Beginner Series
What Is Public Key Cryptography?
There's no doubt about it, public key cryptography creates an exciting new opportunities for doing business, trade and making investments in a digital age.
But are they secure?
Cryptocurrencies are digital money transacted online -- what's more, they are decentralised. Banks and other institutions that might normally oversee transactions are nowhere to be seen.
This transaction environment might at first appear to be a recipe for disaster. However -- thanks to some very clever maths, cryptocurrency users can rest easy knowing that their transactions and investments are safe and sound.
Why is public key cryptography important?
As a child, did you ever send secret messages to a friend? Perhaps you conversed in code to keep things private and confidential? Maybe you posted notes in a safety box that could only be opened by someone who had a special key? It mattered little that the cryptic note or safety box was left on your friend's kitchen bench in full view, because access was restricted to authorised parties.
At a basic level, these same principles also provide security for cryptocurrencies. Just like the family kitchen bench, the internet is a very public environment. But this actually doesn't matter because cryptography ensures that only authorised parties are able to transact.
Public key cryptography and cryptocurrencies
Simply put, cryptography is the art of encrypting information to make sure it remains private. In the case of cryptocurrencies, transactions are encrypted and decrypted by mathematics.
Each cryptocurrency address (payment destination) has an associated pair of keys. These keys aren't cut by a locksmith, but are in actual fact very long numbers. When applied to a complex maths problem, these numbers solve it perfectly -- just as a key opens a lock. When these keys solve the equation for which they were designed, they allow a transaction to go ahead.
A private key is used to authorise transactions. For this reason it must be kept private by the person who owns the cryptocurrency at its address.
The corresponding public key is used to verify transactions. This key can be distributed widely to allow deposits to be made to a given address. This doesn't compromise the coins held at the address because, without the private key, the coins are beyond reach.
How does public key cryptography work?
Let's say that Mary wants to transfer some cryptocurrency to John.
Mary uses her private key to produce a digital signature unique to the transaction at hand. This involves combining Mary's private key with her transaction instructions i.e. 'Pay John two coins'.
Mary also gives John her public key. If John can use this key to successfully decrypt Mary's digital signature, it proves that Mary is the rightful owner of the cryptocurrency being transacted. The complex cryptographic maths problem has been perfectly solved; the transaction will go ahead.
This process is much like the way that a PIN confirms that the person who entered it is indeed the cardholder. The only difference is that a digital signature is infinitely more secure than a PIN. In fact, it has been estimated that correctly forging a digital signature (without knowing the private key) would take thousands of years -- even if all the available computing power in the world were applied to the task!
A cryptographic fortress
To say that the mathematical 'lock and key' involved in cryptocurrency transactions ensures extreme security is a gross understatement. Because it is -- practically speaking -- impossible to fake a digital signature, user coins are stowed safely away.
Complex cryptography ensures peace of mind for cryptocurrency transactions -- all without a third party in sight, because the maths works.
Just how secure is your cryptocurrency? Read more to fact-check crypto hacking.
Read next topic Back to learning hub