As mentioned earlier two functions of cryptography are used in Bitcoin, one is hashing and the other is signing. The previous article talked about hashes, and the following article will talk about signing.
To talk about signing, we need to talk about account management in the Bitcoin system. In everyday life, if you want to open an account, you have to go to the bank with your documents to open an account. That’s how accounts are managed in a centralized system. Bitcoin is decentralized, it doesn’t have a practice like a bank, so how do you open an account? Each user opens an account on their own, without anyone’s approval. The process of opening an account is very simple: you create a public and private key pair.
Creating a public-private key pair locally is an account, and this represents an account in Bitcoin. The concept of a public-private key comes from asymmetric encryption algorithms, which are the earliest encryption algorithms that were symmetric, that is, they didn’t have this a, that was called a symmetric encryption algorithm. communication network can be eavesdropped. What should we do? We discuss a secret key, called encryption key, in advance, I encrypt the message and send it to you, and then you decrypt it with the secret key after receiving it. Because this encryption and decryption with the same secret key, so this is called symmetric encryption system. The premise is that, assuming that there is some kind of secure channel to distribute the secret key to both sides of the communication. You obviously can’t say that the secret key is transmitted in plaintext over the network. Let’s assume that the network itself is inherently insecure and could be eavesdropped on. This is one of the weaknesses of the symmetric encryption system, which is the inconvenience of distributing the secret key. To solve this problem, asymmetric encryption systems were proposed. That is, instead of using one secret key, a pair of secret keys is used. There is a public key and a private key. The public key is used for encryption and the private key is used for decryption. For example, I want to send a message to you, I use your public key to encrypt the message; you receive it, and then use your private key to decrypt, get the original message. Note that the encryption and decryption are done with the same person’s public and private keys, i.e., they are both the recipient’s public and private keys.
What is the advantage of this? The public key is not kept secret, you can tell everyone, some people have their public key listed on their homepage. the private key is kept secret, because the decryption is done using the private key. However, the private key only needs to be kept locally and not passed on to the other party, meaning that the person you are communicating with does not need to know your private key. He is encrypting with your public key. If you want to reply to him, you encrypt it with his public key. Neither party needs to know the other’s private key. This solves the problem of the inconvenient distribution of secret keys in symmetric encryption.
In the Bitcoin system, to create an account, you generate a pair of public and private keys locally. The public key is equivalent to your bank account number, so if someone wants to transfer money to you, they only need to know your public key, and the private key is equivalent to your account password. Know this private key can transfer the money on this account. So there’s a problem. I said earlier that the Bitcoin system is not encrypted, and although it’s called a cryptocurrency, it’s actually not encrypted, and the information is all public. So what do you need this public key and private key for? They’re actually used for signatures.
Let’s say I’m transferring ten bitcoins to you, and I post that transaction on the blockchain. How do people know that I actually initiated the transaction? Could it be an impostor trying to sneak money out of my account? This requires me to use my own private key to sign the transaction when I post it, and then use my public key to verify the correctness of the signature after other people receive the information about the transaction. That is to say, the signature with the private key, verify the signature with the person’s public key, still the same person’s public-private key pair.