What is key derivation and why would we need it?
Public Key Cryptography refresh
It is assumed that the reader is somehow familiar with Asymmetric Key Cryptography: that is, the body of knowledge that deals with encryption algorithms that use pairs of values (called asymmetric keys) to encrypt and decrypt content. For a refresh on the subject, please check [i]
In any case, let us start with a quick reminder: Bitcoin and its blockchain has got is technical foundations rooted – amongst other mathematical principles and techniques – in cryptography, the art of hiding information from unauthorized disclosure using mathematical algorithms and small pieces of information that we call keys. The combination of the algorithm and the key is what protects the confidential data by making it unusable in its transformed form, by encrypting it.
More specifically, in asymmetric key cryptography we work with pairs of two different keys that are related to each other and that work together. Keys are generated in pairs and are specific to each other. What one key does encrypt using one algorithm, only the other key is able to decrypt using the same algorithm. And vice versa. Then we proceed to keep one of the keys secret – we call it the private key – while the other we make it available publicly – the public key -.
After this quick refresh, what usage do we give in bitcoin to asymmetric cryptography? In Bitcoin world, we use our public key to receive bitcoins. They are – sort of – the destination address where the bitcoins are sent. We use our private key to prove that we are the owners of the public key were the bitcoins were sent.
Our bitcoin wallets contain the most important piece of information when it comes to our cryptocurrency: the private keys that can unlock the UTXOs that were encumbered to the corresponding public keys and public key hashes. In other (maybe simpler) words, when we receive bitcoins, a transaction gets recorded on the blockchain indicating that these bitcoins were assigned to our public key. Only our corresponding private key can unblock these bitcoins and have them sent to a different public key (for example, when we sell them, or when we exchange them for some other good) by generating a new transaction where:
- We need to prove that we are the “owners” of the public key where the bitcoins were assigned
- We assign these bitcoins to a new owner (to a new public key)
In a few words, our private keys are the proof of ownership of our bitcoins, and only through them we can transfer them. Or as we say at privatekeys.org “Your (private) keys, then your bitcoins. Not your (private) keys, then I’m sorry pal, but not your bitcoins”.
Estamos acostumbrados a manejarnos con el dinero pero realmente no entendemos por qué tiene valor. Generalmente se acepta que tiene valor porque está respaldado por un estado (o conjunto de estados, como el caso del euro). Hubo un tiempo en el que el papel moneda estaba respaldado por un depósito de oro. El emisor de la divisa garantizaba que podía dar al poseedor de sus billetes la cantidad de oro consignada en ellos. Era el llamado Patrón Oro.
Pero hace muchas décadas que esto ya no es así. Muchos estados terminaron con el patrón oro después de la primera guerra mundial, cuando los gobiernos beligerantes necesitaron imprimir mucho dinero para financiar el esfuerzo de la guerra. En los acuerdos de Bretton Woods (1944) se adoptó el dólar estadounidense como moneda internacional bajo la condición de que la Reserva Federal sostuviera el patrón oro. Pero esto terminó en 1971 definitivamente. Desde 1971, nadie tiene la obligación de dar por un dólar más que un dólar. Y lo mismo ocurre con el euro y el resto de monedas emitidas por un estado.
Entonces… ¿por qué tienen valor el euro o el dólar? ¿Quién “respalda” su valor?
First of all, for those not in the know, let us remember that GDPR is an acronym for General Data Protection Regulation, and that the word “Regulation” here means something very specific in EU legislation. A European Union (EU) Regulation “is legal act of the EU that becomes immediately enforceable as law in all member states simultaneously”[i]. As opposed to a EU Directive, that needs to be transposed into specific legislation into each of the Union members, a European Union Regulation does not require any translation into the legislation of the member states. It applies to them (and its citizens and the companies that operate on the Union) as soon as it becomes into force, and in fact it overrides all national laws dealing with the same subject matter. Member States may incorporate elements of the Regulation into their national law. They may also expand the scope of the Regulation by clarifying aspects not covered in it. In fact, we do usually see state members to pass legislation in that sense. But the Member states cannot legislate to limit the scope or in contradiction with the Regulation.
Privatekeys.org nace con el objetivo de crear contenido en español e inglés que ayude a la difusión de las criptomonedas y el movimiento de descentralización, privacidad y libertad que esta tecnología hace factible.