What is Asymmetric Encryption? (Public & Private Keys)

whiteboard crypto logo
Published by:
Whiteboard Crypto

Imagine you have a girlfriend. You really like her and want to write her a love letter so juicy that you decide nobody else can read it, ever. I mean even if it got leaked on the internet, it would be embarrassing and ruin your reputation. So you need to find a way to send her this letter without other people being able to read it. 

You do some reading online and find a method called “symmetric encryption” where you can have a password, or key, that you share with your girlfriend so she can read your letters, even after you encrypt and hide them. 

So you write her this super juicy letter, encrypt it using your password, go to the mailbox and wait patiently until she gets it and texts you “what the heck is this?”. You reply, “It’s a letter describing my infatuation with you, but you’ll need this password to be able to read it: xxxxxx”. Now she uses the same password, decrypts it, and decides she wants to give you some of her goodies. 

So she comes over and brings some chocolates with her. While she is over and feeding you chocolates, she gets a text from her sister and so you ask about her sister, then you find her sister on Facebook, and before you know it, you are considering writing a similar letter to her sister. 

Now, before we continue, you should know this analogy is very basic but should help you understand asymmetric encryption. The next day, you write another super juicy letter about your physical needs, but you are intending to send it to your girlfriend’s sister. So you use the same password to encrypt the message, and… you guess what happens next, mail the letter to your girlfriend’s sister’s house. Luckily, your girlfriend’s sister opens the letter, asks about the letter, and you text her the same password that you sent your girlfriend. 

Now we have a problem. Because a few days later, you get a letter in the mail. See, the issue with sending your password is that anyone with it can encrypt messages with it too. Opening the letter in the mail, you realize that it is encrypted, but you have no idea who it is from. Is it from your girlfriend or your girlfriend’s sister? You try to read who it’s from, but it just says “your lover”. Now we have a big problem. 

You might say, why didn’t you just send a different password to both girls? Well, you could, but you didn’t intend on them messaging you back anyways, just on them reading your messages. 

Next thing you know, your girlfriend’s sister left her second note to you laying around on the table… and your girlfriend saw it… and now they know what games you’re playing because they both have the same key and both can read the message. In reality, you realize that anyone with your secret password… they can write a message and don’t even have to say who they are – you brother could write a nasty letter to your girlfriend if he had the password and act as if it were you. 

This is where asymmetric encryption comes in. You do some studying on theoretical physics and invent a time machine, go back a few weeks and still decide to write your girlfriend a letter. This time though, you use a different encryption method. 

You use something called Asymmetric Encryption. This time, you have two passwords. One for creating the message, and one for just reading the message. So you encrypt your love letter with your private key, mail it to your girlfriend, she asks like she did the first time, and this time you give her your public key. She reads your letter, decides again to give you some of her goodies, brings chocolates over, and because you had such a good time last go ‘round, you ask about her sister, and then this time… you are equipped with asymmetric encryption. So you write your girlfriend’s sister a letter, but this time you only give her the public key so she can’t write back… that way you aren’t confused. 

Only the person with the private key can write messages, and that’s you. Only the people with the public key can read the messages, that’s you, your girlfriend, and your girlfriend’s sister. Let me say that again, only YOU can create messages, but You and your circle of trouble can read them. 

However, your girlfriend’s sister wants to write you a letter. So she has her own private key and public key. Now she writes a letter, encrypts it with her private key and mails it to you. You ask her for her public key, and now you can read her letter. In this situation, only SHE can create the messages, and only you and her can read them (because you have the public key). 

So when you have a cryptocurrency wallet, you actually have two keys in a similar manner. 

There is a public key that you can share with your friends so they can pay you, but there is also a private key. You do not want anyone else to have the private key.

Think about it like this, your public key is actually also your address, like a paypal email. Anyone with the public address can send you money just like they would if they had your paypal email. 

In the first analogy, the public key was still a key, we didn’t want everyone reading out secret love messages, but this is a blockchain, we want EVERYONE to be able to see what we are sending, so we share our public key. Your public key is used to see what message you wrote, but it’s also your address. 

However, in this example, your private key is the password to your email. If you share this, they can have complete and total access to your money. They could write love letters or send transactions as if they were you. 

With your public key, you can only receive transactions, and with your private key you can send them. Just like the love letters. 

They are related too. In fact, your public key is generated with your private key. If you ever forget your public key (or your address), you can use your password to regenerate it. However, someone who knows your public key can’t find out your private key unless you tell them. When you send some money on a blockchain, you use your private key to sign that you actually want to send that money. This way other people can’t say “this guy paid me $50”… because we can check if they paid with the private key. 

So you use your private key to stamp a transaction, and other people use your public key to ensure that it was actually stamped by you. 

Its kinda confusing, but here’s an example where your name is Bill. 

01 – Bill pays Bob $50 – 3xk1k48x

The first number is a unique number. There is a purpose I’ll explain in a bit

The second part is the transaction. It’s you saying you’re paying bob $50. 

The third part is the part where you prove it’s you. You’re essentially taking your private key and using it to encrypt the first two parts, or “01 – Bill Pays Bob $50” and that those letters and numbers is what it comes up with. Other people can check it’s really you by taking your public key and using it to check if “01 – Bill pays Bob $50” equals “3xk1k48x”. If it does, they know it’s a real transaction. If it is, they know the ONLY person who made that transaction and then produced those random numbers/letters actually had the private key. 

So think about it like this:

Your private key + a transaction = a stamp at the end of the transaction

Anybody else who has your public key can check it: 

Your public key + a transaction + the right stamp = It’s true

Your public key + a transaction + the wrong stamp = It’s false

However, your private key can GENERATE the stamp, while the public key can only CHECK the stamp. 

Now, the problem is what if Bob was like, I’ll just take that and copy/paste your transaction 3 times, so I get $150. Right? Well, this is where the 01 comes into play. The block chain doesn’t allow duplicate payments, it’s just coded in a way that will fail if you try. So if we wanted to pay Bob $150 in 3 payments, the transaction would have to look like this:

01 – Bill pays Bob $50 – 3xk1k48x

02 – Bill pays Bob $50 – 4kdj68qq

03 – Bill pays Bob $50 – nak311ku

By changing one thing in the transaction, we completely change how we are signing it. The stamp is way different because we changed one number. If this is a bit confusing, we recently just posted a video about something called Cryptographic hashing functions, you’ll understand it much better if you watch it. Anyways, other people can tell it’s still us by checking it with our public key. They just do the math and see “yep, that was Bill”.

Since your public key is public, anyone can read all your transactions, they’re not really secret, but what should be secret is your ability to write and create transactions… which is what your private key is for. 

So, to wrap this up, cryptocurrency wallets have 2 keys. One is public and one is private. The public one is your address, it’s what you give other people when you want them to send you money. It is also used to check any transaction that you make – to make sure it’s valid and that someone didn’t spend your money. The private key is used to create a stamp for any transaction that you want to send, to ensure that nobody else can send your money, but it’s in a way that other people can verify that you actually want to send the money by using your public key. 

whiteboard crypto logo

WhiteboardCrypto is the #1 online resource for crypto education that explains topics of the cryptocurrency world using analogies, stories, and examples so that anyone can easily understand them. Growing to over 870,000 Youtube subscribers, the content has been shared around the world, played in public conferences and universities, and even in Congress.