Symmetric and asymmetric cryptography
When we think of cryptography, we usually think of what is known as symmetric cryptography. In it, a key encrypts a message, which is then sent to the recipient over an insecure channel. Anyone accessing the message will find only an apparently random set of letters or bits. Only in possession of the key can one decrypt and recover the original message. This encryption is symmetric because the key used to encrypt is the same one used to decrypt.
In the mid-1970s, asymmetric cryptography, or public-key cryptography, was invented. It has this name because it uses two keys, a public one and a private one. This invention solves a crucial problem in symmetric cryptography, that is key exchange. Before asymmetric cryptography, parties exchanging messages had to find a secure channel to exchange the key, either in person or through trusted messengers. In public-key cryptography, a secure channel is not required.
Another application of asymmetric cryptography is in digital signatures, in which a person can sign a message with their private key, thus guaranteeing that the message was sent by them and not someone pretending to be them. Let’s briefly study these two applications. First, encrypt messages without having to agree on a key beforehand. Then the case of digital signatures.
Let’s say Alice wants to securely send a message to Bob. First, she asks for Bob’s public key, which everyone can know. Since the public key is public, Bob can send it to Alice over an insecure channel. Using Bob’s public key, Alice encrypts the message and sends the encrypted message to Bob, also through an insecure channel, since there is no problem with the message being captured. No one except Bob, who has his private key, can decrypt the message.
Now, let us look at the second case: digital signatures.
Let’s say Alice now wants to send a message to Bob, and Bob wants a guarantee that the message was sent by Alice, not someone pretending to be her. Bob has Alice’s public key, which is known to everyone. When sending the message to Bob, Alice uses her private key to sign it and sends the message signature along with it. In possession of the message and the signature, Bob can use Alice’s public key to verify that it was Alice who sent the message.
Note that Bob can verify that the message was signed with Alice’s private key without knowing the private key. This is the basis of the digital certificates widely used on the Internet to ensure website security. Digital signatures are used extensively on the blockchain to prove that transactions said to be sent from a particular account were actually generated by it. That’s why you should never reveal your private key. Anyone with access to your private key can sign transactions as if they were you. In other words, blockchain accounts are controlled by private keys.