Types of Cryptography. Public and Private Keys within the Ethereum Protocol.
All you need to know on a deep level, explained concisely in simple English.
Hello fren,
It has been a while. Today's article will cover the essentials that you need to know about the main cryptographic components of Ethereum - what are public and private keys, as well as the difference between symmetric and asymmetric cryptography.
It may seem like a lot, but do not worry - I have spent the past days carefully picking out what you only need to know on a basic and advanced level. Don't be afraid of the "advanced" part. I understood it so rest assured that you will too. Let's begin!
Asymmetric vs. symmetric cryptography
These are A and B of cryptography. To your surprise, neither Vitalik nor Satoshi are the pioneers of encryption. It has been around ever since Julius Caesar. A short history lesson imminent:
Symmetric cryptography
Before sending his generals to the battlefield, Caesars would give them a cypher that only they and he owned. The empire was vast enough and required constant communication with Rome regarding outcomes of battles, supplies etc. The messages Caesar and the generals used to communicate would look jibberish:
Plaintext: THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG /// what Caesar meant
Ciphertext: QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD /// what Caesar wrote
Why? Simple - if the message was in plain text and the messenger gets attacked while transporting it, the attackers would just take the message, read it, and then use the information against the Roman army. Writing the message in with the cyphered text ensured that only the people who own the cypher would be able to read it.
The message arrives at one of the generals. The general reaches his pocket and opens the cypher that Ceasar gave him. It would look like this:
Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Cipher X Y Z A B C D E F G H I J K L M N O P Q R S T U V W
The general will then replace every letter from the jibberish text with the corresponding one from the cypher and gets the message:
THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG.
The general is enlightened! The empire is saved because of the brown fox!
This is the most simple example of symmetric encryption. Symmetry means that every part looks the same. In Caesar's case the cyphers that the receiver and the sender used to encrypt and decrypt the messages are the same.
The flaw of this type of encryption - say the general lost a battle and got beheaded by a chad Viking warrior. He now owns the cypher and can decode every message that Caesar sends to his generals from now on. He goes back to his village and says "Ladies and gentlemen, we got him"".
Asymmetric cryptography
Also known as public key cryptography, this is one that no Viking would be able to break. Invented in the Early 1970s by the British intelligence, it consists of two main parts - a private and a public key. When someone wants to send an encrypted message, they can pull the intended recipient's public key from a public directory (the Ethereum blockchain) and use it to encrypt the message before sending it. The recipient of the message can then decrypt it using their related private key. This is why it is called asymmetric - because the sender and receiver use different keys to encrypt and decrypt the message.
In Ethereum terms, your address is derived from your public key. If I owe you 5 ether, you will send me your address and I will use my private key to sign a transaction which will include these 5 ether. A good representation of the same idea is with banking - think of your Ethereum address as your IBAN, while your private key is the token device which you use for online payments.
Unpopular crypto knowledge #1 - your Ethereum public key is derived from your private key.
Let's get to understand how this happens.
Private key
As you probably have inferred by now, this is the "password" for accessing your wallet (not to be confused with the Metamask password that you type when opening it). Actually, it possesses the properties of both a password with which you can retrieve your wallet, and a signature, with which the transactions that you make with your wallet are signed. Important thing to point out here - "signing" a transaction on the Ethereum blockchain requires your private key, but it never exposes it to the receiver. This is thanks to a thing called "digital signature", which will be discussed in one of my next articles.
A private key is simply a random number. But not a simple one, as it can be anything between 1 and 10 to the power of 77 (1 with 77 zeroes). In comparison, the atoms in the observable part of the universe are estimated at 10 to the power of 80. Mind-bending!
"So, you are telling me that when I create a wallet with Metamask or any other wallet client, it connects to the blockchain, and generates this random number for me?"
Well, not really. The tool which is used to generate your private key is in your very own computer.
Unpopular crypto knowledge #2 - generation of the private key, when creating a wallet with any Ethereum client happens *offline*, without accessing the network.
The client with which you will create your wallet will use the random number generator of the operating system of your computer. The result is a 256-bit number. On the Ethereum protocol, however, the private key is represented in a hexadecimal format, so the number would actually look like this:
f8f8a2f43c8376ccb0871305060d7b27b0554d2cc72bccf41b2705608452f315
Enough with the private key.
Public key and your Ethereum address
As we stated previously, your address acts like an "IBAN" in the Ethereum network. But how is it generated?
This happens with your public key. And this key is created with the help of something called an elliptic curve. It looks like this:
See the coordinate system? If you remember your 6th-grade math lessons, you will know that each point on a coordinate system has its x and y coordinates. The public key represents a point on this elliptic curve (meaning it is a combination of its x and y coordinates).
The equation with which the public address is generated looks like this:
K = k * G
k - is the private key that we generated previously;
G - is a randomly generated point on this curve, called generator point;
∗ - This is a multiplication sign (lol). Not a normal one though. It represents elliptic multiplication, which has nothing to do with the one we know from elementary school. Without getting into confusing details, let's just say that this multiplication is so different from the ordinary one that we use in our everyday lives, that even if someone knew your public key K and the generator point G, he would not be able to figure out k, because there is no division, hence he cannot simply divide K by G to find the private key k!
Public key K (x and y coordinates concatenated and shown hexadecimal format):
K = 6e145ccef1033dea239875dd00dfb4fee6e3348b84985c92f103444683bae07b83b5c38e5e...
This leads us to:
Unpopular crypto knowledge #3 - elliptic curve cryptography is one-way. Simply put, you can always derive your public key if you have your private key but never vice versa!
Ok, so this K thing (our public key) is a randomly-generated point on the elliptic curve and represents a number, which is made of this point's coordinates. But we need some more work to have a full-fledged Ethereum address. We need to implement an additional layer of security and it is to run a hashing function on it.
To do this, we run Ethereum's hash function, called keccak256. It hashes our public key and returns another number, represented in hexadecimal format. The result is as follows:
2a5bc342ed616b5ba5732269001d3f1ef827552ae1114027bd3ecf1f086ba0f9
And here comes the important part:
Although the terms public key and Ethereum address are used interchangeably, they are not the same. The public key is the result of the elliptic curve multiplication. The Ethereum address is :
the last 40 characters of the result of passing the public key through a keccak256 function and appending 0x in front of it.
Keeping only the last 40 characters of the result from the keccak256 function and adding 0x as a prefix (it is just to indicate that the address is hexadecimal) leads us to our Ethereum address:
0x001d3f1ef827552ae1114027bd3ecf1f086ba0f9
And this is how the private and public keys are generated behind the scenes. Finally, let's sum it up for a good TLDR:
Symmetric cryptography has only one key, owned by the sender and recipient, which is used to both encrypt and decrypt the message.
Asymmetric cryptography involves a set of private and public keys. When someone wants to send an encrypted message, they can pull the intended recipient's public key from a public directory (the Ethereum blockchain) and use it to encrypt the message before sending it. The recipient of the message can then decrypt it using their related private key.
The private key of your wallet acts as both a password (for recovering your wallet) and a signature (to sign transactions, without exposing itself to the recipient.)
The private key is generated offline via your operating system's built-in random number generator.
The public key is derived via an elliptic curve multiplication. Physically, the public key represents a point on that curve, but we use its number equivalent (which derives from concatenating the coordinates of this point).
In order to generate the public key, the private key must be provided as an input (k) into the following equation:
K = k * G
-The resulting public key (K) is used as an input to a keccak256 hashing function.
-The result of this function is a 256-bit number, represented in hexadecimal format.
-The prefix "0x", concatenated together with the last 40 characters of this number is our Ethereum address.
And this wraps up the article. I hope that you learnt something new. Feel free to supplement your knowledge with the resources that I used and dive even deeper.
WAGMI
References:
Antonopoulos, A.M., Wood, G. and O'reilly Media (2019) Mastering Ethereum : building smart contracts and DApps. Beijing ; Boston ; Farnham ; Sebastopol ; Tokyo: O’reilly, Copyright.
Aimstone. (2018). Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply). [Online Video]. 29 August. Available from: youtube.com/watch?v=muIv8I6v1aE. [Accessed: 2 August 2022].
thenewboston. (2022). Ethereum - Tutorial 3 - Private Keys, Public Keys, and Account Addresses. [Online Video]. 16 January. Available from: youtube.com/watch?v=AiB5x7iDGJ4. [Accessed: 2 August 2022].
J. Aguinaga, (2021). Private Keys: Creating Ethereum Addresses [Online]. ShapeShift. Available at: shapeshift.com/library/private-keys-creatin.. (Accessed: 2 August 2022).
T. Wiesner, (2019). Ethereum Accounts, Addresses, Private and Public Keys [Online]. Vomtom.at. Available at: vomtom.at/ethereum-private-and-public-keys (Accessed: 2 August 2022).