Encryption and digital signature are important foundations of the blockchain concept. This article explains the asymetric encryption and the digital signature used with blockchains.

The article is part of a series starting with this article: Blockchain Foundations Part 1: Distributed, Decentralized and Centralized Computer Architecture

The articles are drawn from my book "Blockchain and Crypto Currencies Easy to Understand for Everyone, Thomas Bauer". Please refer to the part 1 article for a introduction to the blockchain foundations series.

Encryption and Digital Signature

Blockchain uses asymmetric encryption. There are different terms like asymmetric cryptography, public key cryptography or public/private key cryptography. These all address the approach explained now:

• Hans wants to send a message to Katja. He wants to ensure only Katja to read the message.
• First, they need to agree on an encryption method. This encryption method must be able to encrypt a message using the public key and to allow only the holder of the private key to decrypt the message. And the method must be able to generate the needed key pairs consisting of a public and a private key.
• Usually the encryption method is given by the used application.
• Katja generates a key pair and publishes her public key. The private key she keeps a secret. For the key generation a random private key is created first. The public key will be derived from the private key by a one-way function. To derive the private key from the public key is practically impossible.
• Hans uses Katja's public key to encrypt the message and sends the encrypted message to Katja.
• Katja receives the encrypted message and uses her private key to decrypt the message.

We can encrypt a message using the public key of someone else and only the holder of the matching private key is able to decrypt this message. Vice versa we can sign a message using our private key and anyone else can check the message for being unchanged by using our public key.

Blockchain uses asymmetric encryption for example for crypto currencies.

This time Hans wants to send 0,25 Bitcoin to Katja instead of the text message.

• The encryption technique used for Bitcoin is Elliptic Curve Digital Signature Algorithm (ECDSA). It is not important to understand the algorithm itself. Hence the algorithm is not explained in this book. For us is important that it is a cryptographic one-way algorithm. It derives a public key from a private key and it is not possible to derive the private key from the public key.
• Katja generates a key pair. This way she gets a public Bitcoin address and the corresponding private key. This public Bitcoin address is not derived directly from the private key. It is an address resulting from the public key derived from the private key and further processing.
• Her public Bitcoin address she sends to Hans.
• Hans now sends the Bitcoins to this public Bitcoin address.
• Hans sends a message to Katja to tell her that he transferred the Bitcoin amount to the Bitcoin address she told him. Or Katja checks her Bitcoin address to find out if the Bitcoin amount already has been booked on this address.
• The only one who can use the Bitcoin amount available on this public Bitcoin address is the holder of the corresponding private key. In this case this is Katja. To transfer these Bitcoins to someone else she needs to sign the transaction with her private key. With this signature and the corresponding public key, for the blockchain software it is possible to check if it is the holder of the private key who tries to use the Bitcoins. This way nobody else can use the Bitcoins tied to this Bitcoin address.

This was a simplified explanation. Effectively Hans creates a Bitcoin transaction sending the Bitcoins to an address. This information then is available in the blockchain and everyone can see it. But Katja is the only one being able to use the Bitcoins bound to this address. She owns the necessary private key for doing this. This private key she may not really see but it is stored in a wallet and the wallet uses the private key to sign the transaction that uses the Bitcoins.

It is important to know that we send our crypto coins to a public address and only the owner of the corresponding private key can use the Bitcoin bound to this address. Check digits at the end of the address help to avoid typing errors when sending crypto coins to an address.

In detail each crypto currency has an own procedure and differently structured address. If we are going to deal with a cryptocurrency then we should find out how the encryption and addressing is designed for this currency.