Cryptography, Public Keys, and Private Keys
A closer look at cryptography, public keys, and private keys – and their relationship to Bitcoin and other cryptocurrencies.
In general, cryptography is the art of protecting information such as a message from being read or received by anyone other than its intended recipient. Public-key cryptography is a type of encryption that allows users to communicate in a secure manner over an insecure channel such as the internet. One such widely implemented encryption scheme is called asymmetric key cryptography for which public and private keys are used.
Public-key cryptography has many applications in everyday life. For example, a variety of internet protocols use public-key cryptography to encrypt data, such as Secure Sockets Layer (SSL) in HTTP and HTTPS in web browsers. More notably in the crypto space — Bitcoin uses public-key cryptography to sign and verify transactions.
What makes public-key cryptography so special is that every public key (known to anyone) only matches to one private key (known to only its owner). Think of it like a safety deposit box. Everyone can know where the box is (public key), but only you have access to the key (private key) to open it and retrieve your assets (bitcoin).
A critical part of public-key encryption's design is how keys are generated. Public keys are generated from private keys and are required to be mathematically related, making it practically impossible to guess someone's private key based on their public key. In the case of Bitcoin, an elliptic curve digital signature algorithm (ECDSA) generates the public keys from private keys.
How are Keys Used in Transactions?
Whenever anyone wants to send a Bitcoin transaction, they do so by "digitally signing" the transaction data with their private key and then broadcasting this signed transaction over the Bitcoin network. The transaction is then verified by referencing the sender's public key (again, which is mathematically related to the sender's private key).
For example, if Alice wants to send Bob a Bitcoin transaction, she is going to need his public key and use her private key to "sign" the transaction. Because Alice signs the transaction with her private key, Bob can then check Alice's public key and verify that the transaction is from Alice.
For example, if Bob’s public key is:
Then Alice will create a transaction using Bob's public key. Alice will sign this transaction with her private key and send it — encrypted — to Bob.
There are a lot of technical details that make this work, but when you break it down, all that matters is public-key cryptography forms the bedrock of Bitcoin transactions, only allowing the owner of a private key to send Bitcoin to another person’s address.
- Bitcoin uses public-key cryptography for transactions.
- A public key is known to anyone.
- A private key is kept secure and known to only to the wallet owner (if someone knows your private key, they can have access to your bitcoin).
- A public key is generated from a private key through an algorithm, and the relationship is mathematically related.
- It's mathematically impossible to guess someone's private key based on their public key.
- To send Bitcoin, you need the receiver's Bitcoin address which is derived from their public key and have your transaction signed with your private key.