public key vs private key

Bitcoin is a digital currency that doesn’t exist in any physical shape or form, but you can still buy, sell and store it in your digital wallet. How is it possible and what about the public key vs private key? A combination of the recipient’s public key and your private key is what makes a Bitcoin transaction possible.

Bitcoin utilizes peer to peer technology since money can be transferred from one individual to another directly without the involvement of a central bank. All payments are usually recorded on a public ledger. Individuals using software wallet software (public key and private key) can get to send and receive bitcoins electronically through a PC, smartphone or web app.

What is a Private Key?

Bitcoin is well-known for its electronic cash system, but underneath it all runs a secure messaging system built on the Internet. Instead of relaying emails, texts, or web pages, the Bitcoin network processes value-transfer messages called transactions. Private keys help authenticate these messages and identify each other.

Your bitcoin private key is a randomly generated string (numbers and letters), allowing bitcoins to be spent. A private key is always mathematically related to the bitcoin wallet address, but is impossible to reverse engineer thanks to a strong encryption code base.

Bitcoin private key is a secret number generated to allow individuals to spend their bitcoins. When users are issued with a bitcoin address, they are also issued with a bitcoin private key. It is usually a 256-bit number and since it is the golden ticket that allows an individual to spend his or her bitcoins, it needs to be kept safe and securely.

The private key is a secret key that is used to decrypt the message and the party knows it that exchange message. In the traditional method, a secret key is shared within communicators to enable encryption and decryption the message, but if the key is lost, the system becomes void. To avoid this weakness, PKI (public key infrastructure) came into force where a public key is used along with the private key. PKI enables internet users to exchange information in a secure way with the use of a public and private key.

In order to make a transaction, you need to import your private key. However, some wallets may make a transaction without the need of importing the private key. Others will require the private key to be swept. When private keys pass through the procedure of sweeping, a transaction will be broadcast to another address and which will include the balance.

How to Import a Bitcoin Private Key?

How does one import a bitcoin private key? One of the methods includes the use of blockchain.info. This online tool assists users to import private keys easily. This is achieved through their wallet service which is referred to as a hybrid ewallet. Since it is an online tool, it doesn’t store your wallet information. This is kept on your browser as an encrypted file. You are required to issue your password or alias so as to access your account. BIPS also allows the importation of private keys easily by simply allowing the user to either type the key manually from the paper wallet or scan it using a QR reader app through a smartphone’s camera. Other bitcoin private key import providers include Mycelium which provides an android app that can be downloaded from Google play. The app allows one to either scan the code from the paper wallet or by use of cold storage.

Why Is It Important to Keep Your Private Key in a Safe Place?

Any valid transaction bearing a valid signature will be accepted by the Bitcoin network. At the same time, any person in possession of a private key can sign a transaction. These two facts taken together mean that someone knowing only your private key can steal from you.

Many avenues are open to thieves who steal private keys. Two of the most popular are storage media and communications channels. For this reason, extreme caution must be taken whenever storing or transmitting private keys.

Software wallets usually store private keys in a “wallet file” on the main hard drive. Wallets often place this file in a standard, well-known directory, making it an ideal target bitcoin-specific malware.

To counter this threat, software wallets offer an option to encrypt the wallet file. Any attacker gaining access to your wallet file would then need to decrypt it. The difficulty of decryption depends on the quality of the encryption and strength of the password being used. Wallet files can be encrypted on many software wallets by adding a password.

What is a Public Key?

As mentioned earlier, there is also a public key. This causes some confusion, as some people assume that a bitcoin wallet address and the public key are the same. That is not the case, but they are mathematically related. A bitcoin wallet address is a hashed version of your public key.

A public key is obtained by subjecting a private key to a set of mathematical operations defined in a set of standards known as Elliptic Curve Cryptography (ECC). Whereas a private key is an integer, a public key is a 2D coordinate composed of two integers. To make a public key easier to process, it can be transformed into a single value. One approach appends the y-coordinate to the x-coordinate. This technique produces an “uncompressed” public key. A “compressed” public key uses only the x-coordinate with a symmetry flag.

Public key uses asymmetric algorithms that convert messages into an unreadable format. A person who has a public key can encrypt the message intended for a specific receiver. The receiver with the private key can only decode the message, which is encrypted by the public key. The key is available via the public accessible directory.

Bitcoin Address

A private key, which is just a number such as 42, can be transformed mathematically into a public key. A public key is then transformed into an address. Each step is irreversible.

Each of these steps is irreversible. An address can’t generate a public key, nor can a public key generate a private key. This relationship is known as a mathematical trapdoor — a function that’s easy to perform in one direction, but practically impossible to perform in the opposite direction.

An address results from applying a multi-step transformation to a public key. This results in a string of text and digits, usually starting with the number “1”.

Notice that no network is needed at any point in the generation of a private key or the corresponding address. Every computer on the Bitcoin network knows about the mathematical relationship between public and private keys. This enables each participant to select private keys and sign transactions independently of the Bitcoin network.

Encryption

Bitcoin solves problems through a system called public key cryptography. This system uses two pieces of information to authenticate messages. A public key identifies a sender or recipient, and can be distributed to others. A private key creates an unforgeable message signature. Public and private keys are mathematically linked through a signature algorithm, a mathematical procedure for creating identities, signing messages, and validating signatures.

  1. Public-Key Encryption

Public-key encryption, as opposed to secret-key encryption, consists of a pair of keys – the public key which is used to encrypt a message and the private key, which is subsequently used to decrypt the cipher message.

Each private key has only one matching public key. A message encrypted with the public key can only be decrypted with the related private key.

The public key is available to everyone, while the private key is only known to the key holder. There is never the requirement to share a secret key via an insecure channel.

  1. Algorithms

There are 2 broad classes of algorithm – symmetric and asymmetric. Symmetric algorithms use the same key for both encryption and decryption. Asymmetric algorithms, such as public/private key cryptography use one key for encryption and a different, though mathematically related key for decryption.

Asymmetric encryption is a technique that allows anyone to send encrypted messages to a receiver. It is based on cryptographic algorithms for generating matching pairs of public/private keys such that the private key can’t be guessed from the public key.

The public key is then published using techniques such as digital certificates. The private key is configured in encryption enabled software and kept secret.

Symmetric encryption is based solely on private keys. For example, symmetric encryption may be used to encrypt data in storage. It is also used in communications by sharing private keys between endpoints.

In many cases, asymmetric encryption is used to initialize a session and exchange private keys. Then communication is encrypted with symmetric encryption. This is done because symmetric encryption is faster than asymmetric encryption.

  1. One-Way Functions

The concept of encrypting a message with one key and not being able to decrypt with the same key is based on one-way functions. As the name suggests the characteristic of a one-way function is that it is not reversible other than with a trial and error approach.

This can be achieved if there is an infinite amount of values which lead to the same result, if there is some information lost as part of the algorithm or if the time to decrypt takes immensely longer than to encrypt.

  1. RSA Algorithm

RSA (Rivest-Shamir-Adleman), the most widely used asymmetric algorithm, is embedded in the SSL/TLS protocol which is used to provide communications security over a computer network. RSA derives its security from the computational difficulty of factoring large integers that are the product of two large prime numbers (a prime number (or a prime) is a natural number greater than 1 that has no positive divisors other than 1 and itself.). Multiplying two large primes is easy, but the difficulty of determining the original numbers from the total — factoring — forms the basis of public key cryptography security. The time it takes to factor the product of two sufficiently large primes is considered to be beyond the capabilities of most attackers, excluding nation state actors who may have access to sufficient computing power. RSA keys are typically 1024- or 2048-bits long, but experts believe that 1024-bit keys could be broken in the near future, which is why government and industry are moving to a minimum key length of 2048-bits.

  1. Generate Private Key and Public Key

  • To generate a public and a private key pair, you need to pick two prime numbers p = 17and q = 19.
  • Multiply them together to retrieve the number n = 323.
  • Pick another prime e = 7.
  • Calculate the value d. This is done by working out the following equation:
    e* d mod ((p – 1) * (q – 1)) = 1
    7 * d mod 288 = 1
    d = 247

Private key

The private key is d = 247.

p and q are kept secret as well. d can only be calculated if p and q are known.

Public key

The public key is formed by n and e:
n = 323
e = 7

Note that n is the product of two prime numbers. It can only be decomposed into p and q. If p and q are large enough then it is de-facto impossible.

  1. Digital Signatures

Digital signatures are based on asymmetric cryptography and can provide assurances of evidence to origin, identity and status of an electronic document, transaction or message, as well as acknowledging informed consent by the signer. To create a digital signature, signing software (such as an email program) creates a one-way hash of the electronic data to be signed. The user’s private key is then used to encrypt the hash, returning a value that is unique to the hashed data. The encrypted hash, along with other information such as the hashing algorithm, forms the digital signature. Any change in the data, even to a single bit, results in a different hash value. This attribute enables others to validate the integrity of the data by using the signer’s public key to decrypt the hash. If the decrypted hash matches a second computed hash of the same data, it proves that the data hasn’t changed since it was signed. If the two hashes don’t match, the data has either been tampered with in some way (indicating a failure of integrity) or the signature was created with a private key that doesn’t correspond to the public key presented by the signer (indicating a failure of authentication).

A digital signature also makes it difficult for the signing party to deny having signed something (the property of non-repudiation). If a signing party denies a valid digital signature, their private key has either been compromised, or they are being untruthful. In many countries, including the United States, digital signatures have the same legal weight as more traditional forms of signatures.

Behind the Scenes

Besides these key pairs and a bitcoin wallet address, your bitcoin wallet also stores a separate log of all of your incoming and outgoing transactions. Every transaction linked to your address will be stored by the bitcoin wallet to give users an overview of their spending and receiving habits.

Last but not least, a bitcoin wallet also stores your user preferences. However, these preferences depend on which wallet type you’re using and on which platform. The Bitcoin Core client, for example, has very few preferences to tinker around with, making it less confusing for novice users to get the hang of it.

Your bitcoin wallet generates a “master” file where all of the preceding details are saved. For computer users, that file is called wallet.dat. It’s saved on a Windows machine, for example, in the C:\User\Yourname\Documents\AppData\Roaming\Bitcoin\folder. Make sure to create one or multiple backups of this wallet.dat file on other storage devices, such as a USB stick or memory card. The bitcoin wallet software will let you import a wallet.dat file in case your previous file is damaged or lost, restoring your previous settings, including any funds associated with your bitcoin wallet address.

Summing up

Private Key and public key are a part of encryption that encodes the information. Bitcoin is secured through digital message signatures created with a unique private key. This single point of access places a very high value on the secure generation, use, and storage of private keys.

Public and Private key pair helps to encrypt information that ensures data is protected during transmission. What’s the difference between public key and private key? In a nutshell, you can share your public key with others, but keep your private key in a secure place and never show to anyone.

Public Key Private Key
A published key that can be used to send a secure message to a receiver. A secret key that can be used to decrypt messages encrypted with the corresponding public or private key.
Asymmetric Encryption Asymmetric Encryption

Symmetric Encryption