Why Bitcoin Needs Cryptography
So why is cryptography necessary to make Bitcoin work, even though Bit-coin does not involve sending secret messages? In Bitcoin, hash functions and digital signatures are used for the following important purposes:
• Authorizing transactions with digital signatures
• Verifying the validity of the transaction history
• Proof-of-work in Bitcoin mining
• Extra protection for Bitcoin private keys
Let's explore the functions of Bitcoin that require cryptography and then delve into the specific methods that Bitcoin uses.
Authorizing Transactions with Digital Signatures
Bitcoin uses digital signatures to authorize transactions so that you, and only you, can spend the bitcoins you own. With credit card payments and bank transfers, you authorize a transaction by providing proof of your personal identity (and these days, the amount of proof you have to show
is getting quite burdensome). With Bitcoin, no personal information is tied to any Bitcoin address; instead, you must prove that you own the private key. Showing people your private key would certainly be valid as proof, but by knowing the private key, the people you've shown could then claim they owned the bitcoins at that address. Therefore, you need to prove that you have the private key without actually sharing it. But there's more to it than that.
A Bitcoin transaction contains a fair amount of information: the number of bitcoins transferred, the address they are being transferred to, the transaction fee, and so on. You don't want any of that information to be altered without your permission, so in addition to proving you own the bit-coins you are sending, you also need to ensure that the transaction details are followed exactly a you wrote them. A Bitcoin transaction is a message with instructions, and by signing it with a digital signature, you simultaneously prove tat you have the private key and ensure that the transaction details are what you intended. If the signature is missing or doesn't match the public key, nodes on the Bitcoin network will consider the transaction invalid and will not ad it to the blockchain.
Verifying the Validity of the Transaction History
Bitcoin depends on the blockchain being widely distributed among the nodes in the network. But how can you be sure that any individual node in the network with a copy of the blockchain has not been surreptitiously altered? A malicious attacker cold try to distribute a fraudulent blockchain where just a single transaction has been modified in the attacker's favor. However, such an attack could never work for several reasons. One reason is that the slightest change in the transaction history would completely change the block hash of all the blocks after it in the chain.
Each block in the blockchain contains a list of transactions and a hash of the transactions in the previous block in the chain. Hence, it's impossible to alter just one transaction in a block in the middle without causing a mismatch between the expected block hash and the hash recorded in the next block.
This verification provides an efficient way for a single node to check whether transactions in its copy of the blockchain have been tampered with. Rather than checking every transaction in the entire transaction history, a node can simply check whether the hash of each block matches the recorded hash of subsequent blocks.
Proof-of-Work in Bitcoin Mining
Bitcoin mining is based on a lottery system that you can win only by guessing numbers repeatedly, but that makes it is easy for others to check when you're right. If this sounds similar to a one-way function, that's because it is. The one-way function used in Bitcoin mining is a cryptographic hash function. Miners are given the output criteria (the output can be any number less than some threshold), but by design, cryptographic hash functions make it difficult to reverse calculate what the corresponding input needs to be. Therefore, Bitcoin miners can only randomly choose different inputs, hoping that the output will be a number below the threshold. Once a miner determines the correct input value, it is easy to prove his or her work to others by sharing that value with others who can easily recalculate the hash.
Extra Protection for Bitcoin Private Keys
Authorizing transactions with digital signatures requires sharing your public key with others. Although it is thought to be computationally infeasible to calculate a private key from a public key, it is similarly difficult to calculate the input of a hash function given just the output, and it is doubly difficult to do both. Instead of sharing a public key, users share a Bitcoin address, which is a cryptographic hash of a public key. In fact, the public key is hashed twice using two different cryptographic hash functions to create a Bitcoin address. This extra protection ensures that no amount of analysis of a Bitcoin address can reveal the underlying private key.
Bitcoin uses cryptographic hash functions to accomplish a variety of other important tasks as well. Next, you'll explore the specific cryptographic methods Bitcoin uses.