Cryptography 101: Private keys and how they work

How can someone prove they own something on the internet? That question has perplexed many people when it comes to bitcoin, ethereum, and other digital assets.

Indeed, the concept of a digital commodity is a novel one, but it’s possible with one of the oldest technological innovations: cryptography. Today, bitcoin and similar networks use private keys and cryptography to secure your assets, but you don’t have to be a math whiz to understand how private keys work at a conceptual level. Let’s get started!

What is cryptography?

Cryptography is the study of various techniques for conveying secure, private messages in the midst of possibly adversarial third parties. For centuries, civilizations have used various forms of code, cipher, and secret communications to safeguard access to their most important information, including their money. Today, cryptography is used all across information systems we use everyday.

What are keys?

A key is a random string of numbers that prove authenticity. Specifically, keys are used to perform several important cryptographic operations like encrypting, decrypting, and signing messages, and they allow you to keep your communications private. You must keep your keys secure for cryptography to be successful.

Public vs. private keys

There are two common key types depending on the cryptographic system you use. With symmetric cryptography, one key is used to encrypt, decrypt, create and verify signatures. Passwords are a frequent example of symmetric cryptography.

With asymmetric cryptography — also known as public key cryptography — you use separate keys. First, you generate a random private key and keep it secret. Private keys are secret codes that allow you to leverage cryptography for shielding data and signing messages and transactions. You perform a cryptographic function with your private key to generate a public key, which you can safely share with others. Together, this keypair is used for different purposes:

• Public keys: encrypt data, verify signatures
• Private keys: decrypt data, create signatures

If you’re the only person with access to your private key, you can easily generate cryptographic proof, and others can tell it’s valid without ever interacting with your private key. You can find asymmetric cryptography in many technologies today, such as bitcoin, email, and end-to-end encrypted messaging apps like Signal.

Why are digital signatures important?

Whenever you send crypto, what you’re really doing is signing a transaction with your private key.

Similar to signing a document by hand, digital signatures prove the authenticity of a message and ensure that it wasn’t tampered with during transit. Furthermore, digital signatures provide cryptographic proof in case there’s any dispute between the sender and the recipient because math is math.

This cryptographic certainty is why it’s important to protect your private keys. If someone else gains access to your key, they can start decrypting messages, forging digital signatures, and spending your bitcoin.

How do you verify a digital signature?

Cryptography is based on one of math’s fundamental truths. It’s easier to add mathematical complexity than it is to take it away. Multiplication is easier than long division for humans and computers.

When you subject a piece of data to a process with the right amount of complexity, you arrive at a result that is easy to verify through the same process, but it is near impossible to derive any other way.

Hashing is when you use a one-way function to create a digital fingerprint of a piece of data. Hashing is a deterministic process, which means that you can hash the same message over and over, and you'll always get the same result. Go math!

Digital signatures leverage hashing to prove authenticity to recipients. Here’s an example of how it works:

1. Gloria wants to send a message to Marcus, so she generates a hash of her message.
2. She encrypts the hash with her private key.
3. She sends her message and a copy of the encrypted hash to Marcus.
4. Marcus generates his own content hash of Gloria’s message.
5. Then, he decrypts the encrypted hash Gloria gave him using her public key.
6. If both hashes match, he has verified Gloria’s digital signature. Hooray!

Final thoughts

Part of a security mindset is taking the extra step to verify rather than just trust. Trust can be broken — math can’t. By properly using public and private keys, you can keep your communications private and generate the digital signatures you need to send your crypto when the time comes. Vires in numeris!

Secure your assets with multiple keys

Casa makes it easy to protect your crypto from hackers, accidents, and device failure with the most peace of mind. Book a call to learn more.

Read more

The Dos and Don’ts of Bitcoin Key Management

The internet is a dangerous place, especially when you’re protecting bitcoin. Jameson Lopp covers what you need to know to stay safe in a perilous environment.

Casa BlogJameson Lopp