Asymmetric cryptography

You probably use cryptography multiple times a day. It is used frequently, from websites to your smartphone, and serves an important function. And if you use Bitcoin and other cryptocurrencies, cryptography serves a critical security function. Cryptography is the art of secret writing, and cryptographic functions enable you to securely send bitcoin, ether, and other cryptocurrencies.

Let’s discuss the difference between symmetric and asymmetric key cryptography. Symmetric key cryptography uses one key for both encryption and decryption. Asymmetric key cryptography, also known as public key cryptography, uses two keys, one for each operation. Think about it as a lock on your front door. If you can both lock and unlock your door using the same house key, that is akin to symmetrical cryptography. If you needed to use one key to lock the door and another key to unlock the door, that would be comparable to asymmetric cryptography.

In asymmetric cryptography, two different keys are used, the public key and the private key. As is probably obvious from the name, the public key can be ‘public,’ and can be shared freely.

Going back to the front door example, if the key to your front door was made public but only allowed for the locking of the door, you wouldn’t need to concern yourself with theft; the key that unlocked the door could be kept private. This is similar to how asymmetric key cryptography works. The public key can be shared without being a security risk because that key doesn’t open the door.

In Bitcoin, your private key must be kept secret because it effectively unlocks the door to access your bitcoin.

One crucial part of public-private key pairs is that the public key can be derived from the private key. This means that if you know the private key you are able to figure out the public key. However, the reverse is not true; the private key cannot be derived from the public key. If you have a public key but no private key, you’d be unable to access the private information.

Let’s compare this to the front door example. You could use the (private) key that unlocks your front door to retrieve the (public) key that locks the door. So basically, the private key can lock and then unlock the front door. On the other hand, the public key can lock the front door, but there is no way to use this public key to unlock the door.

With bitcoin, this matters because it means anyone can have access to your public key, which is perfectly okay. The public key is used to find the bitcoin address where bitcoin is sent. But remember, knowing a public key and bitcoin address doesn’t allow access to received bitcoin. This would be like the public house key having the home address written on it, and it not being a security risk because this information won’t unlock the front door. Taking this analogy a step further, having a home address allows mail to be delivered through a slot in the front door, in the same way, having a bitcoin address allows bitcoin to be received. And just as the mail, once put through the mail drop, can no longer be accessed, once bitcoin has been received, the public key can’t access it.

Take a look at cryptoconsortium.org for a more detailed outline of the content you need to understand to become a CBP, and check out our YouTube channel to learn more about Bitcoin. For an in-depth look at how Bitcoin works, enroll in C4’s prep course and/or read our CBP prep book. Good luck, future CBPs!

Note: This front door private-public key example is an imperfect analogy, however it does provide a relatable comparison to help understand the basics of how asymmetric cryptography works.

This article was written by our CryptoCurrency Essentials (CCE) Committee.

Disclaimer

The information presented in this article is for educational and informational purposes only. It does not constitute financial advice, investment recommendations, or any form of endorsement. 

The views and opinions expressed by individuals in this article are solely those of the speakers and do not necessarily represent those of C4 or any other organizations with which they are affiliated.

The mention or inclusion of any individuals, companies, or specific cryptocurrency projects in this video should not be considered as an endorsement or promotion.

Regulations and legal frameworks around cryptocurrencies may vary in different jurisdictions. It is your responsibility to comply with the applicable laws and regulations of your country or region. 

The CryptoCurrency Security Standard (CCSS) has been updated to version 9.0. See the updated CCSS here.

Systems certified under 8.1 are still valid.