Oddbean new post about | logout
 The magic of digital signatures and how it works, high level (necessary to understand the #Bitcoin Whitepaper)...

Without digital signatures it's not possible to prove your own something digital without a trusted central authority.

What you own is a secret number, a number that is large and not guessable and only you know it. Only you knowing it IS the ownership. 

This number is the private key, or convertible into the private key format.

From the private key a public key is made. It is determined by the private key and is a reproducible calculation. 

The public key has the name suggests is revealed publicly, and is used in a way to prove that you know the number that produced the public key, WITHOUT REVEALING THE PRIVATE KEY. That is the essence of the invention of public-private key cryptography, and his magical.

You are proving you know a number without revealing the number. This is necessary because if you reveal it you no longer own it because you are not the only one that knows it. 

I won't actually going to all the math today, but broadly this is how it works...

Any data is selected to begin with, and all digital data is essentially a number. This data is called the message. 

The message is manipulated mathematically with the private key, another number. That number in a digital SIGNATURE.

The public can then take three pieces of information and EASILY and cheaply confirm validity or invalidity (true/false)...

1. Message
2. Public key
3. Signature 

If the result of combining these three numbers is valid, then it can be concluded that the private key that produced this particular public key is known by whoever produced the signature.

This is applied in Bitcoin in a genius way where the message is the transaction and includes the public key inside the message, and who is being paid (via public-key/address). All of that is in the message. If you begin to understand this you can then make sense of the Bitcoin whitepaper.

Note that it is not the address that is used for the cryptography... The address is like an abbreviation of the public key. Using an address instead of a public key in the message saves data. When a transaction is signed ie when someone wants to prove they own the private key to an address, they will reveal the public key that creates the address. The public can then confirm that that public key creates the address that is being spent from.