Pages:
Author

Topic: Is it possible to create a message readable only to the owner of an address? - page 2. (Read 2699 times)

hero member
Activity: 583
Merit: 505
CTO @ Flixxo, Riecoin dev
The private and public keys under ECDSA would not be related under another crypto scheme.  If you reinterpret your ECDSA private key as a private key of a different scheme, you'll surely get an unrelated public key.  It's not meaningful.

What you really want is ECIES (Elliptic Curve IES)

But aren't ECIES keys practically the same as ECDSA keys? isn't it just points on a curve?
So reinterpreting ECDSA keys as keys of EC encryption would work.


There are no new questions on bitcointalk (ok, perhaps a few, but not many).

This has been asked (and answered) in the past:

No.  Bitcoin uses ECDSA which is a digital signature algorithm not an encryption algorithm.  You could use another algorithm which supports encryption however Bitcoin address is not a Public Key it is a hash of the public key.   If you need to use a third party algorithm, third party software, and exchange keys directly well you might as well use something that was designed for this purpose like PGP.

There are encryption systems which can use ECC keys. 

ECIES is one system:
https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme

However a couple things to keep in mind.   I don't know of any widely deployed open source software which uses it so you will be reinventing the wheel.  Could you develop such software, extensively test it, and then ensure your recipient also has said software (doesn't do much good if the recipient isn't using it) so that you can encrypt a message using a PUBLIC KEY you obtain (not address which is a public key hash) so the recipient can decrypt it by exporting a private key from his wallet into some software he is unfamiliar with?  Probably.

It wouldn't work any better than other widely deployed systems like PGP and unless you are very good you run the risk of compromise which affects both systems.  I would by default be suspect of any software where I have to export one or more private keys from my wallet (that control MONEYZ) to a third party software in order to  decrypt a message.  Even if legit it certainly doesn't sound smart or reasonable.

ok, I agree I wouldn't just put my private key in any software, but if I'm really curious about the message I'd transfer the funds to another address and then proceed to decrypt...

Adding it as a feature in the bitcoin client would be cool.
legendary
Activity: 3472
Merit: 4801
There are no new questions on bitcointalk (ok, perhaps a few, but not many).

This has been asked (and answered) in the past:

No.  Bitcoin uses ECDSA which is a digital signature algorithm not an encryption algorithm.  You could use another algorithm which supports encryption however Bitcoin address is not a Public Key it is a hash of the public key.   If you need to use a third party algorithm, third party software, and exchange keys directly well you might as well use something that was designed for this purpose like PGP.

There are encryption systems which can use ECC keys.  

ECIES is one system:
https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme

However a couple things to keep in mind.   I don't know of any widely deployed open source software which uses it so you will be reinventing the wheel.  Could you develop such software, extensively test it, and then ensure your recipient also has said software (doesn't do much good if the recipient isn't using it) so that you can encrypt a message using a PUBLIC KEY you obtain (not address which is a public key hash) so the recipient can decrypt it by exporting a private key from his wallet into some software he is unfamiliar with?  Probably.

It wouldn't work any better than other widely deployed systems like PGP and unless you are very good you run the risk of compromise which affects both systems.  I would by default be suspect of any software where I have to export one or more private keys from my wallet (that control MONEYZ) to a third party software in order to  decrypt a message.  Even if legit it certainly doesn't sound smart or reasonable.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
ECDSA is used for signing and verifying messages. Not for encrypting them.
So, the answer is "not".
You should use another crypto algorithms

sure, ECDSA is for signing and not for encription, but the same keys used for ECDSA could be used for encryption, and it would work like what the OP needs...
so, while he must use an algorithm other than ECDSA, the answer would be yes.

The private and public keys under ECDSA would not be related under another crypto scheme.  If you reinterpret your ECDSA private key as a private key of a different scheme, you'll surely get an unrelated public key.  It's not meaningful.

What you really want is ECIES (Elliptic Curve IES)
hero member
Activity: 672
Merit: 500
http://fuk.io - check it out!
or encrypt it and give key just to he owner so only he can decipher it
hero member
Activity: 583
Merit: 505
CTO @ Flixxo, Riecoin dev
ECDSA is used for signing and verifying messages. Not for encrypting them.
So, the answer is "not".
You should use another crypto algorithms

sure, ECDSA is for signing and not for encription, but the same keys used for ECDSA could be used for encryption, and it would work like what the OP needs...
so, while he must use an algorithm other than ECDSA, the answer would be yes.
legendary
Activity: 1260
Merit: 1019
ECDSA is used for signing and verifying messages. Not for encrypting them.
So, the answer is "not".
You should use another crypto algorithms
hero member
Activity: 583
Merit: 505
CTO @ Flixxo, Riecoin dev
Yes, I believe it works as you describe it.

However, I don't know if there are tools to do it easily... probably not
jr. member
Activity: 38
Merit: 2
Is it possible to encrypt a message so that only a certain address owner can read it? 

I guess there are two parts of the questions. 

1. I may not know the public key from the address because address is hash of public key.

From my understanding, the public key wouldn't be revealed until they have made a transaction. 

If I do not have the public key of the recipient, I guess I cannot do anything about it.

2. Let's say I do have the public key of the recipient address.  Could I then encrypt the message with the public key such that only the private key owner can read it?

Assuming that the address owner has revealed the public key in order to make a transaction, then we can find the public key from blockchain.  With this assumption, then we should be able to do this?

 
Pages:
Jump to: