Bitcoin Public Key vs. Private Key: All You Need to Know
Blockchain is touted as the most revolutionary technology to hit the financial services industry, banking the unbanked and returning power to the people. However, while Bitcoin was created to overthrow the existing centralized system, traditional finance and blockchain have a lot more in common than you’d think.
The Bitcoin Public Key, Private Key, and Wallet Address
Just like banks use account numbers to keep track of everyone’s account balances, blockchain networks use wallet addresses. Bitcoin addresses are represented by an alphanumeric string of between 26 and 35 characters, usually beginning with 1, 3, or bc1. These addresses represent payment destinations, and while they are part of your public key, they aren’t the same thing.
To understand the difference between an address and a public key, it’s essential to know what a hash is.
What is Hash?
A hash function returns a value of specified length regardless of the input seed, and while it’s easy to create a hash, it’s near impossible to generate the original seed phrase.
Bitcoin uses a hash in addition to the public key for security reasons. If, for example, a vulnerability in the mathematic function used to generate keys was found that allowed people to derive a private key from a public key, your money would still be safe as your public key isn’t exposed until you make a transaction. Read Bitcoin Hash Rate to learn more.
How to Generate Public Key and Private Key
The only way to generate the public key from the address is by trial and error, which is why some platforms add ‘salt’ to their hash functions to add some extra randomness to the process. This salt is usually added in the form of a few random numbers, characters, or symbols into the seed phrase.
Some hackers map hash outputs to inputs and record them in a ‘rainbow table,’ and this added salt can help make common passwords much more difficult to guess. A Bitcoin address is the hashed output of your public key, or to be more precise, the part of your public/private ECDSA keypair that is public.
This key pair is created using a mathematical curve and consists of your private key, derived from your seed phrase, and a public key derived from your private key. Exposing your address to receive payments is much more secure as you can always generate new addresses from the public key.
Information can also be encrypted to your public key, and only your private key can decrypt it, allowing people to send you messages that can only you can read. The public/private key combo can also be used to create digital signatures that only your private key but can produce but can easily be verified using your public key without knowing the private key.
This is useful for signing documents to prove the identity of the person sending it without giving away too much information. Some call this kind of function a ‘trapdoor’ function – easy to go one way, much harder to go back.
Your public key, private key, and address are three different parts of a single structure, and they all play critical roles in the functioning of the decentralized system. The private key is the most important component of them, with the other two being derived from it. Storing your private key or seed phrase safely is one of the most important aspects of holding cryptocurrencies because if things do go wrong, there’s no one else to blame.
Banks are secure on a broader level, but a single point of failure creates a single attack point. Decentralized systems by nature are more complex than centralized ones, especially in their current state. Blockchain is still a new technology, and while there are some disadvantages to using blockchain over traditional financial systems today, this may not be the case for too much longer.
Bitcoin Privacy and Publicity
The number of terms used to describe a Bitcoin transaction’s elements can be overwhelming, especially when there are many different forms of the same thing. For example, public keys are generated using co-ordinates on an elliptic curve, which implies knowing one co-ordinate is enough to derive the second co-ordinate. This means the X co-ordinate alone can represent the public key, producing what is called a ‘compressed public key.’
This can be hard to distinguish as the hash of the compressed and uncompressed public keys give different addresses of the same length. Some speculate that Satoshi, the anonymous creator of Bitcoin, did not know about public key compression before departing from the project’s development and used hashing to create more compact identifiers.
Addresses are indeed shorter than public keys, but they also bring protection against various cryptographic attack vectors. They include features that aren’t available with just a public key, such as a built-in checksum for every address, allowing systems to detect when someone mistypes a character before sending their funds into oblivion.
However, while addresses and keys are simple once you’ve understood them, they aren’t as easy to remember as, say, an Instagram username. This has led many efforts into creating addresses that are as secure as Bitcoin’s public key hash and as easy to remember as a website name.
For example, the Ethereum Naming Service allows users to tie their accounts to a personalized ‘.eth’ address, allowing people to send and receive any ERC-20 or other Ethereum-compatible token from a single address.
Private keys are generated using a pneumonic phrase – a set of words that act as a seed to the function that generates the private key. This seed phrase is generally a list of 12 to 24 randomly generated words used to recover all information regarding a wallet. The private key generation function takes five inputs, including a password, the number of iterations, salt, key length, and a pseudorandom function.
The password is the pneumonic phrase, and the function returns a private key from which both your public key and payment addresses can be derived. 256-bit private keys have 16^64 combinations, a fair bit more than the number of seconds in the average human’s life. Bitcoin’s SHA-256 encryption algorithm makes it next to impossible to guess a private key, even if the attacker already has a wallet’s address and public key.
Theoretically, Bitcoin can still be taken over by a 51% attack, and with quantum decryption techniques, the network’s security might need an upgrade in the years to come. However, as the Bitcoin network grows, controlling 51% of the network becomes increasingly difficult, and today even the largest mining pools don’t come close to maintaining anywhere near half the network. Bitcoin is only as secure as it is decentralized, and as a function of its network participation, the security of decentralized networks should improve with adoption.
Things to Address
Despite all its security measures, Bitcoin’s encryption algorithm could be rendered obsolete by a new form of computing. Quantum computers can perform calculations that take traditional computers decades or even centuries in mere minutes. According to experts, quantum computers could crack Bitcoin’s SHA-256 algorithm within just 30 minutes. In theory.
Is Bitcoin Safe?
Realistically, Bitcoin is perfectly safe, and even if quantum computers find an algorithm to crack encryption, quantum encryption algorithms will be quick to replace them. In fact, some modern security measures can combat quantum computing today – multi-sig wallets are used to store funds that a group of individuals controls.
What are multi-sig wallets?
Multi-sig wallet addresses start with a three and use a script to define the rules for creating a transaction, including how many signatures are needed for a transaction to go through. Transactions from multi-sig wallets need to be approved by a pre-determined number of signatures, sometimes all of the signatures involved. This means even if one address is compromised, it won’t take control over the wallet’s funds.
When you transfer cryptocurrencies to a wallet on an exchange, you could be risking those funds to attackers depending on that exchange’s security. It’s crucial to store your assets securely offline to keep your holdings as safe as possible from malicious users. There are a few ways to do this, ranging from the technologically sophisticated hardware wallets to a scribble of paper.
The most natural step from an online exchange wallet is to an offline software wallet. This usually involves downloading an application to your computer or smartphone, which will generate your private key and store your cryptocurrencies securely. It is recommended to use a separate computer or phone that remains disconnected from the internet since users have had varying levels of success by limiting the application’s access to the Internet through software.
However, most software wallet vulnerabilities are well documented and are still much more secure than using an exchange wallet online. To take things one step further, you can even store your private key seed phrase on a piece of paper and hide it somewhere safe. As long as you ensure no one else has access to this seed phrase, no one but you should have access to your funds. This is widely regarded as the safest and most inexpensive way to store your cryptocurrencies.
How to Keep Your Bitcoin Safe?
The most convenient and expensive option of the bunch is the hardware wallet. These are physical devices used to store private keys but have a lot of built-in functions that can make storing crypto offline a little less cumbersome.
For one, a single hardware wallet can store multiple cryptocurrencies and can even be connected to the internet via USB to transfer funds to and from an exchange. Some hardware wallets even come with multi-sig capabilities and use LCD screens to present information even when not connected to a computer.
Regardless of how your store your digital assets, it’s vital to understand how it all works. While banks do not have the same advantages as decentralized systems, they also take responsibility for storing and securing your money. With distributed networks like blockchain, this becomes impossible, and being in control of one’s assets is a big part of entering the crypto sphere.
Whether you keep your assets on an exchange or store it safely on a scrap of paper in your safe, your digital assets are worth protecting, especially with how quickly the world appears to be accepting this shift. Blockchain is slowly replacing traditional systems. Even as the technology seamlessly substitutes our current infrastructure, we may soon begin sending money to Bitcoin addresses instead of account numbers without even knowing it.