## DEV Community

jteacodes

Posted on • Updated on

# Public Key Cryptography

Continuing Alchemy University Ethereum Developer Bootcamp Week One course with public key cryptography.

Disclaimer: Most of the content below is a general summary and retelling of the information from the course.

# Cryptography Historically

Until the 1970s, cryptography was used to encrypt important messages, especially within the military. These messages could not be decrypted even if they were intercepted. An example would be moving each character in a string down one position in the alphabet: "abc" outputs "bcd".

The sender would take the message and pass it through a function to create an encrypted output. But once you know secret to the function, the message was easy to crack.

As cryptography advanced over the years, more complex functions were introduced. An important improvement was the idea of a secret key.

If two parties meet prior to exchanging messages they can both agree upon a particular key. This key plus a function (like the alphabet shift example) could be used together to create a more secure encryption.

Possessing the same keys on both side of the message is considered symmetric-key cryptography. There are downsides to this method, both sides must have the same key beforehand and it was difficult to do this exchange over an unsecured channel unless they met in person.

# Asymmetric Key (Public Key Cryptography)

With the rise of personal computing, people wanted to be able to communicate securely and meeting in person to exchange seemed outdated.

"How could two parties communicate securely without having met beforehand to exchange keys?"

In 1976, Whitefield Diffe proposed the idea of a public key. Initially, many cryptographers dismissed the idea since the whole purpose of an encrypted key was that it was private.

Whitefield had the idea to split the key into two, a private and public key pair, that could:

1. Authenticate: One key signs, the other verifies
2. Encrypt: One key encrypts, the other decrypts

## Asymmetric Key Example

1. Public Key Authentication
Bob shares his public key to the world. He keeps his private key safe and secure. When he uses his private key to encrypt a message, he can share it publicly to be decrypted using his public key. This verifies that only Bob could have written this message because the only key that could have encrypted the message is the corresponding private key that Bob has. An unforgeable digital signature.

2. Public Key Encryption
A message is encrypted using Bob's public key that only Bob can decrypt. This means anyone with Bob's public key that is available to anyone, can securely send him a message.

"Public key cryptography is considered asymmetric encryption in that only one party has access to the private key."

# RSA and ECDSA

Today, RSA and EDSCA are the two popularly used algorithms for public key cryptography.

-The RSA algorithm is based on the idea that it's very easy to find the product of two prime numbers, yet extremely difficult to factor out those two prime numbers if you have the product.
-The ECDSA algorithm uses elliptic curves. It can provide the same level security as other public key algorithms with smaller key sizes, which is the reason it's become quite popular. It is the Digital Signing Algorithm used by Bitcoin, specifically the secp256k1 curve.

# Resource:

Alchemy University: Ethereum Developer Bootcamp