a chain of blocks that together contain a large amount of work – thus the term blockchain. Changing the data in a block therefore requires an attacker to regenerate all successor blocks, and redoing the computational work they contain. This is possible but would require an unfeasible amount of computing power, which protects the blockchain from manipulation attempts.
Given that the hash function used is cryptographically secure, the only way to find a solution to that problem is by trying all possible combinations (brute force). The validator (miner) who is the fastest to solve the mathematical puzzle, is the winner and gets to elect the next block to be added to the blockchain. Whenever a new block is mined, that miner gets rewarded with some currency (block reward, transaction fees) and thus are incentivized to keep mining. Due to the limited supply of computational power, miners are also incentivized not to cheat. Attacking the network is possible, but would cost a lot because of the high cost of hardware, energy, and potential mining profits missed. The picture illustrates very well how Bitcoin, and any other coin that uses Proof of Work, discourages malicious behavior.
Proof of Work, therefore, provides the needed security of the network and has been proven to make the Bitcoin network and other Networks attack resistant (no manipulation by outside attackers) so far. However, because of it’s computational intensity it is also very energy consuming.
Also published on Medium.