Cryptography in Bitcoins

Hello folks! Since you are here reading this article, I believe you want to get a detailed view of the security mechanisms in Bitcoin. Yes you are right, cryptography which is basically a mathematical concept is the backbone of the security and authenticity of the cryptocurrencies including the Bitcoin. This article will delve a bit deeper into the cryptographical concepts that are used in Bitcoins and in most of the cryptocurrencies.

The term ‘Cryptography’ is a Greek term meaning ‘secret writing’. But cryptography is not just used for secret writing, instead it is also used for proving knowledge of a secret without being required to reveal it and prove the authenticity of data.

The foremost reason of using cryptography in Bitcoin is to prove ownership of the Bitcoin. You might have heard of the Double Spend problem with digital currencies. It is the phenomenon in which the same digital asset is used by different people or entities twice. At the end of the day, it is a digital file which different people can store and transact at the same time. Prior to Bitcoins, Central Authorities used to keep a track of the digital currencies spent and prove ownership.

Bitcoin which uses Cryptographic functions gave an answer to the Double Spend problem by proving ownership of the Bitcoin. The following sections cover a deep dive into the Cryptographic functions and concepts applied in Bitcoin.

Public Key or Asymmetric Cryptography

Public Key Cryptography was invented in the 1970s and is one of the foundations of the Bitcoin network. It uses mathematical functions like elliptic curve multiplication and prime number exponentiation which are a special class of mathematical functions. These functions calculate in one direction and make it impractical to calculate in the reverse direction.

For example, see below. The Equation (i) shown below multiplies two natural numbers ‘x’ and ‘y’ to find the product ‘k’. This equation is reversible, i.e. if we know the values of y and k, then we can find x and similarly if we know x and k we can find y.

x*y=k —-(i)

Now the Public Key cryptography uses such mathematical functions which cannot be reversed. For example in the equation (ii) shown below (which we assume is using a Public Key Cryptographic function) we can find the value of ‘K’ if we know the values of ‘k’ and ‘G’. However, we cannot find ‘k’ even if we know the values of ‘G’ and ‘K’.

k*G=K —-(ii)

Public Key Cryptography is used in Bitcoin to produce a pair of keys namely Public Key and Private Key. Private Keys are chosen randomly by the Bitcoin protocol. Public Key is derived from the Private Key. Public Key just like bank account numbers are used to receive funds and Private Keys are used to sign transactions to prove ownership of the funds.

Public Key Cryptography




The Bitcoin wallet which connects you with the Bitcoin Network has a pair of keys called Public Key and Private Key.

  1. The Private Key is generated randomly by the wallet software.
  2. The Public Key is derived from the Private Key by applying ‘Elliptic Curve Multiplication’ function, a one way cryptographic function.
  3. The Bitcoin Address is derived by applying a Hash Function (another one way Cryptographic function) to the Public Key.
Private Key produces Public Key which then produces the Bitcoin Address

Private Key

A crude comparison of the Private Key is with your Bank’s PIN or your signature that you apply on a cheque in order to transfer funds or for other transactions possible. A Private Key is used to generate a Digital Signature which is used to sign any Bitcoin transaction in order to prove ownership of the Bitcoins involved in the transaction.

The Private Key must remain a secret and properly backed up. Owning a Private Key is equivalent to owning the Bitcoins associated with the Private Key. It should be backed up properly to address any accidental losses of the Private Key. Losing the Private Key means loosing the Bitcoins forever. Google can report you past incidents of loosing the Bitcoins completely by loosing the wallet containing the Private Key.

How is a Private Key generated?

A Private Key in a Bitcoin is any 256 Bits number non-repeated and non-predicted, which is less than (n-1), where n=1.158* 1077, slightly less than 2256. The Bitcoin OS uses SHA 256 algorithm to produce a 256 Bits of entropy (randomness) which is less than (n-1).

The size of bitcoin’s private key space, (2256) is an unfathomably large number. It is approximately 1077 in decimal. For comparison, the visible universe is estimated to contain 1080 atoms.

Just for a demo you can visit bitaddress.org to generate a Private Key and corresponding Public Key and the Bitcoin Address. The algorithm will generate a random 256 Bits number non-repeated and non-predicted (in fact you will also be prompted to wiggle on the screen with your mouse to kind of awaken the randomness generator algorithm). This is the Private Key and a corresponding Bitcoin Address will also be generated and shown on the screen which you can print to store in a Paper Wallet (cold storage).

Public Key

As mentioned earlier, the Public Key is derived by applying Elliptic Curve Multiplication to the Private Key.

K=k*G

Here K is the Public Key

k is the Private Key and

G is the a constant point called the Generator Point.

The reverse calculation (called finding the discrete logarithm) is not possible. This means that we cannot find the Private Key (k) by just knowing the values of the Public Key (K) and the Generator Constant (G).

Bitcoin Addresses

The Bitcoin Address is derived by applying the Hash function to the Public Key. It is a string of alphanumeric characters starting with 1. It can be shared with anyone in the Bitcoin network for receiving Bitcoins. A typical Bitcoin address is shown below.

1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy

A Hash function is a one way cryptographic function (asymmetric) which produces a Hash or a Fingerprint of any arbitrary sized input. The algorithms used to make a bitcoin address from a public key are the Secure Hash Algorithm (SHA) and the RACE Integrity Primitives Evaluation Message Digest (RIPEMD), specifically SHA256 and RIPEMD160.

SHA256 is applied to the Public Key first. Then RIPESMD160 is applied to the result, producing a 160-bit (20-byte) number which is the Bitcoin Address:

A = RIPEMD160 SHA256 K

where K is the public key
A is the resulting bitcoin address.

Key Formats

Before understanding the various formats in which Keys can be represented, we should understand different formats of encoding the digital data namely, Binary, Hexadecimal, Base64, Base58.

Binary Data: The Binary Data format uses ‘0’ and ‘1’ to represent any data.
Bits and Bytes: A Bit is the smallest unit in which digital data can be expressed. A Bit can only store either of the two values ‘0’ or ‘1’.
1 Byte=8 Bits
1 Kilobyte= 1024 Bytes (not one thousand bytes as you might have been expecting, since computers use Binary math)
1 Megabyte(MB)=1024 Kilobyte
1 Gigabyte (GB)= 1024 MB
Hexadecimal format: In order to represent long numbers short, the computer uses Hexadecimal formats. In a normal decimal format we use the ten symbols from 0 to 9 to represent data. In the Hexadecimal format 16 alphanumeric symbols are used which comprises of the ten digits from 0 to 9 and the 6 alphabets from A to F.
{0123456789ABCDEF}
Base64 format: Even much shorter version is achieved by using the Base64 format which uses the 26 uppercase alphabets, 26 lowercase alphabets, 10 numerals and 2 more characters such as ‘+’ and ‘-‘ to transmit Binary data.
Base58 format: Base58 format is devised especially for Bitcoins and some other cryptocurrencies. It contains the 26 uppercase and lowercase alphabets, 10 numerals but omits the characters {0 (zero),O (capital o),I (capital i),l (lower L)} which are often mistaken for one another. It also omits + and -.
Base 58 format which is used in Bitcoins and other cryptocurrencies offer a balance between compact representation, readability and error detection.
Base58 Check: Base58Check is a further modification of the Base58 format to avoid any typing and transcription errors. It has a built in code which calculates the Checksum of a given data. The Checksum is calculated by calculating the Hash of the data and is added to the end of the data. This is especially used to represent Bitcoin addresses. The built-in code will add a Checksum data at the end of the Bitcoin address. When you share the Bitcoin address to receive funds, the wallet software scans and Hashes the address to calculate the Checksum data. Then it compares with the Checksum already added to the end of the address. If there is a mismatch then it is an error which occurred due to a mistyped Bitcoin address. This prevents a mistyped bitcoin address from being accepted by the wallet software as a valid destination, an error that would otherwise result in loss of funds.

Now enough of Bits and Bytes. Let us now see the various encoding formats for Keys.

Private Key and public key Formats

Private Keys are represented in different encoding formats for different purposes.

Internal Storage in WalletsBinary format or Hexadecimal format
Import or export of Keys between walletsBase58Check
QR CodesBase58Check; Wallet Import Format
Private Keys: Different Encoding formats at different circumstances

Similarly a Public Key can also be represented in different formats at different circumstances. Before the discussion gets too technical, let me conclude this here for now by saying that Private and Public Keys can be represented in different encoding formats like Binary, Hexadecimal, Base58Check and are usually prefixed by a data called a ‘Version Byte’ which serves to easily identify the type of data that is encoded. For example, in the case of a bitcoin address the prefix is zero (0x00 in hex), whereas the prefix used when encoding a private key is 128 (0x80 in hex).

Added features in Keys and Addresses

Till now we have seen the standard methods and formats of encoding keys and addresses in Bitcoins. As people started participating in the Bitcoin network, new proposals for improving the protocol, formats have evolved and been proposed to the network. These are known as Bitcoin Improvement Proposals (BIP). We will now see some BIPs and the improvements proposed in Keys and Addresses.

Encrypted Private Keys (BIP-38)

Private Key must be kept as a secret. Storing your Private Key in a Paper Wallet/Paper(cold storage) is a great way to back up of your Private Key. But what if the Paper Wallet is stolen. The Private Key will be known to the thief who will be able to sign and spend Bitcoin transactions. These conflicting security goals led to BIP 38 proposing further concatenating (appending) a Passphrase (Password) with the Private Key. The BIP 38 proposes to encode the Private Key using Base58Check along with a Passphrase. The Passphrase is a long password which is either a group of words or a long string of alphanumeric characters. A Private Key encoded by BIP-38 will start with 6P.

An illustration of applying BIP-38 encryption on a Private Key is given below.

Private Key (WIF): 5J3mBbAH58CpQ3Y5RNJpUKPE62SQ5tfcvU2JpbnkeyhfsYB1Jcn
Passphrase: MyTestPassphrase
Encrypted Key (BIP-38): 6PRTHL6mWa48xSopbU1cKrVjpKbBZxcLRRCdctLJ3z5yxE87MobKoXdTsJ

Let us see how the BIP-38 encryption helps. Lets suppose a Paper Wallet backs up a Private Key in the BIP-38 format. Now if it is stolen the thief will enter the Private Key in a wallet. The Wallet will ask the Passphrase in order to import the Private Key in WIF format to be used for any planned transaction. Hence although the wallet was stolen the thief cannot use the Private Key for signing any Bitcoin transactions.

Conclusion

Cryptography is one of the vital pillars on which Bitcoin and other cryptocurrencies function the way they are supposed to. We read about Public Key Cryptography and the underneath concepts of Public Keys, Private Keys, Bitcoin Addresses and their encryption formats. Please let me know if I have missed any important concept here and I will be happy to write about it.

1 Comment

Leave a Reply