Basic Cryptography to understand Blockchain Technology

BlockchainLab 14 Mar 2018,

cryptography. From Greek κρυπτς kryptós ‘hidden secret’ and γράφειν graphein, ‘to write’. 1.The art of writing or solving codes.

 

Cryptography is an area of Computer Science and Mathematics that studies the algorithms used to hide information to those not allowed to see it. Currently, these algorithms secure digital communications all over the globe.

Additionally, they are one of the foundations of the Blockchain technology that uses several cryptographic algorithms to make the node network work, to secure the integrity of the chain of blocks or to make the consensus mechanisms possible, among other examples.

This article explains the basic mechanisms of cryptography to better understand how Blockchain technology works.

SYMMETRIC CRYPTOGRAPHY

From the early days of secure communications, symmetric cryptography has been one of the methods more commonly used to Exchange information.

In the ancient Rome, Julio Caesar invented his own encryption system, also known as Caesar’s cypher. It consisted in writing the message and then “shifting” each letter a certain number of times:

Caesar’s shift cypher for the first letters of the alphabet.

The main feature of symmetric encryption is that there is a secret key, that only the sender of the message and the recipient know. This system is not commonly used in the digital world, because the exchange of the secret key needs to be performed in a secure way, to guarantee that only the sender and the recipient have it.

ASYMMETRIC CRYPTOGRAPHY

The evolution of cryptography led to the creation of asymmetric key systems, where the exchange of information is carried out without requiring a previously shared secret key. This system uses two elements, one public and one private. The private element is stored in a secure location, and the public element is shared publicly, allowing others to interact with us.

The peculiarity of this system is that each person has a pair of keys. When we need to send information to someone, the public key is required first, a cyphered message is generated and sent to the recipient that will be able to read it using his private key.

A simple way to understand it is to imagine the private key as a regular door key, and the public key as a closed box that can only be opened with the regular -private- key. If we wanted people to send us messages, we would leave hundreds of boxes in different locations. This way, anyone can pick our box (which currently is empty), introduce the desired message, and close it. When the box is closed, it can only be opened by us using our master key. The sender can be sure that only us will be able to open the box.

Example of asymmetric cryptography

Summarizing, with this system, security starts and ends in the same user, who creates all the keys (the master key and the boxes) and stores the keys used to decrypt in a safe place. This is a very useful system that allows all users to exchange information through a single communications cannel but, in return, needs that the senders have the public key of any user they want to communicate with.

DIGITAL SIGNATURE

Based on the asymmetric systems, a method to digitally sing any message was developed, guaranteeing that a message comes undoubtedly from the person who sends it. This would be as in the analog world, when we sign a letter, assuring that the message is ours and not from anybody else trying to impersonate us (assuming that our signature cannot be easily forged).

Using the previous asymmetric cryptography example, let’s imagine that we only create one box, and that we give a copy of the key to everybody. This way, any message that we send in the box that only us can create and for which we are the sender, can only be opened with the key we have given to everybody, and that the world knowns is ours. Therefore, when Alicia sends a message to Bruno, as the message is inside her personal box, Bruno will be sure that the message comes from Alicia, and not from anybody else, avoiding that she could be maliciously impersonated.

Example of signature system

In this example, opposite to cypher, the key is the public element shared with everybody (giving a copy to each one of them) and the box is the private element only known by the sender.

Not all current cryptographic systems allow both operations: cypher and signature, some are only oriented to cypher systems, but there are others that can operate in both ways.

Moving away from visual examples, and to summarize what we have seen so far in this section, the elements created in all asymmetric cryptographic systems are pairs of keys, one public and one private. The private key is the one kept by the user, used both to decrypt the messages received, and to encrypt the messages sent. The public key is shared with the rest of the users so they are able to encrypt the message they want to send us and also to verify our digital signature. The great majority of the message exchange systems use both mechanisms, encrypting and digitally signing the messages in such way that only the recipient can understand them and, additionally, securing that the message really comes from the sender.

As happens with all digital systems, they are not perfect, and they have vulnerabilities and attacks that allow malicious behaviour, regardless of the cryptography; but, because of that, a great number of cybersecurity professionals work every day to build safer systems and to train users how use them properly.

HASH

Finally, to better understand all cryptographic elements used in Blockchain technology, we will talk about the hash.

A hash is an element obtained by means of a hash function. These functions are also known as ‘digestive’, transforming information into fixed sized elements with specific features.

To understand hashes we can think about DNA. DNA is a group of elements (usually a combination of the same number of elements) that all human beings have, but with little variations is capable to create a unique shape to each one of us. The hash is a group of characters that is exclusively formed for a specific file. Therefore, if a hash is made from two different files, different hashes will be obtained (with the same length).

This mechanism is very powerful and allows us, provided that we use the same ‘recipe’ (algorithm) for the creation of the hash, to obtain a unique id for and specific object or file. And this also allows us to know if an element has been modified, because if the element changes, it cannot maintain the same DNA.

Source: Wikipedia (Example of hashes)

This is very powerful and one of the key elements used in Blockchain technology, creating unique DNAs for every piece of information and securing its immutability.

Before finishing, I want to mention that hash functions are slightly more complex than explained. Because if we try to transform any element of any length to reduced elements always the same length, we will find that it often exists more than one element that would result into the same hash. This phenomenon is also known as collision, and sets out certain problems when using hash functions. Nevertheless, it is a powerful tool broadly used in the digital world.

Article by Íñigo García de Mata. See article (spanish)

Explaining how to exploit batchOverflow in smart contracts ERC20

Introduction According to a group of cybersecurity researchers a new discovery has been made in relation to a new vulnerability

Fungibility & Blockchain

In the Blockchain world, Fungibility is mostly discussed in conversations relating to ethereum and the use of ethereumapplications. So what

Blockchain & Healthcare

Introduction to Blockchain Blockchain is a distributed protocol that allows to exchange information or value (tokens), between two or more