bitcoin private key

Private Key

A private key is a sophisticated form of cryptography that allows a user to access their cryptocurrency. A private key is an integral aspect of bitcoin and altcoins, and its security makeup helps to protect a user from theft and unauthorized access to funds.

Understanding Private Keys

When dealing with cryptocurrency, a user is usually given a public address and a private key to send and receive coins or tokens. The public address is where the funds are deposited and received. But even though a user has tokens deposited into their address, they won’t be able to withdraw them without the unique private key.

The public key is created from the private key through a complicated mathematical algorithm. However, it is near impossible to reverse the process by generating a private key from a public key.

The private key can take a few different forms, usually depicted as a series of alphanumeric characters, which makes it hard for a hacker to crack. Most users represent their wallet keys in wallet import format, which has 51 characters. Think of a public address as a mailbox, and the private key as the key to the box.

Digital Wallets

A digital wallet stores the private key of a user. When a transaction is initiated, the wallet software creates a digital signature by processing the transaction with the private key. This upholds a secure system since the only way to generate a valid signature for any given transaction is to use the private key.

The signature is used to confirm that a transaction has come from a particular user, and ensures that the transaction cannot be changed once broadcasted. If the transaction gets altered, even slightly, the signature will change as well.

If a user loses their private key, they can no longer access the wallet to spend, withdraw, or transfer coins. It is, therefore, imperative to save the private key in a secure location. There are a number of ways that a digital wallet that contains a private key can be stored. Private keys can be stored on paper wallets, which are documents that have been printed with the private key and QR code on them so that they can easily be scanned when a transaction needs to be signed.

The private keys can also be stored using a hardware wallet that uses smartcards or USB devices to generate and secure private keys offline. An offline software wallet could also be used to store private keys. This wallet has an offline partition for private keys and an online division that has the public keys stored. With an offline software wallet, a new transaction is moved offline to be signed digitally and then moved back online to be broadcasted to the cryptocurrency network.

These types of storage mentioned above are called cold storage, as private keys are stored offline. The other type of wallet, hot wallet, stores private keys on devices or systems that are connected to the internet. Examples of these wallets include desktop wallets (e.g., Electrum), mobile wallets (e.g., Breadwallet), and web-based wallets (e.g., Coinbase).

Generating secure private keys

Private keys share the following characteristics with passwords:

They must be kept secret to be secure.

They restrict access to data (private keys) or resources (passwords).

Their strength depends on their length and randomness.

While passwords are usually limited to characters accessible from a computer keyboard, cryptographic keys can consist of any string of bits. Such strings may be rendered in human-accessible character sets, if necessary. Length and randomness are two important factors in securing private keys.

Length

The length of a cryptographic key necessary to secure it against brute-force attacks depends on the encryption algorithm being used. As computers have become more powerful, cryptographic keys have grown longer to withstand brute-force attacks.

For example, early web browsers protected data with 40-bit keys; in 2015, the National Institute of Standards and Technology recommended a minimum key length of 2,048 bits for use with RSA, or Rivest-Shamir-Adleman, encryption.

Randomness

Just as important to the strength of a private key is its randomness.

Commercial software often relies on a pseudo-random number generator (PRNG) to generate private keys. However, PRNG output is not truly random and can be defeated by an attacker.

True random number generators require a source of physical entropy, such as a physical coin toss, roll of dice or unusual generators, like lava lamps. For example, the Pretty Good Privacy public key encryption program prompts users to generate entropy for a new public key pair by randomly moving their mouse.

Use of private keys in cryptocurrencies

Cryptocurrencies like bitcoin depend on cryptographic algorithms to generate, store and exchange digital value. Cryptocurrencies use public key cryptography for creating digital signatures that authenticate value transfers, as well as symmetric encryption to protect data exchanges.

While secret keys are used for symmetric encryption in cryptocurrency protocols, there is usually a public-private key pair assigned to the cryptocurrency owner to protect their ownership interests.

Cryptocurrency owners should store private keys securely because losing control or access to a private key means losing access to the cryptocurrency asset. Secure options for storing private keys include storing them on an isolated computer with no network connections, in hard copies that are physically secured or committed to memory.

The takeaway

As use of the public internet continues to expand for commercial, government and personal communication, so too does the need for securely using encryption to protect those exchanges.

Securing the private keys used to protect that data is the foundation of maintaining security in all types of communication.

Learn more about how end-to-end encryption works to keep data secure.