Aren't blocks stored as merkle root trees also so each node will be double hashed too?
How big is the actual signature because it doesn't come out at 256 bits does it?
Topic: What is the relationship between ercsda and sha256 (Read 204 times)
it has nothing to do with bitcoin or addresses or security of them, etc.
when you are talking about ECDSA or elliptic curve digital signature algorithm, you are talking about the operations that are performed under the hood. without going into much details, in these operations which is referred to as "signing operation" you need to convert your "message" into a fixed size number so that you can sign anything while being able to do the multiplications the same way. so you choose a function that can take in an input of any size but returns a fixed size output. that function can be anything (SHA-1, SHA-2, SHA-3, BLAKE, MD, GOST, SWIFFT,...).
why 256? because you want the size of the hash be in accordance with size of the curve which is 256 bits for bitcoin.
why SHA? because it is the most common, it is safe based on "Federal Information Processing Standard" which is developed by US government which also released the ECDSA standard!
so you could technically create a new bitcoin that uses the same curve but with SHA3-256.
since we are already using SHA256 then it is also used elsewhere:
- double of it for transaction IDs
- for block hash
- for proof of work
- for address generation (which was introduced later to add an extra layer of security so that you don't reveal your public key -> P2PK turned into P2PKH)
when you are talking about ECDSA or elliptic curve digital signature algorithm, you are talking about the operations that are performed under the hood. without going into much details, in these operations which is referred to as "signing operation" you need to convert your "message" into a fixed size number so that you can sign anything while being able to do the multiplications the same way. so you choose a function that can take in an input of any size but returns a fixed size output. that function can be anything (SHA-1, SHA-2, SHA-3, BLAKE, MD, GOST, SWIFFT,...).
why 256? because you want the size of the hash be in accordance with size of the curve which is 256 bits for bitcoin.
why SHA? because it is the most common, it is safe based on "Federal Information Processing Standard" which is developed by US government which also released the ECDSA standard!
so you could technically create a new bitcoin that uses the same curve but with SHA3-256.
since we are already using SHA256 then it is also used elsewhere:
- double of it for transaction IDs
- for block hash
- for proof of work
- for address generation (which was introduced later to add an extra layer of security so that you don't reveal your public key -> P2PK turned into P2PKH)
The ECDSA and the SHA-256 hash are unrelated cryptographic operations. It is convenient that they are both 256 bits, and it is not completely a coincidence.
Signing a transaction is complicated, but the Bitcoin wiki goes into detail about how it is done. The signature proves that the spender controls the address associated with an output. The output of a transaction contains the address (in binary), and in order to spend the output, the public key is provided to show that the proper address is being spent and the private key is used to sign it.
Signing a transaction is complicated, but the Bitcoin wiki goes into detail about how it is done. The signature proves that the spender controls the address associated with an output. The output of a transaction contains the address (in binary), and in order to spend the output, the public key is provided to show that the proper address is being spent and the private key is used to sign it.
I get the system but am a bit unfamiliar with the exact fundamentals.
Although the input or the scriptsig part I now know contains the public key and the input. The output is made up of the input and the hashed public key. Everything is in binary otherwise the computer doesn’t really work...
. I think the input is made up of the public key, the tx and the vout (essentially where it can be found on the tx for the output using a lookup with the txid). The full context of this is that I need it in order to generate a bitcoin wallet of my own I have books on the topic but they’re on my other laptop and it’s nowhere near me. I have to wonder how I’m going to go about orphoning and chainstates also but one thing at a time...
I posted somewhere recently of a 15 minute tutorial of how to mine a block using pen and paper, it was quite interesting. Computerphile also made a video on how sha256 works which I quite enjoyed.
The ECDSA and the SHA-256 hash are unrelated cryptographic operations. It is convenient that they are both 256 bits, and it is not completely a coincidence.
Signing a transaction is complicated, but the Bitcoin wiki goes into detail about how it is done. The signature proves that the spender controls the address associated with an output. The output of a transaction contains the address (in binary), and in order to spend the output, the public key is provided to show that the proper address is being spent and the private key is used to sign it.
Signing a transaction is complicated, but the Bitcoin wiki goes into detail about how it is done. The signature proves that the spender controls the address associated with an output. The output of a transaction contains the address (in binary), and in order to spend the output, the public key is provided to show that the proper address is being spent and the private key is used to sign it.
Thank you!
I'm happy now "OP_CHECKSIG expects two values to be on the stack. These are, in order of stack depth, the public key..." Potentially the best thing I'll hear all day and I'm on 20 past midnight here.
I have segwit to look forward too though later
...
I'm happy now "OP_CHECKSIG expects two values to be on the stack. These are, in order of stack depth, the public key..." Potentially the best thing I'll hear all day and I'm on 20 past midnight here
.I have segwit to look forward too though later
... 
Ah yes I understand that second bit about if you haven't yet spent anything from an address it is hard/almost impossible to know the private key.
Thanks for the links, do you know if there's one for the transaction signature verification? I'm a bit fuzzy on how that works with the hash function included on the public key, in order to verify the transaction, is that why an input is so huge does it contain the pk, pkh along with the input or am I wrong there?
Thanks for the links, do you know if there's one for the transaction signature verification? I'm a bit fuzzy on how that works with the hash function included on the public key, in order to verify the transaction, is that why an input is so huge does it contain the pk, pkh along with the input or am I wrong there?
honestly, a lot of the logic used in signature validation is over my head. but i believe this is the script used to verify the signatures of inputs, might be a good place to start: https://en.bitcoin.it/wiki/OP_CHECKSIG
Ah yes I understand that second bit about if you haven't yet spent anything from an address it is hard/almost impossible to know the private key.
Thanks for the links, do you know if there's one for the transaction signature verification? I'm a bit fuzzy on how that works with the hash function included on the public key, in order to verify the transaction, is that why an input is so huge does it contain the pk, pkh along with the input or am I wrong there?
I understand that second page finally, got stuck on that for a few hours earlier this week.
Thanks for the links, do you know if there's one for the transaction signature verification? I'm a bit fuzzy on how that works with the hash function included on the public key, in order to verify the transaction, is that why an input is so huge does it contain the pk, pkh along with the input or am I wrong there?
I understand that second page finally, got stuck on that for a few hours earlier this week.
I thought I spelt it wrong!
Is it just coincidental they both use 256 bit numbers or are they related somehow?
Is it just coincidental they both use 256 bit numbers or are they related somehow?
they're related in the sense that both are used to secure private keys in bitcoin.
an ECDSA private key (based on elliptic curve cryptography) is the starting point for creating a bitcoin address. when we perform a SHA-256 hash on the corresponding public key it improves security and privacy.
for example, as long as a public key hasn't been exposed (eg you haven't spent from the address), the private key should be safe even if ECDSA is broken. this is relevant in the case of quantum computing breaking ECDSA.
more info here:
https://en.bitcoin.it/wiki/SHA-256
https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses#How_to_create_Bitcoin_Address
I thought I spelt it wrong!
Is it just coincidental they both use 256 bit numbers or are they related somehow?
Is it just coincidental they both use 256 bit numbers or are they related somehow?
I'm wondering if there's a strong relationship between these two?
Ercsda is the signature algorithm of the Bitcoin protocol.
Sha256 is the hashing protocol that Bitcoin uses for both mining and public key generation.
As p2pkh does a ripemd160(Sha256(pubkey)) there is hashing used there. Is the hashing algorithm also uses to generate the public key from the private key, is this part of the ercsda spec or is this something else.
I have a feeling this is a stupid question, I could possibly Google it but Google doesn't understand what ercsda is...
Ercsda is the signature algorithm of the Bitcoin protocol.
Sha256 is the hashing protocol that Bitcoin uses for both mining and public key generation.
As p2pkh does a ripemd160(Sha256(pubkey)) there is hashing used there. Is the hashing algorithm also uses to generate the public key from the private key, is this part of the ercsda spec or is this something else.
I have a feeling this is a stupid question, I could possibly Google it but Google doesn't understand what ercsda is...
if you're searching for "ercsda", that might be why. bitcoin's signature algorithm is "ECDSA" or "elliptic curve digital signature algorithm".
https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm
I'm wondering if there's a strong relationship between these two?
Ercsda is the signature algorithm of the Bitcoin protocol.
Sha256 is the hashing protocol that Bitcoin uses for both mining and public key generation.
As p2pkh does a ripemd160(Sha256(pubkey)) there is hashing used there. Is the hashing algorithm also uses to generate the public key from the private key, is this part of the ercsda spec or is this something else.
I have a feeling this is a stupid question, I could possibly Google it but Google doesn't understand what ercsda is...
Ercsda is the signature algorithm of the Bitcoin protocol.
Sha256 is the hashing protocol that Bitcoin uses for both mining and public key generation.
As p2pkh does a ripemd160(Sha256(pubkey)) there is hashing used there. Is the hashing algorithm also uses to generate the public key from the private key, is this part of the ercsda spec or is this something else.
I have a feeling this is a stupid question, I could possibly Google it but Google doesn't understand what ercsda is...
Jump to: