Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Grokking Bitcoin: understanding the world's strongest cryptocurrency

2,087 views

Published on

If you think Bitcoin is just an alternative currency for geeks, it's time to think again. Grokking Bitcoin opens up this powerful distributed ledger system, exploring the technology that enables applications both for Bitcoin-based financial transactions and using the blockchain for registering physical property ownership.

Save 42% off Grokking Bitcoin with code slrosenbaum at: https://www.manning.com/books/grokking-bitcoin

Published in: Software
  • Be the first to comment

Grokking Bitcoin: understanding the world's strongest cryptocurrency

  1. 1. Digital Signatures and Bitcoin From Grokking Bitcoin by Kalle Rosenbaum Save 42% off Grokking Bitcoin with code slrosenbaum at manning.com
  2. 2. Digital signatures A digital signature is a digital equivalent of a hand written signature. The difference is that a hand written signature is tied to a person, while a digital signature is tied to a random number called a private key. A digital signature is much harder to forge than a hand written signature. Bitcoin uses digital signatures to secure your money. For a more illustrative example, see the next slide.
  3. 3. Digital signatures
  4. 4. Improving cookie token security – with digital signatures! Meet Lisa. Lisa works for a quickly-growing company. Lisa keeps track of digital cookie tokens with a simple spreadsheet. Co-workers can buy cookies with the tokens. The company grows to the point that Lisa no longer recognizes everyone, and some of the newer employees begin to tell Lisa that they are someone else when they take cookies!
  5. 5. Improving cookie token security – with digital signatures! Things are getting out of hand, so Lisa comes up with a great plan. She is going to require everybody to digitally sign their CT transfers, by writing a message and a digital signature on a piece of paper or in an email, in order to get cookies. Lisa will not update the spreadsheet unless she receives a properly signed CT transfer message. The cafe will not hand out a cookie unless they see a new payment to the cafe in the spreadsheet.
  6. 6. Improving cookie token security – with digital signatures! To illustrate: Suppose that there is a new guy at the office, named John. The company has given him some CT as a welcome gift when he started. Now John wants to buy a cookie in the cafe for 10 CT. He needs to digitally sign a cookie token transfer. The next two slides contain diagrams showing the process of setting up John’s key pair, and john purchasing his cookies using 10 CT.
  7. 7. Here’s how Lisa sets up John’s key pair
  8. 8. When John wants a cookie, he sends a message!
  9. 9. There are three phases to the process on the previous slides: 1. John prepares by generating a key pair. The private key is kept secret by John, and the public key is handed over to Lisa. This is a one-time setup step. 2. John wants a cookie. He writes a message and signs signs it with his private key. He gives the message and the digital signature to Lisa. 3. Lisa verifies the signature of the message using Johns public key and updates the spreadsheet. Cookies!
  10. 10. Generating a key pair The signing and validation process is based on a pair of “keys” – a private key and a public key. John needs a private key in order to sign payments and Lisa will need John’s public key in order to verify John’s signatures. So, John will need a key pair. The key pair is created by first generating a private key, and then calculating the public key from that private key.
  11. 11. Generating a key pair
  12. 12. Generating a key pair John will use a random number generator to generate a huge, 256 bit, random number – his new private key. The private key is then transformed into a public key using a public key derivation function. The public key derivation function is a one-way function. You cannot derive the private key from the public key. The security of digital signatures relies heavily on this feature.
  13. 13. Generating a key pair The private and public keys are thought of as a pair because they have a very strong relationship; The public key can be used to encrypt messages that only the private key can decrypt. It also works the other way around, the private key can encrypt messages that can only be decrypted by the public key. See the next slide for a diagram.
  14. 14. Encrypting and decrypting
  15. 15. Generating a key pair Encryption is used to make messages unreadable to parties that don’t hold the proper decryption keys. For instance, only John, with the private key, can decrypt messages encrypted with a public key. However, anyone with a public key could decrypt a message which John encrypts with his private key. Note: it’s not usually a good idea to encrypt with the private key, because the public key is, well, public.
  16. 16. Locked box example To fully illustrate the relationship between the private and the public keys, imagine a box with a lock. The lock has three states: Left (locked), Up (unlocked), and Right (locked). There are two keys to this lock, one key can only turn the lock to the right (clockwise) and the other key can only turn the lock to the left (counterclockwise).
  17. 17. Locked box example
  18. 18. Locked box example Let’s assume that John selects the right-only key to be his private key. The left-only key is then his public key. He could chose either one of them to be the private key, it does not matter. He makes several copies of the public key and hands them out to Lisa, Ellen and a bunch of other people. He keeps the private key to himself in his pocket. Ellen can now encrypt a secret message to John. She writes a note with a secret message: Hey, your zipper is down
  19. 19. Locked box example Ellen then puts the secret message in the box, closes it and locks it with her copy of the public key. The public key only turns to the left, so when she is done the lock is in its leftmost position. The box is now locked. To open the box you need a key that can turn the lock to the right. Only John’s private key can do that. None of the copies of the public key will help, because they can only turn to the left.
  20. 20. Locked box example John can now use his private key, that only turns right, to unlock the box and read the secret message. He is confident that the message has not been read by anyone else during its time in the box, because he has had his private key in his pocket all the time. He reads the message, and discreetly turns around and zips up his pants. The next slide shows the entire process in a diagram.
  21. 21. Locked box example
  22. 22. Sign and verify John doesn’t know who sent the message – it could have been anyone with the public key. This works both ways, as John can write a message that anyone with a public key can read. We can also be absolutely sure that John wrote the message, because he is the only person who has a copy of the private key.
  23. 23. Sign and verify Taking John’s earlier purchase of cookies as an example, John could write the following message: Lisa, please move 10CT to Cafe. /John He closes the box and locks it with his private key, that only turns right. When he is done, the box is locked in the rightmost position. Lisa can now use her copy of the public key to unlock the box by turning it left one step to the upright, unlocked, position.
  24. 24. Sign and verify Lisa is certain that the message came from John and moves 10 CT.
  25. 25. Let’s have a close look at how the signing really happens.
  26. 26. Lisa looks at the note and sees that the note claims to be from John, so she looks up John in her table of public keys.
  27. 27. Lisa can now be sure that no one is trying to fool her. She updates the spreadsheet with John’s transfer:
  28. 28. Now you know how key pairs work, which is especially important for understanding fundamental Bitcoin security. Save 42% off Grokking Bitcoin with code slrosenbaum at manning.com

×