Bitcoin is no stranger to anyone. The reason why many people believe in its value is because everyone thinks that it is more reasonable to endorse it by mathematical algorithms than by the government. As for the technology behind Bitcoin, in fact, most people don’t understand it. With the mathematical foundation we learned before, we can talk about Bitcoin or, more broadly, the mathematical foundation of blockchain.

Why is the nature of encryption a mathematical asymmetry?

Mathematically, the reason why all cryptocurrencies can be circulated and not cracked is because of the asymmetric beauty in mathematics. People usually like symmetry, hate asymmetry, and feel that the latter is imperfect. When it comes to obtaining information, everyone wants transparency, because opacity and hiding are always unsettling. However, asymmetry sometimes has its own beauty , such as the golden section is asymmetric.

As far as information security is concerned, complete transparency and complete symmetry will bring many security risks. When we are the owner of the information, we don’t really want others to get our information, especially private information, but often we have to share access to many information for convenience so that the other party can verify the authenticity and know us. It helps identify who we are ,or let the other party make some analysis/ statistics to provide us with better services. In the past, we did not share information, and many things could not be achieved. For example, when you applied for a loan from a bank, you almost shared all personal and financial information to the bank.

In a completely open information society, it is almost impossible to completely protect information security. We have said this many times. If you want to protect private information, especially privacy, you must have an asymmetric mechanism, so that others can use the information without owning it under certain authorization, and you can let them verify the information without granting ownership to the information.

The significance of Bitcoin is that it confirms that we can protect information from being leaked through encryption and authorization, and that some authorized people can still use the information.

Bitcoin does this because the encryption key and the decryption key are not the same. The key used for encryption is the so-called private key, which is only owned by the owner of Bitcoin, and the decryptor uses the public key generated by the private key, which can be given to anyone.

The asymmetry of this encryption lies in the fact that in a limited computation time, the private key cannot be deduced from the public key. Therefore, you can think that the person holding the private key can see all the information, while the person holding the public key can only see part of the information or only verify the authenticity of the information. In order to further understand this asymmetric characteristic, we may wish to look at a specific example.

If we want to sell a house, we must first prove that the house belongs to us and is eligible for sale. In the past, we had to let the buyer see the real estate certificate, and the relevant department or notary agency had to prove that the real estate certificate was genuine. This way you come and go many times, and the buyers will know a lot of information about you, and they can even forge a deed exactly like yours.

In the future, the digital real estate certificate can be stored on the blockchain. As a homeowner, the blockchain algorithm will give us a private key, and all the information is in your hands. Then the corresponding public key can be generated to the buyer to verify the ownership of our homeowner, which is enough, the buyer does not need to know other information about us.

This process of verifying the real estate certificate using the blockchain protocol can be illustrated with a picture:

Of course, it should be noted that the purchaser verified the authenticity of the deed after using the public key. If he buys the house, the deed will be transferred to his name and the private key of the original homeowner will be invalidated, and then the new homeowner can have the new private key, and this process will be recorded in the blockchain’s ledger.

Next, let’s see how this is done mathematically. Let’s use the Bitcoin protocol as an example. It uses a method called elliptic curve encryption. Compared with the currently popular RSA encryption algorithm, the elliptic curve encryption method can achieve a comparable or better encryption effect with a shorter key.

So, what is elliptic curve encryption? We will start with elliptic curves and their properties.

An elliptic curve has nothing to do with an ellipse. It is a set of curves with the following properties:

*y*² = x³ + ax + bThe shape of this type of curve is shown below:

The principle of elliptic curve encryption

The characteristic of this curve is that it is symmetrical up and down, very smooth, and has many good properties, especially drawing a straight line from any point on the curve (point A in the figure). It has at most three intersections with the curve itself (including the point) itself).

So what does such a curve have to do with encryption? We use the following figure to illustrate.

Process of point multiplication on elliptic curve

In the figure, we start from point A, draw a line through point B, and finally intersect the curve at point C. Using this property, we define an operation called dot multiplication “·”, we use

A · B = C

To represent the relationship between these three points, which means: connecting from point A to point B, and intersecting the curve at point C. Since the elliptic curve is symmetrical with respect to the x-axis, we make C a symmetry point D about the x-axis. Let D be a new point, and then connect a line with point A. Then, we have another intersection point E with the elliptic curve.

A · D = E

We can then repeat this process continuously. Suppose we have finally performed K times of point multiplication and stopped at point Z.

Note: In this process, there are four points that need to be explained:

First of all, the operation of dot multiplication satisfies the laws of commutation and combination, so which step is counted first, and which step is counted afterwards. We do not prove this property.

Secondly, it is possible that after such a point multiplication calculation several times, the x value of an intersection point, that is, the abscissa is very large. In order to prevent the calculation results from diverging after continuous iteration, we set a boundary on a place on the right with a large abscissa Max (maximum value), after exceeding Max, let the straight line reflect back.

Secondly, although the curve in the figure is continuous and the value of each point is a real number, when we really use it, we discretize it by some transformation, so all points are integer values.

In the end, some people may worry that after this calculation, they will return to a certain point. Don’t worry about this, this operation is a bit like multiplying two huge prime numbers and then dividing a prime number to take the remainder (also known as modulo operation, Mod), as long as the algorithm is well designed, and it repeats at a certain point. The probability is almost zero.

If we think of the point multiplication in the above curve operation as a multiplication of numbers, after K times of point multiplication, it is equivalent to the power of K, and then given the starting point A and the ending point Z, K is actually equivalent to A is the logarithm of the base Z. Therefore, this calculation process is called discrete logarithm calculation of elliptic curve. Then why should I tell you this process of calculations over and over again?

The calculation of the elliptic curve I mentioned above has a characteristic. If I tell you that it starts with A, then passes from B to C, then to D, to E, etc. After taking a total of K steps, you can calculate that it finally stopped at Z The process is intuitive and simple. However, if I tell you that the starting point is A and the ending point is Z, if you want to guess how many steps I have completed to complete the above process, it is almost impossible, or the amount of calculation is huge. This asymmetry makes it very easy to verify the results, but it is more difficult to crack the password.

Specifically, the encryption protocol used by Bitcoin is a standard called SECP256K1, which uses the following very simple elliptic curve:

*y*² = x³ + 7Using the very simple curve in the form above, we have completed encryption that looks very complicated from the outside.

There are many encryption methods for elliptic curves. Although their algorithms and key lengths are different, their principles are similar. The US National Standards and Research Institute has stipulated that the minimum key length for this type of algorithm is 160 bits, and there are 192 bits, 224 bits, and so on. They are much shorter than the shortest 1024 bits required by RSA, which is the advantage of elliptic curve encryption.

So is such a short key safe? In fact, in 2003, a research team spent 10,000 PCs a year and a half to crack a shorter 109-bit key. However, the decryption time increases exponentially with the length of the key. Cracking a 160-bit key requires about 100 million times the calculation amount, and it is even more difficult to crack a 192-bit or 224-bit key. Therefore, it is difficult to decode the information encrypted by elliptic curves unless the speed of the computer is increased by a million times.

Of course, Google has made a breakthrough in quantum computing in 2019. In certain calculations, calculations that previously took tens of thousands of years to complete can be completed in an instant. Therefore, many people are worried about whether the encryption of the blockchain is still safe. It should be said that if Google’s technology can really get out of the laboratory and can be used for more calculations, not just specific calculations, the current blockchain encryption algorithm needs to be modified.

However, the idea of elliptic curve encryption is still secure, because encryption (and the difficulty of verifying passwords) and decryption are always asymmetric. Even if the computing power of a computer has been increased by a trillion times, a more complex encryption can be used, such as quantum computing. To no avail. In short, as long as this asymmetry of mathematics exists, encryption is secure.