1.8 Cryptography, Digital Signature & Keys

Most of you know tat there are two classes of cryptography:

symmetric cryptography: there is a single key shared between parties.
asymmetric cryptography: there is a key pair; public key and private key.

In the case of Ethereum, the cryptography that is used is all about digital signatures and not as much about encryption at a protocol level. These digital signatures however depend on the concept of public key and private key.

Private Key

The private key is a secret and the owner has to keep it in a safe place. In the case of Ethereum, it's a 256 bit private key. It's effectively a random number and it's used to derive the public key.

Public Key

The public key, however, is not secret. It is a point on the elliptic curve calculated from the private key using elliptic curve multiplication. The public key is used then to derive the address of an Ethereum account (by hashing the public key by means of the keccak-256 cryptographic hash function and taking the last 20 bytes of the output; it is a very simple calculation) and it is also used by others to engage in cryptographic protocols with the owner of the private key.

It is important to remember that the public key cannot be used to derive the private key. This is should be something obvious to security, because otherwise if the public key could be used to derive the private key, then this key pair system would not deliver any kind of security.

This is the high-level aspect that you need to remember: there's a private key, which is used to obtain the public key, and from the public key we derive the address of the Ethereum account.

keccak-256

We mentioned earlier that the keccak-256 cryptographic hash function is used in the steps of computing the EOA address from the public key.

keccak-256 is actually the cryptographic hash function that is used by Ethereum. It is very closely related to the SHA3 (the secure hash function). The latter was finalized as the standard by MIST (National Institute of Standards and Technology) and in the case of Keccak-256, it was the winning candidate for the SHA3. However, the SHA3 standard was adopted instead (because some minor modifications were applied).

keccak-256 is critical to a lot of the functioning of the Ethereum protocol and smart contracts as it's a fundamental primitive to how computation in many ways is done on Ethereum.

Digital Signature: ECDSA

The digital signature algorithm used by Ethereum is the same one that is used by Bitcoin. It is known as ECDSA: Elliptic Curve Digital Signature Algorithm.

Elliptic Curve Cryptography is an approach to public key cryptography based on a particular algebraic structure of elliptic curves over finite fields.

In the case of Ethereum, the particular elliptic curve used is known as Secp-256k1 (this refers to the parameters that are used for the elliptic curve).

Digital signatures are fundamental to how Ethereum works, are powered by public key cryptography (asymmetric cryptography) and have three main purposes:

Authorization: inclusion of the signature proves that the owner of the private key who created the signature (and who by implication is the owner of the sending Ethereum account) has authorized the transaction to spend the ether or to execute the contract that it is targeted.
Non-repudiation: once the signature has been included, it cannot be later denied that authorization was granted for that transaction to execute.
Integrity: it proves that the transaction data has not been modified or cannot be modified by anyone after the transaction has been signed. This is one of the fundamental security properties.

Previous1.7 Decentralization Next1.9 Ethereum State & Account Types

Last updated 1 year ago

Public Key

This is the high-level aspect that you need to remember: there's a private key, which is used to obtain the public key, and from the public key we derive the address of the Ethereum account.

keccak-256

We mentioned earlier that the keccak-256 cryptographic hash function is used in the steps of computing the EOA address from the public key.

keccak-256 is critical to a lot of the functioning of the Ethereum protocol and smart contracts as it's a fundamental primitive to how computation in many ways is done on Ethereum.

Digital Signature: ECDSA

The digital signature algorithm used by Ethereum is the same one that is used by Bitcoin. It is known as ECDSA: Elliptic Curve Digital Signature Algorithm.

Elliptic Curve Cryptography is an approach to public key cryptography based on a particular algebraic structure of elliptic curves over finite fields.

In the case of Ethereum, the particular elliptic curve used is known as Secp-256k1 (this refers to the parameters that are used for the elliptic curve).

Digital signatures are fundamental to how Ethereum works, are powered by public key cryptography (asymmetric cryptography) and have three main purposes:

Authorization: inclusion of the signature proves that the owner of the private key who created the signature (and who by implication is the owner of the sending Ethereum account) has authorized the transaction to spend the ether or to execute the contract that it is targeted.

Non-repudiation: once the signature has been included, it cannot be later denied that authorization was granted for that transaction to execute.

Integrity: it proves that the transaction data has not been modified or cannot be modified by anyone after the transaction has been signed. This is one of the fundamental security properties.