Asymmetric encryption algorithms use distinct keys for encryption and decryption, where deriving the decryption key from the encryption key is computationally infeasible. One critical application is digital signatures, which use a private key to sign data and the corresponding public key to verify the signature. This process authenticates the sender’s identity and ensures message integrity.
Another key use is encryption and decryption: encrypting information with a public key and decrypting it with the corresponding private key. This secures data transmission to intended recipients. While both techniques use asymmetric cryptography, their purposes and mechanisms differ significantly.
Digital Signatures and Verification
Digital signatures verify a sender’s identity without exposing their private key. By binding the sender’s identity to the message, they prevent impersonation and tampering. Common algorithms include RSA digital signatures and Elliptic Curve Digital Signature Algorithm (ECDSA), with ECDSA being predominant in blockchain due to its efficiency.
RSA Digital Signatures
RSA is one of the most extensively studied public-key algorithms, with security relying on the difficulty of factoring large integers. Its strengths include customizable key lengths, but shorter signatures are vulnerable to manipulation. Hence, RSA typically hashes and pads the message to match the key length. For current security standards, 2048-bit keys are recommended. However, generating longer RSA keys requires finding large prime pairs, which is computationally intensive.
Elliptic Curve Digital Signatures (ECDSA)
ECDSA leverages the discrete logarithm problem on elliptic curves over finite fields. Unlike RSA, ECDSA key ranges are constrained by curve parameters, limiting flexibility in key length adjustments. To enhance security, the curve parameters must be modified. ECDSA’s advantages include faster key generation, smaller key sizes for equivalent security, and reduced storage needs—making it ideal for blockchain applications.
How Asymmetric Signature Verification Works
Signature algorithms rely on one-way functions to conceal private keys and random values, using public data to verify authenticity. The process ensures that only the private key holder could have produced the signature.
Private Key Signing
The signing process uses one-way functions like elliptic curve multiplication and hashing:
- Generate a random number ( r ) and compute ( r \times G = R ), where ( G ) is the curve’s base point.
- Hash the message ( m ) to get ( h = \text{Hash}(m) ).
- Compute ( s = (h + k \times R_x) / r ), where ( k ) is the private key and ( R_x ) is the x-coordinate of ( R ).
- Send the message ( m ) (or its hash ( h )) and the signature ( (R_x, s) ) to the verifier.
Critical considerations: ( r ) must be unique per signature to prevent private key exposure, and its quality impacts security.
Public Key Verification
Verification uses the public key ( K ), message hash ( h ), and signature ( (R_x, s) ):
- Compute ( h = \text{Hash}(m) ) from the received message.
- Calculate ( R' = (h \times G) / s + (R_x \times K) / s ).
- Verify if ( R'_x = R_x ).
The math behind verification confirms that only the correct private key could generate valid values:
[
R' = \frac{h \cdot G}{s} + \frac{R_x \cdot K}{s} = \frac{(h + k \cdot R_x) \cdot G}{s} = \frac{(h + k \cdot R_x) \cdot G \cdot r}{h + k \cdot R_x} = r \cdot G = R
]
Thus, matching x-coordinates confirm signature validity.
👉 Explore advanced cryptographic techniques
Encryption and Decryption
Asymmetric encryption transmits confidential information to a private key holder. Unlike signatures, it focuses on data confidentiality rather than authentication. Although less efficient than symmetric encryption, it eliminates the need for pre-shared keys.
Public Key Encryption
Encryption uses one-way functions to hide messages and random values:
- Generate a random ( r ) and compute ( r \times G = R ).
- Encode the message ( m ) onto the curve as point ( M ).
- Compute ( r \times K ), where ( K ) is the recipient’s public key.
- Calculate the encrypted point ( S = M + r \times K ) and send ( S ) and ( R ) to the recipient.
In practice, ( M ) often serves as a symmetric key for encrypting the actual message, combining asymmetric and symmetric encryption for efficiency.
Private Key Decryption
Decryption reverses the process using the private key:
- Compute ( M = S - k \times R ), where ( k ) is the private key.
- Decode ( M ) to recover the message ( m ).
The decryption works because:
[
S - k \cdot R = M + r \cdot K - k \cdot (r \cdot G) = M + r \cdot (k \cdot G) - k \cdot (r \cdot G) = M
]
This reveals the original encoded message.
Frequently Asked Questions
What is the main difference between digital signatures and encryption?
Digital signatures verify authenticity and integrity using the sender’s private key, while encryption protects data confidentiality with the recipient’s public key.
Why is ECDSA preferred over RSA in blockchain?
ECDSA offers smaller key sizes, faster generation, and higher security per bit, reducing storage and computational costs—critical for decentralized systems.
How does a one-way function enhance security?
One-way functions (e.g., hashing or elliptic curve multiplication) are easy to compute but hard to reverse, hiding private keys and random values during signing or encryption.
What happens if the same random number is reused in ECDSA signing?
Reusing ( r ) allows attackers to derive the private key from multiple signatures, compromising security.
Can asymmetric encryption handle large messages efficiently?
No, it is slower than symmetric encryption. Hybrid approaches (e.g., encrypting a symmetric key with asymmetric cryptography) are common for large data.
Are there alternatives to ECDSA and RSA?
Yes, other algorithms like SM2 (China’s standard) exist, but ECDSA and RSA remain widely adopted due to extensive testing and compatibility.