Understanding the mechanism of public-key cryptography and its application to Practical Blockchain

What is PKC

Public Key Cryptography (PKC) is also known as asymmetric cryptography, and it is a security technology that combines two different keys to protect information. In traditional symmetric cryptography, a single key is used for both encryption and decryption, whereas PKC uses a pair of keys divided into two roles: a public key and a private key. This innovative mechanism fundamentally addresses modern computer security issues and serves as the foundation for blockchain and the virtual currency ecosystem.

The Security Benefits of Key Pairs

The biggest feature of PKC is that the public key can be shared freely. The sender uses the recipient's public key to encrypt the message, which can only be decrypted by the recipient using the corresponding private key. The two keys are mathematically linked, but it is computationally almost impossible to deduce the private key from the public key.

In particular, the RSA algorithm generates a key pair from the product of two large prime numbers. Developed in 1977 by Rivest, Shamir, and Adleman, this technology still functions as an industry standard today. Typically, key lengths of 1,024 to 2,048 bits are used, significantly increasing the difficulty of cracking.

Solutions to the Problems of Symmetric Cryptography

Traditional symmetric encryption had a critical weakness. Since the same key is used for both encryption and decryption, it is necessary to transmit that key over an insecure channel to the other party. If a third party intercepts it along the way, all messages can be read. Even with technologies like Diffie-Hellman-Merkle key exchange, the risk of attacks still remains.

In contrast, with PKC, making the public key literally “public” does not affect security. As long as the private key is kept secure, information can be exchanged safely over any communication channel.

Guaranteeing the Authenticity of Data with Digital Signatures

Another use of PKC is digital signatures. A hash generated from a message is signed with a private key, and the recipient verifies it with the sender's public key. This allows for confirmation of the message's origin and ensures that it has not been tampered with. In some cases, the hash itself may also be encrypted along with the message.

Utilization in Blockchain and Virtual Currency

PKC is at the core of blockchain technologies such as Bitcoin and Ethereum. A pair of public and private keys is generated when creating a wallet. The wallet address is derived from the public key, and it is safe to share this with others. On the other hand, the private key is used for transaction signing and verifying the movement of funds, so it must be kept absolutely secret.

Interestingly, Bitcoin and Ethereum adopt a specific PKC method called the Elliptic Curve Digital Signature Algorithm (ECDSA). Since ECDSA only performs signature generation and not encryption, the blockchain does not actually rely on encryption technology itself. Once a transaction is verified, its record is added to the blockchain ledger, ensuring that only the person holding the corresponding private key can move the funds.

Challenges in the Implementation of PKC

While having an advantage in terms of security, PKC has several limitations. Due to the involvement of complex mathematical operations, the processing speed may decrease when handling large amounts of data. Furthermore, managing the private key is an absolute requirement. If the private key is leaked, the security of all messages encrypted with that public key is compromised. Additionally, accidentally losing the private key can make access to the encrypted data permanently impossible.

Examples of Application in Daily Life and Business

PKC is used for all important communications, such as email, SSL/TLS protocols for websites, and online banking transactions. The Secure Sockets Layer (SSL) also employs asymmetric cryptography to achieve secure web connections. Moreover, its applications continue to expand, including considerations for building more secure electronic voting systems.

Summary

Public key cryptography is the guardian of modern digital systems, from computer security to blockchain technology. By utilizing pairs of public and private keys, it addresses the fundamental issues of symmetric cryptography and achieves a higher level of security. PKC has continued to evolve over decades, with new applications being developed, particularly in the field of cryptocurrencies.