Public Keys as Identities

Loading...

From the course by Princeton University

Bitcoin and Cryptocurrency Technologies

1757 ratings

Princeton University

Bitcoin and Cryptocurrency Technologies

1757 ratings

To really understand what is special about Bitcoin, we need to understand how it works at a technical level. We’ll address the important questions about Bitcoin, such as: How does Bitcoin work? What makes Bitcoin different? How secure are your Bitcoins? How anonymous are Bitcoin users? What determines the price of Bitcoins? Can cryptocurrencies be regulated? What might the future hold? After this course, you’ll know everything you need to be able to separate fact from fiction when reading claims about Bitcoin and other cryptocurrencies. You’ll have the conceptual foundations you need to engineer secure software that interacts with the Bitcoin network. And you’ll be able to integrate ideas from Bitcoin in your own projects. Course Lecturers: Arvind Narayanan, Princeton University

From the lesson

Introduction to Crypto and Cryptocurrencies

Learn about cryptographic building blocks ("primitives") and reason about their security. Work through how these primitives can be used to construct simple cryptocurrencies.

Cryptographic Hash Functions18:42

Hash Pointers and Data Structures8:59

Digital Signatures9:45

Public Keys as Identities5:33

A Simple Cryptocurrency14:04

Meet the Instructors

Arvind Narayanan
Associate Professor
Computer Science

In segment 1.4 we'll move on having covered digital signatures and

talk about a nice trick that we can use that goes along with digital signatures.

And the useful trick is this, the idea is to take a public key, one of those public

verification keys from a digital signature scheme and equate that to an identity.

That is, an identity of a person, or an act, or a system.

So if you see a signature that verifies correctly, that is,

if you see a signature of such that you can verify with someone's public key,

that that is a signature on a particular message.

Then you can think of that as that public key saying the message.

You can literally think of a public key as kind of like an actor or

a party in a system.

And that they can make statements by signing those statements.

And so if you think in that mindset, then this public key is like an identity.

It's an actor who can do stuff in the system.

And if you think about it then, for someone to speak for

a pk, that is for someone to be able to make statements so

that will be seen as coming out of pks mouth.

You have to know the matching secret key, sk.

And so, if you know the secret key that corresponds to the public key,

PK then you can sign messages with that secret key.

And what you're doing essentially is making statements on behalf

of that public key.

And that means that there is an identity in the system

which only you can speak for.

And of course, that's what you want an identity to be, something that one person

can speak for or on behalf of, that everybody can see.

All right, so if we're going to treat public keys as identities one

of the consequences of that is that you can make a new identity whenever you want.

If you wanna make a new identity you just do this you create a new random key pair

sk and pk by doing the generate keys operation in our digital signature scheme

and we get out sk and pk.

pk is then the public name that you can use- that's the name of that identity,

what it's called, although in practice you'd probably use the hash of pk because

public keys are big, but again, we'll leave that aside as a detail.

So pk, or the hash of it, is the public name that we use to talk about

the identity, and sk, the secret key, is the information that lets you,

the person who generated this identity, speak for the identity.

You control the identity because only you know the secret key, and

if you generated this in such a way the the public key pk,

looks random Then nobody needs to know who you are.

You can generate a fresh identity that looks random,

that looks like a face in the crowd that only you can control.

This brings us to the idea of decentralized identity management,

that rather than having a central place that you have to go in order to register

as a user in a system, you don't need to get a user name.

You don't need to inform someone that you're going to be

using a particular name.

If you want a new identity, just make one.

Anybody can make a new identity at any time and you can make as many as you want.

If you prefer to be known by five different names, no problem,

just make five identities.

If you wanna be somewhat anonymous for a while you can make a new identity,

use it just for a little while, then throw it away.

All of these things are possible with decentralized identity management.

And there's no central point of control, so

that you don't have to have anyone who's in charge of it.

The system operates in an entirely decentralized way.

And this is the way Bitcoin in fact does identity.

These identities are called addresses in Bitcoin jargon.

And so you hear the term address used in talking about Bitcoin and

cryptocurrencies.

But what that really is, is just a public key or hash of a public key.

It's an identity that someone made up, out of thin air.

As part of its decentralized identity management scheme.

Now the obvious question that arises when you're talking about decentralized

identity management and people making up these identities, is how private is this?

And the answer is, it's complicated.

On the one hand,

the addresses that made up this way are not connected to you real world identity.

You can execute a randomized algorithm,

it will make some kind of PK that looks kind of random.

And nothing exists initially to connect that to who you are.

You can do that in the privacy of your own home.

So that's good news if you want to be able to act privately.

But the bad news if you want to act privately is that if that address,

if that identity is making a series of statements over time,

if it's engaging in a series of acts over time.

The people can see that whoever this is has done a certain series of actions and

they can start to connect the dots gee this person is acting a lot like Joe,

maybe this person is Joe.

And so, an observer can link together these things over time and

make inferences.

And so, this balance between on the one hand,

there being no initial tie to real world identity, and

on the other hand that a pattern of behavior of an address emerging over time.

And the question of what can be inferred and which dots can be connected.

That gets pretty complicated.

And that's really the question of privacy in a cryptocurrency like Bitcoin and

there's a whole lecture about that later on.

And so I'm not gonna steal the thunder of that lecture.

I just wanna give you an idea of how decentralized identity makes privacy

a complicated question.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.

© 2018 Coursera Inc. All rights reserved.

Download on the App Store

Get it on Google Play