Blockchain & Cryptocurrency #4: Public keys as identities

We are a group composed by some Informatics and Mathematics who like to share their IT, Math and Cryptographic knowledge with people. It is possible to find our complete courses on http://learningspot.altervista.org website. Since we think that Steemit is a great opportunity to share knowledge, we are proposing our most interesting lessons here, too.

==================================================

After covering digital signatures and its properties, we can analyze how to use public keys as identities. So how to take one of the public verification keys from a digital signature scheme and equate that to an identity.

How to see public keys as identities

If you see a signature that verifies correctly with someone's public key, then you can think that it's the public key that's saying the message. If it can make statements by signing them, then this public key is like an identity. You can think of a public key as a kind of actor that can do things in a system. So every message of its owner can be seen as coming out of pk mouth. And to be able to speak as pk is necessary to know the secret key sk.

If you sign a message with sk, what you're doing essentially is making statements on behalf of that public key. And that means that there is an identity in the system, which only you can speak for. Of course, that's what you want an identity to be, something that one person can speak for or on behalf of, that everybody can see.

Change Identity

If we to treat public keys as identities, one of the consequences, is that you can make a new identity whenever you want. To make a new identity it is enough to create a new random key pair sk and pk with the generate keys operation, belonging to digital signature scheme. So pk is the public name that you can use, the name of that identity.

The person who generates an identity is the unique owner of the private key, so is in control of the identity. If the public key is random enough, that looks like a face in the crowd that only the owner can control.

Decentralized identity management

This brings us to the idea of decentralized identity management. Rather than having a central place where to go in order to register as a user in a system, it is not necessary to get a user name. It is not necessary to inform someone that you're going to be using a particular name. If you want a new identity, you just have to make one. Anybody can make a new identity at any time and as many as you want.

The important thing is that there's no central point of control, anyone is in charge of it. The system operates in an entirely decentralized way.

Bitcoin Address

This is the way used by Bitcoin system to manage identities, that, in this case, are called addresses. The Bitcoin address, in fact, is just a public key or hash of a public key. It's an identity that someone made up, out of thin air, as part of its decentralized identity management scheme.

Now the obvious question that arises when you're talking about decentralized identity management, is how private is this? On the one hand, the addresses made up this way are not connected to you real world identity. You can execute a randomized algorithm, it will make some kind of pk that looks random. And nothing exists initially to connect that to who you are.

The bad news is that the identity is making a series of statements over time, it's doing a series of operations over time. People can see that, whoever is making a certain series of actions, they can start to connect the dots. An observer can link together these things over time and make inferences.

So, at the beginning there's no initial tie to real world identity, but on the other hand a pattern of behavior of an address emerges over time.

msbt_0401.png

 
Back to main course page.

Sort:  

Your posts are really interesting! I'm following your lessons one by one. Keep on, I hope to see other interesting content in the near future! @OriginalWorks

The @OriginalWorks bot has determined this post by @rosargia to be original material and upvoted(1.5%) it!

ezgif.com-resize.gif

To call @OriginalWorks, simply reply to any post with @originalworks or !originalworks in your message!