Innovation and Cryptoventures Keys Campbell R Harvey Duke

Innovation and Cryptoventures Keys Campbell R. Harvey Duke University and NBER January 19, 2018

Secret Keys Symmetric key • Symmetric encryption: there is a single key to both encrypt and decrypt a message. Nazi Enigma Machine https: //www. youtube. com/watch? v=G 2_Q 9 Fo. D-o. Q Campbell R. Harvey 2018 2

Secret Keys Symmetric key • DES (Data Encryption Standard) was a popular symmetric key method, initially used in SET (first on-line credit card protocol) • DES has been replaced by AES (Advanced Encryption Standard) Campbell R. Harvey 2018 3

Public Keys Asymmetric keys • Everyone has two keys: public and private • Public is available to anyone • Private only available to the individual • The public key is mathematically linked to the private key Campbell R. Harvey 2018 4

Public Keys Asymmetric keys: Two main uses • Bob encrypts a document with Alice’s public key – only Alice can decrypt the document with her private key. Here the public key is the “encryption key” and the private key is the “decryption key” • Bob could sign a message with his private key. People with access to Bob’s public key can verify that the message is from him (or at least someone with access to Bob’s private key). Here the private key is referred to as the “signing key” and the public key is the “verification key”. Campbell R. Harvey 2018 5

Verification My public key for secure email • You can encrypt an email to me with my public key and only I can decrypt with my private key. Campbell R. Harvey 2018 6

Key Pair Basics • Data encrypted with public key can only be decrypted with private key • The user generates both keys and the key pair is mathematically linked • Examples are RSA and EC encryption Panayotis Vryonis (2013) Campbell R. Harvey 2018 7

Key Pair Digital Signatures • I want to send a message • Hash the message • Encrypt the hash with my private key (Digital Signature) • Receiver recovers the original hash using my public key • Receiver does their own hash of the original message to make sure it matches the recovered hash • Any small change in the original message will result in a different hash Campbell R. Harvey 2018 8

Key Pair https: //kjur. github. io/jsrsasign/sample-ecdsa. html Campbell R. Harvey 2018 9

Key Pair Certificate Authorities • Before I accept a message from Alice, I want to make sure that the public key really belongs to Alice (not an imposter) • Trusted third party certifies that the public key belongs to Alice. This third party is called the “Certificate Authority” • This is how the Internet works with HTTPS, SSL, TLS. Campbell R. Harvey 2018 10

What is a bitcoin private key? Transactions are signed with a specific variant of an Elliptic Curve Digital Signature Algorithm • The ECDSA has a private key and a public key • Private keys are 256 bit random numbers. The public key is mathematically linked to the private key. • The public key can be derived from the private key – but not vice versa. • Again, in DSAs, the private key as known as the “signing key” and the public key is known as the “verification key”. Campbell R. Harvey 2018 11

What is a bitcoin private key? Transactions are signed with a specific variant of an Elliptic Curve Digital Signature Algorithm • Think of each of us as having a lockbox and the lockbox has a private and public key • We use the public key to generate a bitcoin address (Address deck). The public address is mathematically linked to the public key (-- and to the private key because the private key is mathematically linked to the public key). Campbell R. Harvey 2018 12

What is a bitcoin private key More on transactions • In my lockbox are the bitcoins that have been sent to my public address • Think of the lockbox containing unspent transaction output (e. g. someone has sent me a bitcoin and I have not spent it yet) Campbell R. Harvey 2018 13

What is a bitcoin private key More on transactions • Now suppose I want to send 1 bitcoin to Soo. • I open my lockbox with my private key and take out the bitcoin, construct a new lockbox with Soo’s public key that can only be opened by her private key, put the bitcoin into it, and give it to her. • This is a “transaction”. I have signed the transaction with my ECDSA private key and the network can verify it is me because the network knows my public key. Campbell R. Harvey 2018 14

What is a bitcoin private key Signing a transaction • A signature is mathematically generated from a hash of the transaction plus the private key. • Signature is represented by two numbers, r and s. • With a public key, a mathematical algorithm can be applied to the signature to determine that it was produced from the hash and the private key -- without needing to know the private key. Campbell R. Harvey 2018 15

What is a bitcoin private key Bitcoin’s ECDSA • Uses a relatively obscure variant called secp 256 k 1 chosen by Satoshi • Of all the components of the bitcoin architecture, the ECDSA is the most vulnerable Campbell R. Harvey 2018 16

Multiple private keys? More than one address? • Yes, you can have multiple addresses which means you have multiple private/public key pairs from the ECDSA. Think of these as multiple lockboxes. • A good wallet program will manage all of these keys so you don’t need to worry about where the bitcoins are coming from • Note with Coinbase, you delegate your private keys to them. Campbell R. Harvey 2018 17

More on PGP email Steps 1. Message compressed 2. Random session key (based on mouse movements and keystrokes) is generated. 3. Message encrypted with session key 4. Session key is encrypted with receiver’s public key 5. Encrypted message + encrypted session key sent via email 6. Recipient uses their private key to decrypt the session key 7. Session key is used to decrypt the message 8. Message decompressed http: //www. pgpi. org/doc/pgpintro/ Campbell R. Harvey 2018 18