Algorithms & Techniques
- Two techniques for securing
- Asymmetric key encryption
- Learning Objectives
Symmetric key encryption
Same key for encryption and decryption
- Easy to derive secret key from encrypted data
- How do you pass the key to the participant transacting?
Public-key is published, private key is kept safe and locked
RSA(Rivest Shamir Adleman)
- Passwordless user authentication,
ECC(Elliptic Curve Cryptography)
- Bitcoin as well as an Ethereum block chain
256 bit ECC key pair is equal in strength to about 3072 bits of RSA key pair
A hash function or hashing transforms and maps an arbitrary length of input data value to a unique fixed length value.
- Algorithm should be one-way function
- Collision free
Most common hash size now is 256 bits
Common functions: SHA-3, SHA-256 and Keccak
Simple hashing and Merkle tree
- Data items are linearly arranged and hashed
- When fixed number of items to be hashed(block header), verifying composite block integrity(not individual item integrity)
Data is at the leaf nodes of the tree, leaves are pairwise hash to arrive at the same hash value as a simple hash
When number of items differ from block to block(Transaction hash, State hash, Receipt hash)
In Ethereum, hashing is used to generate
- Account Addresses
- Digital Signatures
- Transaction Hash
- State Hash
- Receipt Hash
- Block header hash
SHA-3, SHA-256, Keccak-256 are some of the algorithms commonly used by hash generation in blockchains.
To manage the integrity of transaction:
- Secure & Unique account address
- Step 1: 256-bit random number = private key
- Step 2: Elliptic-curve cryptography algorithm applied to private key to generate public key
- Step 3: Hashing applied to public key = account address(20 bytes)
- Authorization of the transaction by the sender through digital signing
- Authorized, Non-repudiable, unmodified
- Verification of the content of the transaction is not modified
- Step 1, find the hash of the data fields of the transaction.
Step 2, encrypt that hash using the private key of the participant originating the transaction. Thus, digitally signing the transaction to authorize and making the transaction non-repudiable.
- Step number 3, this hash just added to the transaction. It can be verified by others decrypting it using the public key of the sender of the transaction, and recomputing the hash of the transaction.
Then, compare the computed hash, and the hash received at the digital signature. If that is a match, accept the transaction. Otherwise, reject it.
Complete transaction verification: the timestamp, nons, account balances, and sufficiency of fees.
- Main components of Ethereum block
- Block Header
- Transaction Hash
- Transaction Root
- State Hash
- State Root
- Integrity of the block
- Block header contents not tampered with
- Transactions not tampered with
- State transitions are computed, hashed and verified
An efficient way to detect tampering and validate the transaction
- Merkle tree
- Only the hash of the chained states from block to block have to be re-computed
- If any transaction is to be verified, only one path to the tree has to be checked.
Block hash in Ethereum is computed by first computing the state root hash, transaction root hash and then receipt root hash.
Purposes bock hash
Verification of the integrity of the block and the transactions
Formation of the "chain link" by embedding the previous block hash in the current block header