Let’s say you and I previously agreed that you would give me 100$ for babysitting your kid. You give me 100$. But, you want proof that you gave me the amount so I don’t ask again. You write that down and we both sign it. Tada! Now, let’s say we’re in different places, I can digitally sign it. So, is the digital signature in cryptography the same as a standard signature? Kind of.
Is A Digital Signature The Same In Cryptography?
A digital signature refers to signing a document solely digitally. But, a crypto digital signature isn’t simply scanning your irl signature and adding it to the PDF document. It’s a bit more complicated because it’s on the blockchain.
So, the blockchain is a distributed database storing digital information. And, sending transactions on the blockchain is based on cryptography. Thus, when you want to send transactions back and forth, you need to digitally sign it using what is called a “public key” and a “private key”.
What Are Private and Public Keys?
Before we discuss what is a digital signature, you have to understand public key cryptography. This method uses a pair of interlinked keys known as private key and public key.
A “private key” is a long randomly generated sequence of bits. And, a “public key” is the key you randomly generate from your private key. You can consider that the public key is your username and the private one is your password. They’re used on the blockchain to encrypt and decrypt data.
Note: You can generate a public key from a private key. But, you can’t generate a private key from a public key. It’s a one-way function.
Anyone can access your “public” key. But, you should keep your private key strictly to yourself. Why? Let’s say I want to send you 5 ETH. I use your public key to encrypt the transaction. But, you would need your private key to decrypt the transaction and access the currency.
If anyone can have your private key, they can basically access all your funds. And, we don’t want that.
But, Why Do I Need Two Keys To Send And Receive Transactions?
Up until the 1970s, you, in fact, only needed one key. But, it’s not sustainable. If you want to send me 5 ETH, we must share the same key. First, it’s harder if we can’t meet. And, you would need to create a different key every time you want to send or receive a transaction.
Then, “asymmetric encryption” was introduced where “locking” and “unlocking” are inverse operations. So, you would need to use a public key to “lock” and a private key to “unlock”. This way:
- You can share your public key with anyone
- They can send you transactions using it
- But, only you can access the content by “unlocking” it using your private key
Later on, the “trapdoor one-way function” was introduced which is now the basis of the RSA algorithm. This means that you can easily calculate the direct function. But, impossible to calculate its reverse function if you don’t have a singular piece of information – the trapdoor.
What does this mean for us? You can keep your singular private key. And, everyone can use your public key to send you transactions. Plus, no one can generate your private key, or access the transaction without it. Safe, hooray!
So, What is a Digital Signature in Cryptography?
Now you understand why we have two keys and what they are and how to use them to send transactions. Now, how do I make sure that you sent me the transaction and not someone impersonating you? Digital signature. In order for me to verify the transaction, you need to digitally sign using your private key.
So, in the digital signature process in cryptography, the keys’ roles are reversed. The private key is linked to the signature and transaction. And, I use the public key to make sure it’s you.
When you want to digitally sign a transaction, you will need two things. Transaction input and your private key. The transaction input is the actual transaction data. For example:
Transaction Input: Person A sends 5 ETH to Person B, this is the data.
Signing the transaction would generate a hash using the transaction input and your private key to generate a message signature. This means:
Transaction input + Private Key = Message Signature
The verification process of the transaction uses the message signature and the public key. Then, if the public key is linked to the right message signature, the transaction is valid.
So, digital signature in cryptography uses:
- Private key: to sign the digital transaction
- Corresponding public key: to help authorize the sender
Conclusion
Digital signature in cryptography ensures the data integrity and the authentication of the message. Also, it’s an integral part of the crypto-mining process. If you don’t know what that is, you can read about it here!