Private keys are used to spend transactions on the bitcoin blockchain. If they are not kept secure, an attacker can spend your bitcoins. It is nearly impossible to guess a private key or to bruteforce a private key (due to lack of computation power). Theft of bitcoin private keys have occured in the past usually by malware. What can be done against this? (scroll to bottom for a scientific paper)
Bitcoin uses a system called the Elliptic Curve Digital Signature Algorithm, also known as ECDSA, to sign a transactions. A bitcoin address is in fact the hash of a ECDSA public key. A public key is generated from a bitcoin private key, a private key usually being a 256-bit random number. Transactions can be signed with a bitcoin private key.
Multisig was proposed as one of the solutions to make the bitcoin system more secure. If you are unfamiliar with Multisig, read about it here. There is another proposal by a group from Princeton: they propose a threshold signature-based system which they argue could dramatically improve bitcoin security. The scheme is said to be compatible with Bitcoin’s ECDSA signatures and can be used for:
- shared control of a wallet
- secure bookkeeping, a Bitcoin-specic form of accountability
- secure delegation of authority
- two-factor security for personal wallets
Essentially it is a modified ECDSA signature generation scheme. The start and end of the algorithm remains the same, making usage of the scheme “invisible” from traditional bitcoin transactions. There is no source code released yet.
Paper link: http://www.cs.princeton.edu/~stevenag/bitcoin_threshold_signatures.pdf