Published in


Tangram Design: Padding

Since we released the code for the CLI wallet, there has been increased public interest in the offerings Tangram is making. A lot more is now visible regarding our consensus mechanism, how we transfer value and how our Tor layer works. However, some who have taken a closer at the released code may have observed an expedient cryptographic application used in the delivery of blocks across the network; namely, padding.

Some background

Predominantly, plaintext is encrypted using two distinct types of ciphers — stream and block ciphers. For most cryptographic applications, the cipher text for a given message will often have the same length or add a constant number of bytes to it to bring it to a defined length. For some specific situations, however, it may be necessary to hide the message lengths. In this case, padding can be employed. Typically applied prior to encryption, padding adds an extra amount of bytes N to a block cipher to produce a block of new length. Padding can serve useful purposes such as providing a more secure transaction that would be subject to cryptanalysis. For example, if a message were short, say “yes” or “no”, encrypting it as is may not entirely help since it may be easy for others to figure out what the message is from its length. Padding can be used to prevent this by rendering the message a multiple of the block size (the size of the block in bits that the data is being padded to) like every other prior to encrypting it. This way, it is indistinguishable from any other messages in a set.

ISO/IEC 7816–4 padding algorithm

In Tangram, padding is used among other reasons to improve message delivery while protecting vital information. We use libsodium to deliver the ISO/IEC 7816–4 padding algorithm which not only supports arbitrary block sizes, but is also more resistant to some classes of attacks than other standard padding algorithms are. As stated in the libsodium documentation, the sodium_pad() function adds padding data to a buffer bufwhose original size is unpadded_buflenso as to increase its total length to a multiple of blocksize.

Below, the sodium_unpad()function can be used to retrieve the original, unpadded length of a message previously padded using sodium_unpad(). These are two complementary functions which are duly employed in the Tangram codebase for padding actions.

Reference: https://github.com/tangramproject/Cypher/blob/a889eb5b2d96842e63603da526f63311f5647545/Helper/LibSodium/Cryptography.cs#L196

Though ISO/IEC 7816–4 is a communication standard for smart cards containing a file system, the padding algorithm is a bit-padding scheme defined such that the first byte is a mandatory 0X80, while the other bytes of the padding are all 0X00until the end of the block is reached. Providing flexibility, this construction allows for the creation of padding of any size. A block size of 4 bytes padded with 2 bytes of data may look like this | 0xFF 0xFF 0xFF 0xFF | 0xFF 0xFF 0x80 0x00 |

Encrypted Memo Field

For Tangram, padding plays a role in ensuring a more secure transfer of information when transacting on the network. Should senders and receivers need to communicate on the network about a specific transaction or payment, a form of receipt or note, depending on the nature of transaction, can be communicated in the memo field and sent as part of the block. An allowance of 64 bytes is created as data size for the memo field. If the user does not fill in this field, random values are filled in, and if the user does not use up the bytes allocated, the field is padded to 64 bytes before it is sent on the network. This provides an added layer of privacy for the sender in case an observer is analysing the network transactions. Such observer will be unable to establish a pattern relating to the memo field since it is indistinguishable from any other message on the network. It is also important to note that every transaction is encrypted using libsodiums Sealed boxes and only the receiver is able to decrypt the contents of the Sealed box (including the memo field).

In the future we believe de-coupling the encrypted memo field from the Sealed box and transaction contents so that 3rd parties are able to decrypt the message without revealing a users secret key and contents of a transaction. This is similar to banking transactions where a note is added to the transaction which can be selectively disclosed. One extremely useful case could be by adding the encrypted memo field as a no knowledge messaging system deployed on top of Tangram.

Details about the memo field and the associated padding algorithm were shared earlier in Tangram’s technical introduction, where it was mentioned that “padding is necessary for privacy, so that when an observer tries to decipher the contents of the encrypted memo field, there is no obviously discernible difference, no patterns from transaction to transaction, and the data being transmitted is consistent with that of others”. Among other privacy features highlighted in the technical introduction, padding constitutes one of the techniques Tangram is deploying to deliver a “digital payment system for secure and untraceable transactions”. We believe that building modules such as this into the framework add up to deliver a network users can confidently rely on.

In other news — Community Engagement

TheFreezeTeam went live on Twitch last night (22nd May 2019), the topic of the show was “Tangram”. You can expect the first hour to be going over the site installing the app and running the basic commands. The second hour will start to take a look at some of the code (timestamps below). Given that TheFreezeTeam is new to Tangram and Twitch don’t expect some great insights. Hopefully this will at least give some insights to the current on-boarding and help make the experience better in the future. Who knows maybe I can get to a pull request? (P.S. He almost made it 😉.)

After a very insightful and helpful 2 hours TheFreezeTeam managed to get through the mentioned objectives. Questions have been brought up and some low hanging fruit items observed based on the learning experience. This is a very useful resource for anyone getting started on Cypher.

TheFreezeTeam will be doing a live stream every Wednesday @ 13:00–15:00 UTC+7 (may not be always around Tangram) and if you’re around, join in and follow to embark on his journey 😃.

Downloading and running Cypher:

Looking at the code:

If you’re interested, have questions and feedback:

Visit our website: www.tangrams.io

Read our blog: www.medium.com/@tangramd

Subscribe on Reddit: www.reddit.com/r/Tangrams

Discover us on Discord: www.discord.tangrams.io

Message us on Telegram: https://t.me/Tangrams

Follow us on Twitter: www.twitter.com/tangram

Watch on YouTube: https://www.youtube.com/channel/UCoe5hPG_zjltaG_j2n1Oh4Q

Email: info@getsneak.org



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

Tangram was created with a singular vision: to inspire, mobilize and empower a new generation of cypherpunks.