# What is cryptography?

Cryptography is a science for the development of cryptosystems and, along with cryptanalysis, a subfield of cryptology. With the help of cryptographic procedures such as encryption, data should be protected from unauthorized access and exchanged securely.

# What is cryptography?

The term cryptography is composed of the two words of ancient Greek origin “kryptos” and “graphein”. They mean “hidden” and “write”. Cryptography and cryptanalysis are the two subfields of cryptology. Cryptography is the science of developing methods, tools and algorithms that can be used to encrypt data and make it unrecognizable to unauthorized persons. These are intended to prevent unauthorized access to information and enable secure data exchange. Only the person for whom the information is intended can read and process the data.

One of these methods is the encryption and decryption of data. In addition to encryption, other cryptographic methods exist, such as the hidden embedding of information in certain data formats (hidden texts in images). In the IT environment, cryptography also deals with other information security issues. It develops cryptosystems that are resistant to manipulation and applies mathematical procedures and algorithms. Elementary goals are the integrity, authenticity and confidentiality of data. Cryptography is also a branch of computer science.

### What are the goals of cryptography?

Depending on the cryptographic system, not all goals need to be supported simultaneously. Certain use cases may require only some of these goals.

### Symmetric and asymmetric cryptographic techniques

While classical cryptography methods used the modification of character sequences (transposition) and/or the substitution of characters (substitution), modern methods use digital keys to convert bit sequences. A basic distinction can be made between symmetric and asymmetric cryptographic methods.

Symmetric methods use the same digital key for encryption and decryption. Both the sender and the receiver use this key. To ensure that the cryptographic process is secure, the keys must be kept strictly secret and protected. Examples of symmetric encryption algorithms are RC4 (Ron’s Cipher 4), Blowfish, Twofish, DES (Data Encryption Standard), 3DES (Triple Data Encryption Standard) or AES (Advanced Encryption Standard).

Asymmetric methods use so-called public and private keys. This is an asymmetric key pair. The private key must be kept secret, while the public key can be made freely known. Only the identity of the public key must be ensured. This can be done by mutual verification or with the help of a public key infrastructure. Examples of asymmetric encryption algorithms are Diffie-Hellman or RSA (Rivest, Shamir, Adleman).

The special feature of asymmetric cryptography is that data encrypted with a public key can only be decrypted again with a private key. Conversely, a public key is required to decrypt data encrypted with a private key. Asymmetric cryptography can also be used to implement digital signatures. Here, the originator encrypts a calculated extract of the message using his private key. The recipient can decrypt the encrypted value using the sender’s public key and compare it with the extract of the message calculated by him in the same way. If both extracts match, the signature is from the specified source.

# Cryptography

- Alice has two keys, a public key and a private key. Alice’s Public Key is for encrypting information specifically for Alice. The Private Key is only for Alice – she keeps it secret. It is the only key that can decrypt a message encrypted with the public key.
- Bob also has a pair of public and private keys that work the same way.
- Alice and Bob exchange their public keys.
- Now Alice can encrypt her message using Bob’s Public Keys. She sends this message to Bob. Whether the encrypted message is intercepted along the way does not matter. Only the owner of the corresponding private key can decrypt the message.
- Bob receives the encrypted message and decrypts it on his computer using his private key.

# Bitcoin security through encryption?

In symmetric cryptography [1], there is usually only one key. This is used to both encrypt and decrypt. In some symmetric methods, the keys can also be different, but are easily computable from each other, and in both directions.

Bitcoin, on the other hand, is based on asymmetric cryptography [2]. Here, two different keys exist: one to encrypt something and a second to decrypt something. This method is also often referred to as the public key method. The name indicates that person A can encrypt something for person B using a public key. Only person B is then able to decrypt it with his private key. The private key must never be made public, but the public key must. For encryption to work with one key and decryption with the other, there is a mathematical relationship between the two keys. In Bitcoin, elliptic curve cryptography [3] is used here. Such a relationship is also called a one-way function or “trapdoor function”.

It is easy and efficient to compute a value B from a value A. But with computing power available today, it is impossible to infer from value B to value A in a reasonable time frame. This is also known as the discrete logarithm problem, and it is hoped in cryptography that there will never be a solution to this problem.

## Discrete logarithm problem

To understand the discrete logarithm problem [4], consider the following equation: gx mod p = S. The idea is to find a solution for x. p is a prime number (for example, 11) and g is a generator (for example, 2). The variables g, p, and S are all natural numbers. In cryptography, S would be the public key and x would be the private key. If we try to calculate x in this equation when S is given (for example, 10), we can only do so by trial and error. Our equation with numbers inserted now looks like this: 2x mod 11 = 10. Table 1 shows a series of attempts to find values for x that give an S of 10.

By trial and error, we have now found a solution. This may work with small numbers, but with very large numbers it is impossible or would take a very long time. Examples of applications based on the discrete logarithm include Diffie-Hellman key exchange, Elgamal signature schemes, DSA schemes, or the elliptic curve cryptosystem used in Bitcoin.

## Public key method in Bitcoin

The elliptic curve used in Bitcoin is called secp256k1. To calculate the public key from a private key, a geometric point addition is performed on the elliptic curve any number of times, starting from a given base point. In Bitcoin, the “any number of times” corresponds to the private key generated by a random number generator. The result is the public key.

## What is encrypted in Bitcoin?

So when we talk about “encryption” in Bitcoin, we are talking about the asymmetric cryptography described. But what is being encrypted? Is it the transactions where the Bitcoins get a different owner? However, if you look at the blocks of Bitcoin more closely, for example with a Bitcoin Explorer [5], you can see a block, open it and then select a transaction. The transaction consists of inputs and outputs. One can see exactly from which addresses to which addresses the exchange of value took place and with which amount. So everything can be displayed and read, because it is not encrypted.

## Signing thanks to asymmetric cryptography

With a key pair of asymmetric cryptography, however, it is not only possible to encrypt, but also to sign. In Bitcoin, transactions are signed rather than encrypted. In other words, with Bitcoin, this can be used to ensure who created a transaction and whether it has not been tampered with along the way. An unencrypted transaction T is created and then signed by person A (Fig. 1).

The signature shown in the figure is simplified and does not correspond to the full signature of Bitcoin. In Bitcoin, the signature must be additionally extended and able to prove that the value one wants to transfer in the transaction actually belongs to the person who created the transaction without revealing the private key. Here, “signing” is simplified to mean creating a hash of the transaction T and then encrypting that hash with the private key, abbreviated here as EHT (Encrypted Hashed Transaction). Transaction T also contains the public key of person A. T and EHT (signature) are now sent to the network. At the destination of T, it can be validated that T has not been modified along the way. For example, the transaction amount must not be changed. To do this, the public key of person A is taken from T and thus EHT is decrypted, leaving the hash of T. The recipient can now create his own hash value from T, because the hash algorithm is known. Then he can check if these two hash values are identical. If they are not identical, T has been altered somewhere along the way and is thus discarded. It is also proven that the signature must come from A, otherwise the signature EHT could not be decrypted with A’s public key. This means that if an attacker modifies T, he must also create a new signature and, because he does not know A’s private key, use one of his own. If he uses his own private key, he must also store his matching public key in T as the sender, and thus T is no longer from A.

## Transaction in Bitcoin

A transaction in Bitcoin consists of input(s) and output(s) and moves value from one person to another, or more precisely, to the person who knows the private key. Inputs are always outputs from previous transactions that have not yet been consumed and are therefore called “unspent transaction outputs” (UTXOs). In order for someone to use a UTXO, they must be able to unlock it. If a transaction is accepted on the Bitcoin network and goes into a block, then the UTXOs are used up afterwards and cannot be used for new transactions. However, the transaction creates new UTXOs again. These are then blocked for new persons or possibly for the same person, for example, if change is involved. Figure 2 illustrates this relationship. In parentheses in each case is the person who can unlock the UTXO if he or she creates a valid transaction with the necessary signature. In this example, the transaction was created by person A. The recipient of the value is person B, person A receives the change. The sum of all inputs must always be equal to the sum of the outputs, minus the transaction fee, which you want to leave to the miner so that your transaction finds its way into a block as quickly as possible. The more spendy the transaction fee, the more willing a miner is to quickly include the transaction in a block. After the transaction finds its way into a block here in the example, UTXO 1 and UTXO 2 are consumed, and UTXO 3 and UTXO 4 are newly created.

## Output of a Transaction

An output of a transaction in Bitcoin is intended for a specific person. This person is noted in the transaction with the public key. Only the person who can create a valid signature for the UTXO and thus open the lock can use this output again as input in a new transaction. This lock is called a locking script in Bitcoin, which can be opened with an unlocking script in a subsequent transaction. The miner checks in a kind of stack processing whether the locking script matches the unlocking script. If this is the case and everything else in the transaction is also valid, a new output is created, which in turn is locked for a new person – or more precisely for their public key. This signature mentioned above can only be generated with the corresponding private key from which the public key was also generated, which is noted as the recipient in a previous transaction. So you don’t have to show your private key to prove that you can open this lock. All that is needed, so to speak, is a one-way password that was generated from the private key and is valid only for this one transaction. After all, it would be disastrous if the private key had to be in the non-encrypted transaction. With that key, a thief could consume all other UTXOs that were not included in that transaction.

## Signature in Bitcoin

So, a signature is created from the private key. This signature can prove that the creator of the signature must also know the private key that matches the public key used to lock the UTXO. Instead of revealing the private key, the signature is enough to unlock the UTXO. This is possible with mathematics on the elliptic curve. The method used in Bitcoin to generate the signature is called the Elliptic Curve Digital Signature Algorithm (ECDSA). As an analogy, a person could prove that they know the numeric code of a lockbox by being able to reopen the lockbox after it is closed without revealing the numeric code. This proof must be provided for all inputs to a transaction in order for a transaction to be considered valid. If the signature for the UTXOs to be unlocked is incorrect, the transaction is invalid and discarded. Since this signature was created for the entire transaction, it is also only valid for this transaction and cannot be used later for others. So the signature is a kind of one-way password for this one transaction.

## Locking Script and Unlocking Script

A miner checks for an incoming transaction T2 (Fig. 3) whether the Unlocking Script matches the Locking Script of the UTXOs. In doing so, part of the necessary information is taken from the previous transaction T1 in which the UTXOs are located. The other part is taken from the current transaction T2, which needs to be validated. UTXOs from previous transactions can be locked in this process in different ways, depending on what the previous transactions intended. These are “Pay to Pubkey” (P2PK), “Pay to Pubkey Hash” (P2PKH), “Pay to Multisig” (P2MS), or “Pay to Script Hash” (P2SH). In order not to go beyond the scope of this article, we will only illustrate the simplest locking script P2PK. Most commonly used today is P2PKH, as it adds an additional layer of security. In this case, UTXOs cannot even be stolen if the private key could be computed from a public key, thus breaking elliptic curve cryptography.

So the outputs of T1 are locked with P2PK, which means: locked for a specific public key. These UTXOs can only be opened with a signature generated by the private key that gave rise to the public key. A miner can check this with a kind of stack processing. The public key from T1, for which the UTXO was locked, and the signature from T2 are required as parameter data. It should be noted that the private key from which the public key was generated is not necessary here. Thanks to elliptic curve cryptography, this is possible. The two given parameters from the two transcations must now be able to interact so that a miner can judge whether the incoming transaction is valid or not. For this purpose, Bitcoin’s scripting language provides so-called operators. One of them is CHECKSIG, which is used to check the signature. CHECKSIG is part of the locking script and therefore also part of T1.

The entire script with data and operator, after the miner has assembled it, now looks like this: public key of the recipient of T1, CHECKSIG operator as part of the locking script of T1 and signature of T2. If the miner runs this script in stack processing, it can then judge whether the transaction is valid or not. If it is not valid, the miner will not include it in the block.

# Secret signs and keys – How does cryptography determine Bitcoin and Blockchain?

Cryptography – the “secret” (Greek = kryptos) “writing” (Greek = graphein) is one of the essential elements of blockchain technology. The etymology in the literal sense may suggest it, but the beginnings of encrypting sensitive data of any sense are not found with the Ancient Greeks.

### Cryptography has been around for around 4,000 years

As early as the 2nd millennium BC, scholars in Ancient Egypt and their counterparts in Mesopotamia used cipher systems to reveal certain information conditionally to a circle of initiates. It was not until the 5th century B.C. that the Greeks used their own cryptographic methods to encrypt sensitive information, especially from a military strategic point of view.

### Skytale for the encryption of messages

The prominent literal linchpin was the scytale, a “stick” or “rod” of precisely defined diameter around which a strip of leather had to be wrapped and then written across.

After the strips were removed, the plaintext appeared wildly jumbled and could only be decoded by the receiver by reattaching it to a skytale with exactly the same diameter. This is also known as the transposition process, in which the components of a message are mixed. The scytale as prototype of the public key helped e.g. the Spartan general Lysander to victory in the Peloponnesian War.

A no less successful general in history again used a completely unique encryption system. Julius Caesar’s eponymous Caesar Disc worked on the basis of two discs rotating against each other, with the alphabet arranged cyclically on each disc.

The outer disk symbolizes the plaintext alphabet. The inner one, in turn, its ciphertext equivalent. An agreed alphabetic shift of the disks (X=Y+3/CAESAR=FDHVDU) encrypts the plaintext when reading from the outside to the inside and decrypts in the opposite direction. This is called cryptographic substitution.

With 26 letters on the disk and thus 26 possible keys, the risk of cracking the plaintext by trial and error is high. If you compare today’s encryption methods, they use keys in a space of at least more than 2*128. Ideally, the space is defined by 2*256. The latter number marks the number of atoms in the universe and cannot be quantified by means of current computing capacities.

## Mechanical vs. digital encryption

### DES Standard

Times are changing and with them the ways of communication. With the triumph of all IT applications, the methods of mechanical encryption disappeared. Then, towards the middle of the 20th century, several cryptographic applications revolutionized the field. The DES algorithm (Data Encryption Standard) and subsequently the public-key method set the standard from then on. The former enables encrypted communication between two participants by means of a secret key. Fatal to the matter is the key distribution problem, which poses security risks.

### RAS standard as an asymmetric encryption method

The first public-key method – the so-called RSA algorithm sought to address this. Named after its inventors Rivest, Shamir and Adleman, it can be used to generate a public and a secret key. Messages can be encrypted and signed in this way. Basis remains the DES – procedure, which can be mediated by means of RSA computations surely between 2 participants – simplified expressed. This mechanism is the basis for surfing in the net or the exchange of mails. RSA is an asymmetric encryption method – one key encrypts the message and the other decrypts.

## Asymmetric encryption vs. elliptic curves – BitCoin special case

Now elliptic curves too!!! In fact, BitCoin technology is pushing it a bit peppier. Elliptical curves, mathematically speaking, are a collection of points that follow a particular equation. In the case of Bitcoin, this is secp256k1.

In addition, the point G and the prime number p play a role. So how does all this become an encryption mechanism for transmitting transactions? Participant X generates a random number s and uses it as its secret key. According to the mathematical premise, one multiplies s by the named point G (a point on the curve known to all. The result from this calculation is a new point on the curve – the public key. Bitcoin Maths – Shortcut!

Dividing by G to hack s is not possible in this case. The prime p is not divisible by G. To successfully hack this system, one must find a method to determine the “secret” s only knowing G and p. Current computing power is incapable of doing this. But quantum computers in the not-too-distant future may be.

## 2027

Scientists from the University of Sydney have recently pointed out where the weak points in BitCoin lie, and have held the public key procedure significantly responsible by name. Fast quantum computers could manipulate cryptographic signatures in the not too distant future and, for example, steal any amount traded undetected. In view of the current technical developments in this field, this still seems like science fiction, but the researchers are nevertheless quite clear about the year 2027 for such cracking. In the course of development work, the NSA, for example, invests a not insignificant part of its budget in quantum research.