Skip to content

Slideshow: Public Key Cryptography

texture edited this page Jun 1, 2015 · 1 revision

Public-key cryptography is a way of encrypting and decrypting messages which uses two keys, one public, and one private. One can think of public-key cryptography as providing a message box with a lock that has holes for two keys; the public key can be used to lock the box, while the private key is needed to unlock the box. One other use is with signatures; in this case think of public-key crypto providing a special signature box with two key ports; using the private key in the private-key port creates a signature that can be viewed on the top of the box, while the public key can be used in the public-key port to verify that the signature was indeed created using the corresponding private key. We will review these examples in more detail below, and also review the history and use of public-key crypto in Bitcoin and Ethereum.

History

In the 1970s, British government cryptographers invented public-key cryptography, but did not do anything with it or publicize it because of the secrecy required at their jobs. In 1976 Whitfield Diffie and Martin Hellman braved strong resistance from the NSA and other government agencies to publish their work on public-key exchange; see this article for a fun description of what happened. Others soon improved this with the RSA system, with elliptic curve and with other advances.

Today, public-key cryptography is used every time you visit a website that starts with 'https', every time an engineer uses SSH (secure shell), or every time you use Bitcoin.

Can you explain it in simple terms?

Above we mentioned public-key crypto as providing a secure message box with two key slots. Imagine that you have a person to whom you frequently send messages; this person has given you a 'public' key that can be used to lock the box, while she keeps another (related) 'private' key that is used to unlock the box. In fact she gives a copy of the public key to anyone who wants to send her a message. When you want to send a message to this person you can just put the message in the box, lock by using the 'public' key, and then send it to her. When she receives it, she simply uses her private key to unlock the box.

Wikipedia gives a similar explanation:

An analogy to public-key encryption is that of a locked mail box with a mail slot. The mail slot is exposed and accessible to the public – its location (the street address) is, in essence, the public key. Anyone knowing the street address can go to the door and drop a written message through the slot. However, only the person who possesses the key can open the mailbox and read the message.

The figure below shows the way the process works in practice. Anyone can encode a message for Alice using her public key (which she might post on her Twitter account, or her email signature), while only Alice can decrypt the messages using her private key. A similar process can be used to make secure signatures.

Public-keys in Ethereum

Each Ethereum address is associated with its owner's public key. When you send some ether to someone, you create a message (transaction), attaching the new owner's public key to this amount of coins, and sign it with your private key. When this transaction is broadcast to the Ethereum network, this lets everyone know that the new owner of these coins is the owner of the new key. Your signature on the message verifies for everyone that the message is authentic. The complete history of transactions is kept by everyone, so anyone can verify who is the current owner of any particular group of coins. The same procedure is used by Bitcoin.

Finally we note that a blockchain such as used by Bitcoin and Ethereum can be as an efficient and trusted way to distribute public keys. Ethereum in particular will have a few features (built-in identity) that will facilitate uses such as secure DNS or secure messaging.

See also