What Is Public Key Cryptography (Pkc)?
Public key cryptography is a way to encrypt and verify data using a two-key system. PKC, as it’s often referred to, is part of the basics of cryptocurrency because it provides the backbone of all cryptocurrency management.
Because it uses two keys, PKC is known as asymmetric cryptography. It involves the use of a public key, which is widely available for anyone to use, and a crypto private key, which is never shared. Data is encrypted by the public key, but it can only be decrypted by the private key.
The complementary use of private and public keys is considered to be one of the most secure encryption methods available, and in fact it has found widespread use beyond the blockchain. For example, it is also used for Secure Sockets Layer and Transport Layer Security (SSL/TLS), which are used for HTTPS sites to provide secure online transactions.
Why is this necessary? When you’re communicating on a public channel - ie, the internet - it’s perfectly possible to find eavesdroppers keen on acquiring your information for malicious purposes. When you use a two-key system, what you’re doing is allowing for one-way information to go through securely, while making it impossible for anyone to reverse the process.
What Is a Private Key?
We’ve established that the purpose behind a private key is to share it with others, but before we go any further into the way that works it’s also good to understand the concept of the private key.
Your private key basically gives you permission to access and manage all your cryptos at a specific blockchain address. Earlier, we likened your public keys to your bank account number. The private key is the PIN code that gives you access to withdraw from that account or to transfer funds.
Third parties can send cryptos to your digital wallet by using the public key you shared with them. However, they can’t help themselves to any of your virtual assets because they’d need the private key for that. And that’s exactly why your private key must always remain secret.
Apart from allowing you to manage different types of cryptocurrencies, you will also use your crypto private key to generate as many public keys as you need to share. Private keys are literally a long alpha-numeric code that is created using complex mathematical formulas, but the base formula can be different for different kinds of crypto. Thus, for instance, a Bitcoin key uses a 256-bit number, while an Ethereum key is based on a 64 hexadecimal system of characters.
Custodial and Non-Custodial Crypto Wallets
There are two types of crypto wallet in this regard - custodial and non-custodial. A custodial crypto wallet like Binance or or Coinbase keeps custody of your private key, whereas a non-custodial one gives you 100% control of your key. If you’d like to learn more about this, head over to our guide to the different types of crypto wallets, where we explain in more detail about how this works and how you manage your cryptos without your private key.
Public and Private Keys - How They Control Your Crypto
Understanding how private and public keys in cryptocurrency work together is essential if you want to make sure your crypto transactions are carried out smoothly. Although we use the phrase ‘owning crypto’, these are virtual assets we’re talking about. Unlike, say, with Dollars, you won’t find an actual, physical manifestation of this ownership.
This begs the question: how does one prove ownership of crypto?
The only tangible proof there is lies precisely within the cryptographic key that forms the basis of your crypto wallet. Your private key is your literal ownership certificate. This applies both if you’re the sole custodian, or if you’re using an exchange that keeps control of your private key. In the latter case, all your transactions will depend on using your public key to generate a unique blockchain address or QR code where your crypto will be sent. And that’s how private and public keys control your crypto.
Why Do Cryptocurrencies Like Bitcoin Use a Two-Key System?
Given that you don’t even always have control of both keys, you may wonder why cryptocurrencies bother to use a two-key system. In reality, even if you’re not the one using your private key, its existence alongside the public key is essential for asymmetric cryptography - which is the most secure type of cryptography - to work. Here’s why:
- Security - Your public key is generated using the private key, but it can’t be used in reverse. A public key crypto hack to generate your private key is too complex to be possible. This means third parties can send you digital assets, but they can never take them away from you without access to the private key. Thus, when stored securely, the private and public crypto key combo is unbeatable in terms of privacy and safety.
- Authenticationy - Crypto transactions are authenticated when both keys are used together. When a transaction is initiated, it is signed using the private key. The corresponding public key can be used by anyone wishing to verify that the transaction was indeed signed by the holder of the private key, confirming the legitimacy of the transaction without revealing the private key.
- Accountabilityy - The two-key system is a non-repudiation mechanism. When a user is sending crypto to someone else, they use their private key to sign the transaction. This is done by hashing the transaction data in such a way that only the private key owner could have done it. It’s considered a unique, secure stamp that is 100% proof the transaction was carried out and cannot be disputed. This is the source of accountability and trust in crypto transactions.
- Decentralizationy - Using the two-key system facilitates the decentralized nature of crypto. Users generate their own cryptographic keys securely and without the need of any centralized authority to oversee the transaction and authenticate it. They make direct transactions in a peer-to-peer (P2P) manner possible.
- Integrityy - Public key cryptography ensures the integrity of transactions on the blockchain. Since all transactions are signed and verified, altered transactions would fail verification checks and be rejected by the network. This system is the foundation upon which all crypto technologies are built.
Public vs Private Keys
| Feature | Public Key | Private Key |
|---|---|---|
| Accessibility | Can be shared publicly | Must be kept secret |
| Function | Used to encrypt data or verify a signature | Used to decrypt data or sign transactions |
| Generation | Derived from the private key | Independent; used to generate the public key |
| How it’s used in crypto transactions | Used by others to verify the owner’s signature | Used by the owner to sign the transaction |
| Risks | Can be freely shared with no risks to the security of your assets. | If it’s leaked, it will compromise access to your assets and their security. |
| Ownership | Does not constitute proof of ownership | Proves ownership and authenticates identity |
| Typical length | Longer, to ensure security | Shorter, but securely stored. |
| Replacement | Can be changed by generating a new public key | If lost or compromised, a new one needs to be generated using the seed phrase. |
What Does It Mean to Digitally Sign a Transaction?
A digital signature is a cryptographic tool that serves the same purpose as a handwritten signature or stamped seal, but with much more inherent security. It offers proof of origin, identity, and status of an electronic document, transaction, or message. The signer uses a private key, which is kept secret, to generate the digital signature, which is then attached to the blockchain transaction.
However, if you’re learning how to invest in Bitcoin or any other crypto, you’re likely going to be moving your virtual assets around reasonably often while trading. Every single transaction, whether you’re sending or receiving crypto, needs to be digitally signed. This has nothing to do with an actual digital signature, such as when you’re signing something electronically. The process is integrated within the two-key cryptography system, and it’s the bedrock of authenticity and integrity for all crypto transactions.
Sign Digitally To Verify Each Transaction
When you digitally sign a transaction, you’re making use of cryptographic techniques to prove that you have authorized the transaction via an inbuilt verification mechanism. It is like giving a transaction your personal seal of approval, but with the added benefit of fortress-like security. The digital signature combines proof of origin and identity in one simple to use system.
To take a practical example, let’s say you want to make a deposit at a Bitcoin casino of your choice. To initiate the transaction you will need to create a digital document which contains all the following information:
- Your wallet address, from where virtual assets will be taken.
- The amount that will be taken.
- The casino’s public address, where the assets will be sent.
The blockchain will not know that the request is legit until the transaction is signed. To sign off, your crypto wallet applies a process called cryptographic hashing to the document, out of which it creates a string of numbers and letters. Using your private key, the wallet then encrypts this hash - this is your unique digital signature that could only have come into being with your consent, using your private key.
Once this signature is created, it is broadcast to the blockchain, where the process of verification starts. This involves examining the digital signature; nodes in the network use the public key linked to the transaction to decrypt and reverse the hashing. If the decrypted hash matches the transaction details, then it’s considered confirmation that the transaction was actually signed by the owner of the private key and not tampered with or altered in any way.
As soon as it’s verified, the casino will use its own private key to gain access to its newly-received crypto and decide what it wants to do with it.
How to Sign a Transaction With Your Public & Private Keys
While the above may sound like a long-winded and complicated process, it really is not. From the user point of view, all it requires are a few simple steps, and the rest of the process is automated on the blockchain.
Here’s what you need to do to sign a transaction using your private and public keys. First off, you need a pair of cryptographic keys: a public key, which everyone can see, and a private key, which you must keep private (we’ll never tire of repeating this last part).
- Create your transaction: You’ll need to specify details such as the amount of cryptocurrency to send and the recipient’s address.
- Sign the transaction: Use your private key to generate a digital signature from the transaction’s data.
- Broadcast the transaction: Send the signed transaction to the cryptocurrency network. Your public key will be used to verify the signature; if it matches, the transaction is confirmed.
Public and Private Keys in Crypto Wallets
We often see questions like: is my wallet address the same as my public key? How do I get hold of my crypto public key? Or even, Why can’t I find my private key?. There are misconceptions about the real meaning of each, but it’s crucial to understand each term properly so as to avoid any misadventures.
What Are Public Keys, Private Keys, Wallets and Wallet Addresses?
Below, we’re going to draw a distinction between the three main terms so as to help you better understand the roles of each:
- Wallet address: This is a user-friendly alphanumeric representation derived from your public key. It is generated by taking the public key and applying cryptographic hash functions to reduce it into a shorter, more manageable string. This is what you share with others to receive crypto.
- Private and public keys: The public key is generated from the private key, while the private key is generated from a random and secure cryptographic process. Both work in tandem to complete digital transactions.
- Wallet: Your crypto wallet is the crypto alternative to online banking. It allows you to access your assets and to manage them. Your wallet contains your wallet address and your public and private keys.
Where Are My Public Keys?
Where to find your public keys depends largely on the type of crypto wallet you’re using:
- Software Wallets The public key is embedded in the interface, and you’ll find it under ‘settings’ for each crypto account, ‘details’, or the ‘receive’ button next to your account balance. This applies to wallets like MetaMask.
- Hardware Wallets Your public keys are stored within the device and can’t be accessed directly to maintain security. However, your wallet interface will display the wallet addresses derived from your public keys. All you need to do is click on ‘receive’ for the relevant crypto account and copy the code there. This applies to wallets like Ledger Nano and Trezor.
- Web-Based Wallets integrated with exchanges - Wallets like Coinbase or Binance won’t show you your public key. Instead, they’ll provide you with a wallet address to receive any cryptocurrencies you wish.
How to Use a Public Key to Receive and Send Bitcoin
This is a very straightforward process both ways, and one that’s already been covered above. But, for those of you looking for a quick step-by-step:
- To send Bitcoin: Paste the wallet/public key sent to you by the recipient into the field marked ‘recipient’ in your wallet. Key in the amount and click ‘send’.
- To receive Bitcoin: Open your wallet and select ‘receive’. Copy the code and send it to the other person. Wait for the Bitcoins to reach your account.
The above processes work for all other cryptos, aside from Bitcoin.
Sources:
https://www.cloudflare.com/en-gb/learning/ssl/how-does-public-key-encryption-work /
https://www.ledger.com/academy/blockchain/what-are-public-keys-and-private-keys