Why do we need public key?

Public-key cryptography, or asymmetric cryptography, is an encryption scheme that uses two mathematically related, but not identical, keys - a public key and a private key. Unlike symmetric key algorithms that rely on one key to both encrypt and decrypt, each key performs a unique function. The public key is used to encrypt and the private key is used to decrypt.

It is computationally infeasible to compute the private key based on the public key. Because of this, public keys can be freely shared, allowing users an easy and convenient method for encrypting content and verifying digital signatures, and private keys can be kept secret, ensuring only the owners of the private keys can decrypt content and create digital signatures.

Since public keys need to be shared but are too big to be easily remembered, they are stored on digital certificates for secure transport and sharing. Since private keys are not shared, they are simply stored in the software or operating system you use, or on hardware (e.g., USB token, hardware security module) containing drivers that allow it to be used with your software or operating system.

Digital certificates are issued by entities known as Certificate Authorities (CAs). For more information on CAs, please see our related article - What are Certificate Authorities?.

Business Applications

The main business applications for public-key cryptography are:

• Digital signatures - content is digitally signed with an individual’s private key and is verified by the individual’s public key
• Encryption - content is encrypted using an individual’s public key and can only be decrypted with the individual’s private key

Security Benefits of Digital Signatures

Assuming the private key has remained secret and the individual it was issued to is the only person with access to it, digitally signing documents and emails offers the following benefits.

• Authentication – since the individual’s unique private key was used to apply the signature, recipients can be confident that the individual was the one to actually apply the signature
• Non-repudiation – since the individual is the only one with access to the private key used to apply the signature, he/she cannot later claim that it wasn’t him/her who applied the signature
• Integrity - when the signature is verified, it checks that the contents of the document or message match what was in there when the signature was applied. Even the slightest change to the original document would cause this check to fail.

Security Benefits of Encryption

Assuming the individual’s private key has not been compromised, encrypting data and messages offers the following security benefits.

• Confidentiality - because the content is encrypted with an individual’s public key, it can only be decrypted with the individual’s private key, ensuring only the intended recipient can decrypt and view the contents/li>
• Integrity - part of the decryption process involves verifying that the contents of the original encrypted message and the new decrypted match, so even the slightest change to the original content would cause the decryption process to fail

Updated June 28, 2022 • 3 min read

Summary

Public and private keys are an integral part of Bitcoin and other cryptocurrencies. They allow you to send and receive cryptocurrency without requiring a third party to verify the transactions. These keys are a part of the public-key cryptography (PKC) framework. You can use these keys to send your cryptocurrency to anyone, anywhere, at any time. The public and private keys fit together as a key pair. You may share your public keys in order to receive transactions, but your private keys must be kept secret. If anyone has access to the private keys, they will also have access to any cryptocurrency associated with those keys.

1. What Is Public-Key Cryptography?

2. What Is a Public Key?

3. What Is a Private Key?

4. What Does It Mean to “Digitally Sign” a Transaction?

5. Where Are My “Private Keys?”

6. Public and Private Keys Control Your Crypto

1. What Is Public-Key Cryptography?

Public-key cryptography (PKC) is a technology often used to validate the authenticity of data using asymmetric encryption. PKC was first used primarily to encrypt and decrypt messages in traditional computing. Cryptocurrencies now use this technology to encrypt and decrypt transactions. Without PKC, the technology underpinning cryptocurrencies would be practically impossible.

The key to PKC is “trapdoor functions,” one-way mathematical functions that are easy to solve in one way, but nearly impossible to crack in the reverse. While it might be possible, it would likely take a supercomputer — and thousands of years — to reverse engineer these functions.

2. What Is a Public Key?

A public key allows you to receive cryptocurrency transactions. It’s a cryptographic code that’s paired to a private key. While anyone can send transactions to the public key, you need the private key to “unlock” them and prove that you are the owner of the cryptocurrency received in the transaction. The public key that can receive transactions is usually an address, which is simply a shortened form of your public key.

Therefore, you can freely share your public key without worry. You may have seen donation pages for content-creators or charities with the public keys for their crypto addresses online. While anyone can donate, you’d need the private key to unlock and access the donated funds.

3. What Is a Private Key?

Here is one crucial piece of advice to remember: Never share your private key with anyone. A private key gives you the ability to prove ownership or spend the funds associated with your public address. A private key can take many forms:

• 256 character long binary code

• 64 digit hexadecimal code

• QR code

• Mnemonic phrase

Regardless of its form, a private key is an astronomically large number, and it’s large for a good reason. While you can generate a public key with a private key, doing the opposite is practically impossible because of the one-way “trapdoor” function. You can have any number of public keys connected to a private key.

4. What Does It Mean to “Digitally Sign” a Transaction?

For a transaction on the blockchain to be complete, it needs to be signed. The steps for someone to send you a transaction are:

1. A transaction is encrypted using a public key. The transaction can only be decrypted by the accompanying private key.  

2. Next, the transaction is signed using the private key, which proves that the transaction hasn’t been modified. The digital signature is generated through combining the private key with the data being sent in the transaction. 

3. Finally, the transaction can be verified as authentic using the accompanying public key.

You digitally sign a transaction to prove you’re the owner of the funds. Nodes check and authenticate transactions automatically. Any unauthenticated transactions get rejected by the network. An authentic, mined transaction on the blockchain is irreversible.

5. Where Are My “Private Keys?”

Your private keys are in a cryptocurrency wallet, which is typically mobile or desktop software or a specialized hardware device. Your private keys are not on the cryptocurrency blockchain network. If you keep cryptocurrency on an exchange, then the exchange is the custodian of your private keys; you’re trusting it with your keys in the same way you’d trust a bank’s vault to hold your gold.

If you transfer your cryptocurrency from an exchange to a non-custodial wallet, then you are in control of your keys. Because of the configuration and functionality of cryptocurrency wallets, you’ll likely never handle the private keys directly as wallets generally manage them for you automatically. Typically, you’re given a seed phrase that encodes your private keys as a back-up.

6. Public and Private Keys Control Your Crypto

How public and private keys work together is fundamental to understanding how cryptocurrency transactions function. When you say you have cryptocurrency, what you’re really saying is you have a private key that proves ownership of that cryptocurrency. Since it’s stored on the blockchain, anyone can verify you as the owner with your public key.

The choice of “holding your own keys” or trusting a custodian depends on your philosophy, risk-tolerance, and a host of other factors. If you hold your own private keys, consider modern HD wallets, which can do a great job of managing your private keys, and remember to never share them. If you choose a custodial solution like an exchange, make sure you choose a trusted, reputable company that places a high emphasis on security and regulation.

Cryptopedia does not guarantee the reliability of the Site content and shall not be held liable for any errors, omissions, or inaccuracies. The opinions and views expressed in any Cryptopedia article are solely those of the author(s) and do not reflect the opinions of Gemini or its management. The information provided on the Site is for informational purposes only, and it does not constitute an endorsement of any of the products and services discussed or investment, financial, or trading advice. A qualified professional should be consulted prior to making financial decisions. Please visit our Cryptopedia Site Policy to learn more.

Is this article helpful?

Yes

No

Topics in article

You might also like