Updated: Mar 5
By Lumai Mubanga. firstname.lastname@example.org
All cryptocurrency users have two types of digital signatures. These are private and public keys. Recall that both messages and transactions are sent over the Bitcoin network pseudonymously and trustlessly. This is achieved partly through the use of digital signatures.
Transactions contained in previous blocks of the blockchain are tamper-proof, meaning that, although information can be tampered with, it will still be obvious that there has been some manipulation of some kind on the information. Digital signatures are also used to ensure that current transactions sent to the network are tamper-proof too. The primary reason for digital signatures is to authenticate identity at both ends of the transactions. How is this achieved?
Digital signature scheme or DSS. There are many types of DSS but here we will discuss them generally. Private and public keys in bitcoins are generated using an algorithm called Elliptic curve digital signature algorithm or ECDSA. So how does this work out? Let us say Linda wants to send a message to Mercy. How is this done to ensure no one tampers with the message? Mercy has access to Linda’s public key since that is public information used to identify Linda. Before Linda sends out her message, she ensures that she signs the message with her private key, in the same way, that we sign physical documents with our visible signatures to authenticate the fact that we are the originator of the message. This proves that Linda is the source of the message.
Linda then sends her message together with the signature to Mercy with the message being the main payload. Once the message arrives, Mercy can verify that the message is valid, given Linda’s public key and the original message. If Mercy discovers that the signature is valid, then, the message was not tampered with. If at any time the message were tampered with, the signature would not be valid. This is how digital signature schemes makes messages tamper-evident.
The main point in this whole scheme is that Mercy or indeed anyone else, should not be able to guess Linda’s private key. If Mercy was able to do that or anyone else, they will be in a position to recreate Linda’s signature. This will allow them to fake her identity resulting in inconsistencies and inaccurate information.