Bitcoin cryptography runs on an algorithm called Secure Hash Algorithm 256 (SHA-256). It generates a 256-bit (32-byte) signature (output) for any particular input. Before we discuss SHA-256 in particular, let us first dive a bit into modern cryptography so that we can illustrate the requirements of modern encryption.
Requirement #1 – Must be Deterministic
Deterministic means that given a set of inputs, we will always produce the exact same output. Anytime we run the same input through the cryptographic hashing function the output must be exactly the same each time it is reproduced. This is a very important property, as if we got a different output each time, we would be dealing with randomness, and there would be absolutely zero importance to cryptography, as one would not be able to verify the signature without the private key.
Requirement #2 – Signatures must be computationally efficient to create and verify
Creation – This just means that with modern computers the algorithm must work in such a way that any signature is easily created with minimal system overhead knowing the private key.
Verification – This means that any computer is able to verify a signature was signed with a valid key with minimal computer resources.
Requirement #3 – Signing any single message without a private key must be computationally in-efficient
This is one of the most important properties of modern cryptography. They are computationally in-efficient at working backwards to solve the problem in reverse order knowing the outputs and solving for the private key in reverse order.
This is much different than if I know 1 + 9 = 10 and I know you started with “9” I can easily reverse the math to know your number is “1.” With modern encryption the same is not true.
Modern hashing functions are fixed length outputs, this means that whether you run a single letter such as “a”, an entire page of Wikipedia, or even the text of the entire bible, the output is always a fixed length. And this is very important, because the output gives zero information about the input.
Imagine if a hashing function always produced an output that was 2 times longer than the input, then anytime a hacker saw a 50 character output, they would know my input was exactly 25 characters long.
With any good modern hashing function, nothing in the output should be able show any clues about the input. Furthermore, changing just a single letter, comma or period in a text input, will produce an entirely different and unrecognizable output.
Requirement #4 – It must be collision resistant
This basically means that the chance of reproducing any single 1 output with a different input is very unlikely. Dealing with fixed length outputs means that there is a finite number of possibilities on the output, however the input can be of any length, and therefore, it is a mathematical certainty that more than 1 input can produce the same output as there are more inputs than outputs.
So to solve this problem of “collisions” the pool of outputs must be so big, that it becomes computationally almost infeasible that 2 inputs could be discovered by random chance.
Introduction to Bitcoin cryptography and how it works
If you have not read the first articles in this series please read – What is Bitcoin?
As you just read above, modern encryption algorithms must fulfill 4 major requirements in order to be considered viable as an encryption means, namely collision resistance, computational efficiency to verify or sign, computational in-efficiency to solve for the key in reverse and it must be deterministic.
GEEK ALERT – A bit more of a technical overview on Bitcoin cryptography
In Bitcoin cryptography we always start with a private key. From the private key, all other data is derived, including the bitcoin address aka public key. As you know from above, this human usable private key is a 64 character string consisting of the digits 0-9 and the letters A-F. This means that it is hexadecimal, or each space has 16 possible values (0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F) and considering there are 64 spaces, this means there are a potential of 16^64 possible combinations of the private key.
However to better understand how we get here let us look at the difference between bits and bytes so we have a good understanding of what is going on here on the Bitcoin cryptography side. This will make it seem a bit less intimidating.
Let’s start with Binary
Down at the most fundamental level computers speak in Binary code (On / Off). This on / off is illustrated as a 1 or 0. This means that at the fundamental level each of the 256 units of information (bits) have only 1 of 2 options, a “0” or a “1.”
And for computers this is great, but for humans, not so much. If I was to ask you a simple question, you would easily be able to give me the answer right? My question is, “01010111 01100001 01110100 00100000 01110100 01101001 01101101 01100101 00100000 01101001 01110011 00100000 01101001 01110100 00111111”
You are probably thinking – what the hell is this guy crazy? What did he just say?!?!
Like I said, I asked you a simple question, “What time is it?” Instead of asking you in English I asked you in Binary code. And the reason I am showing you this is to illustrate to you how we go from bits to bytes.
8 bits = 1 byte
Let us break it down a bit, in Binary code “W” is always written as “01010111” and “H” is always written as “01010111” and so on and so forth. Take a look at “W” you will see 8 characters there. Each of these 1’s and 0’s is a bit. As you see to get a normal human readable character, called an ASCII character, it takes 8 bits. So this means it takes a computer 8 pieces of information to display something that won’t make a human being have a stroke just by looking at it.
2^256 = 16^64
So for every single human readable byte of data we have in code, we need 8 computer readable bits of data. Hence a 256 Bit private key at its most fundamental level is 2^256. Since we have established that there are 8 bits in a bite, we divided 256 by 8 to get 32. This means that 256 Bit key is a 32 byte key with 64 characters. Or to put it more simply let us look at the math.
Head over to google.com and in the search bar type in as follows: “2^256”
Your answer should be, “1.1579209e+77”
Now head over to google.com again and type in the search bar: “16^64”
Your answer should be “1.1579209e+77”
Therefore to move from password that is 256 characters long (but only has 2 possibilities in each space gives you the same amount of possibilities as a 64 character password where each space has 16 possibilities. Remember in the Hexadecimal version of the Bitcoin private key we use only 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F. So each of the 64 characters has exactly the same amount of places.
Just how big is 1.1579209e+77?
That is like a pretty big number. In fact it is exactly:
115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936Yes, uhm, that’s a pretty darn big number!
To imagine just how big the number above is, we have to get some sort of idea on what this actually means, as a number of this size is nothing more than a bunch of abstract digits and does not actually illustrate its size.
Let’s think very small to imagine just how big 1.1579209e+77 actually is!
So to illustrate this point, instead of thinking very big, let us think very small. When we think of the smallest fundamental building blocks of matter, we think in terms of atoms. Let’s use a grain of sand. In a single grain of sand there is 1.948 x 10^21 atoms. Written out that is 1,948,000,000,000,000,000,000 atoms in a single grain of sand. Think of how many grains of sand would be needed to make up the mass of our bodies.
It would take approximately 3,500,000 grains of sand to make up the mass of a single human body
Think of how many atoms that is just to make up the mass of a single human. We are already at incalculable numbers. And we just are using the size of our own body. We have only just begun.
Then imagine just our solar system how many grains of sand there are. Then think of our Milky Way galaxy. In our Milky Way galaxy alone, there are estimated to be over 250 billion stars. Each of these stars have entire solar systems much like our own. Now just imagine the amount of grains of sand that would fit there.
There are over 100 billion galaxies in the known universe
Now take a breath for a moment, because there are approximately 100 billion galaxies in the known universe, each containing an estimated 100 – 300 billion stars, and each star being part of its own solar system like ours.
Now take all of the grains of sand that we have on all these stars and planets and galaxies making up the observable universe and you will have 1e+78 atoms in the entire known universe. In bitcoin there are 1.1579209e+77 potential combinations of private keys.
There are approximately as many possibilities of Bitcoin private keys as there are atoms in the known universe, that’s how strong Bitcoin cryptography actually is!
Think about this for a moment when you are thinking of security. This what makes bitcoin so secure. The odds of someone grabbing your private key by any means of brute force are approximately the same them picking a particular atom on a particular planet in a particular solar system in a particular galaxy. The chances are as close to zero as the human mind can even imagine.
But this also illustrates the importance of you securing your private keys! Because any theft of Bitcoin is almost certainly going to come from someone getting your private keys from you by way of physical theft, social engineering, hacking or any combination thereof.
Almost any fault with Bitcoin cryptography is going to be in human error and mismanagement of private keys
No amount of cryptographic mathematics is going to protect you from someone swiping your private key from your phone when you are typing away on your keyboard looking the other way. Bitcoin cryptography is extremely strong. It is so strong that it is almost impossible to fathom, with today’s computing power to even imagine cracking a private key.
Humans will always be the weak link. We can leave our private key on a phone, on a server. We can be tricked into a phishing attack or by outright sending our Bitcoin to a bad actor. So yes, we humans are the weak link in Bitcoin, and any theft for the foreseeable future will almost surely be the fault of negligence of someone failing to protect his or her private keys.