User Verification – Public and Private Keys

Published by Mario Oettler on

But first, we have to make sure that only the correct user grants the permission. So, for example, Bob should not be allowed to create a transaction for coins Alice owns.

To verify that Alice created a transaction, Alice needs to sign it with a digital signature. Digital signatures are a bit different from written signatures but have the same goal, secure a document or transaction from forgery.

The first step of creating a digital signature is to create a secret key (also called a private key). So, Alice secretly creates her secret key and cryptographically derives from it a public key.

Public key generation
Public key generation

Creating a secret key is actually pretty easy. It is a very large random number (in Bitcoin 256 bit). You can do this by flipping a coin 256 times and every time the number occurs, you write down a 1, and if the symbol occurs you write down a 0. In reality faster, random generators are used and you don’t need to worry about creating secret keys.

The derivation of the public key is a one-way process done with elliptic curves in Bitcoin. We leave the math aside since this is really difficult to understand and not important for us. But what is important is that it is impossible to retrieve the secret key from a public key! It is a one-way function.

Now, having such a key pair, Alice can create her signature.

With her secret key, she signs the transaction. Again, the math behind this is pretty daunting; that’s why we leave this aside. The result is a signature which is a very long numerical value. Alice sends this signature along with her transaction and her public key to Bob.

Bob and all other nodes can verify if this signature is valid by checking it with the provided information by Alice.

The good thing is that Alice can sign many transactions with her private key, but nobody will ever find out what the private key is.

Another feature of digital signatures is that the signature is also different on every transaction because it depends on the content. This is a significant advantage over written signatures which can be copied and pasted into another document. Whenever you change the transaction you want to sign, the signature is different.

Every user of the blockchain network creates such a key pair (secret key and public key).