It is often said that cryptocurrencies use “public and private key cryptography” to prevent hackers from transferring funds without owners’ consent, and popular crypto blogs often throw around terms like “digital signature” as well. But what does all of this mean? And how is it used in cryptocurrencies?

This article will explain what public and private key cryptography are and how they are used in today’s cryptocurrencies.

A short history of cryptographic systems

For thousands of years, human beings have faced the problem of how to communicate with each other over long-distances privately. For example, ancient military commanders have often had to send messages to army units in order to coordinate attacks. However, these commanders didn’t want enemies to intercept their messages and be able to call for reinforcements.

The solution to this problem was to encrypt messages: to turn them into random-looking gibberish the enemy would not understand. These random-looking gibberish messages could then be decrypted by the intended recipients so that they would be readable text again.

The science of how to do this was called “cryptography,” and the systems developed by that science were called “cryptographic” systems.

Caesar Cipher

The first popular cryptographic system was called the “Caesar Cipher.” It was named after Julius Caesar, who used it in all of his private messages. To use the Caesar Cipher to send messages, a person first has to choose a number between 1 and the total number of letters in the alphabet minus 1. In English, for example, a person who wants to use the Caesar Cipher must choose a number between 1 and 25, since there are 26 letters in the English alphabet. The chosen number is called the key to the system, and is used to both encrypt and decrypt all messages.

Once this key is chosen, the person who has chosen it needs to share it with all of the people he/she might want to communicate with privately. This must be done face-to-face so that the key is not intercepted by third-parties.

When a message is encrypted using Caesar Cipher, the sender shifts each letter a number of spaces to the right equal to x, where x is the key. For example, “attack to the east” becomes “kddkmu dy dro okcd” if the key is “10.”

Vigenère Cipher

Another popular cryptographic system was the Vigenère Cipher, which was created by Giovan Battista Bellaso in 1553. In the Vigenère Cipher system, the “key” is a word instead of a number. To encrypt the message, a Vigenère table is used. The sender of the message looks up the column and row in the vignère table that corresponds to the first letter of the key-word and the first letter of the message. This determines the first letter of the encrypted message. This process is repeated for every letter until the entire message is encrypted.

For example, if the key-word is “coffee” and the message is “give five dollars to Bob,” the first letter-pair is “cg.” This produces “i” as the first encrypted letter. Doing this for every letter results in the encrypted message “Iwaj jmxs itppcfx ys fqp.”

Problems with Caesar and Vignère Cipher

While these cryptographic systems worked in the times they were created, they were eventually cracked and became useless. Caesar Cipher could be cracked by simply trying all 25 keys until one of them worked. The Vigenère Cipher was a little more secure but could ultimately be cracked by looking for groups of letters that repeated themselves throughout the text and using this to determine the length of the key. Once the length of the key was known, a process of elimination could be used to eventually determine the key.

In addition to being easy to crack, Caesar and Vigenère Cipher also suffered from the problem of how to distribute the key without participants meeting face-to-face in the initial setup. These  “symmetric cryptography” systems had this problem because they only used one key for both encryption and decryption. It is in order to overcome these problems that cryptographers developed public key cryptography.

Public key cryptography

In “asymmetric” or “public key cryptography,” the message sender generates a random number called a “private key.” This key is then run through a type of algorithm called an “elliptic curve.” This produces a new number called the “public key.” The sender of the message posts the public key on a forum or releases it through some other non-private method. However, the sender keeps the private key to himself/herself and doesn’t allow anyone to see it.

Because of the way that elliptic curves work in mathematics, a message encrypted using the private key can only be unencrypted with the public key and vice-versa. If Joe has Melissa’s public key, he can decrypt a message that she has encrypted with her private key. He then knows the message came from her. And if Joe encrypts a message to Melissa with her public key, this message can only be decrypted using Melissa’s private key. This means that only she can read the message.

This sets up a useful strategy for private communication. If Joe first encrypts his message with his own private key and then encrypts that message with Melissa’s public key, the message will be double encrypted. When Melissa tries to decrypt the message with her own private key, she will get a second gibberish message. If she then tries to decrypt this second message using Joe’s public key, the original, readable message will display. Now, not only can Melissa read the message but she also knows that Joe sent it.

No current problems with public key cryptography

Unlike with the Caesar and Vigenère Ciphers and other forms of “symmetric cryptography,” the type of calculations needed to crack public key cryptography are extremely complex and would require enormous amounts of energy to process. Some cryptography hobbyists have suggested it would take billions of years using conventional computers. If quantum computers were used, the calculations required could theoretically be done much faster. However, current quantum computers are much slower than conventional ones, and most experts believe it will be a decade or more before they are fast enough to crack public key cryptography. So public key cryptography appears to be impossible to crack, at least for now. In addition, public key cryptography does not require participants to meet face-to-face before using it, since only the public key needs to be shared. This is a great advantage over previous cryptographic systems.

How cryptocurrencies use public key cryptography

When a user tries to spend bitcoins, he/she must transmit a copy of the public key associated with the address containing the bitcoins. In addition, a “digital signature” must be sent, which is a hash of the transaction message encrypted with the user’s private key and run through a few more algorithms. Because the private key and public key are related to each other mathematically, the node that recieves this message can run a verification function that returns as “true” if the signature was generated using the correct private key. If the signature was generated using a different private key than the one associated with the public key sent in the message, this verification function will return a “false” value.

This allows the node to know whether the owner of the account is the one sending the message, or whether an imposter is trying to steal this person’s money. At the same time, the node never recieves the user’s private key. So even if the node is dishonest, it cannot later use this information to steal the user’s bitcoins.

In this way, public and private key cryptography helps to prevent hackers from transferring users’ funds without their consent and is one of the cornerstones of a trustless, decentralized financial ecosystem like cryptocurrency.