Cryptography 1: Symmetric Cryptography vs Asymmetric Cryptography
Cryptography embeds security into the blockchain, adding to its complexity. However, if the method used to encrypt your transaction is hackable, you risk losing your money.
Even though the subject at hand is elaborate and time-consuming, adding extra layers of security measures to your transactions, is a fool-proof method to keep your digital money safely.
My intention here is to explain the process step by step in two blog posts.
A History of Cryptography
The first known proof of the use of cryptography goes back to 1900 BC in Egypt. The scribe in the main chamber of the tomb of Khnumhotep II had unusual hieroglyphic symbols carved on it. It was not considered a form of secret writing though! It just included some sort of transformation of the usual text, to make it appear more formal.
At around 100 BC, Julius Caesar came up with the substitution cipher or as it is most known, the Caesar cipher. This was a form of encryption he deployed to send secret messages to his army generals stationed on the front lines. In a substitution cipher, each character of the plain text is replaced by another character to form the ciphertext. Each character in the Caesar cipher is shifted by 3 places, so the character A is replaced by D, B by E, and so forth. Drawing towards the end, Y is then replaced by B.
However, systems like these are fallible. These ciphers depend on the secrecy employed by the system and not on any encryption key. Once the system is known, any message can be decrypted and read.
The Vigenère cipher was designated in the 16th century. It was reputed to be the first cipher using an encryption key. The encryption key consisted of a repetition of the same word spanning the entire message. The ciphertext was produced by adding the message character with the key character modulo 26.
K= M O D E R N |M O D E R N| M O D E R N|- Encryption Key
M= H A V E A G R E A T D A Y T O D A Y — message
C= W P Z J S V V T E Y V O L I S I S M- Ciphertext
The Vigenère Cipher
This was still a weak cipher system even though it depended on the encryption key being held secret rather than the system itself.
Then at the start of the 19th century, Hebern designed an electro-mechanical contraption called the Hebern rotor machine. It made use of a single rotor in which the secret key was embedded in a rotating disc. However, this could also be broken using letter frequencies.
The Enigma machine came next. Invented by a German engineer called Arthur Scherbius at the end of World War I, German forces heavily used it during WWII. The cipher of the enigma machine was eventually cracked by the Polish who passed it on to British cryptographers to decrypt the daily key. Viva Alan Turing!
Up to WWII, most cryptography was connected to the military and used to hide military info. However, after WWII, organizations started using it to hide data from their competitors.
In the 1970s, IBM customers started requesting some type of encryption. IBM designed a cipher called Lucifer, which was eventually adopted as a Data Encryption Standard. However, once technology advanced, the encryption key for Lucifer was viewed as too small. In 2000, this was replaced by Rijndael, which became known as the Advanced Encryption Standard.
The Weaknesses of Symmetric Cryptography on The Blockchain
The symmetric cryptographic technique was the first key cryptography deployed on the blockchain. However, it was soon discovered that this was not secure enough. The same key was used by nodes to encode and decrypt the transactions sent.
Let’s take Anna (Node A) and Billy (Node B). Anna wants to send some confidential information to Billy. She will encrypt the information into an unreadable ciphertext and send it to Billy using key1. Billy will encode it using the same key1. This means that both Anna and Billy need to have the same key1.
Enter Cathy (Node C). Anna wants to send some secret information or a transaction to Cathy and to do this, they both need to have a key2 to encrypt and decrypt the message between them. In the same way, if Billy needs to send a transaction to Cathy, another new key, key3, will be required to carry out the transaction.
This method is quite fast. However, there are two main disadvantages:
- A node or a user will require multiple keys to send transactions or interact with other users.
- The nodes or users will need to share the key securely as once a third-party or a third node gets hold of their key, it will become easier to hack the interaction or transaction.
For the reasons above, asymmetric key cryptography might be complex and slower, but it is also more secure.
Asymmetric Cryptography: Things are getting hairy on the blockchain
The added layers of security require every node to have two keys: a public key and a private key.
So how does this work? Let’s take Anna and Billy again. Anna needs to send confidential information like bank account details to Billy. Anna will first encrypt the text using her private key and then encrypt it using Billy’s public key. Once the secret interaction reaches Billy, he will first decrypt it using his private key and then again using Anna’s public key.
Anna needs to use her private keys to encrypt the message. Then it is up to Billy to verify that the message is coming from Anna.
The second layer of encryption ensures that only Billy’s public key can encrypt the message and only Billy’s private key can decrypt it. Thus, no third party can maliciously attack, or get hold of, the transaction or message.
This is how the asymmetric key cryptography or the two system key works. This is widely known as Public Key Cryptography.
So is this the best way to secure your transactions on the blockchain? Not really!! There are surer ways to protect your money. You can read all about it in the next blog post.
Closing Thoughts
Kerchoff’s principle dictates that the encrypted message should always rely on the secrecy of the key and not on the secrecy of the system.
A ‘secret crypto’ is never ideal as once the system is known, messages can be easily decrypted. So, if a malicious actor finds a way to compromise the cryptosystem itself, they can obtain the plain text of every message. However, if your key is compromised, the attacker could also compromise your message.
So how do digital wallets, signatures, and crypto hashing play a role in all of this? Find out in Cryptography 2.
If you liked this blog post, share it. If you don’t fully agree with what’s been written here, feel free to provide feedback on it.
Contents distributed by Learn.Block6.tech
👉 Telegram — Fresh ideas
👉 Twitter — Latest articles
