Skip to content

Private Keys

What Is a Private Key?

From a mathematical perspective, a private key is simply a randomly generated positive integer.

From a practical perspective, a private key is a key that can be used to spend funds (which is why we must safeguard our private keys).

Below is a more precise description from a technical standpoint:

A private key is a number obtained from a random number generator within a specific range of positive numbers, possessing cryptographically strong randomness.

In most cases, computers use Pseudo-Random Number Generators (PRNGs) to produce these random positive integers (truly random number generators are hard to come by -- they typically require specialized hardware and use physical sources such as thermal noise in circuits or precise timing from Geiger counters). A PRNG is a cryptographically enhanced function that requires a seed value with sufficient entropy as input.

Entropy is a complex concept, but its purpose is simple: to introduce unpredictability into the function. By using a secure source of entropy, a PRNG can produce pseudo-random numbers whose probability of being non-random is negligible (within an acceptable specific range).

When creating an Ethereum or Bitcoin private key, the PRNG's range spans from 1 to 2^256 - 1 (imagine a combination lock made up of digits 0 through 9, that is 78 digits long). Because this range is so vast, the probability of generating two identical private keys is negligibly low -- which is why it is extremely unlikely that another user would create a private key identical to yours. Your private key is selected from an enormous set of integers -- roughly comparable to the total number of visible atoms in the entire universe.

Private Keys, Public Keys, and Addresses

Since private keys must remain secret, we also need a mechanism to identify the destination of sent funds. Therefore, all blockchains have introduced the concept of an "address." An address is the storage location for cryptographic assets and can be shared with anyone (if needed), so they can see your cryptographic asset balance.

A blockchain address is created from a public key to ensure that you are the owner of that address. Going further back, the public key is generated from the private key. This process is one-way -- meaning you can compute the account address from the private key, but you cannot reverse-engineer the private key from the account address.

Private Key to Public Key

The diagram above shows the process of generating a public key from a private key. This one-way process is achieved through a cryptographic trapdoor function. A trapdoor function is a one-way function where a given input yields a unique output, but the original input cannot be derived from the output. Different blockchain ecosystems use different one-way functions. For example, the most popular blockchain systems use algebraic structures based on elliptic curves to generate public keys. Regardless of the specific characteristics of these algebraic structures, the result is always deterministic: a public key is uniquely paired with a private key -- the same private key will always generate the same public key.

Public Key to Address

The diagram above shows the process of generating an address from a public key. Blockchain addresses are also computed using one-way functions -- specifically, hash functions. Both Bitcoin and Ethereum addresses are created from public keys using one or more cryptographically enhanced hash functions, though different blockchains use different algorithms. Given how these hash functions operate, you can be confident that the blockchain address corresponding to your public key and private key is unique.

The Significance of Private Keys for Cryptocurrency

Ultimately, holding cryptocurrency means holding private keys. In the physical world, owning property typically means possessing a deed or receipt with your name on it, but in the cryptocurrency world, owning an asset means possessing a piece of information. In short, holding the private key is equivalent to owning the cryptographic assets that key controls.

All assets can be manipulated through transactions. In the physical world, transactions usually require a signature for authorization. However, in the cryptocurrency world, all transaction authorization must use the corresponding private key. The role of the private key is to work with cryptographic algorithms to generate a digital signature for a transaction. A signed transaction indicates that the private key holder has authorized others to access their held assets. Although anyone can create a transaction related to your digital assets, only the person holding the corresponding private key can sign that transaction.

While forged signatures are a concern in the physical world, the security of the cryptocurrency world is protected by its cryptographic properties.

Reference: https://medium.com/portis/part-one-understanding-private-keys-311389737fbe