Understanding Digital Signatures and Cryptography in Cryptocurrency
The birth of cryptocurrencies has spawned a new wave of progress that connects cryptography and distributed computing. Granted, cryptocurrencies represent a polarised concept in our minds: on the one hand, they are generally regarded as highly volatile and speculative assets; on the other, they reflect a revolutionary technology that has the ability to transform existing systems and structures. A common consensus is that understanding this nascent technology is a daunting task filled with technical parlance and complex concepts that elude most of us. Investigating this technology is a vital prerequisite to appreciating the full extent of its potential.
This article will be dedicated to analysing the concept of digital signatures in the context of cryptocurrencies. Understanding digital signatures and their associated components should provide greater clarity regarding the basis of blockchain technology. In order to fully grasp the underlying notion of digital signatures, we must first be familiar with two fundamental concepts: hashing and asymmetric cryptography.
Component 1: Hashing
Hashing (sometimes referred to as “hashing function”) refers to the process of converting any form of data into a unique string of alphanumeric text with a fixed size. The hashing process requires the use of a hashing function, an algorithm that converts any data input into a data output (also called a “digest” or simply, a “hash”) with a fixed size. The size of the digest depends on the hashing function used in the process; there are many hashing functions that can be used to convert data. The most popular categories of hashing functions are Message Digest 5 (MD5) and Secure Hash Algorithm (SHA). In the context of cryptocurrencies, SHA-256 was the hashing function used for Bitcoin, the first decentralised cryptocurrency. The SHA 256 hashing function generates a unique 256-bit (or 32 byte) output (hence its name). For the purpose of simplicity, we will use the default hashing function of SHA 256 in this article.
The main purpose of a hashing function is to verify the authenticity of any piece of data. A simple example of this would be converting the message “Hello World” — using the SHA 256 hashing function — into a unique alphanumerical string of text, i.e., “A591A6D40BF420404A011733CFB7B190D62C65BF0BCDA32B57B277D9AD9F146E”. As you can see, the digest, or data output, is 64 digits long with each digit representing 4 bits (adding up to 256 bits ultimately). If you were to use any SHA 256-based hashing function online, the message, “Hello World” would always be translated into the 64-digit string of text mentioned above. If any part of the message is changed, either by changing any letter or by making any letter upper- or lowercase, the entire digest would be totally different. As an example, the digest for “Hello world” (changing the uppercase “W” into a lowercase “w”) would churn out the following, using a SHA 256 hashing function: 64EC88CA00B268E5BA1A35678A1B5316D212F4F366B2477232534A8AECA37F3C. Although the initial message is technically the same, simply making the “w” a lower case letter changes the entire digest of the message. This proves that if anyone were to convert the same piece of data, it would always result in the same fixed output. This is an important feature for data integrity, since it would be easy to detect if an original message has been tampered with or modified.
One thing that can be said for sure about hashing is that it is a one-way process. This means that it is impossible for anyone to decrypt the original data input by simply analysing the digest.
Component 2: Asymmetric Cryptography
Cryptography refers to the method of protecting information by using codes, ensuring that only the intended recipient can process and read particular data. Cryptography is the basis of the technology underlying cryptocurrencies. There are two types of cryptography: symmetric and asymmetric cryptography. Symmetric cryptography refers to the method of using a single key (code) to encrypt (encode) the data on the sender’s side and decrypt (decode) the data on the receiver’s side. Only the two parties — the sender and receiver — know the key, therefore, providing the security of the transaction. However, a weak point is that sharing the key over the Internet could result in it being compromised.
Asymmetric cryptography — the mechanism used by Bitcoin and the majority of cryptocurrencies — confers users with a pair of keys; a private key and a public key. A public key can be shared freely with anyone, while the private key is strictly confidential, only for the user; it cannot be shared or disclosed. A simple analogy is that a public key resembles your bank account, while a private key resembles your pin to access your bank account.
Assume that Alice wants to send a Bitcoin to Bob. Alice needs to encrypt the transaction using Bob’s public key, as the only way to decrypt the transaction is by using Bob’s matching private keys. Bob is the only one who knows his private keys and would use them to decrypt the transaction. Asymmetric cryptography, in this case, provides confidentiality and security, allowing the secure sharing of public keys over untrusted mediums such as the Internet.
Putting it All Together: Digital Signatures
A digital signature refers to the mathematical technique of validating the authenticity and integrity of a message or transaction. It is represented by a digital code that is attached to an electronically transmitted message to authenticate its content as well as the sender’s identity. Digital signatures should not be confused with electronic signatures; the latter is just an electronic symbol attached to a contract or documentation that represents the equivalent of a handwritten signature. A digital signature requires both hashing and asymmetric cryptography techniques in order to provide integrity, to ensure that the message has not been altered or modified, and non-repudiation, according to which a sender cannot deny having sent the message.
To fully grasp the notion of digital signatures and how they apply to blockchain technology, here is a common example in the form of Bitcoin (BTC) transactions. Continuing from the previous example, Alice needs to create a BTC transaction if she wants to send Bob 1 BTC. Every BTC transaction is made up of inputs and outputs; starting from the point where a BTC is created during the minting process (called the “coinbase” transaction), the newly minted BTC will transit from being an input to an output when the miner spends his BTC. Each input contains the details of the previous transactions to validate that a sender actually has the funds in his digital wallet to send the funds. In this case, Alice adds her public keys into the inputs and proceeds to add Bob’s receiving public address as well as the exact funds meant to be transferred. Alice will then perform a hashing process to convert the transaction data into a digest, which forms a “fingerprint” of the transaction. As mentioned before, this provides a guarantee of integrity that the transaction has not been tampered with or modified. Alice will then need to encrypt the resulting digest (of the transaction details) with her private keys, which will result in a digital signature. It is important to note that only the digest is encrypted, not the actual transaction. Miners in the Bitcoin network can easily validate Alice’s transaction in the blockchain by decrypting the digest using Alice’s public key, which is publicly attached to the transaction itself. This enforces the trait of non-repudiation, since only Alice has access to her private keys and she is the only one who can sign off on the transaction.
The final step entails adding the digital signature to the input of the BTC transaction and the entire set of data is then hashed (again), resulting in another digest that is referred to as the transaction ID. For those familiar with cryptocurrencies, transaction ID is a metric used to locate a specific transaction in Bitcoin’s public blockchain.
Distributed computing existed long before the advent of blockchain technology. Techniques such as asymmetric cryptography, hashing and digital signatures are not new concepts in the realm of computer science. However, the culmination of these individual processes — both old and new — into a single distributed ecosystem is what makes blockchain technology revolutionary.
One-way hashing functions that convert any form of data into an arbitrary “fingerprint,” ensure that all messages are standardised and easily verifiable; any tampering of the underlying data could be spotted easily since the digest would be totally different. Add to that the system of cryptography leveraging a set of public and private keys and the resulting transaction is further reinforced with exponentially higher levels of integrity and non-repudiation, both traits that are central to blockchain. These two underlying components represent the bedrock of digital signatures, which are used by Bitcoin and consequently most of the cryptocurrencies in the market. Every transaction is secure, using a complex and interdependent set of rules that are self-reinforcing, with all stakeholders in the process inherently (economically) aligned.
* The information above does not constitute any form of financial or investment advice and should not be relied upon. Investing in Digital Assets carries risk. For more information please see our risk warning.