How to understand… public-key cryptography

Getting Started

Cryptocurrencies and other blockchain-based applications depend on a number of technologies to work effectively, but one is especially critical for security and validation: public-key cryptography.

The word “cryptography” comes from the ancient Greek roots kryptós (“hidden” or “secret”) and graphein (“to write”). Before the computer age, cryptography generally referred to the process of encoding a message into some form of writing that would be unintelligible to anyone without the key for deciphering the code. Today, however, the term describes the use of numeric algorithms to “lock” and “unlock” digital messages to protect the contents from being read by anyone but the intended recipient.

One such system, called symmetric cryptography, uses a single cryptographic key for sending messages. That key, a string of bits, is used by an algorithm to encode and decode text. When two people communicate using such a system, they both share the same key and need to be sure to keep that key safe from others.

One disadvantage of symmetric cryptography is that it’s hard for users who might be far away from each other to share a cryptographic key without the possibility that others on the network – a “man in the middle” – might also see that key. To solve that problem, it’s better to use another system: asymmetric cryptography, also known as public-key cryptography.

Rather than using one cryptographic key, public-key cryptography uses two: a public key and a private key. Someone who generates a key pair can share the public key freely with anyone and only needs to protect the private key. Others can then use the public key to encrypt messages to the person with the key pair, but only that person can decrypt them.

It should be fairly clear how such a system applies to cryptocurrencies: anyone can use another person’s cryptocurrency public key for transactions – for example, to send a payment to someone or transfer funds to a friend – but only the person with the private key can actually withdraw or spend those funds.

Public-key cryptography also enables blockchain users to verify their identities. How? When users generate a message with their private key, others can use the sender’s public key to verify that person’s identity, as no one but the owner of the private key could have created that message. This is called a digital signature.

According to the Blockchain Council, “Public-key cryptography is an essential part of Bitcoin’s protocol and is used in several places to ensure the integrity of messages created in the protocol. Wallet creation and signing of transactions, which are the core components of any currency, rely heavily on public-key cryptography. Bitcoin’s protocol uses what’s called the Elliptic Curve Digital Signature Algorithm (ECDSA) to create a new set of private key and corresponding public key. The public key is then used with a hash function to create the public address that Bitcoin users use to send and receive funds. The private key is kept secret and is used to sign a digital transaction to make sure the origin of the transaction is legitimate.”

In this post on Medium, software engineer Demiro Massessi describes how it all comes together:

“If I decide I’m going to pay you three bitcoins and I’m going to do it out of my hardware wallet or any software wallet like Metamask, any kind of digital currency like Bitcoin, the only thing that’s kept on your wallet device is your private key and it never leaves.

“That means if I want to send you some money, all I’m doing is accessing the private key on this device to sign a message that gets transmitted to the blockchain, that says I’m paying you some Bitcoin or some Ether or some Litecoin, and my public key is used to verify that that message actually did come from the wallet that says it did.

“If I happen to lose it, I haven’t lost the money that’s in it, because there’s no money ever in it.

“All that money is just a record on the blockchain, and, as long as I can recover that private key somehow, I can just get a new device, start using my private key again and keep right on trading.”

The most important thing to remember during blockchain and cryptocurrency transactions is that, while public-key cryptography is based on two keys that are linked, only the public key should ever be shared with others. The private key should always be yours and yours alone.

RegisterJoin the new era of cryptocurrency exchangeSign inAccess the cryptocurrency experience you deserve