A digital signature is a unique cryptographically generated alphanumeric sequence that proves the ownership and correct transfer of a specific transaction.
In order to understand digital signatures, this article also offers a basic explanation of public keys, private keys, and cryptography. This article is also primarily concerned with encryption and digital signatures that are being used for cryptocurrencies like Bitcoin.
Digital Vs. Handwritten
You can compare digital signatures to handwritten signatures. They are both forms of authentication; however, they have one crucial difference. Handwritten signatures prove ownership through consistency, so a physical signature is valuable for its identical recreation.
This is not the case with digital signatures. Digital signatures are valued because each one is unique. A digital signature cannot be recreated without the identical input data and unlocking script. So, if any single variable is changed in the input, then the digital signature will not be correct.
Digital signatures computational cryptography to protect confidential information, as well as ensures that information is being shared appropriately. Digital signatures used for cryptocurrencies like Bitcoin, for example, are unique to each transaction. This is because each transaction requires a unique digital signature that matches the data of the transaction.
The Security of Cryptography
So what is it that makes digital signatures so secure? Digital signatures use asymmetric cryptography. Asymmetric cryptography relies on two different keys: a public key and a private key. This means that the public key can be shared with anyone, but the private key is never shared.
Digital signatures are therefore useful for several reasons when transferring transactions on a blockchain.
Because of the sensitivity of encryption, data cannot be changed without it affecting the rest of the transaction or data. As a result, digitally signed data is safe from being tampered with. The computations used for encryptions make it nearly impossible for a hacker to correctly manufacture. So digital signature guarantee that both data being sent, as well as the identity of the individual who is sending it.
Digital signatures are calculated by combining the original data from the message being sent with a private key. Private keys are known only to the owner of the said private key.
Digital signatures are therefore a crucial aspect of cryptocurrency transactions that rely on blockchain platforms. By applying asymmetric cryptography, each transaction on the Bitcoin blockchain requires a public key and a corresponding private key. So, a digital signature is used to secure and validated each individual blocks on the blockchain.
When we are talking about digital signatures on a blockchain like Bitcoin’s, it is helpful to understand the role of public keys and private keys.
Public Key v. Private Key
Public keys are similar to email addresses. Email addresses are public, and when you want to send someone an email, you must have their address. The same is the case with a public key. A public key needs to be made public if you want to send and receive cryptocurrency.
A public key is linked to a private key, in a similar way that you have a password for your email address. So, a transaction sent to a specific public key is only accessible with the correct private key. The correct private key allows for a transaction sent to a public address to be decrypted.
A private key and digital signature are always linked as the private key is a crucial part of the process of encryption and decryption. The essence of a digital signature is that it only matches the transaction it is validating, or unlocking only.
Here is an illustration of the basic structure of a digital signature looks like:
[private key] + [transaction data] = digital signature
Here is another illustration (note it is not an accurate example of an encrypted digital signature):
If the private key is [1 2 3] ADD the transaction [4 5 6] = (6 + 15 = 21) digital signature = 21
Digital Signatures are a part of the much more detailed explanation of programming languages or script.
If you would like to know more about the specifics of the contents of digital signatures, then I encourage you to read a much more detailed description of Bitcoin script on the blog.
Although these illustrations are completely inaccurate, they demonstrate a certain simplicity of the script, particularly, that when you combine different variables with one another, you will get a different outcome. This is also why it is unlikely for a digital signature to be formed.
The image below is a more accurate and detailed representation of the role of a digital signature in the cryptographic process. As you can see, the signature is formed in the middle, between the data and private key from the sender (signer) and the public key from the verifier.
Signatures and Security
The complication and sensitivity of these computations are what gives a digital signature its security.
The uniqueness of digital signatures is ensured by using algorithms with the following qualities:
- They use a key generation algorithm, which is made using a private and public key.
- They use a signing algorithm that combines data and a private key to make a signature. For Bitcoin, this is the SHA-256 hash.
- They use an algorithm that verifies signatures and determines whether the message is authentic based on the message, the public key, and signature. Again in the in Bitcoin’s case, this verification is built into the script or the design of the program.
By using a complicated algorithm, digital signatures make sure that it is nearly impossible to use the public key or the encrypted data to find the private key by solving backward.
A digital signature or encryption process has no value if you can work backward from the outcome and solve for the original data. Bitcoin avoids this problem by using the SHA-256 hash, which applies the elliptical curve function.
Part of the genius of a cryptocurrency like Bitcoin is that it relies on a programming language (or a script) that uses operation codes which are fairly simple. Essentially the program combines the input variables which checks the digital signatures from by public and private keys against the code of the program.
The primary function that Bitcoin uses is SHA-256. This hashing function relies on the elliptical curve function. All you need to know for now about SHA-256 and elliptical curve functions are that they use complicated algorithms of vast variables.
Moreover, SHA-256 is deterministic. A deterministic hash is crucial, because if you could get the same answer with different inputs, then your transactions would not be unique or secure. Because someone else might accidentally have the same output as you. However, the algorithms used by Bitcoin make this nearly impossible because there are so many variables to work with.
Not only do digital signatures secure data through encryption, but they also secure the identity of the individual sending it. This is because ownership of a digital signature is always bound to a certain user. As a function of private key ownership, one can be sure that they are communicating with whom they intend to.
Multisignature
A “multisignature”, often referred to as multisig, is a digital signature scheme that requires more than one signee to approve a transaction. There are many reasons to use a mulitsig, high on the list is that using more than one signature increases the security of a transaction.
If more than one signature is required, it is more difficult for malicious attackers to be successful. This is not only because more than one person needs to approve the transaction, but also because more than one private key is necessary, which increases the complexity of the encryption.
So a multiscript means is that there are at least two sets of private keys that are required, and therefore more than one digital signature must validate the transaction.
Cryptography
Cryptography in a programming language is the process of disguising and revealing information; otherwise known as encrypting and decrypting information. This is done using complex mathematical functions.
Asymmetric cryptography is the most secure form of cryptography. Cryptocurrencies such as Bitcoin use asymmetric cryptography.
Essentially all asymmetric cryptography means is that two keys are required in order for a transaction to be verified: a public key and a private key. This is also referred to as “Public-key cryptography.”
So, a public key is matched to the private key using an encryption scheme that relies on a mathematical function, which is performed by the program or the script.
The process of cryptography means that information can only be viewed by the intended recipients. The recipient must, therefore, posses the corresponding unlocking key or private key.
Cryptography is simply taking unencrypted data or a message, such as a piece of text, and encrypting it using a mathematical algorithm, known as a cipher. For Bitcoin this is SHA-256. In doing this plain text becomes unreadable without the correct unlocking script.
This process produces a ciphertext, which is a piece of information that is completely useless and nonsensical until it is decrypted with the corresponding private key. This method of encryption is known as symmetric-key cryptography.
Unlike symmetric key algorithms that rely on one key to both encrypt and decrypt, asymmetric algorithms require a specific key to perform a unique function. The public key is used to encrypt and the private key is used to decrypt.
When a cryptocurrency relies on a strong hash function or encryption formula like Bitcoin does, it is computationally infeasible to compute the private key based on the public key. What this means, is that theoretically, given an unlimited amount of computational power, the private key could be worked out from the output data.
Using an algorithm like SHA-256 makes working backward completely infeasible. It is just too computationally expensive to try to solve for a private key from the public key in order to then forge a digital signature. As such, it is nearly impossible to forge a digital signature that relies on asymmetric cryptography.
Because of the level of security acquired through this encryption process, public keys can be freely shared. Sharing public keys makes it easy and convenient method for users to encrypt content and verifying digital signatures.
Private keys are always kept secret however, this ensures that only the owner of the private key can decrypt the content and create digital signatures.
The Importance of Digital Signatures
Digital signatures are a crucial part of the functionality and security of cryptocurrencies. Here is a brief summary of the qualities that make digital signatures useful for cryptography:
- Message Authentication: Cryptocurrencies were designed to eliminate guesswork and issues of distrust. A digital signature makes it possible to be sure that you are dealing with the right person, or more correctly address. Without the correct digital signature, no transaction can be validated. That means that the recipient can be assured that they are receiving a message from the correct sender, because if the signature does not match the public key, then the transaction will not be validated by the programme.
- Data integrity: A digital signature is essentially tamper proof. The reason I say “essentially” is that there is always some hacker out there willing to go the extra mile to cause problems. However, no matter how dedicated the hacker, tampering with a digital signature has a very low success rate. This is because by design digital signatures are very sensitive. Therefore, if any of the data has been tampered with a transaction cannot be validated because all of the pieces of the cryptographic puzzle will not match. In the case that a digital signature has been tampered with, the recipient will then see that the information does not match the input data, and can deny the transaction.
- Non-repudiation: Only the owner of a private key will (should) have access to the private key. Therefore, if a transaction is under dispute, it is simple to prove ownership with the correct private key. Because only the owner has access to a said private key, ownership is essentially indisputable.
