How Do Cryptographic/Digital Signatures in Bitcoin Work?

Digital signatures are a mathematical concept/technique used to verify the authenticity and integrity of information. In a manner similar to a handwritten signature or a stamped seal, digital signature is used to offer reasons to believe that a certain message/document was created by the designated sender. In many countries, including the United States, digital signatures are considered legally binding in the same way as traditional document signatures.

In most cases, a sender adds a one-way hash (encryption) of the message data using their public and private key pair. Then a receiver, using the public key, can validate the sender as well as the integrity of message contents. These signatures ensure three key acts of data verification:

• Authentication (confirming that the data is true, accurate)
• Non-repudiation (making the creator of the data unable to dispute its validity)
• Integrity (confirming that the data is accurate and consistent throughout its entire life cycle)

According to Wikipedia, the concept of digital signatures originates from Whitfield Diffie and Martin Hellman, American cryptologists known for working alongside Ralph Merkle on pioneering the cryptography we know today. Diffie and Hellman first described the notion of a digital signature in a publication released back in 1976. The publication addressed trapdoor one-way permutations, a concept widely used in cryptography describing mathematical functions that are simple to compute in one direction and at the same time almost impossible to reverse compute.

This technology was the further developed by Ronald RivestAdi Shamir, and Len Adleman who invented what we know today as RSA algorithms. These algorithms function by having the encryption key public and leaving the decryption key private; RSA algorithms represent the basis of very wide array of cryptography that is currently in use.

Other digital signature schemes, like Lamport signatures, Merkle signatures (also known as “Merkle trees” or simply “Hash trees”), and Rabin signatures were developed later on. Merkle trees remain of special interest for us as they represent the basis of any blockchain network.

What you'll learn 👉

A digital signature algorithm usually has three key parts:

1. Key generation

This part of the process includes the creation of the public/private key that will be used to encrypt/decrypt the content.

1. Signing algorithm

This part of the process takes the data that is being sent and the private key and encrypts it all.

1. Signature verification algorithm

This part of the process includes verifying the authenticity of the when it is given the message, public key, and digital signature. After confirming the message is authentic, the receiver can verify the integrity of the message by running it through the hashing algorithm that was originally used by the sender.

You can probably see why these signatures would be important for your average cryptocurrency. Digital signature is required encrypt what is being sent, to ensure that the contents of the message (in our case transaction) haven’t been altered in any way, shape or form during transit. Then when the message is received, the receiver needs to be able to decrypt the message in a way that ensures it stays authentic, true and immutable.

Most popular types of algorithms used in modern cryptography include:

• RSA Signatures

We already mentioned this type of signatures as one of the original public-key cryptography systems. RSA algorithm is a one-way trapdoor function based on the concept of prime factorization.

In this system, the encryption key is public and is different from the decryption key which is kept secret (private). The algorithm got its name from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, scientists who first publicly described it in 1978.

• Lamport Signatures

One of the earliest form of digital signing, it was invented by Leslie Lamport in 1979. Lamport signatures are a typical one-way trapdoor function that cannot be reused, and can be built from any cryptographically secure one-way function.

This means that Lamport signatures can be constructed from advanced cryptographic hash functions such as the Skein or Keccack hash.

In general, it is believed that these signatures are quantum resistant. While each Lamport key can be used for singing exactly one message, combined with hash trees, a single key could be used for several messages.

• Elliptic curve digital signature algorithm signatures (ECDSA)

Elliptic Curve Digital Signature Algorithm (ECDSA) offers a variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography. It relies on point multiplication to provide the one-way trapdoor digital signatures.

This form of cryptography represents an approach based on the algebraic structure of elliptic curves over finite fields. As such, elliptic curve cryptography requires smaller keys than its non-EC counterparts who provide equal security.

As such, it is very suitable for blockchain application as it helps reduce blockchain bloat and node client size. The NSA used this cryptography in the past and they believe that 384-bit ECDSA keys are secure enough for their classified documentation.

• Ring signatures

Anyone who has ever heard of Monero has probably heard about this technology as well. Ring signatures are digital signatures performed by a member of a group (a ring) of users who have keys. The message is therefore signed by a single member of this group and the information about the exact member who signed is intentionally obfuscated and computationally infeasible to figure out.

As mentioned, Monero and other CryptoNote algorithm-using currencies utilize ring signatures as a key part of its privacy features. Monero for example mixes the transaction senders key with several other public keys, thus creating a group. Ring CT technology (as its full name in Monero is) not only hides the amount being sent but also hides the funds from the public blockchain. Thanks to this, only the sender and the recipient know how much XMR was sent.

• Schnorr signatures

Patented in 1989, Schnorr signature technology is considered as one of simplest, efficient and discrete algorithms out there. The algorithm was protected by a patent by 2008, which is why it’s just now being explored as a possible solution to Bitcoin and other cryptocurrency scaling issues. These signatures have been suggested to the Bitcoin network through this BIP, and SegWit introduction has opened the path for Schnorr to be added to Bitcoin core software.

The trapdoor mechanism of this algorithm works thanks to specific discrete logarithm problems, thus creating a one-way function which ensures that the digital signature is quality.

One Schnorr’s biggest advantages is its multi-signature support which can be extremely helpful with Bitcoin. Each transaction input in Bitcoin requires its own signature which causes slowdowns and bloat. Schnorr can integrate multiple inputs into a single signature thus significantly improving the network’s scalability.

The digital signature algorithm used in Bitcoin can also help with privacy through CoinJoin integration, as it reduces the size of CoinJoin transactions; the algorithm also offers the Bitcoin network a chance to explore the implementation of multisig transactions.

Right now, the signing algorithm used in Bitcoin is ECDSA. This is the case mostly because Schnorr was patent protected up until 2008 and Satoshi had to explore other ways of providing digital signatures to his network. Other networks followed suit and ECDSA is currently the most widely used algorithm on the market.

Still, the potential of this technology is clear for everyone to see and seeing steps being made on introducing Schnorr to Bitcoin has put a smile on many a cryptographer/developer/miner/holder’s face for a reason.

We will be happy to hear your thoughts