The Building Blocks of Blockchain

Public Key Cryptography and Hashing

You’re at a dinner party, surrounded by friends and family, when the topic of cryptocurrency comes up. Someone mentions the recent market fluctuations, and suddenly the room is filled with groans and sighs. It seems like everyone has a horror story about losing money in the crypto craze. And to make matters worse, recent events such as the FTX scam and the arrest of FTX CEO Sam Bankman-Fried have only added fuel to the fire. But fear not! Just because the price of Bitcoin may be taking a tumble and some bad actors have made headlines, it doesn’t mean that blockchain technology is a lost cause. In fact, the underlying structure and components of blockchain make it useful for so many more applications beyond just crypto. In this article, we’ll explore how the design and makeup of blockchain give it a unique functionality — one that’ll eventually help it take over the business world.

Public Key Cryptography

Imagine you’re a spy who wants to communicate with another friendly spy from your home country. How do you go about exchanging data? Let’s say your message is comprised of the following details:

“John Doe will complete his mission at three.”

In the old days, you would’ve used a single key to encrypt the messagw. For example, you could’ve shifted the ASCII values of each character by 5 which would result in this:

“Qtsl%Itj%ptqq%hnumjw%fy%rnxxy%fy%yjjnsx%fy%ymj%yjxxj.”

However, there are a few problems. How will you tell your spy friend what the key is? You’ll probably need to meet in public to discuss this or place an envelope under a bench however, this may not be safe or viable. Another issue is that the input can be easily computed from the output. All you need to do is move each character back by 5 ASCII values and you’re back to the original phrase. If someone smart enough tests enough combinations, they can surely figure it out.

The solution: Public key cryptography. All users on the Blockchain have both a public (out in the open and available for anyone to see) and a private key (kept secret). A unique property of public and private key pairs is that something encrypted with a public key can only be decrypted with the corresponding private key — and vice versa.

So if spy Alice (public key A, private key) wants to communicate with her friend spy Bob (public key B, private key b), Alice can encrypt the message with both her private key and Bob’s public key and record the transaction on the blockchain.

So, the message “John Doe will complete his mission at three.” turns into untraceable Jargon that cannot be used to work backward. The untraceable Jargon is published on the Blockchain for everyone to see, however, nobody knows what it says.

To view the message, Bob first decrypts it with Alice’s public key and then with his private key. Why does this work and what are the benefits? Well, because Bob is able to encrypt the message with Alice’s public key, he can be sure that Alice is indeed the one who sent the message since she is the only one who has access to her private key. And then because the message is encrypted by Bob’s public key, Alice can be assured that he is the only person who can read the message because Bob’s private key (which only Bob has access to) can be used to decrypt something that has been encrypted with his public key.

Let’s see how this applies to the Blockchain.

The most common application of public key cryptography is proof of ownership. When uploading data onto the blockchain, such as an NFT, you can sign the information with your private key. If someone wants to verify that you’re the owner of the NFT, they can check it against your public key. If the check works, it proves that you are the owner since only you have access to your private key. The difference between signing and encrypting with a private key is that the message isn’t scrambled when you sign it.

Let’s say Alice creates an NFT of a digital artwork and mints it on the Ethereum blockchain. She signs the information with her private key and uploads it to the blockchain. The transaction would include the following information:

The address of Alice’s wallet
The address of the NFT contract
The unique identifier for the NFT
The metadata for the NFT (including the signature from Alice’s private key)

This transaction is now recorded on the Ethereum blockchain and is visible to the public. Anyone can use a block explorer to view the transaction history for the NFT. This transaction history includes information such as:

The timestamp of the transaction
The amount of gas used
The block number
The addresses involved in the transaction (in this case, Alice’s wallet and the NFT contract)

The following image shows the transaction history of a cryptokitty — something that can easily be tracked, traced, and verified thanks to the blockchain

The next image contains the details of an NFT sale on NFT scan

Let’s take this a step further and explore how this functionality can be used in other cases.

Let’s say that a healthcare provider, Alice, wants to securely store patients’ medical records on the blockchain. Since medical records contain sensitive and confidential information, Alice wants to ensure that only authorized parties (such as the patient and other healthcare providers) have access to the records.

To achieve this, Alice encrypts the medical records with a symmetric encryption algorithm using a randomly generated key. She then encrypts the symmetric key with her own private key and the public key of the authorized parties who should have access to the records. This creates a digital envelope that contains the encrypted medical records and the encrypted symmetric key.

Alice then creates a transaction to store the digital envelope on the blockchain. The transaction includes the digital envelope and a public key identifier for each authorized party that was used to encrypt the symmetric key.

When an authorized party wants to access the medical records, they can retrieve the transaction from the blockchain and use their private key to decrypt the symmetric key. They can then use the symmetric key to decrypt the medical records.

In this example, Alice signs the transaction with her own private key to prove that she is the one who created and submitted the transaction. However, signing with her private key is not directly related to encrypting the medical records with the symmetric key and the authorized parties’ public keys. These are separate processes that serve different purposes.

As explored in the following image, the creation of such a system could have various implications. Upon the meeting of certain requirements that can be checked with a smart contract, data can be transferred between stakeholders.

A blockchain-based medical record system could allow patients to control their own data and sell it to researchers by using a combination of technologies and protocols. Here is how it would work:

First, the medical records could be stored on a private blockchain network that is permissioned, meaning that only authorized parties can participate in the network. Each patient would have a unique identifier that is associated with their medical records.

Second, smart contracts could be used to give patients control over their own data. For example, a patient could create a smart contract that allows them to give access to their medical records to a specific researcher for a certain period of time. The smart contract would specify the conditions of access, such as the type of data that can be accessed and the duration of access. Once the conditions are met, the researcher would be granted access to the data.

Third, a token-based system could be used to allow patients to sell their data to researchers. Patients could receive tokens for allowing access to their medical records, and these tokens could be used to purchase other healthcare services or products.

When a patient wants to transfer their medical data to a third party, the data can be encrypted with the patient’s private key and the third party’s public key using a hybrid encryption approach.

The patient’s medical data is first encrypted using a symmetric encryption algorithm, such as AES. A unique symmetric key is generated for each piece of data to be transferred.

The symmetric key used to encrypt the medical data is then encrypted using the patient’s private key. This ensures that only the patient can decrypt the symmetric key and therefore access the medical data.

The encrypted symmetric key is then encrypted again, this time using the third party’s public key. This allows the third party to decrypt the symmetric key and therefore access the medical data.

The encrypted medical data and encrypted symmetric key are then transmitted to the third party, who can decrypt the symmetric key using their own private key and then use it to decrypt the medical data.

By encrypting the data in this way, the patient retains control over who has access to their medical data, since only they possess the private key needed to decrypt the symmetric key. The third party is also able to securely access the medical data without needing to know the patient’s private key, since they can use their own private key to decrypt the symmetric key.

Finally, a user-friendly interface could be developed to make it easy for patients to manage their medical records and control access to their data. This could be a web-based portal or a mobile application that patients can use to view their medical records, create smart contracts, and manage their tokens.

Hashing

Hashing something means taking a piece of data and transforming it into an output that appears random and unrelated to the input.

“Cartoon” Hash: 39a4b98021efa0cb268b50451b02c2c7

“Cartoo” Hash: 87bfac8716e675cafbabcdfa0a91b4df

“Cartoone” Hash: 5c3b53312b519b507711406e12c9d745

Even though we changed only one character in each of the three examples, the resulting hash changes completely. There is no clear pattern and it is currently impossible for computers to work backward and estimate the contents of a hash’s input.

When a transaction is added to a blockchain, it has a hash and is stored in the public record. If any of the transaction details are illegally altered or mutated, the hash of the transaction would change. This would alert everyone on the blockchain. Another important application of hashing is to ensure that messages have not been altered in transit or modified when coming from one source to another. Let’s break down how hashing and public key cryptography work together to accomplish this:

1. A message or transaction to be signed is first hashed using a cryptographic hashing algorithm, such as SHA-256. This produces a fixed-length hash value that represents the original message.
2. The hash value is then signed using the sender’s private key. The result is a digital signature that can be attached to the message or transaction.
3. When the recipient receives the message or transaction, they can verify the digital signature by using the sender’s public key. They first hash the message using the same hashing algorithm used by the sender. They then decrypt the digital signature using the sender’s public key, which results in a hash value.
4. If the resulting hash value matches the hash value of the original message, then the digital signature is valid and the recipient can be sure that the message came from the sender and has not been altered in transit.

Hashing and Public Key Cryptography are the building blocks that make blockchain so powerful. So, the next time you’re at a dinner party, keep in mind that crypto is just the beginning. Pretty soon, blockchain will make its way to your dinner table. You may be scanning QR codes while grocery shopping to check that the items in your shopping cart are produced ethically — all thanks to the blockchain.