HN2new | past | comments | ask | show | jobs | submitlogin

You can verify yourself here: https://reinproject.org/bitcoin-signature-tool/

Use the Bitcoin-QT tab, and don't include the "---- BEGIN" and "---- END" comment lines. It checks out.



OK (and thanks)...so how should I interpret this?

As in, how is it possible to decrypt an encrypted signature, and what does that mean for the security of cryptocurrency?


Unless I'm grossly mistaken, it seems Shkreli doesn't understand the basics of cryptography because he's using incorrect terminology here.

The signature isn't encrypted at all, it's just a piece of data (a hash, if you will) that was generated using the private key associated with the wallet in question.

In order to generate the signature, you need to have a message to sign, and a private key. All Shkreli has shown is that the signature he posted is valid for the given message and the wallet (which is in fact an old wallet of Hal Finney’s). I’ve posted elsewhere in this thread about this, but so far I can’t find any evidence that the signature he posted actually appears in the blockchain associated with that January 2009 transaction. Until we have proof of that, the most likely alternative explanation is that the wallet’s key is compromised and someone is signing random messages with it that say whatever they want.


A public key signature works by encrypting the hash with the private key, to verify you decrypt the hash with the pubic key and check it against your own hash of the payload.

Edit: No argument with your second point, just pointing out the mechanism does involve the signature being an encrypted form of a plaintext hash/message digest.


This is indeed how RSA works, and is seen as a weakness of RSA, among other things it can lead to accidental oracles if you use the same key to both sign and decrypt things.

To my knowledge, this is not how ECDSA works. ECDSA is "just" a signature algorithm, e.g. provides integrity and cannot encrypt or decrypt anything - in EC-land you would use a technique like ECDH to arrive at a symmetric key that you then use to do encryption.


Oops, yeah I was thinking of RSA, thanks for the correction.


Thanks for the clarification! I didn’t explain myself well at all, but what I was getting at was that Shkreli claims the sig “decrypts to” the message given, when it does nothing of the sort.


right. it has nothing to do with being published to the blockchain.

for example:

HB2dakxE7SgbuSQX6qQYByHkx3pTG0Tx2ymb8mVd2Bg6E+4Qk7O2/E/BiE9sjcLKp0rF+m3U0YHwI1Yv8Gjvjw0=

public:

1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN

message: hackernews


Thanks, I did what you said and it worked.

I used the Bitcoin-QT tab and filled out the three fields and got a green message at the top of the page that said "Message verified to be from 1Q2TWHE3GMdB6BZKafqwxXtWAWgFt5Jvm3"




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: