Cryptography in Blockchain (Part 6- Blockchain Series)
Welcome to the sixth part of the 100 part series on Blockchain.
Part 1: What is Blockchain technology?
Part 2: Components of a Block in the Blockchain
Part 3: Hash Functions in Blockchain
Part 5: Merkle Tree in Blockchain
The function of cryptography is to protect the users’ identities, ensure secure transactions, and protect all sorts of valuable information on the network. Thanks to cryptography, because of which information recorded on Blockchain is valid and secure. But what is cryptography? Cryptography is a technique of securing and transmitting data so that only those individuals for whom the data is intended can read it and access it. Thus, preventing unauthorized access to the data. In the word cryptography, the prefix “crypt” means “hidden,” and the suffix “graphy means “writing.”
Encryption and Decryption
Encryption and decryption are the two critical functionalities of cryptography.
Encryption: Encryption is the process of transforming the original information (plaintext) into random numbers that appear to be meaningless (ciphertext).
Decryption: Decryption is the process of converting ciphertext into its original form of plaintext.
Plaintext refers to any information that humans or a machine can directly read and understand. This may be English sentences, a script, or Java code. If one can make sense of what is written, it is said to be in plaintext. On the other hand, ciphertext or encrypted text is a series of random letters and numbers which humans cannot make any sense of.
An encryption algorithm takes in a plaintext message, and the key (a string of characters) within the encryption algorithm locks and encrypts data to convert it into ciphertext. Only someone with the right decryption key can unlock or decrypt the ciphertext and convert it into plaintext.
There are various ways by which plain text can be modified to obtain ciphertext. For instance,
(a) Substitution: It involves replacing characters of plaintext with other letters, numbers, or symbols. For example, with a shift of +1, A would be replaced by B, B by C, and so on. Therefore,
Plaintext: BLOCKCHAIN IS THE FUTURE
Ciphertext: CMPDLDIBJO JT UIF GVUVSF
In this case, the encryption key will be +1.
(b) Transposition: In the transposition technique, the positions of the characters of plaintext are changed to create the ciphertext. For example, in the below figure, “HCLBCOKHIIATNSETFERUU” is the ciphertext for the plaintext “BLOCKCHAIN IS THE FUTURE” using the encryption key 7421635.
Although the above examples illustrate how cryptographic keys can turn plaintext into ciphertext, cryptographic keys actually used are far more complex and can scramble a text beyond human recognition to generate the ciphertext.
Types of cryptography
Based on the types of key and encryption algorithms used, cryptography can be divided into three types:
(i) Symmetric cryptography: Symmetric cryptography, also known as secret-key cryptography, is an encryption system where the same secret key is used to both encrypt and decrypt the data. The entities/parties communicating via symmetric encryption must exchange the key with recipients so that it can be used in the decryption process. Symmetric cryptography is faster and simpler, but the problem is that the sender and receiver have to somehow exchange the secret key securely.
(ii) Asymmetric cryptography: Asymmetric cryptography, also known as public-key cryptography, is an encryption system that uses two keys- one is used for encrypting data, while the other key is used for decrypting the data. Unlike symmetric cryptography, if one key is used to encrypt, that same key cannot decrypt the data; instead, the other key shall be used.
Out of two keys used, one key is kept private and is called the “private key,” while the other key is shared publicly and is open to be used by anyone; hence it is known as the “public key.” Therefore, the private key must be kept secret and should not be shared with anyone to keep it from becoming compromised. So, only the authorized person, server, or machine has access to the private key. On the contrary, the public key can be shared with any other entity. For ease of understanding, consider your public key as your bank account number and private key as your bank account password. For someone to send you money, they just need to know your public (bank account) address. However, only you can access the funds in your bank account because you are the only one who knows your password or has access to your private key.
The mathematical relation of the keys is that the private key cannot be derived from the public key, but the public key can be derived from the private key because a public key is a mathematical result of its associated private key. This leads to a more robust level of security for the data.
How asymmetric cryptography works?
Let’s assume A wants to send an encrypted message to B; then, he can encrypt the message with the intended recipient B’s public key before sending it. After receiving the message, B can decrypt the message using his related private key.
And on the other hand, sender A can also encrypt the message with his own private key before sending it to B. In this case, B uses sender A’s public key to decrypt the message. This proves that the message originates from A, and nobody else. Since anyone can access A’s public key, the message encrypted by A’s private key won’t be a secret per se, but it can be used to prove the authorship of that message or information. This is also called digitally signing the message.
Therefore, encrypting the information with the receiver’s public key makes the information readable only by the receiver. On the other hand, encrypting the information with the sender’s private key proves the identity of the sender.
(iii) Cryptographic Hashing/Hashing: Both symmetric and asymmetric cryptographic functions are two-way functions meaning that you can encrypt some data, and then the person who receives the encrypted data can decrypt it to obtain the original data. But now, we need to understand that cryptographic Hashing is a one-way function. Hashing is a technique or process of generating a fixed-length output “hash” for any input data irrespective of its size and length. This is done by the hash functions/ algorithms like MD5, BLAKE2, SHA-1, SHA-256, etc. The input can be a single character, an MP3 file, an entire book, or an excel sheet of your banking history. But the hash function generates a fixed length of the output. This type of encryption doesn’t use keys, unlike symmetric and asymmetric cryptography.
Blockchain uses two types of cryptographies: asymmetric cryptography and cryptographic hashing.
Importance of Cryptographic Hashing/Hashing in Blockchain
Provides security and immutability: A slight change in the data can result in a significantly different output, i.e., Hash. For instance, “Blockchain is the Future” and “Blockchain is the Future!” (with just one extra exclamation mark) will have completely different hashes. This property of hashing makes the data reliable and secure on the Blockchain because any changes in the data will lead to the changes in hash value of the block to which it belongs and subsequently changes the hashes of the following blocks, making the Blockchain invalid. Thus, hashing is essential in keeping an immutable record of transactions/data on Blockchain.
Additionally, cryptographic hash functions work as one-way functions that encrypt the data. It is mathematically impossible to decrypt the data in any other method other than randomly guessing input until you’re able to recreate that hash output. In simple words, if you have a hash, you can not decrypt it to find the corresponding input. So in a real-life scenario, even if a hacker gets access to a hash output, it is completely useless as he can’t decrypt it to get the input. The hash is used to agree between all parties that no transaction/data in the history has been tampered with because any alteration in the block data can lead to inconsistency and break the blockchain, making it INVALID.
Therefore, cryptographic hashing is one of the key components which enables security and immutability on the Blockchain.
Digital signature in Blockchain
In addition, blockchain relies on digital signatures, as they are primarily used to verify the authenticity of transactions. It is common in the real world to use handwritten signatures on paper to bind a person to an agreement. For example, say Steve buys a car for $15,000 and writes a cheque as payment. The signature guarantees that only Steve could have signed the cheque. Therefore, Steve’s bank must pay the cheque.
Similarly, a digital signature binds a person to the digital data, i.e., provides verification that the transaction was created by a known person and was not altered in transit. Each digital signature is unique to the transaction being signed. After a digital signature is used once, it can never be reused or repurposed.
How does digital signature work?
Digital signatures in Blockchain can be created using asymmetric cryptography algorithms and cryptographic hashing. All participating users on the Blockchain network must have a Private-Public key pair, generated mathematically by the algorithms.
Let’s understand digital signature through certain examples. Every transaction that is executed on the Blockchain is digitally signed by the sender using his private key.
Example 1: Suppose Phil wants to send a document/message to Jane on Blockchain.
(i) To create a digital signature, the signer Phil has to feed the document data to the hash function, which generates the one-way hash of the electronic data to be signed. The value of this hash is unique to the document.
(ii) The private key of the Phil is used to encrypt the hash. For this, the hash value and private key are fed to the signature algorithm (e.g., ECDSA), which produces the digital signature on a given hash.
(iii) Phil then sends the data with the digital signature to the intended receiver Jane. Additionally, the digital signature + the public key of Phil are enough for nodes to verify that the private key associated with Phil has been used to make such a signature. Hence, it can be proved that the transaction is authenticated and the document has been sent by Phil.
(iv) After receiving the data and signature on it, the receiver, Jane can verify it. This would involve two steps, generating the hash of the sent data and decrypting the encrypted hash. By using the signer’s public key, the hash can be decrypted. If the decrypted hash matches a second recomputed hash of the same data, it proves that the data hasn’t changed since it was signed. On the other hand, if the two hashes don’t match, it indicates that the data has been tampered with.
Example 2: Suppose Phil wants to send 1 Bitcoin (BTC) to Jane. To achieve this, each account owner in the network needs to have a digital wallet that assigns them a public/private key pair. The public key is the address of the digital wallet. You are safe sharing it with others when you want them to send you bitcoin/cryptocurrency. On the other hand, the private key is used to assign and authorize the cryptocurrency to be spent or sent elsewhere.
To send 1 BTC to Jane,
(i) The transaction details, including the amount to be sent (1BTC), recipient (Jane) address, etc., are hashed, and the hashed transaction is then signed using Phil’s private key. The signed transaction is then sent to nodes on the network.
(ii) The miners, who know his public key, will then check the transaction conditions and validate the authenticity of the signature.
(iii) Once validity is confirmed, the block containing that transaction will be created by a validator/miner. Thus, the receiver, i.e., Jane, receives 1BTC from Phil in her wallet.
Therefore, the digital signature ensures that only the account owner can move money out of the account.
Advantages of digital signature
1. Authenticity: Digital signature enables the receiver to confirm data authentication by validating the digital signature with the sender’s public key. Also, the receiver can be sure that he/she is communicating with the person they intend to.
2. Data integrity: Digital signatures ensure that the data has not been illegally accessed and modified by any hacker. For instance, if a hacker has access to the document and alters it, the hash of the modified document and the output hash provided by the decrypting digital signature will not match. Hence, the receiver can safely deny the document assuming that data integrity has been breached.
3. Non-repudiation: Digital signatures also provide non-repudiation of the data. Non-repudiation means that participants cannot deny the transaction in the Blockchain. For example, A sent a signed document to B, so A cannot deny that he didn’t send the document to B. And at the same time, B cannot claim that he did not receive this document. This is because the person who sent the document had to be in possession of a private key to sign the document. Therefore, the receiver can present the document and digital signature to a third party as evidence if any dispute arises in the future.
If you liked this article and want to know more about Blockchain, NFTs, Metaverse, and their applications, click the below link.
Happy learning!
