Table of contents
Lesson 7
What are public and private keys?
What are public and private keys?

7 min reading time

Updated

What are public and private keys?

Public and private keys are used to encrypt data, also called cryptography. In this way, data can be protected against players who should not have access to it. It can therefore be compared to a secret language that can be read only by people with the right keys.

Encrypting data is no recent discovery. The first form of cryptographic was used in 1900 BC by the Egyptians. In subsequent years the use of cryptography further increased, and it was IBM that at the start of the 70s first started using cryptography for computer systems. This was also the birth of public and private keys, which are currently also used by blockchain technology.

What is cryptography?

Cryptography is the encryption of data, thereby protecting it against external influences. It can be compared to a secret language. The outcome of a cryptographic encryption is called the digit text. When someone sees digit text, they will only see digits and letters. The contents are hidden behind these digits and letters.

Encrypting happens through a so-called encryption mechanism. This mechanism determines the way in which data is converted to digit text. Nobody knows how this mechanism works, making it impossible to convert digit text back to its original content.

In encryption, use is often made of the public and private key. These are keys used to encrypt data, also called encryption. These keys are also used to decrypt data. This means revealing data by using the right keys.

This can therefore be compared to a lock in a door. From the outside, nobody can see how the lock works, but when the right key is used, the door can be opened.

Different algorithms

There are several cryptographic algorithms. Some algorithms are stronger than others. As a result, a system is considered more secure when it uses a powerful cryptographic algorithm.

In the past, some algorithms were hacked. From then on, it is no longer possible to safely use that algorithm. After all, it is now possible for anyone to decrypt the digit text, meaning its content is no longer secure.

Examples of the use of public and private keys

Public and private keys are used as digital signatures. In most cases, this is called a digital signature. This signature ensures that only authorized devices can access certain data.

Both a public and private key are needed for a digital signature. These two keys cannot work without each other.

Encrypting emails

You can encrypt all kinds of data with public and private keys. First, a key pair needs to be created, which can be done with a range of applications.

Suppose that Jarmo is drafting an email, and encrypts this email with his own private key. He is the only one able to do so, since the private key is known only to Jarmo. Subsequently, Jarmo sends an email to  Karin. Jarmo has also added Karin’s public key to the message. This is possible since the public key is just that — public.

Karin receives the email and is able to verify that the email comes from Jarmo, since Jarmo’s public key is enclosed. No one else can encrypt the email with Jarmo’s public key, since a private key is needed to effect the encryption. Karin is able to read the email, since she holds the correct public and private keys.

WhatsApp messages

Many people are unaware that hey hold public and private keys. This happens automatically, and often goes unnoticed. A well-known example is the WhatsApp application, which uses end-to-end encryption.

When a user registers with WhatsApp, the application automatically creates a public and private key. Users do not to do anything for this.

Every message sent via WhatsApp is signed with a digital signature. This ensures other people are unable to read the messages. For example, someone who is monitoring all traffic over a Wi-Fi network. He can see messages are being sent from WhatsApp, but cannot see their contents. The person intercepting these messages after all does not have the right key combination.

Only the recipient is able to decrypt the messages. In this way, messages sent are protected from external influences.

Sending a blockchain transaction

Transactions are sent the same way over the blockchain. With public and private keys, users are able to verify that they are the owner of a certain amount of cryptocurrency. This enables them to send cryptocurrency.

A user signs his transaction using the public and private key, after which the transaction is sent over the blockchain network. The network nodes then check whether the keys are correct.

It is not possible to copy someone else’s public key to assume their identity. This is because a transaction can only be signed with the right combination of public and private key.

Private keys

A private key is needed to encrypt and decrypt data, and comprises a series of random digits and letters. A private key itself is also encrypted, so that the code visible to others in reality is not actually the real private key. That key is hidden behind encryption. Because a strong algorithm is used, it is impossible to decrypt the private key.

Data can be encrypted with the private key. Because the private key is linked to the public key, everyone knows who encrypted the data. This is why the private key should not be shared with others. Only the rightful owner should hold the private key.

What if someone knows my private key? (H3)

It is important that the private key is only held by the rightful owner, and that nobody else knows what the private key looks like. If that were the case, anyone holding the private key could pretend to be someone else.

This cryptocurrency’s ownership can then be transferred to the person illegally holding the private key. This means the rightful owner loses his cryptocurrencies.

What does a private key look like?

Every private key looks different, depending on the cryptocurrency. Traditionally, the private key consists of 256 bits and 64 characters. A private key on Bitcoin’s blockchain could look like this:

326f74d43327901eade7b3a74a6a90ed494937a04e07dc802cc8ee72e61d119c

Public keys

The name of the public key already partially explains the difference between these two keys. A public key is intended to be exchanged with others, to allow for communication. Communication refers to sending and receiving transactions.

The public key is derived from the private key. This means that the value of the private key determines what the public key looks like. It is important not to confuse this. If the private key were derived from the public key, everyone would be able to hack the private key.

Cryptocurrencies use a powerful algorithm to create keys. This makes it possible to derive a public key from a private key, although this algorithm cannot be used in the opposite direction. This ensures that the key pair is very strong.

What’s the difference between a public key and a wallet address?

A public key is often confused with a wallet address. The two, however, are not the same, and it is therefore important that the public key and the wallet address are not confused.

The wallet address is the short version of the public key. With the use of encryption, the public key can be converted into a wallet address. When making a transaction, the wallet address is shared in order to have cryptocurrencies sent to it.

Once the public key is entered as destination address, the cryptocurrencies will not go to the wrong user. Instead, they will be forever lost, since the cryptocurrency’s ownership is linked to a non-existent wallet address.

It is not possible to get to the cryptocurrencies in any other way. This makes the blockchain a safe technology, because it becomes impossible for others to access another user’s cryptocurrencies.

Cryptography and the transparency of blockchains

The blockchain is a transparent technology, allowing everyone to see what transactions are being carried out. At the same time, transactions are protected by cryptography. This sometimes makes it unclear to what extent the blockchain is transparent.

It is indeed possible to see what transactions were carried out, but the transaction’s content cannot be seen. For example, think of the sender’s additional data, such as the IP address.

Instead, it is possible to see the wallet addresses between which the transaction was performed, as well as the transaction’s value. This makes it possible to see how many cryptocurrencies were sent between two different wallets.

The wallet address is not directly linked to the user’s personal data. The blockchain therefore simultaneously is able to guarantee’s the user anonymity.

Summary

Cryptography has been long used. In the case of computer systems, a public and private key are needed to apply cryptography. The public key is the publicly known key, while the private key is only known to the rightful owner.

A blockchain transaction is signed using the private and public keys. It is only possible to apply the public key to a transaction if it is encrypted with the private key. As a result, a user cannot simply pretend to be someone else. This ensures that cryptocurrencies can only be spent by their rightful owner.

You need the recipient’s wallet address to send a transaction. The wallet is not the same as the recipient’s public key. Instead, the wallet address is based on the public key, using cryptography. Cryptocurrencies therefore cannot be sent directly to the public key. When that happens, they will not arrive and instead be lost forever.