Thanks to my new job, the rate of Stubborn Mule posts has declined somewhat over the last few weeks (to say nothing of Mule Bites podcasts!). Still, my commute has allowed me to catch up on my podcast listening and a particularly interesting one was the recent Security Now episode about the “virtual currency” Bitcoin. Here is how Bitcoin is described on their website:
Bitcoin is a peer-to-peer digital currency. Peer-to-peer (P2P) means that there is no central authority to issue new money or keep track of transactions. Instead, these tasks are managed collectively by the nodes of the network.
Given that e-commerce is already widespread on the internet, what exactly is new about this idea of a virtual currency? The key to this question is understanding the difference between money in the form of “currency” (notes and coins) and money in the form of balances in your bank account. Currency is essentially anonymous. If I hand you a $10 note, we don’t need anyone to facilitate the transaction and you can take that $10 and spend it with no further reference to me or anyone other else. To move $10 from my bank account to yours is quite different. Before we could even start, we both had to provide extensive identification to our respective banks to open bank accounts. Then, you would have to provide me with enough account information for me to instruct my bank to transfer money from my account to yours. Both banks would retain records of the transfer for a long period of time and, if the transaction was rather bigger than $10, the chances are that there may even be requirements for our banks to notify a government agency in case we were engaged in money laundering. Even if I paid you using a credit card, the information exchange would be much the same.
The Bitcoin virtual currency aims to mimic some of the essential characteristics of currency while allowing transactions to be conducted online. To do so, it makes very creative use of a powerful encryption technology known as “public key cryptography”.
Public key encryption involves encrypting data in a rather unusual way: one key is used to encode the data and a different key is used to decode the data. This is in contrast to “symmetric key encryption” in which the same key is used for both encoding and decoding data. To appreciate the difference, consider a less electronic scenario. I want to exchange messages with you using a locked box and ensure no-one else can open it. If we already have identical keys to the one padlock there is no problem. I simply pop my message in the box, pop on the padlock and post it to you. When you receive the box, you can use your key to open the box, read the message, reply and pop the same padlock on the box before sending it back. But what do we do if we don’t both have keys to the one padlock? There is a tricky solution. I put the message in the box, secure it with my padlock and send it to you. Once you get it, although you cannot open my lock, you add your own padlock to the box and return it to me. Once I get it back, I unlock my own lock and send the box back. You can then open your lock and read my message. While in transit, no-one can open the box. It’s certainly an elaborate protocol and, of course, I’m ignoring crowbars and the like, but it gives a rough analogy* for how public key encryption works.
When it comes to data encryption, both users will create a “key pair”. One key they keep to themselves (this is known as the “private key”) and one key they can share with the world (the “public key”). I can then let you (and indeed the whole world) know what my public key is. When I want to send you a message, I encrypt it using your public key and send it to you. The only way to decode it is using your private key, which only you have. Even though everyone can find out what your public key is, only you can decode the message. When you want to send a message back to me, you encode it using my public key. So, anyone who knows my public key can send me a message for my eyes only. As a side benefit, public key encryption can also provide authentication. If you send me a message encrypted using my public key, I would ideally like to confirm that it really came from you not someone else (after all, everyone knows my public key). To deal with this, you can also send a copy of the same message encoded using your private key. Once I have decoded your message with my private key, I can also decode the second message using your public key. If the two messages are the same, I know that whoever sent me the encoded message also had access to your private key, so I can be reasonably sure it was you. In practice, authentication works a little bit differently to this, using a “hash” of the original message (otherwise anyone could decode the secret message using your public key). This authentication process is known as “digital signing”.
All of that may seem like a bit of a diversion, but public key cryptography is at the heart of the Bitcoin idea. Essentially, a Bitcoin is a blob of data and if I want to give you one of my Bitcoins, I add your public key to the blob and then sign it using my private key. This means that anyone who has access to my public key (i.e. the whole world) can confirm that I intended to pass the coin onto you. As a result, Bitcoins have their entire transaction history embedded in them! To decide who “owns” a Bitcoin, we just need to look at the last public key in the transaction chain. Whoever owns that key, owns the Bitcoin.
“How is that anonymous?” I hear you ask. Since “keys” are just strings of data themselves, there is no reason you have to advertise the fact that, say “6ab54765f65″ is your public key. While the whole world can see that the owner of “6ab54765f65″ owns a number of Bitcoins, that does not mean that anyone has to know your secret identity.
The other important feature of Bitcoins is that there is no centralised coordinator of the Bitcoin records. There is no bank keeping the records. The Bitcoin algorithm is public and information about Bitcoin transaction histories is shared across a peer-to-peer network which allows anyone to independently verify Bitcoin transactions.
It’s a fascinating idea and I don’t know if it will take off. It is only in beta, but there are a number of websites that have begun accepting Bitcoins for payment, as well as sites which will trade Bitcoins for “real” money. I will be watching with interest.
* It really is quite rough, only showing that a secure exchange without key exchanges is possible. Other features, such as authentication and the key asymmetry (either key can lock and then the other key unlocks) are not captured.