As in, how is it possible to decrypt an encrypted signature, and what does that mean for the security of cryptocurrency?
The signature isn't encrypted at all, it's just a piece of data (a hash, if you will) that was generated using the private key associated with the wallet in question.
In order to generate the signature, you need to have a message to sign, and a private key. All Shkreli has shown is that the signature he posted is valid for the given message and the wallet (which is in fact an old wallet of Hal Finney’s). I’ve posted elsewhere in this thread about this, but so far I can’t find any evidence that the signature he posted actually appears in the blockchain associated with that January 2009 transaction. Until we have proof of that, the most likely alternative explanation is that the wallet’s key is compromised and someone is signing random messages with it that say whatever they want.
Edit: No argument with your second point, just pointing out the mechanism does involve the signature being an encrypted form of a plaintext hash/message digest.
To my knowledge, this is not how ECDSA works. ECDSA is "just" a signature algorithm, e.g. provides integrity and cannot encrypt or decrypt anything - in EC-land you would use a technique like ECDH to arrive at a symmetric key that you then use to do encryption.
for example:
HB2dakxE7SgbuSQX6qQYByHkx3pTG0Tx2ymb8mVd2Bg6E+4Qk7O2/E/BiE9sjcLKp0rF+m3U0YHwI1Yv8Gjvjw0=
public:
1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN
message: hackernews
