Key encryption is at the heart of cryptocurrency. It’s even in the name–the crypto part of cryptocurrency. Interest in digital currency is at an all-time high, so by now, even the most casual Bitcoin investor can probably talk through the basics of distributed ledgers. However, if you’re someone who would struggle to explain how key encryption works, that’s all about to change with our handy explainer.
Everyone who has cryptocurrency has a private key and a public key. Each key is simply a string of letters and numbers that are cryptographically linked. If all your currency is on an exchange, you might not know your keys, but they exist nevertheless. If all your coins are on an exchange, however, you really need to fix that and transfer them into a safe wallet.
By owning a digital wallet, you’re in possession of your public and private keys. These keys are just long strings of letters and numbers. Although you openly share your public, you need to keep your private key secure. Letting someone know your private key is tantamount to handing over your stash. But a public key is just that–public. Someone knowing your public key doesn’t give them any license to get their sticky paws on your digital currency.
Symmetric cryptography is analogous to a regular door lock we use in real life. There is one key that will work both to open, and to lock.
Now, imagine Alice is sending a secret packet of data to Bob. Alice generates a cipher to encrypt that data securely. When Bob receives the packet from Alice, she gives him the cipher she used to encrypt the data, and he uses it to decrypt the data.
This is known as symmetric cryptography. It means they are using the same key to both encrypt and decrypt data that is sent in digital form.
The main drawback of using symmetric cryptography is that a further layer of security is needed to send and receive the cipher. Otherwise, there’s a risk that anyone can intercept the cipher, and the data packet is no longer private.
Using public key encryption, we can overcome the issue of needing additional layers of security. A public key and a private key operating as a pair mean that the private key never needs to be shared with anyone. How do they work together?
Alice and Bob now both have their own public and private keys. They each know one another’s public keys, but their private keys are private. Alice wants to send a packet of data to Bob, so she encrypts it using Bob’s public key. Because she used Bob’s public key, only Bob himself can decrypt the package, by using his private key.
Public key encryption involves multiple calculations so it’s not suitable for sending large amounts of data. However, you can also use it to encrypt a symmetric key, which can hold additional data.
You would never want to send any private data using your private key for encryption because anyone with the public key could decrypt it. However, a private key can also serve as a digital signature, as it is unique to one individual.
Let’s say that Alice receives a packet of data, but she doesn’t know who sent it. However, she has the public keys of all of her friends so figures one of them must have sent it. She goes through and systematically tries to decrypt the data until finally, Bob’s key is the only one that decrypts it. Alice then knows that only Bob could have sent that data because only Bob’s private key could have encrypted it.
This explainer serves to demonstrate the importance of keeping your private key safe. The original blockchain, Bitcoin, stores all transactions irreversibly. Once you enter your private key, the trade is processed, and it will never be undone. Hence, those who have had their private keys hacked and their Bitcoins stolen will never get them back.
The storage of private keys is one of the most fundamental problems of cryptocurrency. While cold storage wallets remain the most secure means of holding onto digital coins, they depend on a user keeping their private key secure. Wallets like the Trezor or the Ledger Nano S use a PIN and seed recovery system. However, you will need to store the PIN and seed recovery somewhere safe.
Ideally, somewhere safe also means offline. Last year, it was reported that the malware program Cryptoshuffler had stolen $150k worth of Bitcoin. The program would hide on a user’s computer and wait until something that looked like a Bitcoin key landed on their clipboard. With that information, the malware creator could easily drain the funds of the target.
Ironically, the safest way to store private keys or recovery seeds is still by writing them down on a piece of paper; however, this is also not foolproof if the paper gets into the wrong hands.
Although anyone can transact cryptocurrencies without knowing anything about key encryption, in this case, knowledge is power. People who understand what a private key and public key can do are more likely to take proper care to ensure their private key remains private. Issues with key security notwithstanding, key encryption is in itself an elegant use of cryptography to keep our digital coin transactions secure.
*This article is authored by Sara Rothrie and was originally published on Coin Central.com*