Call 318-807-1700
Digital signature is used in Bitcoin to provide a proof that you own the private key without having to reveal it (so proves that you are authorized to spend the associated funds). The digital signature, additionally, makes sure that a transaction cannot be modified by anyone after signed.
A digital signature is actually created by the elliptic curve digital signature algorithm (ECDSA).
The digital signature scheme consists in two parts: 1) signing, where you use the private key to produce a digital signature and 2) verifying, where the message and the public key can be used to check the digital signature has been really made with the private key associated to that public key.
For practical uses, the most important elements to be aware of are the following:
The digital signature is created using your private key;
the digital signature is an offline procedure: no internet connection is needed, you just need your private key (important for example when creating cold wallets);
the digital signature + the public key are enough for nodes to verify that the private key associated to that public one, has been made such a signature;
the digital signature is normally made using a wallet system. Using an hardware wallet, all the signature process is done internally to the device and the already signed transaction is going out from the device;
the digital signature thus is needed to move funds and interact with the Bitcoin network.
In Bitcoin we have the transaction (like a message) and the private key, which is used as signing key for the message (transaction).
The digital signature can be applied to the whole transaction and so committing all the inputs and outputs (and any other transaction field). Otherwise we can use the digital signature to commit only a subset of the transaction itself.
the SIGHASH is 1 byte that is to be appended to signature and indicates which part of the transaction data is included in the hash signed by private key.
For the above mentioned reasons, in bitcoin, each input can be signed independently. This means that the digital signatures involved need not to belong to the same owners. Same is also for inputs. This makes possible to create particular transactions named coinjoin, in which multiple owners are involved to generate a privacy enhanced transaction scheme.
A cryptographic hash (sometimes called ‘digest’) is a kind of ‘signature’ for a text or a data file. SHA-256 generates an almost-unique 256-bit (32-byte) signature for a text.
A hash is not ‘encryption’ – it cannot be decrypted back to the original text (it is a ‘one-way’ cryptographic function, and is a fixed size for any size of source text). This makes it suitable when it is appropriate to compare ‘hashed’ versions of texts, as opposed to decrypting the text to obtain the original version.
Such applications include hash tables, integrity verification, challenge handshake authentication, digital signatures, etc.
‘challenge handshake authentication’ (or ‘challenge hash authentication’) avoids transmissing passwords in ‘clear’ – a client can send the hash of a password over the internet for validation by a server without risk of the original password being intercepted
anti-tamper – link a hash of a message to the original, and the recipient can re-hash the message and compare it to the supplied hash: if they match, the message is unchanged; this can also be used to confirm no data-loss in transmission
digital signatures are rather more involved, but in essence, you can sign the hash of a document by encrypting it with your private key, producing a digital signature for the document. Anyone else can then check that you authenticated the text by decrypting the signature with your public key to obtain the original hash again, and comparing it with their hash of the text.
SHA-256 is one of the successor hash functions to SHA-1 (collectively referred to as SHA-2), and is one of the strongest hash functions available. SHA-256 is not much more complex to code than SHA-1, and has not yet been compromised in any way. The 256-bit key makes it a good partner-function for AES. It is defined in the NIST (National Institute of Standards and Technology) standard ‘FIPS 180-4’. NIST also provide a number of test vectors to verify correctness of implementation. There is a good description at Wikipedia.