Professional Documents
Culture Documents
You may ask how Alice can get Bob’s public key knowing only
his Bitcoin address? That’s very simple. If Bob has ever used his
address for spending money, his public key is stored in the
Blockchain, so it will be quite easy to retrieve it.
Algorithm
1. Alice knows Bob’s Bitcoin address.
2. Alice looks up Bob’s public key in the Blockchain.
3. Alice generates a shared secret based on her private key and
Bob’s public key using ECDH algorithm.
4. Alice encrypts a message using 256-bit symmetric AES
encryption with a shared secret.
5. Alice sends an encrypted message to Bob. She also lets him
know her Bitcoin address.
6. Bob looks up Alice public key in the Blockchain.
7. Bob generates a shared secret based on Alice’s public key and
his own private key using ECDH algorithm.
8. Bobs decrypts a message using 256-bit symmetric AES
encryption with a shared secret.
Proof
Let’s go through every step to prove that it will work.
In this example, Alice uses a compressed Bitcoin address
(1BgGZ9tcN4rm9KBzDn7KprQz87SZ26SAMH), while Bob uses a regular
one(1LagHJk2FyCV2VzrNHVqg3gYG4TSYwDV4m). For simplicity, these
addresses were taken from the Bitcoin private key directory.
Encoding:
Decoding:
So it worked!
Consequences
Using this method we can do many fun things. E.g. we can
create a server (or a distributed system), which will store all
messages sent to all users. This makes possible for Alice to send
a message to Bob, even before he started using a messenger. To
get all messages, Bob does not ever need to sign in into a
messenger. He can just run a simple REST request to get all of
his data.
Support
Like an Idea? Make it happen: 135rcdVPUie3g1PXPazALpggZ6E72HVNj1!
How does ECDSA work
in Bitcoin
ECDSA (‘Elliptical Curve Digital Signature Algorithm’) is the
cryptography behind private and public keys used in Bitcoin. It
consists of combining the math behind finite fields and elliptic
curves to create one way equations, meaning you can choose
your private key (some number) and easily calculate your public
key (some other number). However, I can’t take my public key
(or anybody else’s for that matter) and easily calculate their
private key. In fact, for Bitcoin it would take trillions of
computers trillions of years of continuous guessing of different
private keys to figure out which one creates a given public key.
Finite Fields:
Elliptic Curve:
P+Q+R=0
so,
P + Q = -R
What about the case where P is tangent to the curve, such that
there are only two intersecting points.
Since, P is tangent to the curve, you have P = Q and therefore, P
+ P = -R from the equation above. Or, 2P = -R. This is called
point doubling for elliptic curves.
When you combine finite fields and elliptic curves you get the
magic of cryptography. The equation for an elliptic curve
transforms to the following:
11P = R
P + 10P = R
P + 2(5P) = R
P + 2(P + 4P) = R
P + 2(P + 2(2P)) = R
P + 2(P + (2F)) = R
P + 2(P + C) = R
P + 2(D) = R
P+E=R
Add point P and point E to get R! So you can see how point
addition and point doubling allows us to calculate scalar
multiplication for xP = R.
Elliptic curves over finite fields have the same property. We can
continually add P on to itself creating scalar multiplication.
We can see that P = (3,6) and it takes 5Ps to get back to the
same point (3,6). That means P = (3,6) and so does 6P, 11P,
16P…etc. Check out this awesome calculator and visual tool
from Andrea Corbellini to verify and to try other examples.
Once you choose your private key and multiply it by the base
point P, you get a new point (x,y) in the finite field/elliptic
curve. This is your public key. It is computationally easy to use
your private key and multiply it by the base point to get the
public key, but it is computationally difficult to start with the
public key and work backwards to calculate the private key. The
equation is a one way street.
The private key and public key are now available to create
digital signatures like we discussed in the last post.