How Do Digital Signatures Work?
In this lesson, we’re going to learn how a digital signature actually works in Bitcoin and other cryptocurrencies.
In order to get to this point, we’ve had to learn several technical concepts first since they are the “building blocks” needed to create a digital signature:
If you’re NOT familiar with these concepts, they were explained in a noob-friendly way in previous lessons. Explore the links above to learn more.
How is a digital signature created?
Let’s take a look at how a digital signature is step-by-step:
- When you want to send bitcoin, your wallet creates a transaction message. This message contains information like the amount of bitcoins you wish to send and the recipient’s address.
- This message is run through a hash function.
- The hash function produces an output known as the “message hash” or just “hash“.
- This message hash is then encrypted with your private key.
- The encrypted message hash becomes the “digital signature“.
Here’s a flowchart of this process:
So at the end of this process, your wallet has created two “items”:
- Transaction message
- Digital signature (an encrypted hash of the transaction message)
At this point, nothing has been sent out to the Bitcoin network yet.
If you didn’t notice, the transaction message itself is needed as an “ingredient” to create the digital signature.
So you don’t just use your private key to create a digital signature… you use your private key AND the hash of the transaction message.
This means you can’t use this digital signature for another transaction. If you tried to use this digital signature in a second transaction, it would be rejected by the Bitcoin network because the digital signature is solely based on the data from the first transaction.
Every digital signature is unique to a specific transaction.
How is a digital signature verified?
In order to spend bitcoins from a particular Bitcoin address, one must prove “ownership” (or: knowledge) of the private key that’s paired with the public key associated with that address.
But you want to do this without having to reveal your private key.
A digital signature is something you can use to PROVE that you know the private key that’s connected to a public key, without having to reveal the actual private key.
Let’s see this works:
- When you initiate a Bitcoin transaction, your wallet software actually provides three “items” to the Bitcoin network: the original transaction message, the digital signature, and your public key (that’s tied to the address where the bitcoin you wish to send is currently stored).
- Once a Bitcoin node receives these “items”, it will separate them out.
- It will take the original transaction message and run it through the same hash function that you used earlier. (All Bitcoin software uses the same hash function.) As for the digital signature, it will use the public key you provided to decrypt it.
- Both hashes will then be compared.
- Are both hashes an exact match?
- If both hashes match, then this proves that you are the actual owner of the bitcoin you wish to send.
Here’s a flowchart of this process:
There are two things to point out here:
1. Being able to decrypt with the public key proves the sender’s identity.
In step 3, once a node is able to decrypt the digital signature, this proves your “identity”.
Remember, since a private key and public key are mathematically linked, if you’re able to decrypt a message with my public key, that means I encrypted it with my private key.
If you weren’t able to decrypt the message, that means it was encrypted by somebody else’s private key. And that means the message didn’t come from me.
2. Hashes that are an exact match prove that the message wasn’t altered.
In step 6, checking to make sure both hashes are an exact match ensures that the original message has not been altered.
This is important to know because unlike the digital signature is encrypted, the original transaction message is in plaintext because all Bitcoin transactions are public for all to see.
Remember, any slight change would produce a totally different hash. So if someone were to intercept the original transaction message on its way to a node and modify it (like to send the bitcoin to his address instead), when the message goes through the hash function, it would produce a totally different hash from the digital signature.
Similar to how a handwritten signature links a person to a specific document, a “digital signature” using cryptography….cryptographically….links identity to a specific message.
Summary
Now that you understand how a digital signature is created and how it is verified, here’s a BIG picture view of what “signing” a transaction actually means and how the sender’s “digital signature” is used to verify ownership of the bitcoins he/she wishes to send: