Encrypting and Decrypting Data with Ethereum's Public and Private Keys

Understanding Ethereum's Key Generation

At their core, both Ethereum and Bitcoin private keys are 256-bit random numbers (2^256 ~ 10^77). For context, the observable universe contains approximately 10^80 atoms. While you could use 256 zeros as a private key, this would be highly insecure. Instead, Ethereum relies on cryptographically secure pseudo-random number generators (CSPRNGs) to generate keys.

How Ethereum Generates Key Pairs (Go-Ethereum Implementation)

Ethereum uses ECDSA (Elliptic Curve Digital Signature Algorithm), which leverages ECC (Elliptic Curve Cryptography).

Key facts about ECDSA:

Became an ANSI standard in 1999
Adopted by IEEE and NIST in 2000
Solves the Elliptic Curve Discrete Logarithm Problem (ECDLP), which has no sub-exponential time solutions
Offers stronger security per bit than traditional public-key systems

Practical Example: File Encryption/Decryption

👉 Learn more about Ethereum security best practices

Here's a Java implementation using the BouncyCastle library (BC) to:

Encrypt source.txt → cipher.txt using a public key
Decrypt cipher.txt → decrypt.txt using a private key

Code Implementation

import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
// ... (other imports)

public class EncryptWithPubKey {
    public static void main(String[] args) throws Exception {
        // Initialize curve parameters
        BigInteger pointGPre = new BigInteger("79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798", 16);
        BigInteger pointGPost = new BigInteger("483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8", 16);
        BigInteger factorN = new BigInteger("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141", 16);
        
        // Setup encryption
        Security.addProvider(new BouncyCastleProvider());
        Cipher cipher = Cipher.getInstance("ECIES", "BC");
        IESParameterSpec iesParams = new IESParameterSpec(null, null, 64);
        
        // Encrypt file
        cipher.init(Cipher.ENCRYPT_MODE, publicKeySelf, iesParams);
        // ... (file operations)
        
        // Decrypt file
        cipher.init(Cipher.DECRYPT_MODE, privateKeySelf, iesParams);
        // ... (file operations)
    }
}

Key Technical Components

Component	Purpose
`ECIES`	Encryption algorithm standard (ANSI X9.63)
`BouncyCastle`	Provides cryptographic implementations
`SecP256K1Curve`	The elliptic curve used by Ethereum

FAQ Section

1. What's the difference between ECDSA and RSA?

ECDSA uses elliptic curve cryptography, offering equivalent security with smaller key sizes compared to RSA.

2. Is BouncyCastle required for Ethereum development?

While not mandatory, BC simplifies working with cryptographic operations in Java/C#.

3. How secure is a 256-bit private key?

A 256-bit key has 2^256 possible combinations—far beyond brute-force feasibility.

4. Can I use this for encrypting large files?

ECIES is best for smaller data. For large files, consider hybrid encryption.

👉 Explore advanced Ethereum development tools

Best Practices

Always use secure entropy sources for key generation
Store private keys offline when possible
Regularly audit your cryptographic implementations