Public and Private Keys - how they are used by Steem, making all of this possible? You can find answer here ๐
securityยท@noisyยท
0.000 HBDPublic and Private Keys - how they are used by Steem, making all of this possible? You can find answer here ๐
 In my previous post, I made an introduction to this topic: - [What is the difference between a password and a private key(s) on Steemit and how to make your account more secure, by using them correctly.](https://steemit.com/security/@noisy/what-is-the-difference-between-a-password-and-a-private-key-s-on-steemit-how-to-make-your-account-more-secure-by-using-them) If you didn't read it, you should do so before reading this article, to make sure, that you understand the role of public and private keys on Steem. Here we are going to explore how all of this works... and to be honest, I am really excited, that I am writing post about it :) ## Cryptography of public and private keys - Look how simple it is! :) In a certain way, you generate a pair of keys (key _A_, and key _B_), which will have properties, that: - everything encrypted with key _A_, can be only decrypted with key _B_ - everything encrypted with key _B_, can be only decrypted with key _A_ For convenience, you do not refer to them by A/B names, but you treat one of this key as a _public key_, and the second one as a _private key_: <center> .gif) <sub>Fragment of: [Public Key Cryptography - Computerphile](https://www.youtube.com/watch?v=GSIDS_lvRv4)</sub> </center> To use system like this, you want to make sure, that: - you are the only person with access to your private key - everyone can easily find your corresponding public key # Where my public and private keys from Steem are stored? #### Public Keys Public keys of every user are kept in the Steem blockchain. You can find your public keys on `https://steemit.com/@<your_login>/permissions`. Those are mine public keys, and I am not afraid showing you this, because those are my **public keys** :) .png) If you would like to find out, what are public keys of Ned Scott (CEO of Steemit Inc.), then you can use another website which shows more details from Steem blockchain: http://steemd.com/@ned .png) #### Private Keys .png) You should know, that: <center> **Steemit does not store your private keys on any server.<br> Steem blockchain does not store your private keys either.** </center> But at the same time, that is true, that you can find your private keys on `https://steemit.com/@<your_login>/permissions`. So how this works? For now, just please remember that your keys are generated from your password _on the fly_ every time you provide it, and some of them are stored in localstorage of your browser. One of my next articles will go into details how this is done. Let's go back to the topic # Two cases where Pair Of Keys can be extremely useful Public and Private keys can be used in two scenarios: #### Encryption You can encrypt a message, with mine public key, and send this encrypted message to me. Because only I know my private key, only I will be able to decrypt the message. <br> <br> Right now there is no private messaging feature on Steemit, but encryption of such communication can be done with exactly this mechanism. #### Signing You can encrypt some message (like a transaction), with your private key, and every person who has access to your public keys (so basically everyone...) will have certainty, that only person who poses your private key (hopefully that's only you) could encrypt (authorize) this message. To make a life of people easier, probably you would publish two messages: - __original message__ - __encrypted version of original message__ (which could be treated as your **digital signature**) Everyone who would like to verify you identity could then try to decrypt your __encrypted version of original message__ with you public key... and check whether this will produce exactly the same message like original, which you also published. # Summary Of course, I simplified few things, but the whole concept is described pretty well. I needed to write this article to make a background for my next article, where we will go even deeper :) Right now we know that without revealing your private keys, everyone can check that you possess your private key, and therefore a transaction/post/comment made by you and signed by your private can be validated by everyone, especially by the witnesses which add valid transactions to each block of Steem blockchain. Because on Steem you have 4 pair of keys (posting, active, owner, memo), witnesses can validate, that particular transaction broadcasted by your browser was signed by a proper key. I hope that after my [last article](https://steemit.com/security/@noisy/what-is-the-difference-between-a-password-and-a-private-key-s-on-steemit-how-to-make-your-account-more-secure-by-using-them), you do not use your Master Password anymore, and you use on Steemit only your _private posting key_ (as it was described why and how to do it). -------------------- This article belongs to series of articles which describes security on Steemit: 1. [What is the difference between a password and a private key(s) on Steemit? How to make your account more secure, by using them correctly.](https://steemit.com/security/@noisy/what-is-the-difference-between-a-password-and-a-private-key-s-on-steemit-how-to-make-your-account-more-secure-by-using-them) 2. Public and Private Keys - how they are used by Steem, making all of these possible? (this article) 3. Public and Private Keys - how they are working under the hood 4. How passwords are stored by Steemit in your browser, and why it is secure. 5. How to set own password, which is not generated by Steemit 6. How to setup multisig/multiple authorities for your account 7. ... Make sure to follow [my account](https://steemit.com/@noisy), if you don't want to miss any of these :)
๐ noisy, sunshinetraveler, stellabelle, pmartynov, bdmomuae, voghera, unusualmaverick, bestbiz, adriansky, gigafart, encryptcy, kolej, swolesome, wijuwiju, manishmike10, iamsgr, deivymejia, shikika, corvuscoraxx, drawingsbymilena, gbonikz, ajaub1962, artz, louieanderson, marszum, the-ego-is-you, markwayy, olteanu, vandeberg, blacksails, scrazy, cryptolove, synapse, steevc, ernstjan, ajvest, fifthangel, alinamarin, mys, fairbee, lukmarcus, samstickkz, flepmajoor, dienhassan, marillaanne, aditor, prime-cleric, schro, drbec, schro.one, eeks, archerbest, javirid, panknil, yefet, suprepachyderm, leospekulant, davidsoliman, ptytrader, belkins, jademont, fsdev, epicdesigns, daydreams4rock, lipszczak, billyjohnsonart, shenanigator, crawfish37, juliash, ancapwarren, davidcurwain, doitvoluntarily, titoortiz, jigarparmar519, exanime15, sambo-rambo, nanash1, muhtadiaremi, vcelier, furion, mal402, jrcornel, donpepe, richard78624, cryptomatt, awesomenyl, lexiconical, sandra, jason, satoshimoto, ihashfury, xenitron, gogumacat, ryanthegecko, kingscrown, deccode, fminerten, inv, fmooo, rossco99, boatymcboatface, theshell, writingamigo, steempty, trafalgar, jeppex1, charles1, wf9877, alexxx123, exavier, jaki01, michiel, asksisk, jamzed, erikaflynn, neonartist, da-dawn, peter2017, zack813, elevator09, edb1984, mraldo, cryptodaknight, nape, jlufer, joshsigurdson, sneakgeekz, organiccacao, oliverqueen, automaton, jongyeong, capitalpink, geoffrey, isjw84, linuslee0216, guytremat, frankches, digitalking, poppy.poppers, digital-entrep, dylanhobalart, tx1683, jameshowarrd, bardhylsllamniku, shayne, milopepper, gikitiki, photon-pl, inertia, kurtbeil, texas-steemem, steemlancer, letc, the50, zentat, steemint, ekan, rdollarsign, rcartax, kpine, elishagautam, patasieduagh, thomasgutierrez, teddyp, bibek, youngtalk, transisto, vorticieflux6626, citradelica, svfarms, johnnyyash, luisucv34, cosmoskellz, ianstrat, kalamur, stadsmanneke, leomichael, mr-riddle, mutant-x, gtg, fusan, aeico, tuukka69, sashimi, drewley, cljg918, knittybynature, arkoko, chessmonster, vaughnelric, predictor2100, alan852, eagleye, sewerynkal, romangt87, hwillso, yzomri, elderberryranch, rocketbeee, myroadtours, hadimemories, tastetwist, titusfrost, lordvader, aguayojoshua, jonjon1, rckymaulana, flannel, beordo, cryptotaddtherad, stray, wattacut, uche, arminakas, grey580, malonmar, emilniz, emran-mc2, freiheit50, tensorflow, civis-mundi, vutran7, barvon, polonius, aleksander.osuch, inphiknit, daio, redpol, davrath, mensphysique, gensek, hiimamazing, sephiroth, thenakedgod, kimjin2, angusleung100, debunked, piercetheveil, bledarus, samuelwealth, illestbambi, synesthesia, fervi, xpilar, michaelx, isteemit, tracemayer, lautenglye, bitcoinparadise, crok, rasgriz311, piotrdab, schipkedit, heejin, carface, konelectric, ydauti, dowithlove, natekodi, mittalpatel, victorier, marcusxman, hilongs, aaronmda, steveazzopardi, bara, alevale1010, egregorian, lab106, tiandao, simontycy, wearefreedom, emperiumfx, surpassinggoogle, user786, iodoorclubmunich, jordangadayan, mclaurin, bitcoholic, qwak, streetpunkpl, williams858, ainiaziz, festusfestina, xz2580, djafino, roly1996, mehrab, logic, ktoosiu, imwatsi, jfollas, muddasir, mmenezes, abdulahad, shinue, tsinrong, flozy, jjt333, jakipatryk, richardjuckes, corebreath, joshuaatiemo, mrwalt, mattuk, get-baking, khairulmuammar, xxvjs, godslove92, ashi2k, mindblower, perduta, adrianwastag, strimi, zetatron2000, tt1234, dvimspdgo, dzejkob, abbeymelchizedek, lajulius, forjayfortune, tylerdurden000, barcisz, planet.earth, dawidrams, ebohio2008, peaceofmind, jbouchard12, forykw, opanyin, namingfailed, ogstealtos, mistrz-tekkena, cardinalkpatrick, hass, bitland, adamak2k, iamberto, mattgimel, lelon, raschad, nickdavison, jwmackay, slawroc, elena-singer, whitas, faras, ita-soa, xdark23, signer, almost-digital, janas, bmgreece, al-basir, husamia, sahirahonthescen, steemitnigeria, fahrullah, carbunco10, intelligentvan, silverlining123, rndness222, thethreehugs, beacze, johannsra, alcik, dillibabu, kaitochrom, thatdamiguy, polysen, sameerasruwan, kwahzee, infjexplores, cryptotrader2017, cracker, yaadowity, k0dlaty, venessag, kiotos, greatestjourney, xfreemanx, jamiej, krawuzl, atmosblack, pan-komentarz, fumimachiko, yuretz, gregdoubleg, jblew, worstdilemma, grarkada, alex-steem-it, quake.r34p3r, tribe9, n1ckyc, uniearth,