How Does Blockchain Technology

Work?
As stated in our guide “What is Blockchain Technology?”, there are three
principal technologies that combine to create a blockchain. None of them are
new. Rather, it is their orchestration and application that is new.

These technologies are: 1) private key cryptography, 2) a distributed network

with a shared ledger and 3) an incentive to service the network’s transactions,
record-keeping and security.

The following is an explanation of how these technologies work together to

secure digital relationships.

Cryptographic keys
Two people wish to transact over the internet.

Each of them holds a private key and a public key.

The main purpose of this component of blockchain technology is to create a
secure digital identity reference. Identity is based on possession of a
combination of private and public cryptographic keys.

The combination of these keys can be seen as a dexterous form of consent,

creating an extremely useful digital signature.

In turn, this digital signature provides strong control of ownership.

But strong control of ownership is not enough to secure digital relationships.

While authentication is solved, it must be combined with a means of approving
transactions and permissions (authorisation).

For blockchains, this begins with a distributed network.

What is Public Key

Cryptography?
Intermediate
Published Jan 31, 2019Updated Nov 9, 2022
5m

Introduction
Public key cryptography (PKC), also known as asymmetric
cryptography, is a framework that uses both a private and a public
key, as opposed to the single key used in symmetric cryptography.
The use of key pairs gives PKC a unique set of characteristics and
capabilities that can be utilized to solve challenges inherent in other
cryptographic techniques. This form of cryptography has become an
important element of modern computer security, as well as a critical
component of the growing cryptocurrency ecosystem.

How does public key cryptography

work?
In a PKC scheme, the public key is used by a sender to encrypt
information, while the private key is used by a recipient to decrypt it.
Because the two keys are different from one another, the public key
can be safely shared without compromising the security of the private
one. Each asymmetric key pair is unique, ensuring that a message
encrypted using a public key can only be read by the person who
possesses the corresponding private key.
Because asymmetric encryption algorithms generate key pairs that
are mathematically linked, their key lengths are much longer than
those used in symmetric cryptography. This longer length - typically
between 1,024 and 2,048 bits - makes it extremely difficult to compute
a private key from its public counterpart. One of the most common
algorithms for asymmetric encryption in use today is known as RSA.
In the RSA scheme, keys are generated using a modulus that is
arrived at by multiplying two numbers (often two large prime
numbers). In basic terms, the modulus generates two keys (one public
that can be shared, and one private that should be kept in secret). The
RSA algorithm was first described in 1977 by Rivest, Shamir, and
Adleman (hence, RSA) and remains a major component of public key
cryptography systems.
PKC as an encryption tool
Public key cryptography solves one of the long-standing problems of
symmetric algorithms, which is the communication of the key that is
used for both encryption and decryption. Sending this key over an
insecure connection risks exposing it to third parties, who can then
read any messages encrypted with the shared key. Although
cryptographic techniques (such as the Diffie-Hellman-Merkle key
exchange protocol) exist to solve this problem, they are still vulnerable
to attacks. In public key cryptography, by contrast, the key used for
encryption can be shared securely over any connection. As a result,
asymmetric algorithms offer a higher level of protection when
compared to the symmetric ones.

Generating digital signatures

Another application of asymmetric cryptography algorithms is that of
authenticating data through the use of digital signatures. Basically
speaking, a digital signature is a hash created using the data in a
message. When that message is sent, the signature can be checked
by the recipient using the sender's public key. This way, they can
authenticate the source of the message and ensure that it has not
been tampered with. In some cases, digital signatures and encryption
are applied together, meaning the hash itself may be encrypted as
part of the message. It should be noted, however, that not all digital
signature schemes use encryption techniques.

Limitations
Although it can be used to enhance computer security and provide
verification of message integrity, PKC does have some limitations.
Owing to the complex mathematical operations involved in encryption
and decryption, asymmetric algorithms can be quite slow when forced
to deal with large amounts of data. This type of cryptography also
depends heavily on the assumption that the private key will remain
secret. If a private key is accidentally shared or exposed, the security
of all messages that have been encrypted with its corresponding
public key will be compromised. It is also possible for users to
accidentally lose their private keys, in which case it becomes
impossible for them to access the encrypted data.

Applications of public key cryptography

This type of cryptography is used by many modern computer systems
to provide security for sensitive information. Emails, for example, can
be encrypted using public key cryptography techniques to keep their
contents confidential.
The secure sockets layer (SSL) protocol that makes secure
connections to websites possible also employs asymmetric
cryptography. PKC systems have even been explored as a means of
providing a secure electronic voting environment that would potentially
allow voters to participate in elections from their home computers.
PKC also features prominently in blockchain and cryptocurrency
technology. When a new cryptocurrency wallet is set up, a pair of keys
is generated (public and private keys). The wallet address is
generated using the public key and can be securely shared with
others. The private key, on the other hand, is used for creating digital
signatures and verifying transactions, and therefore, must be kept in
secret.
Once a transaction has been verified by confirming the hash
contained in the digital signature, that transaction can be added to the
blockchain ledger. This system of digital signature verification ensures
that only the person who has the private key associated with the
corresponding cryptocurrency wallet can move the funds.
It should be noted that the asymmetric cryptography used in
cryptocurrency applications are different from those used for computer
security purposes. Bitcoin and Ethereum, for instance, use a specific
algorithm to verify transactions, known as the Elliptic Curve Digital
Signature Algorithm (ECDSA). Also, the ECDSA creates digital
signatures without the use of encryption. This means that blockchain
doesn't need encryption, unlike many tend to believe.

Closing thoughts
From computer security to verifying cryptocurrency transactions,
public key cryptography plays an important role in securing modern
digital systems. By using paired public and private keys, asymmetric
cryptography algorithms resolve fundamental security concerns
presented by symmetric ciphers. Although PKC has been in use for
many years, new uses and applications are regularly being developed
for it, particularly in the blockchain and cryptocurrency space.

Symmetric vs. Asymmetric

Encryption
Cryptographic systems are currently divided into two major fields of
study: symmetric and asymmetric cryptography. While symmetric
encryption is often used as a synonymous of symmetric cryptography,
asymmetric cryptography embraces two primary use cases:
asymmetric encryption and digital signatures.
Therefore, we may represent these groups as follows:
 Symmetric key cryptography
o Symmetric encryption
 Asymmetric cryptography (or public-key cryptography)
o Asymmetric encryption (or public-key encryption)
o Digital signatures (may or may not include encryption)
This article will focus on symmetric and asymmetric encryption
algorithms.

Symmetric vs. asymmetric encryption

Encryption algorithms are often divided into two categories, known as
symmetric and asymmetric encryption. The fundamental difference
between these two methods of encryption relies on the fact that
symmetric encryption algorithms make use of a single key, while
asymmetric encryption makes use of two different but related keys.
Such a distinction, though apparently simple, accounts for the
functional differences between the two forms of encryption techniques
and the ways they are used.

Understanding encryption keys

In cryptography, encryption algorithms generate keys as a series of
bits that are used for encrypting and decrypting a piece of information.
The way in which those keys are employed accounts for the difference
between symmetric and asymmetric encryption.
While symmetric encryption algorithms use the same key to perform
both the encryption and decryption functions, an asymmetric
encryption algorithm, by contrast, uses one key to encrypt the data
and another key to decrypt it. In asymmetric systems, the key used for
encryption is known as the public key and can be freely shared with
others. On the other hand, the key used for decryption is the private
key and should be kept in secret.
For example, if Alice sends Bob a message that is protected by
symmetric encryption, she needs to share the same key she used for
encryption with Bob so that he can decrypt the message. This means
that if a malicious actor intercepts the key, they are able to access the
encrypted information.
However, if Alice uses an asymmetric scheme instead, she encrypts
the message with Bob’s public key, so Bob will be able to decrypt it
with his private key. Thus, asymmetric encryption offers a higher level
of security because even if someone intercepts their messages and
finds Bob’s public key, they are not able to decrypt the message.

Key lengths
Another functional difference between symmetric and asymmetric
encryption is related to the length of the keys, which are measured in
bits and are directly related to the level of security provided by each
cryptographic algorithm.
In symmetric schemes, the keys are randomly selected, and their
lengths are usually set at 128 or 256 bits, depending on the required
level of security. In asymmetric encryption, however, there must be a
mathematical relationship between the public and private keys,
meaning that there is a mathematical pattern between the two. Due to
the fact that this pattern can potentially be exploited by attackers to
crack the encryption, asymmetric keys need to be much longer to
present an equivalent level of security. The difference in key length is
so pronounced that a 128-bit symmetric key and a 2,048-bit
asymmetric key offer roughly similar levels of security.

Advantages and disadvantages

Both types of encryption have advantages and disadvantages relative
to one another. Symmetric encryption algorithms are much faster and
require less computational power, but their main weakness is key
distribution. Because the same key is used to encrypt and decrypt
information, that key must be distributed to anyone who would need to
access the data, which naturally opens up security risks (as previously
illustrated).
Conversely, asymmetric encryption solves the problem of key
distribution by using public keys for encryption and private keys for
decryption. The tradeoff, however, is that asymmetric encryption
systems are very slow by comparison to symmetric systems and
require much more computing power as a result of their vastly longer
key lengths.

Use cases
Symmetric encryption
Because of its greater speed, symmetric encryption is widely used to
protect data in many modern computer systems. For example, the
Advanced Encryption Standard (AES), is used by the United States
government to encrypt classified and sensitive information. The AES
replaced the previous Data Encryption Standard (DES), which was
developed in the 1970s as a standard for symmetric encryption.

Asymmetric encryption
Asymmetric encryption can be applied to systems in which many
users may need to encrypt and decrypt a message or set of data,
especially when speed and computing power are not primary
concerns. One example of such a system is encrypted email, in which
a public key can be used to encrypt a message, and a private key can
be used to decrypt it.

Hybrid systems
In many applications, symmetric and asymmetric encryption are used
together. Typical examples of such hybrid systems are the Security
Sockets Layer (SSL) and the Transport Layer Security (TLS)
cryptographic protocols, which were designed to provide secure
communication within the Internet. The SSL protocols are now
considered insecure and its use should be discontinued. In contrast,
the TLS protocols are deemed safe and have been extensively used
by all major web browsers.

Do cryptocurrencies use encryption?

Encryption techniques are used in many cryptocurrencies wallets as a
way to provide increased levels of security to the end-users.
Encryption algorithms are applied, for example, when users set up a
password for their crypto wallets, which means the file used to access
the software was encrypted.
However, due to the fact that Bitcoin and other cryptocurrencies make
use of public-private key pairs, there is a common misconception that
blockchain systems make use of asymmetric encryption algorithms.
As previously noted, though, asymmetric encryption and digital
signatures are two major use cases of asymmetric cryptography
(public-key cryptography).
Therefore, not all digital signature systems make use of encryption
techniques, even if they present a public and a private key. In fact, a
message can be digitally signed without being encrypted. The RSA is
one example of an algorithm that can be used for signing encrypted
messages, but the digital signature algorithm used by Bitcoin (named
ECDSA) does not use encryption at all.

Closing thoughts
Both symmetric and asymmetric encryption play important roles in
keeping sensitive information and communications secure in today's
digitally dependent world. Though both can be useful, they each have
their own advantages and disadvantages and so are put to different
applications. As the science of cryptography continues to evolve to
defend against newer and more sophisticated threats, both symmetric
and asymmetric cryptographic systems will likely remain relevant to
computer security.
What Is Symmetric Key
Cryptography?
Intermediate
Published Apr 8, 2019Updated May 29, 2023
5m

Symmetric key cryptography (or symmetric encryption) is a type of

encryption scheme in which the same key is used both to encrypt and
decrypt messages. Such a method of encoding information has been
largely used in the past decades to facilitate secret communication
between governments and militaries. Nowadays, symmetric key
algorithms are widely applied in various types of computer systems to
enhance data security.

How does symmetric encryption work?

Symmetric encryption schemes rely on a single key that is shared
between two or more users. The same key is used to encrypt and
decrypt the so-called plaintext (which represents the message or
piece of data that is being encoded). The process of encryption
consists of running a plaintext (input) through an encryption algorithm
called a cipher, which in turn generates a ciphertext (output).
If the encryption scheme is strong enough, the only way for a person
to read or access the information contained in the ciphertext is by
using the corresponding key to decrypt it. The process of decryption is
basically converting the ciphertext back to plaintext.
The security of symmetric encryption systems is based on how difficult
it randomly guess the corresponding key to brute force them. A 128-bit
key, for example, would take billions of years to guess using common
computer hardware. The longer the encryption key is, the harder it
becomes to crack it. Keys that are 256-bits length are generally
regarded as highly secure and theoretically resistant to quantum
computer brute force attacks.
Two of the most common symmetric encryption schemes used today
are based on block and stream ciphers. Block ciphers group data into
blocks of predetermined size and each block is encrypted using the
corresponding key and encryption algorithm (e.g., 128-bit plaintext is
encrypted into 128-bit ciphertext). On the other hand, stream ciphers
do not encrypt plaintext data by blocks, but rather by 1-bit increments
(1-bit plaintext is encrypted into 1-bit ciphertext at a time).

Symmetric vs. asymmetric encryption

Symmetric encryption is one of the two major methods of encrypting
data in modern computer systems. The other is asymmetric
encryption, which is the major application of public key cryptography.
The main difference between these methods is the fact that
asymmetric systems use two keys rather than the one employed by
the symmetric schemes. One of the keys can be publicly shared
(public key), while the other must be kept in private (private key).
The use of two keys instead of one also produces a variety of
functional differences between symmetric and asymmetric encryption.
Asymmetric algorithms are more complex and slower than the
symmetric ones. Because the public and private keys employed in
asymmetric encryption are to some degree mathematically related, the
keys themselves must also be considerably longer to provide a similar
level of security offered by shorter symmetric keys.

Uses in modern computer systems

Symmetric encryption algorithms are employed in many modern
computer systems to enhance data security and user privacy. The
Advanced Encryption Standard (AES) that is widely used in both
secure messaging applications and cloud storage is one prominent
example of a symmetric cipher.
In addition to software implementations, AES can also be
implemented directly in computer hardware. Hardware-based
symmetric encryption schemes usually leverage the AES 256, which
is a specific variant of the Advanced Encryption Standard that has a
key size of 256 bits.
It is worth noting that Bitcoin’s blockchain does not make use of
encryption like many tend to believe. Instead, it uses a specific kind of
digital signatures algorithm (DSA) known as Elliptic Curve Digital
Signature Algorithm (ECDSA) that generates digital signatures without
using encryption.
A common point of confusion is that the ECDSA is based on elliptic-
curve cryptography (ECC), which in turn may be applied for multiple
tasks, including encryption, digital signatures, and pseudo-random
generators. However, the ECDSA itself cannot be used for encryption
at all.

Advantages and disadvantages

Symmetric algorithms provide a fairly high level of security while at the
same time allowing for messages to be encrypted and decrypted
quickly. The relative simplicity of symmetric systems is also a logistical
advantage, as they require less computing power than the asymmetric
ones. In addition, the security provided by symmetric encryption can
be scaled up simply by increasing key lengths. For every single bit
added to the length of a symmetric key, the difficulty of cracking the
encryption through a brute force attack increases exponentially.
While symmetric encryption offers a wide range of benefits, there is
one major disadvantage associated with it: the inherent problem of
transmitting the keys used to encrypt and decrypt data. When these
keys are shared over an unsecured connection, they are vulnerable to
being intercepted by malicious third parties. If an unauthorized user
gains access to a particular symmetric key, the security of any data
encrypted using that key is compromised. To solve this problem, many
web protocols use a combination of symmetric and asymmetric
encryption to establish secure connections. Among the most
prominent examples of such a hybrid system is the Transport Layer
Security (TLS) cryptographic protocol used to secure large portions of
the modern internet.
It should also be noted that all types of computer encryption are
subject to vulnerabilities due to improper implementation. While a
sufficiently long key can make a brute force attack mathematically
impossible, errors in implementation made by programmers often
create weaknesses that open up the way for cyber attacks.

Closing thoughts
Thanks to its relative speed, simplicity, and security, symmetric
encryption is used extensively in applications ranging from securing
internet traffic to protecting data stored on cloud servers. Although it is
frequently paired with asymmetric encryption in order to solve the
problem of safely transferring keys, symmetric encryption schemes
remain a critical component of modern computer security.