On the flip side, however, how many times have keys saved us? Kept us from getting things stolen, made us feel more secure or even made an awesome accessory (thank you, Zoey 101, for showing us how to turn our key into a stylish necklace). As annoying as they get from time to time, keys are crucial for locking and unlocking important things. And since blockchains store very important things, it only makes sense that they can be “locked” and “unlocked,” right?
Now here’s the thing. Unlike our houses and cars, blockchains aren’t physical and, therefore, neither are their keys. So, we’re talking digital keys used for cryptography.
Wait, what? Don’t worry — it’s not as confusing as it sounds. Let’s break it down:
Why We Use Digital Keys
Essentially, digital keys are what allow cryptography to occur. Cryptography is basically the process of turning ordinary plain text into unintelligible text (aka using code so only people who should have access to something can read it).
- “Crypt” → “hidden”
- “Graphy” → “writing”
When you decide to turn that ordinary text into unintelligible text, you’re encrypting it. When you choose to turn the unintelligible text back into ordinary text, you’re decrypting it. How can you go between the two? Using your keys!
Keys are just really big and long numbers with lots of digits. If a message is encrypted (locked) with a public key, only its matched private key can decrypt (unlock) it. Sort of like an actual lock and key — you need one to open the other. Two things to remember:
- Private key — you keep the private key to yourself (Don’t share it!)
- Public key — you hand out copies of the public key to pretty much whomever
Still having trouble picturing it? Think of the public key like a person’s bank account, while the private key is the secret PIN to that bank account. While you give people your bank account info when you’re purchasing something or getting paid, you would never give them the PIN number.
A public key and its corresponding private key are related to each other mathematically, therefore they are created at the same time. A message that’s been encrypted with a public key can only be decrypted with the matching private key.
Symmetric vs. Asymmetric (Public Key) Cryptography
Now that we’ve got some of the cryptography basics down, let’s turn things up a notch. Typically, cryptography is either symmetric or asymmetric.
Symmetric cryptography works the way you’d imagine a normal lock and key to work. If you want to lock (encrypt) something, you use the same key to unlock (decrypt) it. This only uses one key to both encode and decode the info.
Pros of this technique? It’s straightforward, fairly easy and doesn’t take much time. But, things can get much more secure.
Asymmetric cryptography is a bit more complex, but super useful. This is where the two keys, public and private, come into play — versus the one key in symmetric cryptography. Asymmetric cryptography is typically what we think of when we think of blockchain/cryptocurrency security, and it’s oftentimes called “public-key cryptography.”
Asymmetric (Public Key) Cryptography Explained
Bear with me to understand how things are encrypted/decrypted or locked/unlocked. There are tons of different explanations, but my favorite is the three-lock box:
Let’s say you have a box that has three different positions: A, B and C. If the key is turned to position A, the box is locked. If the key is turned to position B, the box is unlocked. If the key is turned to position C, the box is also locked. So, going from left to right (clockwise to counterclockwise):
- Position A → locked
- Position B → unlocked
- Position C → locked
Now, there are two different keys that can be used on this lock. The first key (private key) can only turn clockwise (from A to B to C). So, if you wanted to get from A to C, you’d have to start at position A, go through position B and end up at position C. The second key (public key) can only turn counterclockwise (from C to B to A). So, in order to get from C to A, you’d have to start at position C, go through position B, and end up at position A.
As mentioned above, the public key is typically used to encrypt what is being sent (i.e., documents, funds, etc.) while the private key is used to decrypt. In this case, imagine what is being sent is being sent through this box. Once again, only the owner should have the private key — or else, what’s the point if anyone can encrypt/decrypt something?!
So, you have your private key that can turn from A to B to C, while everyone else has your public that can turn from C to B to A. Make sense?
Let’s say someone wants to send you a love letter. That person probably doesn’t want anyone other than you to see or read that letter, so they decide to give it to you through your special box. Since the public key only turns counterclockwise, they have to turn the key to position A in order to lock the box. Now, you’ve got the locked box, and the only way to open it is by turning it clockwise from position A to position B. How will you do that? With your private key that only you have! So, you use the private key to turn the lock from position A to position B and, voila! — the box is open and you can read your love letter.
Now, what if you want to send that person a love letter back? If you didn’t want to go through the same process of using their personal box, you could still use your box and lock it by using you private key. As we know, if you put a letter in and want to lock it, you have to use your private key to turn the key from position B (unlocked) to position C (locked) since the private key only works clockwise. Then, your locked box with the love letter inside can be sent back to the original person. For them to unlock it, all they have to do is take your public key and turn it from position C (the locked position you left it in with your private key) to position B (the unlocked position).
Here are the important takeaways:
- If anyone is to encrypt (lock) something with your public key, only you can decrypt (unlock) it with your private key — the key that NO ONE ELSE HAS!
- If you encrypt (lock) something with your private key, anyone can decrypt (unlock) it with your public key — the key that ANYONE HAS!
You may be wondering, “What would be the point of encrypting something with a private key if anyone with your public key can decrypt it?” Well, it essentially serves as proof that you were the one who actually encrypted it. It’s your digital signature.
A digital signature is a pair of cryptographic algorithms used to authenticate messages over a public channel (public means a lot of people can have access to it!). Think of it like your real signature — your signature identifies who you are. Digital signatures do the same, but they are a lot more difficult to forge. And what are those cryptographic algorithms you may ask? Ahh yes, your public and private keys!
We use digital signatures in order to prove that a message is actually coming from the person it’s supposed to and not from someone else, like a hacker. So, if I sent you a message that I encrypted using my personal private key, you would know it’s actually from me when the only thing that will decrypt it is my public key! If you were using your sister’s or your best friend’s public key, it wouldn’t work because it was encrypted using my private key, not theirs.
Wrapping It Up
Ta-da! That’s it! You have learned to break down public and private keys. Info overload? Here’s a quick summary:
- Cryptography → process of turning ordinary text into unintelligible text
- Keys → created together, just a series of numbers
- Public Key → give to anyone
- Private Key → keep to yourself
- Symmetric Cryptography → one key used to encrypt and decrypt
- Asymmetric (Public-Key) Cryptography → two keys total using your public and private key, one to encrypt and one to decrypt
- Digital Signatures → pair of cryptographic algorithms (public and private key) used to authenticate messages over a public channel, aka prove the person who sent the message is really who they say they are