Lesson 20
6 min

What is asymmetric encryption?

Asymmetric encryption, also called public key encryption, is an essential factor in sending and receiving Bitcoin transactions and transactions in other cryptocurrencies. 

  • Asymmetric encryption is based on a set consisting of a private key for decryption that only one party knows and a public key for encryption 

  • The private key must be kept secret by the recipient because any party that has access to a private key or public key has access to the funds

  • Asymmetric cryptography is based on asymmetric encryption algorithms that are highly difficult to solve

In this lesson, you will learn about asymmetric encryption.

Like you learned in the Bitpanda Academy’s beginner section in lessons six about crypto wallets and seven on public keys and private keys, cryptocurrency transactions such as Bitcoin use a two-key system. Why is this important?

What are the origins of asymmetric encryption?

Encryption is the conversion of data called "plaintext" into "ciphertext", or secure encoding of data using keys so that the plaintext can be recovered from the ciphertext only by using a secret key to ensure data security. Cryptography is the science of encryption. The process of encrypting is fundamentally based on a number of elements. 

Encryption converts the "open wording" of a message, called "plaintext," into an unintelligible string of characters that is referred to as "ciphertext”. In former times, before computers were invented, encryption was by hand, today encryption of a message is executed using an algorithm. Fundamentally, in computing, an algorithm is a series of unambiguous steps that need to be carried out in a set order to reach a certain goal based on permissible language elements of a programming language.

How does a key in asymmetric encryption work?

The "key", which could be a code or password, is the decisive parameter in encryption. Today it is generated automatically in computer processes in order to eliminate the human factor and the threat of using a password that is not secure. Decrypting is needed to recover the plaintext from ciphertext and requires a secret key. In symmetric encryption methods, it is the same as for encryption, in asymmetric encryption two keys are required. 

The term "deciphering" is not the same as “decrypting” as this would mean breaking the code without having access to or prior knowledge of a key or to keys. This is the activity of a cryptanalyst or "codebreaker". Ideally, it should not be possible to decipher a message thanks to sufficiently "strong" encryption.

Symmetric encryption and the key-exchange problem

While the advantage of symmetric encryption is its high speed and possible implementations in hardware or software, there is one decisive disadvantage: if the same key is used by the sender encrypting a message as the one which is used for decrypting by the recipient, the recipient of the message needs to know the key. 

If the same key is used by the sender encrypting a message as is used for decrypting by the recipient, the recipient of the message needs to know the key. 

This leads to what we call a key-exchange problem. Obviously, the sender cannot simply send the key to the receiver because if the communication channel were to be intercepted by an attacker who found out the key, they could decrypt messages or even send encrypted messages under the pretext of being someone else. It is also not possible to transmit the key itself encrypted because the recipient does not have the key for decrypting the encrypted key. Therefore, exchanging a key would only be possible in a secret location which is highly complex and inconvenient.


New to Bitpanda? Register your account today!

Sign up here

Asymmetric encryption

Remember: asymmetric or public key encryption is used to send and receive transactions in the Bitcoin network and for transactions in other cryptocurrencies as well as in other types of digital data transfer online, such as the exchange of emails. Asymmetric encryption methods are harder to crack overall and therefore more secure than symmetric methods. This is because asymmetric encryption uses two key pairs for sender and recipient: a public key which both participants know that others may also know and which is also used for encryption and by the miners for validation, and the sender’s private key for signing for decryption that only they possess, as well as the recipient’s private key for claiming the transaction.

The need for new, stronger algorithms in asymmetric encryption is increasing in line with the growing number of applications.

Imagine that it works like a system used in a public letterbox to ensure data security. You can dispatch a letter you are sending through the slit in the letter box but no one can remove it through the slot - only a person who has a (private) key to the letterbox can retrieve the letter (like a postal worker). The need for newer, stronger algorithms in asymmetric encryption is increasing in line with the growing number of applications.

How does asymmetric encryption work in detail? 

Each participant in a transaction generates a pair of (that is two) keys. Each key pair consists of a public key - the non-secret key - and a secret key, the private key. The public key should be freely accessible to the participants in the transaction. The private key should only be accessible to its owner and no one else. Similarly, only the owner of the key pair may know the secret or private key. 

How are the two keys used? Let’s say the sender wants to send Bitcoin to a wallet. The owner’s wallet address (or “Bitcoin address”) is a hashed version derived from the public key using a one-way function. Since everyone is allowed to know the public key, similar to a bank account number, it is not difficult to transmit it to someone.  

In which way are private keys and public keys used during a transaction?

The sender of the transaction needs to know the owner’s public key for encrypting the transaction in order to safely send it to the wallet owner. They initiate the transaction and use their own private key to create a digital signature and confirm they are sending the transaction. 

The miners in the network validate the digital signature’s authenticity using the public cryptographic key, put it in a block and the first miner to resolve the block receives the reward. The owner of the wallet has their key pair consisting of the public key and the private key and can now receive the transaction using their private key only they possess, similar to a complex password.

Disadvantages of asymmetric encryption

Asymmetric encryption is much more secure than symmetric encryption methods, still it doesn’t always make sense to employ it as it’s much more computationally intensive and its algorithms are too slow compared to symmetric encryption. These are deciding factors when dealing with large or time-sensitive amounts of data. 

Hybrid encryption methods embrace the advantages of both symmetric encryption and asymmetric encryption and provide a solution to this problem. For example, a randomly-generated individual session key (one-time key) is first exchanged using an asymmetric method, and this is then used jointly as the key for a symmetric encryption method, which encrypts the actual information to be communicated.

Now that you know more about asymmetric encryption, in our next article let’s explore exchange-traded cryptocurrency notes (ETCs)

This article does not constitute investment advice, nor is it an offer or invitation to purchase any digital assets.

This article is for general purposes of information only and no representation or warranty, either expressed or implied, is made as to, and no reliance should be placed on, the fairness, accuracy, completeness or correctness of this article or opinions contained herein. 

Some statements contained in this article may be of future expectations that are based on our current views and assumptions and involve uncertainties that could cause actual results, performance or events which differ from those statements. 

None of the Bitpanda GmbH nor any of its affiliates, advisors or representatives shall have any liability whatsoever arising in connection with this article. 

Please note that an investment in digital assets carries risks in addition to the opportunities described above.