Bitcoin Forum
October 21, 2020, 10:32:17 AM *
News: Latest Bitcoin Core release: 0.20.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: who can explain how signing/verifing message works?  (Read 548 times)
newcn
Full Member
***
Offline Offline

Activity: 143
Merit: 100


View Profile
December 13, 2013, 11:24:20 AM
 #1

Using a bitcoin client, one can sign/verify messages.
I understand that I use my private key to sign a message,
but I wonder why other people can verify messages which I signed?
since the  key is private, and other people don't know.

BTC:1NzzfeHCgN8fF6mSG1UeBFCVd2cxKbGyHk
NXT:13187911577562526278
1603276337
Hero Member
*
Offline Offline

Posts: 1603276337

View Profile Personal Message (Offline)

Ignore
1603276337
Reply with quote  #2

1603276337
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1603276337
Hero Member
*
Offline Offline

Posts: 1603276337

View Profile Personal Message (Offline)

Ignore
1603276337
Reply with quote  #2

1603276337
Report to moderator
1603276337
Hero Member
*
Offline Offline

Posts: 1603276337

View Profile Personal Message (Offline)

Ignore
1603276337
Reply with quote  #2

1603276337
Report to moderator
Aeequtio
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 15, 2013, 06:01:14 AM
 #2

I would like to know more about that as well.
Can anyone shed some light on it?
binaryclock
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile WWW
December 15, 2013, 06:44:50 AM
 #3

Me 3, plz

DEDICATEDPOOL.COM
shorena
Copper Member
Legendary
*
Offline Offline

Activity: 1498
Merit: 1346


No I dont escrow anymore.


View Profile WWW
December 15, 2013, 06:58:17 AM
 #4

The verfication is done with your public key.

Basicly its a o = m^d (mod N)

where o is the signature, m is the message and d is the private key
Because RSA has some vulnerabilites, the message gets hashed first.

To check the signature you calulate o^e = m (mod N)
where e is the public key to the former used private key.

If the hashes match the message wasnt changed durring transport.

This works because ed = 1 (mod phi(N))
while e and N again are part of the public key
and d is the private key



If you want more details, read the rfc 3447, its explained for RSA, but the principle is still the same

Link: http://tools.ietf.org/html/rfc3447#page-27



Edit: phi(x) is eulers phi function ( http://en.wikipedia.org/wiki/Euler%27s_totient_function )

Im not really here, its just your imagination.
newcn
Full Member
***
Offline Offline

Activity: 143
Merit: 100


View Profile
January 04, 2014, 12:41:30 PM
 #5

The verfication is done with your public key.

Basicly its a o = m^d (mod N)

where o is the signature, m is the message and d is the private key
Because RSA has some vulnerabilites, the message gets hashed first.

To check the signature you calulate o^e = m (mod N)
where e is the public key to the former used private key.

If the hashes match the message wasnt changed durring transport.

This works because ed = 1 (mod phi(N))
while e and N again are part of the public key
and d is the private key



If you want more details, read the rfc 3447, its explained for RSA, but the principle is still the same

Link: http://tools.ietf.org/html/rfc3447#page-27



Edit: phi(x) is eulers phi function ( http://en.wikipedia.org/wiki/Euler%27s_totient_function )

thank you very much!

BTC:1NzzfeHCgN8fF6mSG1UeBFCVd2cxKbGyHk
NXT:13187911577562526278
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!