What Are Public Keys and Private Keys?

By Kirsty Moreland

What are public and private keys? Here, we explain how they work – and what you need to know.

Public and private keys are an integral component of cryptocurrencies built on blockchain networks that are part of a larger field of cryptography known as Public Key Cryptography (PKC) or Asymmetric Encryption. 

The goal of PKC is to trivially transition from one state to another while making reversing the process nearly impossible, and in the process, proving you have a secret without exposing that secret. The product is subsequently a one-way mathematical function, which makes it ideal for validating the authenticity of something (i.e., a transaction) because it cannot be forged. PKC relies on a two-key model, the public and private key, often represented by a padlock (public key) and the actual key to access the padlock (the private key).

Public Key Cryptography (PKC)

Public Key Cryptography (PKC) is built around the mathematical concept of a “Trapdoor Function”. Trapdoor functions, put simply, are mathematics problems that easy to compute in one direction but nearly impossible to reverse.  

Solving this problem will take computers enormous amounts of time (i.e., thousands of years) to compute the correct answer. In the context of PKC, such mathematical tricks like Prime Factorization are the trapdoor functions that make reverse-engineering (i.e., forging) cryptographic signatures impossible because it requires the computer to solve a virtually unsolvable math problem. 

The Concept of Public and Private Keys

The general purpose of PKC is to enable secure, private communication using digital signatures in a public channel with potentially malicious eavesdroppers. In the context of cryptocurrencies, the goal is to prove that a spent transaction was indeed signed by the owner of the funds, and was not forged, all occurring over a public blockchain network between peers. 

When you own cryptocurrencies, what you really own is a “private key.” Your “private key” unlocks the right for its owner to spend the associated cryptocurrencies. As it provides access to your cryptocurrencies, it should – as the name suggests – remain private. 

In addition to a private key, there is also a public key and there is a cryptographic link between the public key and the private key. It’s possible to recover the public key if you own the private key. However it’s impossible to find the private key using only the public key.

Public and private keys are subsequently analogous to an email address and password, respectively. 

You can theoretically create billions of public keys (addresses) from a single private key. However, you only have one private key which functions as your private password only you should know. A private key is imperative to keep safe from prying eyes.

Once you create a public key address, it is publicly visible to all users in the network. This is the address you can share with others to receive cryptocurrencies, such as Bitcoin. When you send cryptocurrency to someone else, they will only see your public address associated with the transaction. However, only the owner of the private key can access the cryptocurrencies sent to that specific public address.

How a Crypto Transaction Works 

Your private key is your personal digital signature which you can use to approve transactions, such as sending cryptocurrencies to other addresses or buying digital assets.

For example, let’s imagine Alice wants to send Bob 1 Bitcoin through a public channel that Charlie is listening to. Firstly, she would set up a transaction that defines how much she wants to send and who she wants to send it to. In this case, she wants to send 1 BTC to Bob using his public address. This creates a transaction hash (or hash output) that only Bob’s private key can read. To explain, a hash output is a fixed-length string of numbers which acts like the blockchain’s version of a receipt.

Alice signs the transaction hash using her private key, which controls her public address. In doing so, she verifies she has the power to send cryptocurrency from this address. Next, nodes authenticate the transaction, verifying the source and its contents. For example, if Alice doesn’t have 1BTC to send, the nodes will reject the transaction. If she does have the funds to send, the transaction will be approved.

As a result, the next time Bob wants to spend the 1BTC, the nodes can approve the transaction. This is because Bob’s private key can read the transaction hash Alice created with his public address.

Charlie is not capable of reading the sensitive information that would allow him to retrieve the BTC. His private key can not translate a hash intended for Bob. Better still, neither Bob’s, nor Alice’s, public keys allow Charlie to intercept the transaction. This is the brilliance of trapdoor functions in action. Charlie cannot reverse-engineer the message or private key of Alice as it’s built using a trapdoor function. 

How Private and Public Keys Work on Bitcoin’s Network

With Bitcoin, transactions are a series of users sending and receiving bitcoins to each others’ public addresses as inputs and outputs in Bitcoin’s UTXO transaction model. Alice can publish her public key on the web, and people can send bitcoin to that address knowing that Alice is the owner of the private key to those funds. 

More generally, nodes (people running the Bitcoin software) in Bitcoin automatically check and validate transactions in the network to make sure none of them were forged. To do so, they use basic consensus rules and cryptographic proofs to verify that the public/private key pairs are valid (Proof of work) . As a result, it is nearly impossible to forge transactions in cryptocurrencies like Bitcoin that use PKC since they are protected by the assumptions of mathematical proofs. 

Keep learning! If you enjoy getting to grips with crypto and blockchain, check out our School of Block video How to Keep Your Crypto Safe.