Previous month:
October 2017
Next month:
February 2019

January 2019

Public Key Cryptography - The Backbone of Virtual Currencies

Virtual currencies use advanced cryptography to ensure the security of the system, and in particular a branch of cryptography referred to a Public Key Cryptography (PKC). In earlier times cryptography relied on secret keys that had to be known by both sender and recipient. The sender would encrypt the message with the secret key and the recipient would have to decipher the message with the same key to be able to gain access to its content.  Keys had to be agreed on ahead of time, and strict security measures had to be in place to protect the keys. This type of cryptography is said to be symmetrical, since both parties to the communication use the same keys.

In 1976, Whitfield Diffie and Martin Hellman introduced the concept of PKC, which focused on ways that parties could share symmetric keys. Fo;;owing on from that, the RSA (Rivest–Shamir–Adleman) algorithm was published in 1978 and uses modulo-n arithmetic and prime numbers for encryption and decryption. It remains one of the most commonly used PKC algorithms. Since then there have been numerous alternatives developed, including the popular elliptic curve cryptography (of which there are many practical variants) which was developed in 1985. The main differences in these schemes is the mathematics behind each encryption/decryption algorithm.

So how does it work?  PKC algorithms require the generation of a key pair – a public key and a private key – using advanced mathematics. Even though the mathematical relationship between the key pairs is known, it is not possible (without vast computing power) to determine the private key, even if the formula for generating the public key and the public key itself is known. The difficulty of computing the private key can be increased by increasing key length.

The private key needs to remain secret while the public key can be released to anyone. The private key can be used to encrypt messages. Anyone with the matching public key (it is often broadcast to all users on the network) will be able to decrypt those messages, and know that the message could only have originated from the person who encrypted it with the private key. In this way the message is said to be signed (with the private key) by the sender. A public key can also be used to encrypt a message that can only be read by someone who has access to the private key. The infographic below shows how PKC works in practice.

PKC Apps 1

For more information about the report quoted in this post please visit: