Public key cryptography is a method of encrypting and decrypting information using two mathematically interlinked keys. Even though linked, these keys are different where one, known as the “public key”, is accessible to everyone. And, the other, known as the “private key”, is strictly limited to its owner. Sending and receiving transactions across the blockchain is based on this set of cryptographic keys.
What Is A Cryptographic Key?
A cryptographic key is a randomly generated sequence of bits used by a cryptographic algorithm to transform plain text into cipher text (encryption), and vice versa (decryption). This key is the core of cryptographic operations.
There are two types of data encryption: symmetric and asymmetric.
Symmetric Encryption: Private Key Cryptography
Symmetric encryption, or private key cryptography, requires one key only. The same key is used to encrypt and decrypt data. This key is called “secret key” or “private key”.
- Person A uses a secret key to encrypt a document.
- Person A sends the encrypted document to Person B.
- Person B uses the same secret key to decrypt the document.
Symmetric Encryption Disadvantage
This method is fast and efficient. However, it has a major disadvantage: key management. Since the same key is used for encoding and decoding, one can’t use the same key with everyone.
- Person A wants to send Person C a document.
- Person A can’t use the same key used with Person B. In that case, Person B would be able to access the document sent to Person C.
- So, Person A has to send a different key to Person C.
There has to be a different key when dealing with different people. Key management would be a hassle. Therefore, asymmetric encryption, or public key cryptography, was presented.
Asymmetric Encryption: Public Key Cryptography
Asymmetric encryption requires one pair of related cryptographic keys: a public key and a private key. This asymmetric encryption is what’s also called public key cryptography.
A public key is used to encrypt data. And, a private key is used to decrypt data.
So, instead of one secret key, there are two related keys. How are they ‘related’? They’re algorithmically generated in a way that they are mathematically linked.
How Is The Key Pair Generated?
The public key is generated from the private key. It can be generated based on various algorithms. The most used one in public key cryptography is the RSA (Rivest-Shamir-Adleman) algorithm.
This algorithm, in short, uses two very large prime numbers to generate a public and private key pair. Basically, a public key is a product of the 2 prime numbers of the private key.
RSA Encryption of Private and Public Keys
Let’s get technical for a second. How does the RSA algorithm actually generate private and public keys? These are the following steps of RSA encryption.
It starts by picking two large prime numbers: p and q. Then defining the value n:
n = p q
Then, it generates a private key d and a public key e in a way that they’re linked based on the following mathematical formula:
d e = 1 (mod φ(n))
Where:
(e, φ(n)) = 1
Now we have a key pair that are mathematically related. It’s important to note that you can generate the public key from the private key. But, you can’t do the opposite. So, no one can get your private key using your public one.
How Does Public Key Encryption Work?
Let’s say Person A wants to send Person B a message. They have to use the above generated key pair. As previously mentioned, public key cryptography works in the following way:
- A public key encrypts data
- A private key decrypts data
You keep your private key to yourself and share your public one. You can consider that the public key is your username and the private one is your password. So, if anyone wants to send you something, they do so using your public key.
- Person A encrypts a document using Person B’s public key.
- Person B decrypts the document using his private key – which only he has access to.
- Person C can also send a document to Person B using Person B’s public key.
- Only Person B can access the document via his private key.
This solves the key management problem of symmetric encryption as you only need to manage two keys.
Algorithmically speaking, public key cryptography looks like this:
First, the message is converted to a number. Let’s assume it’s M.
Person A sends M to Person B using Person B’s public key e. This transfer is based on the following formula:
E = M^e (mod n)
Person B decodes M using his private key d. The decryption is based on the following formula:
E^d
Knowing the value of d, we get the following:
E^d = (M^e) ^d = M ^ ed
As you can see, you can’t solve the above formula without d. So, you use the private key to decrypt a message and you can’t do so without it.
Which is Better: Public or Private Key Cryptography?
Private key cryptography uses the same key to encrypt and decrypt data. Whereas public key cryptography uses two interlinked keys: a public key and a private key. Which method is better? Well, the first is faster and more efficient. But, the second is more secure as you never have to share your private key with anyone.
Anyhow, methods are still used depending on the instances and the needs. For example, public key cryptography is used to send, receive and validate transactions across the blockchain. This method is the core of digital signature which you can read about it here.