How Cryptography is used in

Blockchain
Lecture 3

Dr Sadiqa Arshad Source:

[email protected] Mastering Bitcoin by Imran Bashir
Content
• What is Cryptography
• Types of Encryption algorithm
• Symmetric and Asymmetric
• Public key Cryptography
• Elliptic Curves in Bitcoin
 What is Cryptography

“The study of mathematical techniques for securing digital information, systems,

and distributed computations against adversarial attacks “

by

Katz [Intriduction to Modern Cryptography]

Types of
Encryption
algorithm
Public key cryptography

• Public key cryptography was invented in the 1970s and is a

mathematical foundation for computer and information security.

• . Several mathematical functions, such as prime number

exponentiation and elliptic curve multiplication, have been
discovered.

• These functions are easy to compute in one direction but nearly

impossible to reverse.

• Cryptography enables digital secrets and unforgeable signatures.

Public key cryptography

Elliptic Curves: An elliptic curve is a type of mathematical curve used in

cryptography, represented by a specific equation over a finite field.

The general form of an elliptic curve equation is:

y2=x3+ax+b mod p

where a and b are constants and p is a large prime.

Note: Elliptic curve cryptography (ECC) is widely used in securing

digital communications because of its efficiency in providing the
same security level as other cryptosystems but with smaller key
sizes
Public key cryptography

Elliptic Curves: An elliptic curve is a type of mathematical curve used in

cryptography, represented by a specific equation over a finite field.

The general form of an elliptic curve equation is:

y2=x3+ax+b mod p

where a and b are constants and p is a large prime.

△ = 4𝑎3 + 27𝑏 2 ≠ 0
 Calculating Points on an Elliptic Curve ( y2=x3+ax+b mod p )

•Points on the curve: A point P=(x,y) on an elliptic

curve satisfies the curve’s equation.

•Point addition: Given two points P and Q on the

curve, their sum R=P+Q is another point on the
curve.
•The formula for point addition differs depending on
whether P≠Q or P=Q (point doubling).

If 𝑥1 ≠ 𝑥2 If 𝑥1 = 𝑥2

𝑦2 −𝑦1 𝟑𝒙𝟐𝟏 −𝒂
m = m=
𝟐𝒚𝟏
𝑥2 −𝑥1
 Group Law

Points on Elliptic Curve forms an abelian group

 Group Law

The points on the curve satisfy the following

Commutative: P + Q = Q +P
Identity: P+O = O+P
Inverse P + (-P) = O
Associative: (P+Q) + R = P + ( Q + R)

Total number of points can be determined through Hesses bound

𝐸𝑝 𝑥, 𝑦 − 𝑝 + 1 ≤ 2 𝑝
:
Equivalent key sizes

Symmetric ECC RSA/DSA

80 163 1024
128 283 3072
192 409 7680
256 571 15360
Calculating Points on an Elliptic Curve

Four primitives/protocols

— ECDSA (Elliptic Curve Digital Signature Algorithm)

— ECDH (Elliptic Curve Diffie-Hellman)
— ECIES (Elliptic Curve Integrated Encryption Scheme)
— ECMQV (Elliptic Curve Menezes-Qu-Vanstone)
ECMQV is endorsed in the NSA’s Suite B.
 Elliptic Curve in Bitcoin

Secp256k1 is the name of the elliptic curve used by Bitcoin to implement its
public key cryptography. All points on this curve are valid Bitcoin public keys.
Bitcoin and ECC

•A Bitcoin wallet contains a collection of key pairs: a private key and a

public key.
•Private Key (k): A randomly picked number.
•Public Key (K): Generated from the private key using elliptic curve
multiplication, a one-way cryptographic function.

•Bitcoin Address (A): Generated from the public key (K) using a one-way
cryptographic hash function.
 Bitcoin and ECC

Key Generation Process

•Step 1: Generate Private Key (k)

• The private key is a randomly selected large number.
•Step 2: Generate Public Key (K)
• Use elliptic curve multiplication to transform the private key into a
public key.
•Step 3: Generate Bitcoin Address (A)
• Apply a cryptographic hash function to the public key to produce
the Bitcoin address.
Public key in Bitcoin

Importance of Private Keys

•Private Key: A randomly chosen number that provides control over all
funds associated with the corresponding Bitcoin address.
•Ownership and Control: The private key grants the owner control over
Bitcoin by allowing them to sign transactions and prove ownership.

Security and Backup of Private Keys

•Secrecy: The private key must always remain secret. Revealing it is
equivalent to handing over control of the associated Bitcoin.
•Backup and Protection: The private key must be securely backed up. If
lost, it cannot be recovered, and the associated funds will be lost forever.
Public key in Bitcoin

Generating a Private Key from Random Numbers

•Entropy: The key step in generating private keys is finding a secure

source of randomness or entropy.

•Random Selection: Creating a Bitcoin private key is equivalent to

choosing a random number between 1 and 2256.

•Importance of Randomness: The chosen method must not be

predictable or repeatable to ensure security.
Public key in Bitcoin

Steps in Private Key Generation

•Range of Private Keys: A private key can be any number between 1 and
p−1, where p=1.158×1077 defined by Bitcoin’s elliptic curve.

•SHA256 Hash: Random bits from a cryptographically secure source are

fed into the SHA256 algorithm, which produces a 256-bit number.

•Validation: If the number is less than p−1, it’s a valid private key. If not,
the process repeats until a valid key is found.
Public Key Generation

Elliptic Curve Multiplication:

The public key is derived from the private key using elliptic curve
multiplication.

𝐾=𝑘×𝐺, where

𝑘 = Private key
𝐺 = Generator point (a fixed point)
𝐾 = Resulting public key

This process is irreversible, meaning you cannot derive the private key
from the public key.
Security of Public Keys

Discrete Logarithm Problem:

The reverse operation (finding 𝑘 from 𝐾) is extremely difficult.

Brute-Force Search:
The only way to solve for 𝑘 from 𝐾 is to try all possible values of 𝑘,
making it computationally infeasible.
Public key in Bitcoin

Bitcoin uses a specific elliptic curve as defined in a standard called

secp256k1, established by the National Institute of Standards and
Technology (NIST).

The secp256k1 curve is defined by the following function, which

•produces an elliptic curve:

The mod p (modulo prime number p) indicates that this curve is

over a finite field of prime order p, also written as p,
where p = 2256 – 232 – 29 – 28 – 27 – 26 – 24 – 1, ( very
large prime number).
Public key cryptography

Example: for p = 17
The secp256k1 bitcoin elliptic curve can be
thought of as a much more complex pattern
of dots on a unfathomably large grid.
Example: The following is a point P = (x,y)
with coordinates (x,y) that is a point on the secp256k1
curve:
x
=(5506626302227734366957871889516853432625060345
3777594175500187360389116729240,

y=3267051002075881697808308513050704318447127338
0659243275938904335757337482424)
Generating a Public Key

Starting Point: Begin with a randomly generated private key 𝑘.

Elliptic Curve Multiplication: Multiply the private key 𝑘 by a fixed point

on the elliptic curve called the generator point (G).

Result:
The result is the public key 𝐾, which is a point on the elliptic curve.
 Public key in Bitcoin
Visualizing Elliptic Curve Multiplication
Elliptic Curve Multiplication Involves adding the generator point G to
itself repeatedly.
Multiplication Concept:
To calculate kG, we add G to itself k times.

Geometric Visualization
•Tangent
. Line Method: Adding a point to
itself involves drawing a tangent line to the
point on the curve.
•Intersection: The tangent line intersects the
curve at another point.
•Reflection: Reflect the resulting point across
the x-axis to get the sum of the points.
 Public key cryptography

Implementing the elliptic curve multiplication, we take the private key k

generated previously and multiply it with the generator point G to find the
public key K:

K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G

Public key K is defined as a point K = (x,y):

x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A

y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
 Deriving a Bitcoin Address from a Public Key
One-Way Cryptographic Hashing:
• A Bitcoin address is created using two cryptographic hashing
algorithms, ensuring the public key cannot be reversed to reveal the
private key.
• Hash functions provide a digital "fingerprint" of the public key,
making Bitcoin addresses compact and secure.

SHA256 Hash Algorithm:

• SHA256: A one-way function that produces a 256-bit hash from
the public key K.
• This algorithm is commonly used in digital security due to its
robustness and resistance to attacks.
Deriving a Bitcoin Address from a Public Key

RIPEMD160 Hash Algorithm:

• RIPEMD160: This hashing function is applied to the result of

SHA256 to further compress the output into a 160-bit (20-byte)
number.
• This combination of SHA256 and RIPEMD160 ensures both security
and efficiency in generating Bitcoin addresses
 Deriving a Bitcoin Address from a Public Key

Formula for Bitcoin Address Generation

A= RIPEMD160(SHA256(K))

• K is the public key derived from the private key using elliptic
curve multiplication.

• A is the resulting Bitcoin address, a compressed and secure

form of the public key.
 Security Features of Hash Algorithms:
One-Way Property: The address generation process cannot be
reversed, protecting the private key and ensuring that the public key
and Bitcoin address are secure.

Efficient for Transactions: The 160-bit address format reduces

storage space and bandwidth usage compared to using a full public
key.

Uses of Cryptographic Hashing in Bitcoin:

•Addresses: Hashing algorithms convert public keys into
addresses that are shorter and more secure.
•Mining (Proof-of-Work): SHA256 is also used in Bitcoin
mining, demonstrating the wide application of hashing in the
Bitcoin ecosystem.
Bitcoin addresses are almost
always encoded as
“Base58Check” which uses 58
characters (a Base58 number
system)
and a checksum to help human
readability, avoid ambiguity,
and protect against errors in
address transcription and
entry.
 Base58 and Base58Check Encoding
Higher-Base Systems: Many computer systems use number systems with
bases greater than 10 to represent long numbers in a compact way.

•Hexadecimal (Base16): Uses 16 symbols:

• Numerals 0–9
• Letters A–F (6 additional symbols)
• Benefit: Hexadecimal numbers are shorter than their decimal equivalents.
•Base64:
• Uses 64 symbols:
• 26 lowercase letters
• 26 capital letters
• 10 numerals (0–9)
• Special characters: "+" and "/"
• Use Case: Base64 is commonly used to encode binary data for
transmission in text-based systems like email attachments.
Base64 encoding
 Base58 and Base58Check Encoding
Example Bitcoin’s Base58 alphabet

123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz
What is Base58?Base58:

A text-based encoding format developed specifically for Bitcoin and used by other
cryptocurrencies.

Character Set: Base58 uses 58 characters, omitting symbols and letters that could cause
confusion when viewed in certain fonts.

•Omitted Characters:
• 0 (zero)
• O (uppercase "o")
• l (lowercase "L")
• I (uppercase "i")
• Symbols "+" and "/"
Base58
 Why Base58?

Compactness: Like Base64, it offers a more compact representation

of data.
Readability: It avoids characters that are easily confused in various
fonts.
Error Detection/Prevention:
The omission of confusing characters helps reduce human errors when
copying or typing.
Application in Cryptocurrencies:

Bitcoin Address Encoding: Bitcoin uses Base58 to encode public

keys into more human-readable Bitcoin addresses.

Other Cryptocurrencies: Many other digital currencies also use

Base58 encoding for similar purposes.

Example Use Case: Bitcoin addresses, private keys, and other

cryptographic outputs are often represented using Base58
encoding for readability and security.
 Introducing Base58Check Encoding:
What is Base58Check?

Base58Check: A variation of Base58 encoding, commonly used in

Bitcoin to add an extra layer of security by including an error-
checking mechanism.
Purpose: Designed to detect and prevent errors (e.g., typos or
transcription mistakes) when encoding Bitcoin addresses or keys.

Checksum for Error Detection

Checksum: A four-byte value added to the encoded data. The
checksum is derived from the hash of the data, allowing for automatic
error checking.
Benefit: Prevents mistyped Bitcoin addresses from being recognized
as valid, protecting users from potential loss of funds.
 Base58Check Encoding Process

Step 1: Adding a Prefix (Version Byte):

• Prefix (Version Byte): Added to the beginning of the data to

identify its type.
• Example: For Bitcoin addresses, the prefix is 0x00 (hex for 0).
• For private keys, the prefix is 0x80 (hex for 128).

• Common Prefixes:
• 0x00 for Bitcoin addresses
• 0x80 for private keys
• These prefixes ensure that data types can be easily identified
when decoding.
 Base58Check Encoding Process

Step 2: Double-SHA256 Checksum:

Apply the SHA256 hash algorithm twice to the concatenated prefix

and data.

checksum=SHA256(SHA256(prefix + data))

From the resulting hash, take only the first four bytes. This becomes
the error-checking code (checksum).
 Security Features of Hash Algorithms:

Final Base58Check Encoding Output

•Step 3: Concatenating the Data:
• Final Structure:
• Prefix (Version Byte): Identifies the type of data.
• Data: The information being encoded (e.g., public key, private key).
• Checksum: A 4-byte error-detection code derived from the double-
SHA256 hash.
•Step 4: Base58 Encoding:
• After creating the full result (prefix + data + checksum), the data is
encoded using the Base58 alphabet for compactness and readability.
Security and Usability:Error Detection: If the checksum in the Base58Check
string does not match the recalculated checksum, the data is invalid, preventing
transcription errors.
•Prevents Loss of Funds: Mistyped Bitcoin addresses are rejected, avoiding
transactions to incorrect or non-existent addresses.
 Security Features of Hash Algorithms:

Payload can refer to the core

transaction data being signed or
processed.
In Bitcoin, the payload of a transaction
includes the sender's public key, the
recipient’s address, and the amount
being transferred, while additional
metadata may include timestamps,
digital signatures, and network
information.
 Public Key formats:

Types of Public Keys formats:

Uncompressed Public Keys

Public key is represented as a point on the elliptic curve.Consists of
two coordinates: 𝑥 and 𝑦.
Format: Starts with the prefix 04, followed by two 256-bit numbers
(representing the 𝑥 and 𝑦 coordinates).

Compressed Public Keys

Only the 𝑥 coordinate is stored, with the 𝑦y coordinate being derived.
Format: Starts with the prefix 02 or 03
02: If 𝑦 is even.
03: If 𝑦 is odd
 Key Differences (Compressed and uncompressed)
Compressed keys are shorter and more space-efficient than uncompressed
keys. Both formats represent the same public key information, but in
different ways.

x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A
y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB

Example: (uncompressed)

Here’s the same public key shown as a 520-bit number (130 hex digits) with the prefix
04 followed by x and then y coordinates, as 04 x y:

K = 04F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A↵
07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
 Compressed and uncompressed Public keys

Compressed public keys:

keys start with either a 02 or a 03 prefix.

• Key contains the x coordinate only
• if the y coordinate is even then it begins with 02, for odd value it
begins with 03.

Example: The same public key generated previously, shown as a

compressed public key stored in 264 bits (66 hex digits) with the prefix
03 indicating the y coordinate is odd.

K=
03F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2F
FF579DC341A
 Compressed and uncompressed Public Keys

Compressed public keys are

gradually becoming the default
across bitcoin clients, which is
having a significant impact on
reducing the size of
transactions and therefore the
blockchain.
Encrypting Private Keys

BIP-38 proposes a common standard for encrypting private keys with

a passphrase and encoding them with Base58Check so that they can
be stored securely on backup media, transported securely between
wallets, or kept in any other conditions where the key might be
exposed.

The Advanced Encryption Standard (AES), is used for encrypting

keys.
A BIP-38 encryption scheme takes as input a bitcoin private key.
Thank You