# Public Key Cryptography — A Comprehensive Guide

It’s a pleasure to have you here at blockwhat?, together we will explore the fascinating technological ideas that make blockchains so unique.

In this post we will explore a concept that plays a foundational role in ensuring information and computer security — Public Key Cryptography. Since this fascinating idea is the heart of blockchain technology, we will dive into its history, grasp how it works and examine the practical applications in the context of blockchains.

An absolutely technological marvel with a captivating history — let’s get started!

If you’re new here and want to understand what’s going on, just click here.

1. The Tech Behind Blockchains
2. A Journey Into Decentralization
3. Hash(ing) Everywhere — A Primer On Hash Functions
5. Merkle Trees — Ensuring Integrity On Blockchains
6. Finding Consensus 1/4: Byzantine Fault Tolerance
7. Finding Consensus 2/4: Proof of Work
8. Finding Consensus 3/4: Proof Of Stake
9. Finding Consensus 4/4: Alternative Consensus Mechanisms
10. Network — Who’s Doing All This Stuff?

If you’re interested in exploring the fascinating history behind blockchain, click right here and go down the rabbit hole.

### History

The origins of our story today reach a long time back into hour past, a couple thousands of years …

Cryptography has always played an important role in ensuring that sensitive information did not fall into the wrong hands — back then, these were mostly military secrets.

One of the most famous encryption methods used to be the so-called Julius Caesar Cypher, which you all have probably also used in the exciting days of your childhood when you wanted to send secret messages to your friends. The way this method works is pretty straightforward — you apply a simple mathematical logic to the message that you want to encrypt. For example, that you move back three letters to the left from the original letter that you want to send.

So if we want to encrypt an “H”, we go three letters to the left and end up with an “E”.

ABCDEFGH -> ABCDEFGH

You can see a lovely visualization of this concept below.

During the centuries, the methods of encrypting messages became more and more sophisticated. Especially the evolving field of complex mathematics lead to innovative and strong new ways of encrypting and decrypting of information. This made sure that the information could only be viewed by the intended recipients and nobody else.

The way these techniques work are known as symmetric key encryption. This method uses complex mathematical concepts to encrypt information with a so-called private key. The message was now unreadable to everybody and could only be reversed to the original state by applying the same private key. In order to use this form of encryption, the corresponding private key had to be shared with everybody who was supposed to be able to read the secret messages (e.g. generals in the army, ambassadors, etc.).

This system of using a private key to encrypt and decrypt information turned out to be pretty secure — as long as nobody unintended had also access to this private key. The keys had to be regularly changed though, just in case the key or the person carrying it fell into the wrong hands.

Below you can see a great visualization of this concept.

One very famous example of symmetric-key cryptography was the Enigma machine that the German Military used in the second world war to encrypt their messages. The allied forces had a very hard time breaking the code used by the Germans — until Alan Turing brilliantly managed to crack it.

So far we’ve read about the Julius Caesar cypher and symmetric key encryption (also known as private key encryption) — let’s focus on the truly revolutionary invention of public key encryption next!

### Public Key Encryption

The story of this groundbreaking invention is a fascinating one — involving the British intelligence service “British Government Communications Headquarter” (GCHQ).

In 1969, a research scientist named John Ellis made one of the greatest breakthroughs in modern encryption and code breaking while working for GCHQ. His invention was so essential and far fetching to the future of information security, that the GCHG decided to keep it a secret for over 27 years — it was only declassified in 1997.

It’s an absolutely stunning piece of modern computer science history and if you’re enticed to read more about it, just click right here.

As an interesting twist of history, the same concept that John Ellis came up with originally, was replicated at a public institution in 1976 — a team of researchers at MIT and Stanford then had the ability to publish their findings and they were originally credited with the invention. It wasn’t until many years later, that John Ellis got the recognition for his idea.

So what exactly was so important that the British intelligence community decided to keep it a secret?

It’s a marvelous concept known as Public Key Encryption and the idea behind it is truly exceptional. While up to that point the responsibility of encrypting a message always laid on the sender of it, he thought out of the box and reversed the process — including the recipient in encrypting a message in a truly ingenious way.

It works as follows:

We start by taking a random string of numbers (e.g. 3860280357), from now on this will be called our private key) and mathematically derive another string of numbers from it — the resulting new string of numbers is called public key. A very important aspect of this process is, that it’s a so called trap door function, which means that it’s very easy to calculate it into one direction (ergo from private key to public key), but not the other way around (aka it’s almost impossible to derive the private key from the public key), without having some important information (aka the trapdoor).

This very abstract sounding concept enables us to do some marvelous things though, because we can now take a piece of data, use our public key and scramble it up (by using some encryption magic). For everybody out there this new data set is incomprehensible and unreadable. In order to unscramble it and to make it readable, one need to be in possession of the corresponding private key. Whoever has that key, can now use some mathematical magic and unscramble the data. Voila!

You can see this process illustrated in the picture below.

You can think of this abstractly like this — the public address is your bank account and the private key is your secret PIN. The address can be safely broadcasted to the public, while it is indispensable to keep your PIN safe and secret.

This amazing new way of encrypting information made it become an Important mathematical foundation for information and computer security, since it helps to ensure authenticity and integrity of a message when communication over an unreliable channel of communication (e.g. the internet).

“Strong, relatively cheap encryption became ‘democratised’ and enabled more secure communications on a global scale. Encryption went from being a tool of strategic advantage between super-power blocs, but to a key enabler of individual freedom and safety.”
- Robert Hannigan, Director of GCHQ

The fact that the mathematical functions used in Public Key Cryptography have the unique characteristic that they are almost irreversible, meaning that they can only easily be calculated into one direction and not the opposing one, enabled something truly revolutionary — the creation of unforgeable digital signatures and digital secrets.

### Digital Signatures

A really cool thing you can do with this public key encryption is to digitally sign a document. In order to do this, instead of using the public key to scramble a message, we now use the private key.

By doing so, everybody can easily verify that we have digitally “signed” the document by checking if the corresponding hashes matches.

Below you have a lovely visualization of how this works.

Digital signatures are at the core of how transactions work and can take place on a blockchain.

They are used as a mathematical scheme to prove the authenticity of a digital message, meaning that they prove ownership of a private key without revealing that private key. Crazy stuff!

We’ll cover more in the section below. Let’s now explore how public key cryptography is powering blockchain technology.

### Applications in Blockchain

Public key cryptography is at the heart of blockchain technology and enables many of the exciting characteristics that make them so unique — it’s essential for the wallet creation and the signing of transactions.

Wallets is simply another name for the long addresses that you’ll get when interacting with a blockchain.

Let’s see how this process actually works.

The first step is to generate a private key. This private key is basically a random number and is of utmost importance, since only the private key can exercise ownership and control over data, for example Bitcoin, that is encoded in the blockchain. Therefore it must be properly stored and backed up, since losing it is synonymous to losing access to all the data. In order to generate a proper random number it is essential to find a secure source of entropy and the usage of cryptographically secure pseudorandom number generators is highly encouraged.

After having found a random number, a public key is subsequently generated based on it. Both Bitcoin and Ethereum use Elliptic Curve Multiplication (ECM) as the mathematical function with which a public key is generated from a private key. ECM is a so-called “trap door” function, meaning that is it easy calculate into one direction and impossible to do in reverse, as already mentioned above. Thus, it is not possible to deduce the private key from a public key and it serves as a fundament for secure digital signatures.

Apart of creating the addresses used to store and transfer information, public key cryptography also plays an essential role in digitally signing transactions.

This concept serves three purposes within Bitcoin and Ethereum. Firstly, it authenticates that the owner of the data has authorized the transaction to take place. Secondly, it shows that the sender cannot deny having sent the message, thus proves nonrepudiation. And thirdly, it ensures that the transaction or message has not been altered and cannot be modified.

A digital signature is created by taking a private key from the transaction or message and then running it through the Elliptic Curve Digital Signature Algorithm. The resulting digital signature can then be easily verified by other nodes.