Rehashing cryptography

Cryptography is the study of secure communication techniques that prevent third parties or the public from reading private messages and allow only the intended recipient of a message to view its contents. It is the cornerstone of information security, which serves as the basis for delivering secure business applications and services. Modern cryptography concerns itself with the following five objectives of information security:

• Confidentiality: This is the concept of preventing sensitive data from being accessible by any unauthorized entities
• Integrity: This means protecting sensitive data from unauthorized changes during transit from one party to another party
• Authentication: This is the process of ensuring that user identity is truly what the user claims it to be, whether the user is human or a system
• Authorization: This is the concept of determining what actions an authenticated user is allowed to perform
• Non-repudiation: When a user performs an action on data, the action must be bound with the user so that it can’t deny performing such actions

Cryptography deals with the design of algorithms for encryption and decryption, which are intended to ensure the secrecy and authenticity of the messages or transactions in question. Let’s start with some key elements in modern cryptography:

• Encryption: This is the process of converting plain text or data into an unintelligible form, typically using a mathematical algorithm.
• Decryption: This is the process of reversing encryption, converting an encrypted message back into its original text and data.
• Hash: This is the process of converting any data block (arbitrary size or message) into a fixed-length hash code. A cryptographic hash function is a deterministic mathematical function performing such a conversion using cryptography, and it always maps to the same result for a given data block.

Cryptography is the linchpin and one of the three pillars of blockchain technology, along with the consensus mechanism and P2P network. It is used in many different forms, including, for example, wallets (for proof of cryptocurrency ownership), transactions (for PoW consensus), and P2P communication. In the following subsections, we will go over key blockchain-related cryptography topics, including public-key cryptography, digital signatures, cryptographic hashing, and Merkle trees.

Public-key cryptography

Public-key cryptography is a form of cryptographic function in which encryption and decryption are performed using two different keys — one public and one private key. They are generated in pairs. It is also called asymmetric cryptography. The public key can be shared with the public, but the private key is meant to be a secret code only known by its owner.

The keys are used in tandem too. Either of the two keys can be used in encryption, with the other one used for decryption. It is computationally improbable to determine the private key given only knowledge of the cryptographic algorithm and the public key.

Public-key cryptography is mostly used to do the following three things:

• Secure the message transmission between two parties and ensure the confidentiality of messages or data
• Authenticate the sender and ensure the message is indeed sent from the sender
• Combine it with the cryptographic hashing function and provide a digital signature on a document before sending it to the receiver

We will go over the first two here and discuss digital signatures in the following section:

• Public-key cryptography for confidentiality: In this case, as depicted in the following diagram, the receiver’s keys are used to encrypt messages between two parties during transmission. The sender (Alice) uses the receiver’s public key to encrypt a message, and the receiver (Bob), who holds their own private key in secrecy, can decrypt the messages using their private key:

Figure 1.11 – Confidentiality with public key

• Public-key cryptography for authentication: In this case, as shown in the following diagram, the sender’s keys are used to authenticate the sender’s message. The sender uses its own private key to encrypt a message before sending it to the intended parties. The receiver can use the sender’s public key to confirm the message’s authenticity and decrypt it. The combination of this approach with the message’s cryptographic hashing function provides a digital signature, which we will discuss in the next section:

Figure 1.12 – Authentication with public key

Public-key cryptography is an essential technology underpinning wallets and transactions in the blockchain. We will discuss the Bitcoin wallet in the Understanding Bitcoin and cryptocurrency section.

Cryptographic hash function

A cryptographic hash function is an algorithm used to randomly convert a string of binary data into a condensed representation of a message — a message digest. Its output is called a hash value, digital fingerprint, digest, or checksum. It is deterministic and always results in the same hash value for a given message. It is capable of taking any size of data block and producing a fixed-size hash value that uniquely identifies the original data block. It is a one-way, irreversible function; the only way to recreate the input data is to try a brute-force approach with all possible values to see whether there is a match, which is almost computationally infeasible.

Notable hash functions include MD5, SHA-1, SHA-2 and SHA-3. Although they are still widely in use, MD5 and SHA-1 are cryptographically broken due to collision attacks found in the algorithm, and are thus no longer recommended.

Cryptographic functions have been widely used in blockchain technology, including the following:

• Merkle trees: As we showed earlier, when a miner node pulls transactions from the transaction pool, it packages them in a block, where the block header has a field referencing the Merkle root of all transactions.
• Block chaining: Blocks in the blockchain are chained together with a reference to the previous block using a cryptographic hash.
• PoW: The PoW consensus algorithm itself is a game in solving a cryptographic hash function. We will discuss it in more detail in the Understanding the blockchain consensus mechanism section.

In addition to cryptographic hash functions, digital signatures have been broadly leveraged in blockchain networks too. We will discuss their usage in the next subsection.

Digital signatures

A digital signature is a set of algorithms for determining the authenticity and integrity of digital messages or documents. It assures the recipient that the message was indeed created by the expected sender and that the message was not altered during transmission. The sender cannot deny having sent the message.

When Alice sends a document to Bob, she will follow certain steps to digitally sign the document, as shown in the following diagram:

Figure 1.13 – Digital signature

The steps to digitally sign the document are as follows:

1. Calculate the message digest of the document Alice wants to send to Bob with a cryptographic hash function, usually any SHA-2 or SHA-3 algorithm.
2. Encrypt the message digest with Alice’s private key, append the encrypted message digest to the original document, and send the combined message out.
3. Once Bob receives the combined message from Alice, he will separate the encrypted message digest from the document itself. Bob will use Alice’s public key to decrypt the encrypted message digest.
4. At the same time, Bob will calculate the message digest of the received document and compare the resulting message digest with the decrypted message digest to see whether there is a match. If yes, Bob is assured that the document originated from Alice without any tampering.

In blockchain, a digital signature is a way to prove ownership of the underlying cryptocurrency or electronic coin. When Alice needs to pay Bob 10 BTC, she will digitally sign a hash of the previous transaction, which can prove that Alice has ownership of the 10 BTC.

In summary, cryptography is one of three foundational pillars in blockchain technology. Public-key cryptography is the basis for blockchain wallets and transactions, and the cryptographic hash function is a key element underpinning the PoW consensus mechanism. A digital signature is used as proof of ownership of electronic coins or cryptocurrency.

In the next section, we will introduce and look at a blockchain consensus mechanism in detail and discuss how cryptography technologies are leveraged to reach consensus among decentralized parties.