Doin' the Math on Security!

Most folks around here in the digital Wild West don’t care too much fer things like maths and science, but they all have some understandin’ that without some real fancy stuff with code and numbers, their funds could go up in smoke in an instant!

Yep, Buckley and the Bearmint gang may not be the inventors of the algorithms Bearmint makes use of, but we sure do know how to use them to their full potential! Now you might ask why we offer different algorithms? Well, variety is the spice of life as they say, and in truth, different algorithms may be better suited to certain use-cases, and since we don’t want to dictate what developers can and can’t do in terms of their applications, we’ve made sure to include some of the best cryptographic algorithms around!

Now we haven’t included every algorithm out there, but you can be sure that the ones we do have get the job done good and proper! Decidin’ on the right one fer you can be difficult, even if you have a fundamental understandin’ of each. Hopefully everythin’ we’ve taken the time to outline here will be of some assistance to you and provide you with some (or all) of the answers you seek!

A Means of Keepin’ Things Safe

The concept of blockchain security encompasses different kinds of security methods and techniques. One of these is public-key cryptography, which the blockchain mostly uses to carry out secure transactions. Public-key cryptography is a security protocol that ensures the safety of data that is exchanged via a transaction in a blockchain network.

It goes without saying that the aspect of security in a point-to-point network like a blockchain is absolutely crucial. This is because nodes do not personally know and trust each other in this kind of network architecture. With this in mind, cryptography in Bearmint consists of 3 major constructs:

  • Key pairs form an integral part of any blockchain in that they allow you to authorize actions without needing a third party to verify them. These keys find their roots in public-key cryptography. Simply put, you can use these keys to transfer cryptocurrency to almost anyone virtually anywhere in the world at any time. The public and private keys constitute what is commonly known as a ‘key pair.’ You may share your public key(s) in order to receive transfers, but it is vital that your private key(s) remain a secret. Anyone with access to a private key will also have access to any cryptocurrency associated with that key.
  • Digital signatures play a fundamental role in blockchains since they serve as a means of authenticating transactions. When a user submits a transaction, they must prove to every node in the system that they have the requisite authority to spend the associated funds while simultaneously preventing other users from spending them. Every node in the network will verify the submitted transaction and analyze the work of all other nodes in order to reach an agreement regarding the correct state.
  • Multisignature (also known as multi-signature, multisig or MuSig) is a digital signature scheme that allows a group of users to sign a blob of data. In most cases, a multisignature algorithm produces a joint (aggregated) signature that is more compact than a collection of distinct signatures from all users. Multisignature bolsters security for cryptocurrency transactions. Multisignature crypto wallets require all those who participated in creating this kind of wallet to reach an agreement before any kind of transaction can occur.

Why Does It Matter? Use the Most Secure!

Well, it isn’t actually all that simple. When choosing a cryptographic algorithm for your project, you’ll need to take a few things into consideration:

  • Are you aiming for interoperability with other networks like Bitcoin or Ethereum?
  • Are you concerned with the size that a public key has because available storage is a constraint for you?
  • Are you concerned about the possibility of offering MuSig to your end-users?

These are just a few of the questions you need to take into account, so it’s not just a popularity contest (though there are certainly contenders that are arguably stronger than others!)

Let’s take a closer look at some of the cryptographic algorithms Bearmint offers out of the box and how they may apply to your specific use-case.

Algorithms

BIP340

BIP340 (commonly referred to as Schnorr) is the latest and greatest cryptographic algorithm for digital signatures, straight out of Bitcoin. Schnorr signatures describes a digital signature scheme developed by Claus Schnorr that uses elliptic-curve cryptography to sign transactions.

BLS12-381

BLS12-381 is a pairing-friendly elliptic curve construction that comes from the BLS family and has an embedding degree 12. Pairing-friendly elliptic curve constructions are (necessarily) less secure than conventional elliptic curves as a result of their small ‘embedding degree.’ BLS12-381 uses an embedding degree of 12 to achieve high pairing performance but employs a 381-bit base field characteristic in order to yield a 255-bit subgroup order (which provides protection against Pollard's rho algorithm) while reaching close to a 128-bit security level (which is a reasonable level).

ECDSA

ECDSA (Elliptic Curve Digital Signature Algorithm) is a cryptographically secure digital signature scheme based on the elliptic-curve cryptography (ECC). ECDSA relies on the math of the cyclic groups of elliptic curves over finite fields as well as the difficulty of the ECDLP problem (elliptic-curve discrete logarithm problem). ECDSA keys and signatures are shorter than those seen in RSA and technically achieve the same level of security. In other words, a 256-bit ECDSA signature possesses the same level of security as a 3072-bit RSA signature.

Ed25519

EdDSA (Edwards-curve Digital Signature Algorithm) is a modern and secure digital signature algorithm derived from performance-optimized elliptic curves (for example, the 255-bit curve Curve25519 and the 448-bit curve Curve448-Goldilocks). The EdDSA signatures employ the Edwards form of the elliptic curves, namely edwards25519 and edwards448, in order to enhance overall performance. The EdDSA algorithm is derived from the Schnorr signature algorithm and relies on the difficulty of the ECDLP problem.

Sr25519

Sr25519 is based on the same underlying Curve25519 as its EdDSA counterpart, namely Ed25519. However, it makes use of Schnorr signatures instead of the EdDSA scheme. Schnorr signatures bring some noticeable benefits over the ECDSA/EdDSA schemes. For one, it is more efficient and still retains the same feature set and security assumptions. Moreover, it allows for native multisignature through signature aggregation.

So Which One Should I Use Then, Partner?

Well that depends entirely on your use-case amigo! That said, if you want a jack of all trades, you can’t go wrong with BIP340 because it comes with the advantages of fixed signature sizes, high levels of security and the ability to enable MuSig implementations.

However, if you need to verify large sets of signatures or aggregated signatures, then you’re probably better off with something like BLS12-381. Whatever you end up choosing, we can promise that ol’ Buckley will do everything in his power to ensure that anythin’ yer tryin’ to protect is kept secure and safe from harm!

In future posts we’ll go into some more details on how you can implement your own cryptographic algorithm(s), so keep yer eyes peeled if you’d like to find out more about this!