The only theing you need to encrypt a message is its text and a public key. What’s the point?? I can encrypt a message from satoshi’s public key then. What will I achieve? I can get the public key of an address right?
It isn’t the same with signing/verifying that you prove you own the address.
The following content was written by ranochigo on July 09, 2020, 01:29:21 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
ECDSA allows you to encrypt a message such that with a public key, you’ll be able to send it to everyone and only the person that has the correct private key pair would be able to decrypt and read the message. This is useful if you’re sending someone sensitive information and you don’t want anyone to eavesdrop on it while only the correct recipient could decipher the message.
When Electrum asks for the public key, it’s asking for the ECDSA public key and not the public key hash.
It operates similarly to PGP.
The following content was written by BlackHatCoiner on July 09, 2020, 01:39:59 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
Oh… I now got it… Only the person with the public key’s private key can decrypt it. No one else.
I encrypted this to my personal address’ public key: 02ce99b57451cd90aef6bd8028df82bd7fbbfea93b40f4da45d13a4b401ae367f0
So, right now I can only know what’s there
Thanks @ranochigo. Does this way of encryption have a name? Like SHA256 (for hash)
The following content was written by BrewMaster on July 09, 2020, 03:13:17 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
Elliptic Curve Integrated Encryption System or ECIES for short. it is defined in the Standard For Efficient Cryptography 1 section 3.8 and i believe that is the algorithm that Electrum uses too.
here is a wikipedia link: https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme
The following content was written by BlackHatCoiner on July 11, 2020, 11:22:44 AM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
About electrum:
Can I somehow insert the address itself and not the whole public key? It asks me the public key and it is a small procedure to get the public key from an address.
The following content was written by ranochigo on July 11, 2020, 11:51:41 AM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
Can I somehow insert the address itself and not the whole public key? It asks me the public key and it is a small procedure to get the public key from an address.
The main trick that people tend to use is to obtain the public key from a transaction that spends UTXOs from that specific address since the script would reveal its public key.
The following content was written by khaled0111 on July 11, 2020, 04:28:42 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
What do you mean by inserting an address and what for?
If you mean to import it into Electrum then yes, it’s possible. But it will only create a watching-only wallet that can be used to monitor the addresse’s history/activity.
Using a watching-only wallet, you will not be able to sign or encrypt messages if this is what you want to achieve.
The following content was written by BlackHatCoiner on July 11, 2020, 04:40:00 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
If you mean to import it into Electrum then yes, it’s possible. But it will only create a watching-only wallet that can be used to monitor the addresse’s history/activity.
Using a watching-only wallet, you will not be able to sign or encrypt messages if this is what you want to achieve.
No, I mean that one:
Instead of writing the public key, to write the address.
The following content was written by khaled0111 on July 11, 2020, 05:04:26 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
^^ no, it won’t work. As you can see, you need the public key not the address to encrypt a message.
You will have to ask the one you want to send the encrypted message to to give you his public key or do what ranochigo suggested since there is no other way to retrieve a public key from an address.
The following content was written by BlackHatCoiner on July 11, 2020, 05:09:07 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
Right now, the encryption thing goes like that:
1) I ask a guy to give me his public key.
2) I encrypt a message
3) I send him the encrypted message.
Since only if he owns the address, he can decrypt the message, why can’t we simply skip the step 1?
The following content was written by khaled0111 on July 11, 2020, 05:57:03 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
You can’t skip the first step. How are you going to encrypt the message then!
In asymetric encryption, a key pair is needed. a public key known to everyone used to encrypt the message and a corresponding private key known by only the one who generated it and the only one supposed to decrypt the message.
Asymetric encryption solves the main problem with symetric encryption (where one key is used for both encryption and decryption) which is how to safely share the key without being intercepted by a malicious party.
The following content was written by HCP on July 11, 2020, 10:16:41 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
…
Since only if he owns the address, he can decrypt the message, why can’t we simply skip the step 1?
Because, as the others have mentioned, there is simply no way to get the public key from an address… (ignoring that you could go trawling through the blockchain for transactions where that address was used to provide an input, and get the public key from the transaction data).
Private Key -> ONE WAY
You can only go from left to right… you can’t go the other way. If the person you’re attempting to send the message to doesn’t provide the public key, there is no way to encrypt the message so only their private key can decrypt it.
EDITED for the sake of correctness.
The following content was written by mikeywith on July 11, 2020, 11:01:50 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
1) I ask a guy to give me his public key.
2) I encrypt a message
3) I send him the encrypted message.
Since only if he owns the address, he can decrypt the message, why can’t we simply skip the step 1?
For starters, you should forget about bitcoin address, imagine it doesn’t exist, think of it simply as a different representation of a public key, next you need to understand basic Public-key cryptography, the simplest way to look it is by imagining a scenario where you need to send your friend something as a gift, say it’s a gold coin, you are going to send it using a third-party which you don’t trust, that coin is so expensive and you are afraid that somebody will steal it, so you decide to put that coin in money/cash box and send the whole box to your friend, you can simply purchase a new box, send the key and the box together (a terrible idea) or send the lock and the key separately (a bad idea)or a better way would be asking your friend to buy the box and send it to you (unlocked) and of course, he will keep the keys.
So now you put that coin in the box, and then you lock it (notice that you don’t need the key to lock the box, but you need the key to unlock it) and then send it via an untrusted medium.
Your friend gets it and he uses the keys (since it’s his lock and only he has the keys – not even you have the keys) and bingo, the coin arrives safely.
The box = Your friend’s public key ( he can safely share it with others)
They keys = Private keys (He must not share it with others)
The coin = The encrypted message (The transporter knows there is something inside the box, but he doesn’t know what that is)
You can’t skip any part of those three.
Well actually the address is more like hash(hash(hash(private_key))), you need to hash the public key twice first using sha256 and then ripemd160, but you are correct, your friend doesn’t need you to send him the public key nor the address, using his private key he knows what is the public key as well as the address, but YOU need HIS public key to encrypt a message which then he can decrypt using his private key.
The following content was written by BlackHatCoiner on July 12, 2020, 07:12:34 AM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
First of all, a thank you for making this post. It was really nice explanation.
Both public key and address are texts that no one can do something to steal your coins.
Both public key and address begin from the same string (private key)
Both public key and address mean the same thing. (If you have the public key you can make the address)
I just don’t get why we can’t use the address as The Box.
The following content was written by ranochigo on July 12, 2020, 08:24:18 AM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
I just don’t get why we can’t use the address as âThe Boxâ.
For ECDSA signatures to work, they need the public key to be able to validate the signature or to decrypt the message (in the case of ECIES). The addresses are a totally new format that is created by one of the earlier Bitcoin contributors and is not a product of the development of ECDSA.
An address is useless in the encryption of the message since it is not an ECDSA public key. The main point is: You need the public key. Yes, you can derive the address from a public key but you can’t go the other way around. It’s just like you can use flour to bake a cake but you can’t use the cake to make flour; it’s irreversible.
The following content was written by o_e_l_e_o on July 12, 2020, 10:39:51 AM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
The following content was written by mikeywith on July 12, 2020, 03:47:41 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
I just don’t get why we can’t use the address as âThe Boxâ.
Not sure how do I explain this, technically you can actually use bitcoin address to encrypt a message, but only in symmetric encryption fashion, what you need here is asymmetric encryption (Publick Key encryption), bitcoin address is ripemd-160 bit hash of the public key which is 256 bits, so in short, the address and the private key are in a different format and thus the encryption algorithm won’t work on the address, in the box example you would imagine the address as a very small box that can’t handle the coin nor the lock.
So if you now understand that the address in its simplest form can’t be used, you might still ask, well if the address is hash for the public key why can’t we encrypt it? first of all, just because you know the address, and you know it’s the hash of a public key, you simply can’t reconstruct the public key from the address.
also after reading this part again
It isn’t the same with signing/verifying that you prove you own the address.
It seems like you are confusing encryption to a signature, ECDSA is designed for signature and shouldn’t really be used for encryption anyway, there are far better options that were designed for the sole purpose of message encryption.
The following content was written by bob123 on July 12, 2020, 07:59:37 PM in the thread Encrypting messages question. All content is owned by the author of the bitcointalk.org post. (original)
Hashing and encrypting is something completely different.
Hashing is a one-way function. Easy and fast to calculate the hash of an input, but practically impossible to calculate the input out of the hash.
An encryption on the other hand can be reversed by knowing the corresponding key. Since you were referring to asymmetric encryption, the necessary key here is the private key while the public key is used to encrypt the message.
Correct.
Correct.
They do not “mean the same thing”.
On a technical level, addresses don’t exist. They are made for humans.
And yes, the address can be derived from the public key by using the corresponding hash function(s).
Because messages are signed with a private key and verified by the public key.
Messages are encrypting with the public key and encrypted with the private key.
You can not use the address, because you can not get the public key out of the address. Only the other way around (public key -> address via one-way function).
