7
Lets say, I'd have a website that shows a large number of Bitcoin public addresses, and wanted to give option for anyone that owns a given address to verify it automatically.
Assuming that one shouldn't trust anyone on the internet based just on their word, how should one go about verifying that a person owns a given address? (methods that can run autonomously, without admin input, are preferred)
That is a cool feature. Is there also the "opposite" (encrypting a message with someone else's public key)? The public key cannot be derived from the bitcoin address, but it is included in the block chain once that address has been used, so such a function could be used to send confidential messages to someone that has sent you (or anyone) bitcoins before. – Thilo – 2011-11-04T06:46:49.503
@Thilo I don't know if that functionality is currently included but if not there is no reason it couldn't be included in future version. Signing a message is simply encrypting a hash of the message with the private key (so it can be decrypted w/ public key and verified). If that can be done encrypting entire message w/ public key (so it can be decrypted w/ private key) is certainly possible. – DeathAndTaxes – 2011-11-04T12:41:18.563
For RSA, it is true that signing equals "encrypting with the private key"; this is, however, not the case for DSA-based algorithms like ECDSA. Except for the wallet encryption added in v0.4.0, bitcoin does not employ encryption anywhere. – Pieter Wuille – 2011-11-08T14:04:08.300