Bitcoin Forum
October 15, 2019, 08:07:05 AM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Encrypt a message using Bitcoin Public Key and decrypt with private key?Like PGP  (Read 164 times)
bitmover
Hero Member
*****
Offline Offline

Activity: 630
Merit: 1065



View Profile
September 29, 2019, 09:55:28 AM
 #1

I was studying a little about PGP. I am a total newbie at it.

But there are so many similarities to PGP and Bitcoin. Is it possible to encrypt a message using my public key, and decrypt it using my private key? Like PGP does. It would be something very nice to do, as Bitcoin clients are much more common and widespread than PGP related software (also easier to use).

I would like to be able to encrypt my messages using bitcoin key pairs. It would be really useful.

Maybe in future Bitcoin signatures could even replace PGP signatures? Is there any discussion about this? Or is it technically impossible ? I searched but couldn't find any.

1571126825
Hero Member
*
Offline Offline

Posts: 1571126825

View Profile Personal Message (Offline)

Ignore
1571126825
Reply with quote  #2

1571126825
Report to moderator
1571126825
Hero Member
*
Offline Offline

Posts: 1571126825

View Profile Personal Message (Offline)

Ignore
1571126825
Reply with quote  #2

1571126825
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571126825
Hero Member
*
Offline Offline

Posts: 1571126825

View Profile Personal Message (Offline)

Ignore
1571126825
Reply with quote  #2

1571126825
Report to moderator
1571126825
Hero Member
*
Offline Offline

Posts: 1571126825

View Profile Personal Message (Offline)

Ignore
1571126825
Reply with quote  #2

1571126825
Report to moderator
1571126825
Hero Member
*
Offline Offline

Posts: 1571126825

View Profile Personal Message (Offline)

Ignore
1571126825
Reply with quote  #2

1571126825
Report to moderator
cr1776
Legendary
*
Offline Offline

Activity: 2394
Merit: 1052


View Profile
September 29, 2019, 10:07:12 AM
Last edit: September 29, 2019, 10:46:22 AM by cr1776
Merited by bones261 (4), Coding Enthusiast (2), ETFbitcoin (1), bitmover (1)
 #2

I was studying a little about PGP. I am a total newbie at it.

But there are so many similarities to PGP and Bitcoin. Is it possible to encrypt a message using my public key, and decrypt it using my private key? Like PGP does. It would be something very nice to do, as Bitcoin clients are much more common and widespread than PGP related software (also easier to use).

I would like to be able to encrypt my messages using bitcoin key pairs. It would be really useful.

Maybe in future Bitcoin signatures could even replace PGP signatures? Is there any discussion about this? Or is it technically impossible ? I searched but couldn't find any.


This will probably answer your question, in short it is possible, but not recommended as it encourages address reuse, could have privacy implications and could have interactions between protocols using the same key pairs.

https://bitcoin.stackexchange.com/questions/80638/how-would-one-encrypt-a-message-using-a-bitcoin-public-key-and-use-its-priva

You might want to check out bitmessage for something similar to what you are asking if you wish to see how it could be implemented:
https://github.com/Bitmessage/PyBitmessage
nc50lc
Hero Member
*****
Offline Offline

Activity: 742
Merit: 632


Self-proclaimed Genius ㊙️


View Profile WWW
September 29, 2019, 10:42:18 AM
Merited by bones261 (4), ETFbitcoin (1), BitMaxz (1), Royse777 (1), Heisenberg_Hunter (1), bitmover (1), Husna QA (1)
 #3

It's possible using Electrum's console.
But it's not necessary to use your private key for decryption.

If you want to try, let's just use this address' public key: 1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN (leaked brainwallet address)
04a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd5b8dec5235a0f a8722476c7709c02559e3aa73aa03918ba2d492eea75abea235

Follow this syntax encrypt('public key', 'message to encrypt'), example:
Code:
encrypt('04a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd5b8dec5235a0fa8722476c7709c02559e3aa73aa03918ba2d492eea75abea235', 'Test message to a leaked brainwallet')

The result is this encrypted message:
Code:
"QklFMQNS2Vu/26J7IFisRNH1tfkeUN4lUpOTp+vxuYrmA8cSFWlsqVCnAgjFgsXPXJDC5ihC2KmJs+fm5zgPF/2/DUmnU/t50Tz6tse57diRZ6Byt4K49ZLSKtV53MHommmjDgPA4oabgIx7xLkFmZDH6bAr"
This should be given to the other party who already knew your public key.

Then he should use this syntax to decrypt the message decrypt('public key', 'encrypted message');
for the example above:
Code:
decrypt('04a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd5b8dec5235a0fa8722476c7709c02559e3aa73aa03918ba2d492eea75abea235', "QklFMQNS2Vu/26J7IFisRNH1tfkeUN4lUpOTp+vxuYrmA8cSFWlsqVCnAgjFgsXPXJDC5ihC2KmJs+fm5zgPF/2/DUmnU/t50Tz6tse57diRZ6Byt4K49ZLSKtV53MHommmjDgPA4oabgIx7xLkFmZDH6bAr")
Will result into: "Test message to a leaked brainwallet".

Manually highlight & copy the codes 'cause sometimes, a space will appear at the end if you double clicked it.

bitmover
Hero Member
*****
Offline Offline

Activity: 630
Merit: 1065



View Profile
September 29, 2019, 12:08:43 PM
 #4

It's possible using Electrum's console.
But it's not necessary to use your private key for decryption.

Thank you. I will try later.

But this way it is far less secure... it would be good to encrypt with public key and decrypt with the private key, like PGP.

This will probably answer your question, in short it is possible, but not recommended as it encourages address reuse, could have privacy implications and could have interactions between protocols using the same key pairs.

Thank you.
The person who answered said that using systems that were actually designed for encryption is better... he is right ofc, but maybe an upgrade in bitcoin protocol in the future?
 It would be nice to see one day people using bitcoin protocol to encrypt messages, it could be easily done by users and would protect our privacy in our emails and other means of communication.

I don't see a problem with address re use here. You could use some addresses just for messaging, no big deal IMO.

Coding Enthusiast
Hero Member
*****
Offline Offline

Activity: 690
Merit: 1095


Novice C♯ Coder


View Profile WWW
September 29, 2019, 02:50:41 PM
Merited by ETFbitcoin (1), PrimeNumber7 (1)
 #5

It would be nice to see one day people using bitcoin protocol to encrypt messages,

This is not related to bitcoin protocol, this is a standard scheme used in Elliptic Curve Cryptography. Since the private/public key pairs used in bitcoin are EC key pairs, ECIES scheme could be used with them.

Projects List+Suggestion box
Donation link using BIP21
Bech32 Donation link!
BitcoinTransactionTool (0.9.2):  Ann - Source Code
Watch Only Bitcoin Wallet (supporting SegWit) (3.1.0):  Ann - Source Code
SharpPusher (broadcast transactions) (0.10.0): Ann - Source Code

joniboini
Hero Member
*****
Offline Offline

Activity: 714
Merit: 1144


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile WWW
September 29, 2019, 04:06:31 PM
 #6

-snip-

And it's already posted up there. Clue: #2nd post!


Carlton Banks
Legendary
*
Offline Offline

Activity: 2520
Merit: 1976



View Profile
September 29, 2019, 06:25:06 PM
Merited by bones261 (4), Abdussamad (2), nc50lc (1)
 #7

there are so many similarities to PGP and Bitcoin. Is it possible to encrypt a message using my public key, and decrypt it using my private key? Like PGP does. It would be something very nice to do, as Bitcoin clients are much more common and widespread than PGP related software (also easier to use).

PGP/GPG is a good idea, but encrypting messages is only a small part of the concept.


The real idea is that it's basically a p2p id system, not just for encryption. It works like this:

  • Find people you know well
  • Get them using PGP
  • Put your public keys in a public place on internet
  • All your buddies attach a little text to your key, and sign the text with their key
  • The text should say something like "We went to school together since 5 years old", or "she's my aunt" etc

That's great for you guys, you all have cryptographically signed messages of everyone in your little group, saying how you know each other. Which is actually not so great, as you're just signing info all of you already know! Grin

But the power comes in later; when someone you don't know gets into the group, you're likely to trust your friend who signs their message that brings them into the group, and so you'll believe the message about how they know each other.

And if the newcomer is coming from another group of PGP buddies, then you have a link between your group and theirs, and you've got some kind of assurance that these people are who they say they are, and that they trust that about one another.

This is the so-called Web of Trust, and it never quite got moving. But, it does keep growing, and especially among computer programmers. The biggest group of PGP users who are all cross signing each others keys is around 60,000 or 70,000 people. A bit like with Bitcoin, more people doing the cross-signing thing makes the whole system stronger and more valuable. It's totally p2p, so just because the biggest group now is those 60,000 people, does not mean another big group couldn't grow to the same size (although there is a big incentive for the 2 group to merge, and nothing to stop 2 people from each big group cross-signing each others keys to make that merge happen, something a bit like that no doubt happened already)

PGP is a bit slow in development, and as you say, not the most user friendly. But you only have to learn it once, and you've got a different kind of infrastructure to Bitcoin, that's just as powerful, but for a different purpose.



Grin to answer the actual question though:

I'm not sure if ECDSA can be used to encrypt, I thought it was only possible to use it to sign with? (the DSA part breaks out as Digital Signature Algorithm)

Vires in numeris
igor72
Hero Member
*****
Offline Offline

Activity: 546
Merit: 592


View Profile
September 29, 2019, 10:23:19 PM
Merited by nc50lc (2), Abdussamad (1)
 #8

It's possible using Electrum's console.
In my opinion, this is easier to do in "Tools -> Encrypt/Decrypt message"
Quote
But it's not necessary to use your private key for decryption.
Really? I believed that for decryption the private key corresponding to this public key should be in the wallet.
Abdussamad
Legendary
*
Offline Offline

Activity: 2254
Merit: 1200



View Profile WWW
September 30, 2019, 01:06:43 AM
Merited by Carlton Banks (1)
 #9

The reason it doesn't get used as much is because it doesn't provide any benefits over GPG. GPG is actually more widespread and there is support in all email clients for it. With bitcoin only electrum supports it ATM.

Signing messages with addresses other than p2pkh ones is also not widely supported. So the authentication part is missing.

I'm not sure if ECDSA can be used to encrypt, I thought it was only possible to use it to sign with? (the DSA part breaks out as Digital Signature Algorithm)

Electrum uses something called ECIES. Only Electrum supports it though.

nc50lc
Hero Member
*****
Offline Offline

Activity: 742
Merit: 632


Self-proclaimed Genius ㊙️


View Profile WWW
September 30, 2019, 02:58:36 AM
 #10

But it's not necessary to use your private key for decryption.
Really? I believed that for decryption the private key corresponding to this public key should be in the wallet.
Sry, yes;
after testing using my other wallets, it does require the prv key to decrypt the message.

This can work using an imported wallet with one dedicated private key for exchanging encrypted message.
Although, there's no real advantage over PGP/GPG.

Saint-loup
Hero Member
*****
Offline Offline

Activity: 938
Merit: 734


WOLF.BET - Provably Fair Dice Game


View Profile
September 30, 2019, 10:31:03 AM
Merited by Carlton Banks (1)
 #11

Grin to answer the actual question though:

I'm not sure if ECDSA can be used to encrypt, I thought it was only possible to use it to sign with? (the DSA part breaks out as Digital Signature Algorithm)
Yes Satoshi already explained it

ECDSA can't encrypt messages, only sign signatures.

It would be unwise to have permanently recorded plaintext messages for everyone to see.  It would be an accident waiting to happen.

If there's going to be a message system, it should be a separate system parallel to the bitcoin network.  Messages should not be recorded in the block chain.  The messages could be signed with the bitcoin address keypairs to prove who they're from.

Yes, it's a technical limitation.  Sending by bitcoin address enters the transaction into the network and the recipient discovers it from the network.  You don't connect directly with them and they don't have to be online at the time.

I very much wanted to find some way to include a short message, but the problem is, the whole world would be able to see the message.  As much as you may keep reminding people that the message is completely non-private, it would be an accident waiting to happen.

Unfortunately, ECDSA can only sign signatures, it can't encrypt messages, and we need the small size of ECDSA.  RSA can encrypt messages, but it's many times bigger than ECDSA.

.WOLF.BET.
▀  ▀▀▀▀▀▀
  ▀ ▀▀▀
 ▄ ▄▄▄ 
  ▄ ▄▄▄
▄  ▄▄▄▄▄▄
        ▄▄▄▀▀▀▀▄▄▄
    ▄███▌        ▀▀▄
  ▄▀   ▐█████████▄  ▀▄
 ▄▀  ▄█████████████▄  █
 ▌  █████████████████  █
▐  ████████████████ ▄█
█  █████████████████████▌
▐  ██████████████████ ▀█▌
 ▌ ▐█████████████████▌ ▐▀
 █  ██████████████▀ ▄▀
  █   ███████████▀  ▄▀
   ▀▄▄██ ▀▀▀▀▀▀▀  ▄▄▀
     ▀██▄▄▄▄▄▄▄▄▀▀▀
▄███████████▄
███████    ████████████▄
███████    ███████   ▀██
██████████████████    ██
██    ██████████████████
██    ███████    ███████
█████████████    ███████
███████    █████████████
███████    ███████    ██
██████████████████   ▄██
██        ▀███████████▀
██
██
      ▄█▄         ▄█▄
 ▄██ ███ ███████ ███ ██▄
▐███▄ ▀ ▄███████▄ ▀ ▄███▌
▐█▌▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▐█▌
▐█▌   ▄▄▄▄▄▄▄▄        ▐█▌
▐█▌   ████████        ▐█▌
▐█▌       ███     ▄▄▀▀▀██▄
▐█▌      ███    ██▀      ▀█
▐█▌     ███    ███         █
▐█▌    ███     ███          █
 ██▄           ███▄         █
  ▀█████████████████▄     ▄█
                  ▀▀█████▀▀

████
██
██
██
██
██
██
██
██
██
██
████


.AFFILIATE PROGRAM.
   ...FREE FAUCET........
..CHAT RAIN.............
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1792
Merit: 2051

Use SegWit and enjoy lower fees.


View Profile WWW
September 30, 2019, 06:43:21 PM
 #12

Personally i think storing PGP's public key on IPFS and share it's hash on OP_RETURN on transaction from your known bitcoin address is preferred solution if you insist most process done on Bitcoin network or client.
Bitcoin client (with IPFS and GPG extension) could look for PGP public key based on found IPFS hash from message receiver's bitcoin address before sender enter his/her message and encrypt it with receiver's PGP public key.

P.S. i know it's far from best idea and unpractical.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!