How Can I Have a 1,000 Private Keys But Just One Public Key? … Well, That’s Merkle Magic

It’s strange that once you learn something fundamental, it often sticks. With IPv4 we learn about subnets and IP address classifications, and then we configure our firewall rules to integrate these. And so IPv6 has come along, and we are a bit stuck, as we can fail to scale our existing knowledge and methods into a new area. And the same could be said for our public key methods, and where we create a difficult puzzle to solve, and hope to generate a trap door in the puzzle for those who have a secret.

This leads to a public key and a private key. In most cases we either use RSA or ECC for our public key methods, and where we use our private key to sign a message, and then our public key to prove our identity. But, quantum computers have RSA and ECC in their sights, and we must move away from these, and investigate new methods. One such method is hash-based signing. With this we can have a one time private key, and which is proven by our public key. It is a bit like having a whole lot of cards with random numbers printed on them, and where we reveal each card with our signature on them. No-one can predict which number will appear on the card, as they will always be random.

With a Merkle Trees, we create a tree of hashes and then create a root hash. We start from the…