Module 2onblockchain technologies 2.pptx

MODULE 2- CHAPTER 1: Hash Functions

What is hashing? Hashing is the process of converting data — text, numbers, files, or anything, really — into a fixed-length string of letters and numbers. Data is converted into these fixed-length strings, or hash values, by using a special algorithm called a hash function. 2.1,2.2 Hashing

Properties of hashing algorithms: 1. Deterministic If you use the same data input and the same hashing algorithm, then the final hash value should be the same, no matter how many times the parsing is done with a particular input through a hash function. This is a key aspect of using hash functions to authenticate data. 2. Efficient in computation How efficiently the hash function produces the hash values for the input within set of data determines its efficiency. Complexity is O(1). An effective hashing algorithm quickly processes any data type into a unique hash value.

3. Collision Resistance In cryptography, collision resistance is a property of cryptographic hash functions: a hash function H is collision-resistant if it is hard to find two inputs that hash to the same output; that is, two inputs a and b where a ≠ b but H (a) = H (b). 4. Preimage resistance An expected property of a cryptographic hash function such that, given a randomly chosen message digest (hash value , H(A)), it is computationally infeasible to find a preimage of the message digest (ie A, where A is the input) if the input is large. Since hash functions are deterministic, hash of a particular input will always be the same.

5. Avalanche effect A small change in the input drastically changes the output of the hash function. A slight change in input should result in a significant change in the cipher-text. This property is termed as avalanche effect . A single bit change in the input causes a change of on an average half of the bits of the output.

Security Requirements for the Hash Functions: 1. Preimage Resistance: Given a hash value H from a hash function, it should be hard to find the original string S such that, H=Hash(S). The Hash functions that do not possess or lack this characteristics are vulnerable to preimage attacks. 2. Second Preimage resistance: Given an input string S1, it would be practically hard to find another string S2 (other than S1) such that Hash(S1)=Hash(S2). This property is refereed as weak collision resistance . Hash functions that lack this property are vulnerable to second preimage attacks.

3. Collision Resistance It should be hard to find two different strings S1 and S2 such that Hash(S1)=Hash(S2). Such a pair is known as hash collision . Also known as strong collision resistance. It requires hash value atleast twice as long as what is required for preimage resistance. Attacks in Hash Functions: Its an information security threat that involves an attempt to obtain, alter, destroy, remove or reveal information without authorized access.

Apart from intruders, the transfer of message between two people also faces other external problems like noise, which may alter the original message constructed by the sender. To ensure that the message is not altered there’s this cool method MAC . 2.3 Message Authentication Code (MAC)

Here in MAC, sender and receiver share same key where sender generates a fixed size output called Cryptographic checksum or Message Authentication code and appends it to the original message. On receiver’s side, receiver also generates the code and compares it with what he/she received thus ensuring the originality of the message. These are components: Message Key MAC algorithm MAC value

MD5 is the abbreviation of message digest algorithm , which takes as input a message of arbitrary length and produces as output 128 bit finger print or message digest of the input. 128bits= 4 words of 32 bits Designed for 32bit machines focusing on the speed in 1992 by Ronald Rivest . The MD5 algorithm is used as an encryption or fingerprint function for a file. The MD5 hash function was originally designed for use as a secure cryptographic hash algorithm for authenticating digital signatures . 2.3.1 MD5 Design

Working of MD5: 01010100 01101000 01100101 01111001 00100000 01100001 01110010 01100101 00100000 01100100 01100101 01110100 01100101 01110010 01101101 01101001 01101110 01101001 01110011 01110100 01101001 01100011 Total bits in original message= 176 bits Example: original message=“They are deterministic”

01010100 01101000 01100101 01111001 00100000 01100001 01110010 01100101 00100000 01100100 01100101 01110100 01100101 01110010 01101101 01101001 01101110 01101001 01110011 01110100 01101001 01100011 10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1. Append Padding Bits: In the first step, we add padding bits in the original message in such a way that the total length of the message is 64 bits less than the exact multiple of 512. The padding includes one bit of ‘1’ followed by necessary bits of ‘0’ Then we get padding bits= 272 bits . Total=448 bits =448 modulo 512 original message + padding bits= 512 * i – 64 where i = 1,2,3 . . .

Step 2: Append Length: 64 bit representation of the original message bit representation is appended at the end of step 1. 01010100 01101000 01100101 01111001 00100000 01100001 01110010 01100101 00100000 01100100 01100101 01110100 01100101 01110010 01101101 01101001 01101110 01101001 01110011 01110100 01101001 01100011 10000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 10110000

Step 3:Initialize Message Digest buffer 4 word buffers are used to compute the message digest. Each A,B,C,D are 32 bit registers. A = 01 23 45 67 B = 89 ab cd ef C = fe dc ba 98 D = 76 54 32 10

Step 4:Process message in 16 word blocks Each 512-bit block gets broken down further into 16 sub-blocks of 32 bits each. There are four rounds of operations, with each round utilizing all the sub-blocks, the buffers, and a constant array value. This constant array can be denoted as K1 to K64 , abs(sin(i))× 2 32 , i th element of table in radians. Each of the sub-blocks are denoted as M to M 15 . M0 – 01010100 01101000 01100101 01111001 M1 – 00100000 01100001 01110010 01100101 M2 – 00100000 01100100 01100101 01110100 M3 – 01100101 01110010 01101101 01101001 M4 – 01101110 01101001 01110011 01110100 M5 – 01101001 01100011 10000000 00000000 M6 – 00000000 00000000 00000000 00000000 M7 – 00000000 00000000 00000000 00000000 M8 – 00000000 00000000 00000000 00000000 M9 – 00000000 00000000 00000000 00000000 M10 – 00000000 00000000 00000000 00000000 M11 – 00000000 00000000 00000000 00000000 M12 – 00000000 00000000 00000000 00000000 M13 – 00000000 00000000 00000000 00000000 M14 – 00000000 00000000 00000000 00000000 M15 – 00000000 00000000 00000000 10110000

It passes B, C, and D onto a non-linear process. The result is added with the value present at A. ( It adds the sub-block value to the result above. Then, it adds the constant value for that particular iteration. There is a circular left shift applied to the string. As a final step, it adds the value of B to the string and is stored in buffer A. Note: All additions are modulo 2 32

Non linear Process at each round: Round 1: F(B, C, D) = (B∧C)∨(¬B∧D) Round 2: G(B, C, D) = (B∧D)∨(C∧¬D) Round 3: H(B, C, D) =B⊕C⊕D Round 4: I(B, C, D) = C⊕(B∨¬D) K1 to K16 are used in the first round, K17 to K32 are used in the second round, K33 to K48 are used in the third round, and K49 to K64 are used in the fourth round.

Example Continued: F (89abcdef, fedcba98, 76543210) = (89abcdef AND fedcba98) OR (NOT-89abcdef AND 76543210) F(B, C, D)= fedcba98 Next is addition, Y =A+F(B,C,D) Mod 2 32 = (01234567 + fedcba98) mod 100000000 Y = ffffffff Next is addition, Z = Mi+Y Mod 2 32 =( 54686579 + ffffffff ) mod 100000000 Z = 54686578 Adding in the constant, K i +Z Mod 2 32 (d76aa478 + 54686578) mod 100000000= 2bd309f0

Round one S1, S5, S9, S13 – 7 S2, S6, S10, S14 – 12 S3, S7, S11, S15 – 17 S4, S8, S12, S16, – 22 Round two S17, S21, S25, S29 – 5 S18, S22, S26, S30 – 9 S19, S23, S27, S31 – 14 S20, S24, S28, S32 – 20 Round three S33, S37, S41, S45 – 4 S34, S38, S42, S46 – 11 S35, S39, S43, S47 – 16 S36, S40, S44, S48 – 13 Round four S49, S53, S57, S61 – 6 S50, S54, S58, S62 – 10 S51, S55, S59, S63 – 15 S52, S56, S60, S64 – 21 Example: Round 1, iteration 1 ( ie S1) Hexa decimal values switched to binary: 0010 101 1 1101 0011 0000 1001 1111 0000 After circular left shift of 7bits, we get 1110 1001 1000 0100 1111 1000 0 001 0101 we convert this number back to hexadecimal, we get: e984f815 Circular left shift

When we put all of the numbers in, we get: (89abcdef + e984f895) mod 100000000= 7330C604 End of first operation Continue the successive operations for all 4 rounds, then finally result generated is A= 61f11418 B – 06fbee52 C – 8a1a2bf5 D – 9437d949 Hash = ABCD H (They are deterministic) = 61f1141806fbee528a1a2bf59437d949 So the general formula can be summarized as A=B+((A+F(B,C,D)+ Mi+Ki <<S)

Advantages of MD5

Vulnerabilities of MD5 As technology has advanced, MD5 has shown significant vulnerabilities: 1. Collision Vulnerabilities MD5 is susceptible to collision attacks, where two different inputs produce the same hash. This poses a severe security risk, particularly in applications like digital signatures. 2. Preimage Attacks Attackers can reverse-engineer the hash to find an input that matches a given MD5 hash, compromising data security. 3. Speed The speed at which MD5 can generate hashes makes it susceptible to brute force attacks. * A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys

The Secure Hash Algorithm 1 (SHA-1) is a cryptographic computer security algorithm. It was created by the US National Security Agency in 1995. SHA-1 produces a 160-bit hash value or message digests from the inputted data. Whereas MD5 generated message digest of 128 bits. It uses 80 rounds of cryptographic operations to encrypt and secure a data object. SHA-1 is commonly used in cryptographic applications and environments where the need for data integrity is high. 2.4 Secure Hash Algorithm-1 (SHA-1)

1. Preprocessing: The original message is padded so that its length is congruent to 448, modulo 512 (meaning that when the length is divided by 512, the remainder is 448). The padding includes one bit of ‘1’ followed by necessary bits of ‘0’ and finishes with a 64-bit integer representing the length of the original message. 2. Message schedule: The padded message is then divided into 512-bit blocks. Each 512 bit block is divided into sixteen words (a total of 16 x 32bits = 512 bits). Let us name it as, W0,W1,W2,….,W15

3. Initialize the buffer Five word buffers (each 32-bit long) are initiated. A,B,C,D,E. These five registers are initialized to the following 32-bit integers (in hexadecimal notation). A = 67 45 23 01 B = ef cd ab 89 C = 98 ba dc fe D = 10 32 54 76 E = c3 d2 e1 f0 In SHA-1, these values are saved in big-endian format , which define that the most essential byte of the word is located in the low-address byte position.

4 :Process message in 512-bit blocks The compression function includes four rounds of processing where each round is made up of 20 steps. The four rounds are structurally same as one another with the only difference that each round need a different Boolean function, which it can be defined as F(t) , where t is step/iteration number. and constants Kt (0 ≤t ≤79) which is based on the step under consideration.

Round 1: F(t) = (B and C) or ((not B) and D) Kt = 5A827999 (0<=t<=19) Round 2: F(t) = B xor C xor D Kt = 6ED9EBA1 (20<=t<=39) Round 3: F(t) = (B and C) or (B and D) or (C and D) Kt = 8F1BBCDC (40<=t<=59) Round 4: F(t) = B xor C xor D Kt = CA62C1D6 (60<=t<=79)

We know, W1 to W15 are available from step 2. To input W 16 to W 79 , to the network, we need to compute them using the formula, W t =S^1(W t-3 XOR W t-8 XOR W t-14 XOR W t-16 ) S^1 indicates circular left shift by 1 bit in binary representation. According to the diagram on the previous slide, new values of buffers in each step are E=D, D=C and B=A C= S^30(B) A=K t +W t +S^5(A)+E+F(B,C,D) Note: S^5(A) indicates circular left shift of 5 bits in buffer A.

4. Result: The final result of the SHA-1 algorithm is a concatenation of the five 32-bit hash values from the resulting buffers A,B,C,D,E, resulting in a single 160-bit hash. input SHA1 Hash Hello,World ! 0a0a9f2a6772942557ab5355d76af442f8f65e0

Applications of SHA-1: Password Storage: SHA-1 is used to store passwords in databases. Instead of storing the actual password, the system stores the hash value of the password, making it difficult for attackers to steal passwords. Secure Communications: SHA-1 is used in secure communication protocols such as Transport Layer Security (TLS) and Secure Sockets Layer (SSL) to ensure data integrity and confidentiality.

Vulnerabilities of SHA-1: The primary vulnerability of SHA-1 is its collision resistance , which means that it is possible to find two different messages that produce the same hash value. This can be exploited in various attacks, including: Birthday Attack : The birthday attack is a type of collision attack where an attacker tries to find two different messages that produce the same hash value. With SHA-1, a birthday attack can be carried out with 2⁸⁰ computations, which is within the reach of modern computing power.

Man-in-the-Middle Attack: In a man-in-the-middle attack, an attacker intercepts the communication between two parties and alters the data. With SHA-1, an attacker can create a fraudulent message with the same hash value as the original message, making it difficult to detect the alteration.

SHA-3 is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015 designed by Guido Bertoni . Keccak-256 is a hashing algorithm that comes from the SHA-3 family mainly used by Ethereum . Keccak(pronounced as ketchak ) is based on a novel approach called sponge construction . Keccak-256 is a one-way hash function. Means you can convert the input to a hash, but it is not possible to determine the content based on the hash. 2.5 Secure Hash Algorithm Version 3 (SHA-3)

Keccak-256 is part of the Keccak family. In addition to Keccak-256, there are a number of other hashing protocols that fall within the SHA-3 family. These are: SHA3-224; SHA3-384; SHA3-512. Keccak-256 is used by Ethereum , while SHA-256 is used by Bitcoin (BTC). If we were to store raw data on a blockchain , it would be possible for everyone to view the data. That would mean that the data is not stored 100% securely. Instead, it is better to store data encrypted: you will then only see a hash. You cannot determine what the content looks like from this hash. As an outsider, this hash is therefore of no use to you.

Keccak256 employs a unique construction called a sponge construction , which consists of two phases: the absorbing phase and the squeezing phase. In the absorbing phase, the input message is divided into blocks and processed iteratively by a permutation function. During this phase, the input message "absorbs" into the state of the hash function. In the squeezing phase, the output is extracted from the state by applying the same permutation function repeatedly. This process continues until the desired output length is reached.

SHA-3 is based on three features: 1. Sponge Construction: It is a function whose input is a variable sized length string and output is a variable length based on fixed length permutation. Here the data is absorbed into the sponge, subsequently the result is squeezed out. Firstly, Take the input message and partition into fixed size blocks. Size of the part of the state that is written and read is known as the rate (r )(size of the bits of input blocks); and the size of the part that is untouched by input/output is known as the capacity. This capacity(c) determines the security of the scheme.

Sponge Construction Steps: Initialization: Start with an internal state of fixed size. In the case of SHA-3, the internal state is a 5x5 array of 64-bit words, creating a 1600-bit state. Absorption Phase: Divide the input message into blocks. Each block is XORed with a portion of the internal state, and then the entire state undergoes a permutation (mixing operation). Squeezing Phase: Once all the input blocks are absorbed, continue the permutation and extract the desired number of bits from the internal state to form the hash value. Repeat as Needed: If more bits are needed for the hash, continue the squeezing phase by repeating the permutation and extracting more bits until the required hash length is achieved.

2. Padding This is the process that is similar with the previous hashing algorithms. Before we can start hashing our message we need to make sure that they are of the standard length and for that we carry out the padding process. What is the standard size we need to meet and for that we will look at how Keccak calculate the internal state size in bits (input size) . b = 5*5 x 2ˡ ; b = state size value of l = {0, 1, 2, 3, 4, 5, 6 } value of b = {25, 50, 100, 200, 400, 800, 1600 } For SHA-3 the value of ‘l’ was decided to be 6 . Higher the state size better the security it provides . So standard b value is 1600 bits (input size)

Now, based on the value of ‘l’ we also decide how many rounds of computation needs to be carried out for each part of the padded message. rounds = 12 + 2 x l = 12 + 2*6 ; as l = 6 = 24 ; 24 rounds in total Now, we know that for SHA-3 we will have the state size of 1600 bits (input size) and the number of rounds of computations will be 24 .

Here, r: rate {Size of part of state which is written and read} b: width of bit blocks {Calculated by (5 x 5 x w) where w= 2ˡ . Here we have taken l=6 which makes b=1600} c: capacity = b-r {Size of part of state untouched by input and output} d: Length of output string (Eg:224 or 256 or 512) N: Length of input string f: Permutation function(Absorbing phase), State transformation function(Squeezing phase) Z: bit string (which will combine to form output string of length d) Z=sponge[f,pad,r](N,d) S: State which comprises of b bits and is made of r and c

Absorbing Phase P=N||pad( r,length (N)) First and the last bit of the padding will be ‘1’ and all bits in between will be ‘0’. Eg:10000…0001 can be written as 10*1 After padding they are divided into ‘n’ parts such as n times r is equal to the length of the padded message. Mathematically it can be represented as such. n=length(P)/ r P = length of message after padding n = number of parts in which we divide ‘P' r = length of the rate (size of each part) Note : Ex: when l=6, The sum of the values of ‘r’ and ‘c’ will always be equal to 1600 i.e. the sate size ( r+c =1600)

3. Block Permutation Block transformation is a permutation that uses XOR, AND, NOT operations. It uses 64 bit words. (64bits* 25 words=1600 bits) As computed, this function consists of 24 rounds, each containing following steps: Computation of the parity Bitwise rotation Permutation of 25 words Bitwise combination along rows Exclusive OR

We can summarize the Steps to get the output: In the absorbing phase : Let the input string be N. Pad the input using the padding function and denote the result as P . We will pad the input such a way that n = length(P)/r gets the result as an integer. Here the padding function is 10*1 pattern i.e. something like 1000…01 2. Now break the P into n consecutive pieces(chunks). Denote these chunks as P(0), P(1), …,P(n-1). 3. Now initialize the state S to a string of b ‘0’ bits. In this case it will be 1600 bits.

4. Now for each P(i): I. Add c number of ‘0’ bits to P(i) so that the final length of P(i) is b. II. XOR (P(i),S ) III. Apply block permutation function to step II. ie f= Keccak_f[1600] This block permutation function uses 12+2*l rounds of five steps. The five steps are θ (theta), ρ (rho), π (pi), χ (chi) and ι (iota). The result is S(new) .

This computation of 24 rounds takes place ‘n’ number of times in the absorb function and then we reach the squeeze function. After all these rounds we have 1600 bits which we then segregate into ‘r’ and ‘c’ bits depending on the hash length. Moving to the squeezing phase : 5. Initialize an empty string Z. 6. While length(Z)<d: I. Append 1st r bits of S to Z. II. If Z<d bits then apply f to S. The result is now Snew . 7. Truncate Z to d bits. d determines the number of bits that this algorithm returns.

A secure hash function, like Keccak, has some properties: Given the output it is hard to get the input, It is hard to get two inputs that produce the same output, keccak256(input1) == keccak256(input2).

2.6 Hashing in Data Structures

A distributed hash table is a decentralized data store that looks up data based on key-value pairs . Every node in a distributed hash table is responsible for a set of keys and their associated values. The key is a unique identifier for its associated data value, created by running the value through a hashing function. The data values can be any form of data. A distributed hash table (DHT) is a distributed system for mapping keys to values. Key–value pairs are stored in a DHT, and any participating node can efficiently retrieve the value associated with a given key. The main advantage of a DHT is that nodes can be added or removed with minimum work around re-distributing keys. Keys are unique identifiers which map to particular values, which in turn can be anything from addresses, to documents, to arbitrary data. 2.7 Distributed Hash Tables

Distributed Hash Tables A distributed hash table (DHT) is a decentralized storage system that provides lookup and storage schemes similar to a hash table, storing key-value pairs. Each node in a DHT is responsible for keys along with the mapped values. Any node can efficiently retrieve the value associated with a given key. Just like in hash tables, values mapped against keys in a DHT can be any arbitrary form of data.

Just like hash tables, DHTs support the following 2 functions: put (key, value) get (key) The nodes in a DHT are connected together through an overlay network in which neighboring nodes are connected. This network allows the nodes to find any given key in the key-space.

KEY HASH HASH mod 3 "john" 1633428562 2 "bill" 7594634739 "jane" 5000799124 1 "steve" 9787173343 "kate" 3421657995 2 Let’s see an example. Say we have three servers, A , B and C , and we have some string keys with their hashes: A client wants to retrieve the value for key john. Its hash modulo 3 is 2, so it must contact server C. Here 3 indicates 3 servers available.

Why Is a Distributed Hash Table Used? Distributed hash tables provide an easy way to find information in a large collection of data because all keys are in a consistent format, and the entire set of keys can be partitioned in a way that allows fast identification on where the key/value pair resides. The nodes participating in a distributed hash table act as peers to find specific data values, as each node stores the key partitioning scheme so that if it receives a request to access a given key, it can quickly map the key to the node that stores the data. It then sends the request to that node. Nodes in a distributed hash table can be easily added or removed without forcing a significant amount of re-balancing of the data in the cluster.

DHTs characteristically emphasize the following properties: Autonomy and decentralization : The nodes collectively form the system without any central coordination. Fault tolerance : The system should be reliable (in some sense) even with nodes continuously joining, leaving, and failing. Scalability : The system should function efficiently even with thousands or millions of nodes. With regular hash for distribution, There will be re arrangement of keys when nodes are added/ removed

DHT uses consistent or rendezvous hashing to map keys to nodes. In consistent hashing , a hash ring is used to map the hash values to servers. Each server is represented as a point on the ring, and each data item is mapped to the closest server on the ring in a clockwise direction. It is designed to ensure that each data entity is consistently mapped to the same node irrespective of changes in the network topology or the addition or removal of nodes.

In consistent hashing, the set of all possible keys is called the “hash space.” The hash space is typically represented as a circle, with the keys distributed evenly around the circle. This representation is called a “hash ring.” We can add and remove servers without doing much of the shuffling of keys.

Hash space that range from 0 to n (if we are using SHA-1 hash function to create our hash then the range goes to 2¹⁶⁰ -1) Hash ring with representation of hash space

When we add a new server s5, it is mapped on the ring between s3 and s4. So the only requests that needs to be shuffled is r3. So from now on, r3 is handled by the server s5.

Rendezvous Hashing The rendezvous hashing, also called highest random weight hashing , All clients use the same hash function h() (chosen ahead of time) to associate a key to one of the n available servers. Each client has the same list of identifiers {S 1 , S 2 , ..., S n } , one for each server. Given some key k , a client computes ” n” hash weights w 1 = h(S 1 , k), w 2 = h(S 2 , k), ..., w n = h(S n , k) . The client associates this key with the server corresponding to the highest hash weight for that key. A server with ID owns all the keys for which the hash weight is higher than the hash weight of any other node for that key.

Rendezvous Hashing Hash all possible key-server combinations with a random hash function Assign the key to the server with the largest hash value Maintain the “first choice” invariant(never changing) when adding and removing servers Adding Servers: It is hard to maintain the “first choice” invariant when adding servers because the new server might become the first choice for a key that is already in the system.

In blockchain, whenever a transaction occurs, that transaction's data is taken as input to the hash function, which then produces a unique output. Each block in the blockchain carries the hash of the previous block, forming a chain of blocks (hence the term "blockchain"). If someone tries to alter the data in a block, the hash of that block changes, breaking the link to the following block and making the manipulation evident. The hash of all transactions within a block is taken together to form the Merkle tree, whose root, known as the Merkle root, is stored in the block header. Additionally, the block header contains the hash of the previous block, creating a chain of blocks. 2.8 Hashing in Blockchain

2 .9 Structure of a Block Let’s just draw a conceptual image of a block with reference to a ledger of transactions. The above image will create a simpler conceptual block visualization in your head. However, the actual block contains a lot more information than the ledger image above.

Block Structure Block header: The header data contains metadata of the block, i.e information about the block itself. The contents of the block header include- Hash of the previous block header. Hash of the current block. Timestamp. Cryptographic nonce. Merkle root. 2. Merkle tree: A Merkle tree is a binary tree formed by hash pointers, and named after its creator, Ralph Merkle, where each block is supposed to hold a certain number of transactions

1. Block Header – The Block header is an 80-Byte field that contains the metadata – the data about the block. Let’s briefly discuss the 6 components of the Block Header . Time – It’s the digitally recorded moment of time when the block has been mined . Version – It’s a 4-bytes field representing the version number of the protocol used. Usually, for bitcoin, it’s ‘0x1’. Previous Block Hash – It’s a 32-bytes field that contains a 256-bits hash (created by SHA-256 cryptographic hashing ) of the previous block. This helps to create a linear chain of blocks. Target hash – It’s a 4-bytes field/number that a hashed block header must be >= in order for a new block to be awarded. It tells the complexity to add the block. It’s also known as “difficulty bits.”

5. Nonce – It’s a 4-bytes field that contains a 32-bit number. These are the only changeable element in a block of transactions. In PoW , miners alter nonce until they find the right block hash. 6. Merkle Root – A 32-bytes field containing a 256-bit root hash. It’s constructed hierarchically combining hashes of the individual transactions in a block. 2. Merkle tree: A Merkle tree is a binary tree formed by hash pointers, and named after its creator, Ralph Merkle , where each block is supposed to hold a certain number of transactions

Merkle Trees

Merkle Tree Structure The different types of nodes in a Merkle tree are: Root node: The root of the Merkle tree is known as the Merkle root and this Merkle root is stored in the header of the block. Leaf node: The leaf nodes contain the hash values of transaction data. 3. Non-leaf node: The non-leaf nodes contain the hash value of their respective children. These are also called intermediate nodes because they contain the intermediate hash values and the hash process continues till the root of the tree.

Advantages of Merkle Tree Efficient Verification : Merkle trees offer efficient data integrity and validity verification and significantly reduce the amount of memory required for verification. No Delay : There is no delay when data is transferred over the network. Less Disk Space: Merkle trees take up less disk space compared to other data structures. Unaltered Data Transfer : Merkle root helps ensure that blocks sent over the network are whole and unaltered. Tampering Detection: Since transactions are stored in a Merkle tree, which stores the hash of each node in the top parent node, any changes to the transaction details, such as the amount to be debited or the address to which payment must be made, will propagate to the hashes in the upper levels and finally to the Merkle root.

What Is a Merkle Root? A Merkle root is a simple mathematical method for confirming the facts on a Merkle tree. They're used in cryptocurrency to ensure that data blocks sent through a peer-to-peer network are whole, undamaged, and unaltered. They play a very crucial role in computation, required to keep cryptocurrencies like bitcoin and ether running.

Merkle Tree Structure The different types of nodes in a Merkle tree are: Root node: The root of the Merkle tree is known as the Merkle root and this Merkle root is stored in the header of the block. Leaf node: The leaf nodes contain the hash values of transaction data. Each transaction in the block has its data hashed and then this hash value (also known as transaction ID) is stored in leaf nodes. Non-leaf node: The non-leaf nodes contain the hash value of their respective children. These are also called intermediate nodes because they contain the intermediate hash values and the hash process continues till the root of the tree.

Consider a block having 4 transactions- T1, T2, T3, T4. These four transactions have to be stored in the Merkle tree and this is done by the following steps- Step 1: The hash of each transaction is computed. H1 = Hash(T1). Step 2: The hashes computed are stored in leaf nodes of the Merkle tree. Step 3: Now non-leaf nodes will be formed. In order to form these nodes, leaf nodes will be paired together from left to right, and the hash of these pairs will be calculated. Firstly hash of H1 and H2 will be computed to form H12. Similarly, H34 is computed. Values H12 and H34 are parent nodes of H1, H2, and H3, H4 respectively. These are non-leaf nodes. H12 = Hash(H1 + H2) H34 = Hash(H3 + H4) Step 4: Finally H1234 is computed by pairing H12 and H34. H1234 is the only hash remaining. This means we have reached the root node and therefore H1234 is the Merkle root. H1234 = Hash(H12 + H34)

Why Merkle Trees are Important For Blockchain? Let us consider a scenario where blockchain does not have Merkle trees. In this case, every node in the network will have to keep a record of every single transaction that has occurred because there is no central copy of the information. This means that a huge amount of information will have to be stored on every node and every node will have its own copy of the ledger. If a node wants to validate a past transaction, requests will have to be sent to all nodes, requesting their copy of the ledger. Then the user will have to compare its own copy with the copies obtained from several nodes. Any mismatch could compromise the security of the blockchain . Further on, such verification requests will require huge amounts

Without the Merkle tree, the data itself has to be transferred all over the network for verification. Merkle trees allow comparison and verification of transactions with less computational power and bandwidth . If there exists a single hash for a transaction(as in Data5 of figure), the same hash value(hash5) is duplicated; and new hash 55 is computed.

MODULE 2- CHAPTER 2: CRYPTOGRAPHY

What is Cryptography? Cryptography derived its name from a Greek word called “krypto’s” which means “Hidden Secrets”. Cryptography is the process of hiding or coding information so that only the person a message was intended for can read it. Cryptography is the practice and study of hiding information & techniques for securing communication and data from adversaries . It is the Art or Science of converting a plain intelligible data into an unintelligible data and again retransforming that message into its original form. It provides Confidentiality, Integrity, and Accuracy of information. Cryptography plays a crucial role in information security and is employed in various applications, including secure communication, data protection, and authentication.

2.2.1 CRYPTOGRAPHY PRIMITIVES Cryptographic primitives are the basic building blocks of a security protocol or system.

Privacy/confidentiality: Definition : Confidentiality ensures that information is kept secret and is only accessible to authorized individuals or systems. Implementation: Encryption is a common technique to achieve confidentiality. It transforms plaintext data into ciphertext, making it unreadable without the appropriate decryption key. Encryption standards include AES(Advanced Encryption Standard) and DES (Data Encryption Standard). Example: When you use a secure messaging app, the messages are encrypted so that only the intended recipient can decipher and read them .

2. Authentication: Definition: Authentication verifies the identity of users, systems, or entities to ensure that they are who they claim to be. Implementation : Authentication is the mechanisms involve the use of credentials (e.g., passwords, biometrics, smart cards) or digital certificates to verify identity. Example: When you log into a secure website with your username and password, the system is authenticating you based on the provided credentials.

Authentication factors are used to verify the identity of users, systems, or entities. They are categorized into three main types: something you know something you have something you are. This is commonly referred to as the "three-factor authentication" or "multi-factor authentication (MFA)" framework.

Multi-Factor Authentication (MFA): Combining authentication factors from two or more categories adds an extra layer of security. For example, using a password (something you know) along with a one-time password from a mobile app (something you have) constitutes two-factor authentication (2FA). MFA enhances security by reducing the likelihood of unauthorized access, even if one factor is compromised.

Here are the types of authentication factors within each category: Something You Know: Passwords: Traditional and widely used. Users enter a secret password or passphrase. PINs (Personal Identification Numbers): Numeric codes known only to the user. Security Questions: Challenge-response questions that the user set up during the account creation. Something You Have: Smart Cards: Physical cards with embedded integrated circuits or chips containing authentication information. Key Fobs or Tokens: Small devices that generate time-based or event-based one-time passwords (OTP). Mobile Apps: Authenticator apps on smartphones that generate time-based OTPs or push notifications for authentication.

Something You Are: Biometrics: Physical or behavioral characteristics unique to an individual. Facial Recognition Fingerprint Scanning Iris or Retina Scanning Voice Recognition Hand Geometry Behavioral Biometrics (e.g., typing patterns, gait analysis)

Two-Factor Authentication (2FA): It is a security process that requires users to provide two different authentication factors to verify their identity. The goal of 2FA is to add an extra layer of security beyond just a username and password, as passwords alone may be vulnerable to various attacks. Here's how Two-Factor Authentication typically works: Something You Know (Knowledge Factor): This is typically the traditional username and password combination, which the user knows. Something You Have (Possession Factor): The second factor involves something the user possesses. This could be a physical device, a mobile app, or a token that generates one-time passwords (OTPs).

Three-Factor Authentication (3FA) It is an enhanced security measure that requires users to provide three different authentication factors to verify their identity. Building on the concept of Two-Factor Authentication (2FA), which combines two distinct factors for authentication, 3FA adds an additional layer of security to further reduce the risk of unauthorized access. The three typical factors in 3FA are: Something You Know (Knowledge Factor): This is the traditional password or passphrase that the user knows. Something You Have (Possession Factor): This involves a physical device, a token, or a mobile app that generates one-time passwords (OTPs) or codes. Something You Are (Biometric Factor): This factor relies on unique physical or behavioral characteristics of the user, such as fingerprints, retina scans, facial recognition, voice patterns, or other biometric traits.

Four-Factor Authentication (4FA) The (4FA) is less common and not as widely adopted as 2FA/3FA.It represents an even higher level of security by requiring users to provide four distinct authentication factors to verify their identity. Here's an overview of the potential factors in 4FA: Something You Know (Knowledge Factor): This is the traditional password or passphrase that the user knows. Something You Have (Possession Factor): This involves a physical device, a token, or a mobile app that generates one-time passwords (OTPs) or codes. Something You Are (Biometric Factor): This factor relies on unique physical or behavioral characteristics of the user, such as fingerprints, retina scans, facial recognition, voice patterns, or other biometric traits. Somewhere You Are (Geographical Factor): This involves verifying the user's physical location through GPS or IP address.

Five-Factor Authentication (5FA) The concept of 5FA was not widely adopted or discussed in mainstream security practices. Authentication mechanisms typically involve a trade-off between security and usability, and increasing the number of factors can potentially complicate the user experience. Here's a hypothetical breakdown: Something You Know (Knowledge Factor): Traditional password or passphrase. Something You Have (Possession Factor): Physical device, token, or mobile app generating one-time passwords (OTPs). Something You Are (Biometric Factor): Biometric identifier like fingerprints, retina scans, facial recognition, voice patterns, etc. Somewhere You Are (Geographical Factor): Verification of the user's physical location through GPS or IP address. Something You Do (Behavioral Factor): Analyzing patterns of behavior, such as typing speed, mouse movements, or other behavioral biometrics.

Integrity: Definition: Integrity ensures that data remains unchanged and unaltered during storage, transmission, or processing. Implementation: Hash functions are commonly used to verify integrity. A hash value (digest) is computed for the data, and any modification to the data will result in a different hash value. Example: File integrity checks use hash functions to verify that files have not been tampered with. If the hash of a file matches the expected value, the file is considered intact.

Integrity The idea here is to make sure that data has not been modified. Corruption of data is a failure to maintain data integrity. To check if our data has been modified or not, we make use of a hash function. We have two common types: SHA (Secure Hash Algorithm) and MD5(Message Direct 5). Now MD5 is a 128-bit hash and SHA is a 160-bit hash if we’re using SHA-1. Let’s assume Host ‘A’ wants to send data to Host ‘B’ to maintain integrity. A hash function will run over the data and produce an arbitrary hash value H1 which is then attached to the data. When Host ‘B’ receives the packet, it runs the same hash function over the data which gives a hash value of H2 . Now, if H1 = H2 , this means that the data’s integrity has been maintained and the contents were not modified.

Integrity To maintain data integrity or to check if our data has been modified or not, we make use of Parity bit and Cyclic Redundancy Check(CRC). A parity bit: It is a simple form of error-checking used in digital communication and data storage. It is a binary digit (0 or 1) that is added to a group of binary digits to make the sum of all the binary digits either even or odd. The purpose of the parity bit is to detect errors that may occur during data transmission or storage. Cyclic Redundancy Check(CRC) : It is a widely used method for detecting errors in transmitted data, especially in network communication, storage devices, and data transmission over unreliable channels. CRC employs polynomial codes to generate a checksum, or "remainder," that is appended to the data. The receiver can then perform a similar calculation to check for errors.

Nonrepudiation: Definition: Nonrepudiation prevents individuals from denying their actions or transactions. It ensures that a party cannot later deny that they sent a message, made a transaction, or took a specific action. Implementation: Digital signatures are often used to achieve nonrepudiation. A digital signature is unique to the sender and the content of the message, providing evidence of the sender's identity and intent. Example: In a digitally signed email, the sender cannot later deny having sent the message because their digital signature uniquely identifies them as the sender.

Here are key components and concepts related to nonrepudiation: Digital Signatures: Digital signatures are cryptographic techniques that bind a person's identity to the content of a message or document. The sender uses their private key to create a digital signature, and the recipient can verify the signature using the sender's public key. If the signature is valid, it provides assurance that the message has not been altered and was indeed sent by the purported sender. Public Key Infrastructure (PKI): In a PKI system, digital certificates issued by a trusted Certificate Authority (CA) bind public keys to individuals or entities. This strengthens the link between the identity and the digital signature. Timestamps: Timestamps are often used in conjunction with digital signatures to establish the time at which a message was signed. This can be crucial in legal contexts where the timing of events is significant.

2.2.2 Symmetric Cryptography Symmetric cryptography use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext . 2 methods for encryption (Substitution methods): Caesar Cipher Vigenere Cipher

Caesar Cipher The Caesar cipher is a simple encryption technique that was used by Julius Caesar to send secret messages to his officials. It works by shifting the letters in the plaintext message by a certain number of positions, known as the “shift” or “key”. It’s simply a type of substitution cipher, i.e., each letter of a given text is replaced by a letter with a fixed number of positions down the alphabet. For example with a shift of 1, A would be replaced by B, B would become C, and so on.

Caesar’s algorithm encrypts messages by “rotating” each letter by k positions. if p is some plaintext (i.e., an unencrypted message), p i is the i th character in p , and k is a secret key (i.e., a non-negative integer shift value), then each letter, c i , in the ciphertext, c , is computed as c i = (p i + k) % 26 Example: plain text =hi , Key=4, Cipher text= lm

Vigenere Cipher It is a polyalphabetic substitution cipher, which means that it uses multiple cipher alphabets to encrypt the plaintext. The Vigenère Cipher operates by using a keyword, typically a word or phrase, as the basis for encryption. In the Vigenère cipher, a message is encrypted using a secret key, as well as an encryption table

Let’s take this plaintext phrase as an example: IMPROVE YOUR PUZZLE SOLVING SKILLS the person encrypting would then pick a secret key, which would help encrypt and decrypt the message. for example secret key here is: BOXENTRIQ The next step is repeating the secret key enough times so its length matches the plain text. IMPROVE YOUR PUZZLE SOLVING SKILLS BOXENTR IQBO XENTRI QBOXENT RIQBOX Once the two lines are split into five-letter groups, start encrypting. Take one letter from the plaintext group and a letter from the secret key group (we’re going to start with I and B), and find the entry in the tabula recta where the row and column intersect. For this example, the first letter of the encrypted cipher text is J. JAMVB OVGEV FMYMS CMIPZ SMAZJ SYMZP

How to Decrypt it If you have the secret key, decrypting is as easy as encrypting. You can work backwards using the tabula recta. First repeat the secret key so its length matches the cipher text. JAMVB OVGEV FMYMS CMIPZ SMAZJ SYMZP BOXEN TRIQB OXENT RIQBO XENTR IQBOX Using the tabula recta, find the row that corresponds to the first letter in your secret key text- in this case, B. In the B row, find the corresponding cipher text letter J. The vertical column where that cipher text letter is located reveals the plaintext letter I.

Vigenere cipher , is relatively more difficult to crack than the Caesar Cipher because of the use of the entire shift word.

Mathematical form : Encryption=(Current Position +Key) mod 26

Encryption algorithms are divided into two categories based on the input type, as a block cipher and stream cipher. 2.2.2.1 Block Ciphers Block cipher is an encryption method which divides the plain text into blocks of fixed size. Each block has an equal number of bits. At a time, block cipher operates only on one block of plain text and applies key on it to produce the corresponding block of ciphertext. While decryption also only one block of ciphertext is operated to produce its corresponding plain text. Data Encryption Standard (DES) is the best example of it.

Data Encryption Standard (DES) uses 64 bit key of which 8 bits are reserved for error detection, and leaving 56 bits to be used for encryption & decryption. 64 bit block is divided into two 32 bit halves, fed to Fiestel system. Blowfish algorithm allows selecting key length of 32 bits to 448 bits. And blocksize of 64 bits

Advanced encryption standard uses 3 different size of keys: 128bit, 192bit and 256 bit taking 10,12 1nd 14 rounds of processing. Uses series of substitution (replacing i /p with output bits), permutation (shuffle bits) method. Input of 128 bits represented as 16 bytes arranged as 4 *4 matrix.

2.2.2.2 Stream Ciphers a stream cipher encrypts data one bit at a time instead of in blocks. Key part of this process is generating a stream of pseudorandom bits based on an encryption key and a nonce (a unique randomly generated number — “nonce” = number-only-used-once). Together, they create a keystream (that stream of pseudorandom bits we just mentioned) that gets XORed with your plaintext input, which encrypts it and results in your ciphertext output. This rinse-and-repeat process happens over and over again with each bit of plaintext data. However, it’s important to not use the same exact key-nonce combination again because it can result in a duplicate keystream.

2 Types of Steam Ciphers: Synchronous Stream Ciphers: A secret key generates keystreams, and they're made independently of both the plaintext and the ciphertext. Self-synchronizing stream ciphers: They use a secret key, but they include another form of randomization to make hacking harder.

Examples of Stream Ciphers Salsa20 (software and hardware implementations) : expands a 256-bit key into 2^64 randomly accessible streams, each containing 2^64 randomly accessible 64-byte (512 bits) blocks. ChaCha20 (the modified version of Salsa20) : uses a 256-bit key for both encryption and decryption. It generates a continuous keystream of pseudo-random bits, which are then XORed with the plaintext data to produce the ciphertext. RC4 ( Rivest Cipher 4 ) : is a fast, simple encryption algorithm developed in 1987 to implement byte-by-byte encryption using 64 or 128 bits long keys.

Cryptographic hash functions are different from other types of cryptography. They don’t encrypt data. Instead, they use complex math to turn any data into a unique code made up of letters and numbers. These codes are called hash codes, hash values, or message digests. They’re important for checking if data is safe; when data is sent or stored, its hash code is calculated and sent or kept with the data. Hash Vs Cryptography

2.2.3 Asymmetric Cryptography Asymmetric encryption, also referred to as public-key cryptography, is relatively new.

There are two keys. A public key , which everyone can access, trusted/untrusted. a private key , which is kept secret with the owner. The public key is used to encrypt or lock the data. The private key is used to decrypt or unlock the data. It’s important to understand that you can’t figure out the private key from the public key.

Example Scenario: John and Alice want to send a file containing sensitive information to each other in a public network that makes it hard to achieve secure communications. When sending data encrypted using asymmetric key cryptography, John and Alice will share their public keys. John, the sender, will use Alice ’s public cryptographic key to encrypt the file and send it to Alice . Upon receiving the file, Alice will use her unique private key only accessible to her and decrypt the file to read the contents. Only Mary can decrypt the file since she is the only one that knows the private ke

How does Asymmetric Encryption work? A public key and Private keys are generated randomly using an algorithm, and the keys have a mathematical relationship with each other. A private key, as the names suggests, is basically a randomly generated number that is kept secret and held privately by the users. public key is shared by the sender over network. The key should be longer in length (128 bits, 256 bits) to make it stronger and make it impossible to break the key even if the other paired key is known. The number of possible keys increases proportionally with the key length, and hence cracking it also becomes tougher.

Asymmetric Cryptographic algorithms are typically based on Integer Factorization Problem and Discrete Log Problem. Integer Factorization Problem: it is the decomposition of a composite number into product of smaller integers, which when multiplied together equals the original integer. if these integers are prime numbers then these are known as prime factorization. Example: RSA Algorithm The RSA algorithm is a public-key signature algorithm developed by Ron Rivest, Adi Shamir, and Leonard Adleman.

E xplanation of how RSA works: Key Generation: 1. Select Two Large Prime Numbers (p and q): Choose two distinct large prime numbers, p and q. 2. Calculate n: Compute n by multiplying p and q (n = p * q). 3. Calculate Euler's Totient Function (φ(n)): Calculate φ(n) = (p-1) * (q-1), where φ is Euler's totient function. 4. Select Public Exponent (e): Choose a public exponent (e) such that 1 < e < φ(n) and e is coprime (no common factors other than 1) with φ(n). 5. Calculate Private Exponent (d): Compute the private exponent (d) as the modular multiplicative inverse of e modulo φ(n), i.e., (d * e) mod φ(n) = 1. 6. Public Key (e, n) and Private Key (d): The public key is (e, n), and the private key is (d). The public key is shared openly, while the private key is kept secret.

Working of RSA Algorithm RSA key size to be minimum 2048 bits

Discrete Log Problem: Diffie Hellman algorithm The Discrete Logarithm Problem (DLP) is a mathematical problem associated with finite fields or groups, particularly in the context of modular arithmetic. Diffie-Hellman key exchange is a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel . Example: Let p=11 be a prime number, and g=2 be a primitive root modulo p. If ℎ=8, then the discrete logarithm of 8 with respect to the base 2is 3 because 23≡8(mod11).

E xplanation of how the Diffie -Hellman Key exchange algorithm works: Initialization: Both parties, let's call them Alice and Bob, publicly agree on two parameters: a large prime number p and a primitive root modulo p , denoted as g . Private and Public Keys: Each party generates a private key, which is kept secret, and a public key, which is shared. Alice chooses a private key a and computes her public key A using A = g ^ a mod p . Bob chooses a private key b and computes his public key B using B = g ^ b mod p . Exchange of Public Keys: Alice and Bob exchange their public keys ( A and B ) with each other but keep their private keys secret.

Shared Secret Calculation: Alice calculates the shared secret S using S = Ba mod p . Bob calculates the shared secret S using S = Ab mod p . Result: Both Alice and Bob now have a shared secret key S that can be used for secure communication.

Diffie hellman algorithm Two parties decide on Prime and the Geneator values(Global Value). Generator value to be less than Prime , and primitive root of Prime chosen. Key size to be minimum 2048 bits

Diffie hellman algorithm Example:

E xample : L et’s say that the Prime is 17, Generator value is 4. Once they have mutually decided on these numbers, Alice settles on a secret number (a) for herself, while Bob chooses his own secret number (b). Let’s say that they choose: a = 3 b = 6 a) What are the Public Keys Exchanged? b) Compute the Secret Keys. ANS: a) 13,16 b)16

The Elliptic Curve Digital Signature Algorithm is a Digital Signature Algorithm (DSA) that uses elliptic curve cryptography to generate pair of public and private keys. ECDSA is utilized in many security systems, is popular in encrypted messaging apps, and is the foundation of Bitcoin security (with Bitcoin “addresses” serving as public keys). 2.2.4 Elliptic Curve Digital Signature Algorithm (ECDSA)

Digital signing (left) and verification process (right)

ECDSA Algorithm Steps:

ECC can encrypt data using a 256-bit key that provides the same security level as an RSA encryption method with a 3072-bit key length.

Real-life Applications of Cryptography : Cloud Storage Encryption: Cryptography is employed to secure files stored in the cloud and during transmission to and from cloud services. Encryption/Decryption in Email: Email encryption secures email content from unauthorized access using public key cryptography. Each user has a public and private key pair, with the public key used for encryption, and only the private key can decrypt the message. Encryption in WhatsApp: WhatsApp uses the signal protocol for encryption, combining symmetric and asymmetric key cryptography for confidentiality, integrity, authentication, and non-repudiation.

Module 2onblockchain technologies 2.pptx

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Module 2onblockchain technologies 2.pptx

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Slide 50

Slide 51

Slide 52

Slide 53

Slide 54

Slide 55

Slide 56

Slide 57

Slide 58

Slide 59

Slide 60

Slide 61

Slide 62

Slide 63

Slide 64

Slide 65

Slide 66

Slide 67

Slide 68

Slide 69

Slide 70

Slide 71

Slide 72

Slide 73

Slide 74

Slide 75

Slide 76

Slide 77