# CS120 Study Guide

## Unit 3: Cryptographic Signatures

#### 3a. Summarize the security benefits of cryptographic signatures

• Why do Bitcoin transactions include signatures?

A signature provides authentication and nonrepudiation. It is proof that the data came from a specific entity in control of a specific key and that the data has not been altered since that entity signed it. Without this security feature, anyone would be able to alter Bitcoin transactions to send funds to their chosen addresses.

To review, see More on Bitcoin Transactions and What are Cryptographic Primitives?.

#### 3b. Identify the components needed to create and validate a signature

• How are digital signatures created?

To create a digital signature (also called a cryptographic signature), you'll need the data to be signed and the private key used to create the signature. This will create a signature with two numbers commonly referred to as the R and S values. Once created, cryptographic signatures can be validated using the data, the signature, and the public key associated with the private key used to create the signature.

To review, see Exercise: Sign and Validate Data.

#### 3c. Explain how signatures are used in Bitcoin transactions

• What is a SIGHASH?

A signature on a Bitcoin transaction may not be signing all the transaction data. It's possible that a signature only covers a portion of the transaction, or more specifically, a hash of a part of the transaction data. Bitcoin signatures indicate which part of a transaction's data is included in the signature using a SIGHASH flag. The SIGHASH flag is a single byte that is appended to the signature. Every signature has a SIGHASH flag, and the flag can be different from input to input. A transaction with three signed inputs may have three signatures with different SIGHASH flags, each signature signing (committing) different parts of the transaction.

To review, see More on Bitcoin Transactions.

#### 3d. Sign data and validate signatures cryptographically

• What is ECDSA?

ECDSA stands for Elliptic Curve Digital Signature Algorithm. It is the type of digital signature algorithm that Bitcoin currently uses in various script functions such as OP_CHECKSIG, OP_CHECKSIGVERIFY, OP_CHECKMULTISIG, OP_CHECKMULTISIGVERIFY, etc.

To review, see Exercise: Sign and Validate Data and Elliptic Curve Signatures.

#### Unit 3 Vocabulary

This vocabulary list includes terms you will need to know to successfully complete the final exam.

• cryptographic signature
• digital signature
• elliptic curve cryptography