Public Key Cryptography¶

Overview¶

Public Key Cryptography, also known as Asymmetric Cryptography, is a cornerstone of modern cryptography. Unlike symmetric cryptography, which uses the same key for encryption and decryption, public key cryptography uses a pair of keys: a Public Key for encryption or signature verification, and a Private Key for decryption or signature generation.

The concept of public key cryptography was first proposed by Whitfield Diffie and Martin Hellman in their 1976 paper "New Directions in Cryptography," ushering in a new era of modern cryptography.

Core Properties¶

Key Pair Separation: - The public key can be freely distributed; anyone can obtain it - The private key must be kept strictly secret; only the owner knows it - It is computationally infeasible to derive the private key from the public key

Two Major Functions: 1. Encrypted Communication: Encrypt with the public key, decrypt with the private key, ensuring confidentiality 2. Digital Signatures: Sign with the private key, verify with the public key, ensuring authenticity and integrity

Main Algorithms¶

RSA (Rivest-Shamir-Adleman): - Proposed in 1977 by Rivest, Shamir, and Adleman - Based on the difficulty of large integer factorization - Key length typically 2048 bits or 3072 bits and above - Can be used for both encryption and signatures

Elliptic Curve Cryptography (ECC): - Based on the Elliptic Curve Discrete Logarithm Problem (ECDLP) - Shorter keys at the same security level: 256-bit ECC is equivalent to 3072-bit RSA - Higher computational efficiency and smaller footprint - Common curves: secp256k1 (Bitcoin), secp256r1, Curve25519

Other Algorithms: - DSA/ECDSA: Digital Signature Algorithm - ElGamal: Encryption based on Diffie-Hellman - EdDSA: Edwards curve digital signatures (e.g., Ed25519)

Digital Signatures¶

How It Works: 1. The sender signs the message (or message hash) with their private key 2. The receiver verifies the signature using the sender's public key 3. If verification passes, it confirms the message came from the private key holder and was not tampered with

Use Cases: - Software release verification (ensuring software has not been tampered with) - Electronic document signing (legal validity) - Blockchain transactions (proving asset ownership) - SSL/TLS certificates (verifying website identity)

Applications in Blockchain¶

Account System: - Private key -> Public key -> Address - Private key is used to sign transactions - Public key is used to verify signatures and generate addresses

Bitcoin: Uses the secp256k1 elliptic curve and ECDSA signatures

Ethereum: Also uses secp256k1; addresses are the last 160 bits of the public key hash

Next-Generation Blockchains: - Solana, Cardano, and others use Ed25519 - Higher signature verification performance

Performance Comparison¶

Feature	Symmetric Encryption	Asymmetric Encryption
Key Management	Complex (requires secure sharing)	Simple (public key can be shared)
Speed	Fast (~1000x)	Slow
Key Length	Short (128-256 bits)	Long (RSA 2048+, ECC 256+)
Use Case	Bulk data encryption	Key exchange, signatures

Hybrid Encryption: In practice, asymmetric encryption is commonly used to exchange symmetric keys, which are then used for bulk data transmission, combining the advantages of both.

Security Considerations¶

Recommended Key Lengths (as of 2025): - RSA: Minimum 2048 bits, recommended 3072 bits or 4096 bits - ECC: Minimum 224 bits, recommended 256 bits or higher - Symmetric encryption: Minimum 128 bits, recommended 256 bits

Quantum Threat: - Shor's algorithm can quickly factor large integers and solve discrete logarithms on a quantum computer - Both RSA and ECC are insecure against quantum computers - Transition to post-quantum cryptographic algorithms is needed

Key Management: - Private key compromise means complete loss of security - Secure key generation, storage, and destruction mechanisms are needed - Hardware Security Modules (HSMs), Trusted Execution Environments (TEEs)