Learning Outcomes

• Understand public-key cryptography and how key pairs are generated.
• Distinguish between encryption, signing, and verification.
• Describe how blockchain addresses are derived from public keys.
• Explain how digital signatures authenticate transactions.
• Analyse the security model behind ownership and identity in blockchain systems.

1. Public-Key Cryptography

Public-key cryptography (also known as asymmetric cryptography) is foundational to decentralised systems. It uses a pair of mathematically related keys:

• Private Key: Secret. Controls assets. Must never be revealed.
• Public Key: Shared openly. Used to verify signatures.

Figure 1: Asymmetric key architecture used in blockchain identity.

Unlike symmetric-key systems, public-key cryptography enables verification without exposure. Anyone can verify a signature using your public key, without learning anything about the private key.

2. Key Generation

Keys are generated by selecting a random number (the private key) and applying an irreversible mathematical transformation to produce the public key. In Bitcoin and Ethereum:

• Elliptic Curve Digital Signature Algorithm (ECDSA) is used.
• The curve secp256k1 defines the mathematical structure.
• The private key is simply a 256-bit random number.

3. Digital Signatures

Digital signatures authenticate messages using a private key. They ensure:

• Authenticity: The message was created by the private-key holder.
• Integrity: The message was not modified.
• Non-repudiation: The signer cannot deny having signed it.

In a blockchain transaction, a user signs the transaction data with their private key. Other nodes verify the signature using the public key, ensuring that only the true owner can spend or transfer assets.

4. Blockchain Addresses and Identity

Blockchain systems do not use conventional accounts tied to personal identity. Instead, identity emerges from:

• The public key (or its hash).
• A derived address.
• The private key controlling authorisation.

No central authority verifies identity. Instead:

5. Signatures in Blockchain Transactions

Every blockchain transaction includes:

• Transaction data (recipient, amount, nonce, etc.)
• A digital signature
• The public key or derived address

Validators in the network:

• Verify the signature
• Confirm the signer has the authority
• Reject malformed or unauthorised transactions

This signature-based model allows trust to emerge collectively without a central authority.

6. Synthesis

Public-key cryptography transforms the problem of trust. Instead of relying on institutions to authenticate identity, blockchains rely on mathematics:

1. The private key controls authorisation.
2. The public key enables universal verification.
3. Digital signatures authenticate actions.
4. Addresses encode identity without personal information.

Cryptographic identity is foundational to all higher-level blockchain behaviour: transactions, smart contracts, wallets, governance, and more. In the next module, we explore how these identities coordinate in distributed networks through consensus mechanisms.

7. Key Terms

Private Key

A secret number used to sign transactions and control assets.

Public Key

A publicly shared value used to verify signatures.

Digital Signature

A cryptographic proof that a message was signed by the private key holder.

Address

A derived identifier used in blockchain transactions.

ECDSA

Elliptic Curve Digital Signature Algorithm — the signature scheme used in many blockchains.

8. Self-Check Quiz

1. What is the relationship between a private key and a public key?
2. How does a digital signature prove authenticity without revealing the private key?
3. Why is losing the private key equivalent to losing identity?
4. What prevents an attacker from guessing your private key?
5. How do blockchain nodes verify signed transactions?