What Is Asymmetric Encryption?

Asymmetric encryption — or public-key cryptography (PKC) — is a core feature of cryptocurrency ecosystems. Proposed publicly in 1977, PKC was used to provide a wide range of security and operability functions prior to being adopted by blockchain developers. Now, asymmetric encryption is commonly used  for self-custodial digital asset wallets, but is not required for wallets held on centralized cryptocurrency exchanges.

How Does Asymmetric Encryption Work? 

At its core, asymmetric encryption allows users to verify the integrity of digital transactions and protect funds from hackers and other malicious actors. This form of cryptography entails the use of two mathematically interconnected keys — a public key and a private key. The public key encrypts readable plaintext into indecipherable cipher text, while the private key is used for decryption (or vice versa). While the public key may be readily accessible, the private key is meant to be kept secret and known only to authorized holders. Asymmetric key encryption is also important for providing digital signatures, which can verify the authenticity and integrity of users, transactions, and data. PKC thus plays a central role in the underlying security mechanisms of most cryptocurrency wallets.

Power to the Key Holders

In order for blockchain networks to become the infrastructure for a global financial ecosystem, they must provide an easy way for users to securely safeguard and transfer digital assets. On the Bitcoin network, for example, this is achieved by creating wallets with a public key and a private key, which the owner can then use to access their funds. Inside this wallet, there is a log of all incoming and outgoing transactions. Users can send and receive transactions by using bitcoin (BTC) wallet addresses that are hashed (or one-way encrypted) from the relevant wallet’s public address.

However, holding the private keys to your crypto wallet doesn’t just give you access to your funds, it makes you act as your own personal bank. Without a third-party crypto custodian, there is no middleman to dictate when, where, or how you use your crypto funds. Through PKC, institutional investors and cypherpunks alike are able to securely safeguard, exchange, and transfer an ever-evolving array of digital assets in a way that does not rely on the stability or decree of a government or centralized regulatory body. This radical financial autonomy is a direct expression of the blockchain ethos of self-sovereignty. But with this individual freedom comes added responsibility.

If you lose your private keys, you lose all access to your funds in the corresponding wallet, and the likelihood of recovering the wallet is essentially nil. Asymmetric encryption-enabled security protocols are therefore a double-edged sword, and sensitive to human error and other forms of off-chain account mismanagement. Several crypto custodial services have tried to remedy this issue by providing ways to recover a private key using more intuitive, unique word lists that represent a key, or other backup mechanisms that enable users to access stored private key information. However, the core of the technology still requires a private key to use a crypto wallet.

Symmetric vs. Asymmetric Encryption

In contrast to asymmetric encryption, symmetric encryption uses only one key for both encryption and decryption. In general, the encryption algorithms used for symmetric encryption are less complex than those used for asymmetric encryption, which usually makes asymmetric encryption more secure than symmetric encryption.

Asymmetric key encryption uses longer keys for better security — usually 1024, or 2048 bits, or greater. This results in slightly slower encryption speeds relative to security measures backed by symmetric encryption, which typically uses keys that are 128, 192, or 256 bits. However, asymmetric encryption’s use of two unique yet related keys means that users can safely share their public key with anyone without the risk of compromising their account. This enables a significantly broader range of applications.

Within the blockchain space, asymmetric cryptography also serves as the basis for digital signatures for many cryptocurrency ecosystems. Like analog signatures, a digital signature can provide the authenticity and integrity of a document or transaction — but with a much higher level of security. Digital signatures are created with the hash — or one-way function — of the data or transaction that will be “signed” by the private key. While anyone with the sender’s public key can easily verify the digital signature and authenticity of the underlying message, transaction, or data, it is nearly impossible to reverse engineer or decode a digital signature’s private key. As a result, asymmetric encryption is typically preferred over symmetric encryption when security is a higher priority than speed, and when the system requires some form of identity verification.

Asymmetric Encryption and the Looming Quantum Age

While asymmetric encryption is one of the most robust and broadly applied forms of encryption in existence, there are concerns that quantum computing could render asymmetric encryption useless. Quantum computing remains a nascent technology and may be decades away from becoming a widely useful tool. Once this technology matures, quantum computers may be able to break these encrypted one-way functions. This would make some of the most widely used security protocols on the internet, as well as most current blockchain and ledger protocols, unsecure.

In other words, powerful quantum computers wouldn’t just affect asymmetric encryption and digital currencies. They could have devastating implications for the security systems that currently underpin the entire internet and global banking system. For this reason, many concerns about the future of asymmetric encryption miss the point. Digital assets and communication channels will always be secured using the latest available technology, and as new threats and opportunities emerge, these systems will adapt accordingly —  or face extinction. In fact, several blockchain projects are already trying to develop quantum-resistant security measures and other “future-proof” solutions. Until this quantum age arrives, asymmetric encryption remains an effective cybersecurity solution that will continue to play a central role in the crypto space and beyond.