CSE1006 Module 1

CSE1006 – Blockchain and Cryptocurrency Technologies
MODULE - 1
Introduction to Cryptography &

Cryptocurrencies
Dr. Jayanthi.R
Content
• Cryptographic Hash Functions,
• Hash Pointers and Data Structures,
• Digital Signatures,
• Public Keys as Identities,
• A Simple Cryptocurrency
Introduction to Blockchain
3
4
• Satoshi Nakamoto published a whitepaper on 31st

October 2008 Bitcoin: A Peer-to-Peer Electronic cash
system.
• The invention of the blockchain for bitcoin made it the
first digital currency to solve the double spending
problem without the need for a trusted authority or
central server.
5
6
Satoshi Nakamoto improved the architecture by adding blocks to
the initial chain without requiring the blocks to be signed by
trustworthy parties.
What is the Blockchain?
• A blockchain is a Distributed Ledger is a database
that allows direct transactions between two parties
without a central authority.
• The database is shared across networks and spread
across multiple sites such as institutions, bank
marketplaces, etc...
• A Distributed Ledger of Transactions, stored as
Immutable Blocks that are connected to one another
hence forming a Chain, the Validity of which has been
agreed upon by Peers on a Decentralized network
secured by Cryptography 7
8
• Blockchain is a list of records called blocks that

store data publicly and in chronological
order.
• The information is encrypted using
cryptography to ensure that the privacy of
the user is not compromised and data cannot be
altered.
• The information is stored and managed in a
decentralized manner hence no central
authority is the sole decision maker.
• Instead, most decisions are based on a
consensus of all the participating nodes of
the network spread all over the world.
9
Why do we need blockchain?
Bring Trust:
• To establish trust between ourselves, we depend on
individual third parties such as banks, land registries,
government, etc.
Decentralization:
• Chances of error, mistakes, and corruption can
happen in centralized control systems.
Remove Middle Man:
• They always come with somewhat risk and cost.
10
Digital timestamp
Bitcoin
11
Bitcoin ecosystem
• A public network in which anyone, including
a malicious participant, can participate
without restriction.
• Even though it is not organized by a central

authority, it works!
12
Few Definitions
Transaction:
Transfer of something from A to B
Miners:
Burns energy to create blocks gets rewarded by Block
Reward + transaction fees.
Block Reward:
New coins created with each block, go to the miner.
Transaction Fees:
A small percentage of the transaction value goes to the
miner.
13
What is a block?
• Bundle of Transactions.
• Contains previous block hash.
• All blocks are linked using their hash.
• Data can’t be changed in one block without breaking the
chain.
What is Node?
• A node refers to a client, which owns the block.
• A copy of the ledger operated by a participant of the
blockchain network.
• It contains one or more than one accounts.
• Miner(Account) mines on the specific node to whom they
belong.
14
Features of the Blockchain
• Better Security - Blockchain operates on a well-
distributed network of nodes, hence data at all times
is circulated through not one but multiple nodes, which
makes sure that even if one node is hacked or faulty in
any way the integrity of the original data
• Immutability - Creating immutable ledgers is one of
the main values of Blockchain. once the transaction
blocks get added to the ledger, no one can just go back
and change it. Thus, any user on the network won’t be
able to edit, delete or update it.
• Faster Settlement
15
Decentralized System
• Decentralized technology gives you the power to store
your assets in a network without the oversight and control
of a single person organization or entity.
• Ie: A decentralized system has no centralized control,
and each node has equal authority.
• The following are some of the benefits of decentralized
systems:
✓ They are more stable and fault resistant since they do not
have a single point of failure.
✓ If a client (node) detached from the server, it doesn’t have
any effect on other clients of the server.
✓ Each client manages their own transaction copy, and they
are responsible for their own security. So, there is no
single point to attack, the system is more secure.
16
Decentralized System
Ie: Two entities want to perform a transaction, it could be financial, like

payment, or it could be exchanged with goods or any other product. A
copy of this transaction is distributed to all members of this peer-to-peer
network.
17
Uses of decentralization
a. Less Failure: Since a lot of actions on a blockchain are
automated and do not involve much human oversight
there is less probability of failures or errors.
b. User Control: With decentralization, users now have
control over their properties. They don’t have to rely on
any third party to maintain their assets. All of them can
do it simultaneously by themselves.
c. No single point of failure: The decentralized system
makes it such that every database is stored in a large
number of nodes spread all across the globe there is no
single point of failure, hence even if one computer is
compromised the blockchain will be safe.
18
d. No intermediaries: Decentralised nature of the
technology makes it a system that doesn’t rely on third-
party companies which further reduces additional costs
and risks.
e. Zero Scams: As the system runs on algorithms, there is
no chance for people to scam you out of anything. No one
can utilize blockchain for personal gains.
f. Transparency: The decentralized nature of the
technology allows a transparent profile of every
participant. Every change on the blockchain is visible
which makes it more reliable.
g. Authentic: The system can be designed in a way that is
unique for every kind of person. And hackers will have a
hard time cracking it.
19
Consensus - The "Consensus" is a kind of validation
• Consensus for blockchain is a procedure in which the
peers of a Blockchain network reach an agreement
about the present state of the data in the network.
• Consensus establishes reliability and trust in the
Blockchain network
• Consensus is a decision-making process for the group of
nodes that is active on the network.
20
Distributed Ledger
• Distributed ledgers are databases shared across a
network and spread over various geographical
locations.
• A ledger is a collection of financial accounts and, in
such a case, distributed means spread out and
controlled globally.
• Thus, distributed ledgers are held and reorganized by
multiple parties in different locations and institutions.
21
Distributed Ledger
• Distributed ledgers are databases shared across a
network and spread over various geographical
locations.
• A ledger is a collection of financial accounts and, in
such a case, distributed means spread out and
controlled globally.
• Thus, distributed ledgers are held and reorganized by
multiple parties in different locations and institutions.
22
23
HOW MIGHT A DISTRIBUTED LEDGER WORK?
24
The Power Of Distributed Ledger
25
How blockchain works

Blockchain = (DL + CP + C), where DL= Distributed
Ledger, CP= Consensus Protocols, C= Cryptography
26
27
What is „double spending“ and how it works?

• Double spending“ means spending the same money
twice.
• Let’s explain it with a simple example -Imagine the
following situation:
• “You go to a restaurant and order, let’s say, a lunch
worth 20 USD. That 20 USD is now in the cash vault of
the restaurant. You simply cannot get the money back
and spend the same money somewhere else to buy
anything else.
• The payment was made in cash i.e. with physical money, which is
different than if you used bitcoin, i.e. digital currency.
• The fact that bitcoin is digital allows the transactions to be
copied and rebroadcasted.
28
Example
29
How is this even possible?

• In our example shown above, the payment was confirmed
almost instantly because you paid in cash.
• But with digital currency, it’s different.
• If the verification mechanism is missing it can lead to
double spending.
• If there is not any mechanism for verification of the
payments, anyone can copy that digital money and pay at
the same time somewhere else.
• Bitcoin solves the problem of being copied and getting
spent twice efficiently.
Let’s see why this solution is so unique.
30
How is bitcoin managing the double spending problem?

• Easy. By maintaining a universal ledger and
implementing a confirmation mechanism called
Blockchain.
31
A method used by bitcoin to handle the risk of double

spending
• About every 10 minutes, a block (i.e. a group of
transactions) is added to the ledger (blockchain).
• So, the above-mentioned blockchain technology
prevents the double spending problem.
• Let’s see how the bitcoin network prevents the risk of
double spending.
Imagine that you own 1 BTC (bitcoin) and want to spend it twice
i.e. make two transactions simultaneously.
• You make transactions from your wallet to two other wallets. You
assume that having 1 bitcoin in your wallet and executing the
transactions simultaneously both transactions should go through,
don’t you? Well, at first it does go through, but one of the
transactions will be invalid. 32
Bitcoin: A Decentralized Solution for the Double Spending

Problem
Step 1:
• Create a bitcoin wallet as the first step (a one-time effort).
• To send or receive bitcoins, one must first construct a bitcoin
wallet.
• A bitcoin wallet contains two types of data: a private key and a
public key.
• The private key is a secret number that enables the owner to
send bitcoins to another user.
• To receive bitcoins, you'll need to know your public key.
• A bitcoin address is also known as a public key (not entirely
true, but for simplicity, we will assume that the public key and
the bitcoin address are the same). The Bitcoin blockchain
stores information on bitcoin balances.
33
Step 2:
To make a bitcoin transaction, follow the steps below.
• If Alice wishes to send 1 BTC to Bob, she must first connect to
her bitcoin wallet using her private key and initiate a
transaction with the number of bitcoins she wants to send and
the address she wants them sent to (in this case, Bob's public
address).
Step 3:
• Publish the transaction on the Bitcoin network.
• Alice must broadcast the bitcoin transaction to the whole
Bitcoin network after she has created it
Step 4: Confirm that the transaction is complete.
A miner listening to the Bitcoin network authenticates the
transaction with Alice's public key, confirms that Alice has enough
bitcoins in her wallet (in this case at least 1 BTC), and adds a new
record to Bitcoin's Blockchain with the transaction details
34
Step 5:
• All miners should be notified of the blockchain modification.
• Once the transaction has been validated, the miner should
broadcast the blockchain change to all other miners to ensure that
their copies of the blockchain are all up to date.
35
36
Back End
• C++, Java, and Python for coding
• Database: Blockchain itself is a distributed
Ledger database.
37
38
What makes blockchain so secure?

• Blockchain technology refers to a digital ledger (or
database) distributed on a network that operates
without a central authority.
• It relies on a peer-to-peer network, instead of a central
authority for the decision-making process.
• The name blockchain is made using two words –
block & chain.
• The name blockchain is made using two words – block &
chain.
• A block is a collection of data, alias data records, and
the chain refers to a public database of these blocks, stored
as a list.
• These lists are linked together using cryptography, which makes
them highly secure and tamper-resistant..
39
40
Introduction to Cryptography
Cryptography in Blockchain
• Blockchain security is built on two concepts
i.e., Cryptography and Hashing.
• Cryptography is the method of securing important
data from unauthorized access.
• In the blockchain, cryptographic techniques are a
part of security protocols.
• It secures a transaction taking place between two
nodes in a blockchain network.
• As we know, blockchain technology is based on three
main pillars;
1. Distributed ledger,
2. Peer-to-peer networks, and
3. Cryptographic security.
41
• We can break down the word cryptography into two

parts; Crypto meaning “hidden” and Graphy meaning
“writing”.
• Therefore, cryptography is a method of converting
plaintext into unreadable coded text.
• Two main concepts behind cryptography
are Encryption and Decryption.
• Encryption is coding information in such a way that
you and I cannot understand what it means just
by looking at it.
• Decryption is the reverse of encryption, i.e.
decoding of the coded information.
42
• The encrypted text or information is also known

as ciphertext.
• And this ciphertext is deciphered through specific
techniques known as a cipher (steps of encoding).
• Therefore, cryptography is a security method that
secures a transition or exchange of information
between two nodes and prevents from third-party
intervention.
Let’s review some terms related to cryptography :
1. Encryption: Process of converting plaintext to a ciphertext (random
sequence).
2. Decryption: Conversion of ciphertext to plain text; the inverse of
the encryption
3. Cipher: This is the cryptographic algorithm that was used in
encryption
43
Key Cryptography
• Key encryption or cryptography is a method of
securing a point-to-point transition using a key.
• This key is a unique series of numbers and letters
which is like a password used to facilitate a transaction
between two parties.
1. Symmetric Key / Secret-Key Cryptography: Popular
encryption method that involves a single key used
in both encryption and decryption.
2. Asymmetric Key / Public Key Cryptography: This
method involves a pair of keys, a public key (for
encryption), and a private key (for decryption). Both
keys are generated using the same algorithm.
44
45
Understanding symmetric key encryption

• This is a basic form of encryption that focuses on using similar
keys for encryption and decryption.
• Used in IT security services like hard drives and HTTPS
websites.
• The use of similar keys is also referred to as secret key
cryptography.
46
Understanding Asymmetric key encryption

• This is really important in blockchain and is also
referred to as public key cryptography as it involves
a set of 2 keys one each for the encryption and
decryption processes.
• The public key can be shared publicly to allow easy
and feasible data encryption,
• while the private key has to be kept a secret so that
unauthorized persons do not get access to the
decrypted data.
• Two applications of Asymmetric cryptography
are Public Key Encryption and Digital Signatures.
47
BLOCK
• Block is a set of validated transactions pointing
to the next block in the Blockchain or termed the
container data structure.
• It is stored at each of the nodes. Each block
contains three items:
(i) Header
(ii) Set of transactions
(iii) Hash pointer to the previous block
Header-
• Blocks contain a block header, which contains the
metadata about the block that helps in verifying
the validity of a block
48
BLOCK
Block contains
✓ vermetadatasion - the current version of the block
structure
✓ previous block header hash - the reference to this
block's parent block. Every block N contains the Hash
value of Block N
✓ merkle root hash - a cryptographic hash of all the
transactions included in this block. This data structure
summarizes the transactions in the given block
✓ time - the time that this block was created
✓ nonce ("number used once") - a random value that the
creator of a block is allowed to manipulate and choose
• These 5 fields constitute the block header.
• The rest of a block contains transactions that the
miner has chosen to include in the block that they created.
49
VISUAL REPRESENTATION OF A BLOCK
50
51
52
Note: The Genesis Block, also known as Block 0, is the very first
block upon which additional blocks in a blockchain are
added.
53
54
55
56
57
58
59
EXAMPLES
60
61
THE STRUCTURE OF BLOCK IN THE BLOCKCHAIN
62
CRYPTOGRAPHY IN BLOCKCHAIN TECHNOLOGY
63
CRYPTOGRAPHIC HASH FUNCTION.
What is a Hash?
• Hash is a hexadecimal code that used SHA-
256 (Secure Hashing Algorithm 256).
• Hashing means mapping data into a hash
table with the help of a hash function.
• Hash is used as an index to store the
original numerical data in a data structure
named a hash table.
• A Hash table is a data structure that stores
the data in an associative manner where each
value has its own individual index.
64
• There are numerous hash functions designed in order

to map the data into a hash table.
• While mapping the data into a hash table, there is a chance
that two data elements have the same key in this case
collisions occur
65
• A hash function is a mathematical function with the
following 3 properties :
• Its input can be any string of any size.
• It produces a fixed-sized output(256 bits)
• It is efficiently computable
• Blockchain uses a Cryptographic Hash Function
• Cryptographic hash function in Blockchain is a way to
secure the message block and is used to connect
the blocks in a chain.
• In the blockchain, each block contains its own block
hash and a hash of its previous block. Which helps
them to form a cryptographically secured linear
chain of blocks.
• Cryptographic hash functions generate a fixed-length
character string from data records of any length. A data
record can be a word, a sentence, a longer text, or an entire
66
file.
67
Blockchain and Hashing

• Blockchain uses hashing for providing Data Integrity.
• In Blockchain Networks, Public Key Cryptography is
useful in creating a secured Digital reference about
the identity of users.
• Secured digital reference includes "who owns what"
and "who is who" in the P2P network.
• This identity is more important in Public Blockchain.
• Hashing in Cryptocurrency networks is used for the
following purposes:
✓ Encoding the Wallet address
✓ Encoding the Wallet transactions
✓ Verifying the wallet balances
✓ Proof of Work
68
For a hash function to be cryptographically secure,

we required the following three additional properties
1. Collision free - This means that no two input hashes
should map to the same output hash.
2. They can be hidden. - It should be difficult to guess
the input value for a hash function from
its output.
3. Puzzle friendliness
• It should be difficult to select an input that
provides a pre-defined output.
• Thus, the input should be selected from a
distribution that's as wide as possible
69
Property 1: Collision Resistance / Collision Free
• A collision occurs when two distinct inputs produce the same
output.
• Ie: A collision happens when given two different input produces
the same output by the Hashing function
• A hash function H(·) is collision-resistant if
nobody can find a collision.
Collision:
Formally:
For x, y e Input and H(x), H(y) e Output => x!=y & H(x)=H(y)
• Collisions are inevitable (expected) if the Hash function is not
injective.
• Most of the time Hash functions are not injective, so there is
always a probability to collision happens
70
Property 1: Collision Resistance / Collision Free
• The above figure shows the Hash Collision.

• Ie: x and y are distinct values, when input into hash function H
produce the same output.
71
• The input space to the hash function contains “all
strings of all lengths” but the output space contains
only strings of a specifically fixed length.
•
72
• The input space is larger than the output space.
• Ie: the input space is infinite, while the output space is
finite, there must be input strings that map to the
same output string.
• From the above fig, the “number of inputs exceeds the

number of outputs”, we are guaranteed that there must be at
least one output to which the hash function maps more than
one input.
73
74
Inevitability of collisions
• Consider the following simple method for finding a
collision for a hash function with a 256-bit output size:
• pick 2^256 + 1 distinct values, compute the hashes of
each of them and check whether any two outputs are
equal.
• Since we picked more inputs than possible outputs, some
pairs must collide when applying the hash function.
• Consider, the following hash function:
• This function meets our requirements of a hash

function as it accepts inputs of any length, returns a
fixed-sized output (256 bits), and is efficiently
computable. 75
• But this function also has an efficient method for
finding a collision.
Overview of Some Well-known Hash Functions
Division Method
• The division method is one of the easiest and simple hash
functions, in which we perform modulo of element (E) with the
size of a hash table (N) to obtain the key. So, the hash function
is as follows,
• Let N=7, and the elements are as follows: 26,3,11,8,47
• K(26) = 26 mod 7 = 5
• K(3) = 3 mod 7 = 3
• K(11) = 11 mod 7 = 4
• K(8) = 8 mod 7 = 1
• K(47) = 47 mod 7 = 5
• After mapping the data, the hash table is as follows: 76
• From the above it is clear that at index 5, there is a collision. So,
the best choice of N is the nearest prime number greater than
N.
77
Application: Message Digests
• Values returned by a hash function are called the message
digest(MD) or simply hash values.
• The following picture illustrated the hash function.
• MD5 was a most popular and widely used hash function for quite
78
some years.
Application: Message Digests
What is MD5?
• MD5 (message-digest algorithm) is a cryptographic protocol
used for authenticating messages as well as content
verification and digital signatures.
• MD5 is based on a hash function that verifies that a file you sent
matches the file received by the person you sent it to.
• The MD family comprises of hash functions MD2, MD4, MD5
and MD6. It was adopted as Internet Standard RFC 1321. It is a
128-bit hash function.
• MD5 digests have been widely used in the software world to
provide assurance about the integrity of a transferred file.
• In 2004, collisions were found in MD5. An analytical attack
was reported to be successful only in an hour by using a computer
cluster.
• This collision attack resulted in compromised MD5 and hence it79is
no longer recommended for use.
Application: Message Digests - Example
• Consider SecureBox, an authenticated online file storage system
that allows users to upload files and ensure their integrity when
they download them.
• Suppose that Alice uploads really large files, and she wants to be
able to verify later that the file she downloads is the same as the
one she uploaded.
• One way to do that would be to save the whole big file locally and
directly compare it to the file she downloads. While this works, it
largely defeats the purpose of uploading it in the first place;
• if Alice needs to have access to a local copy of the file to ensure its
integrity, she can just use the local copy directly.
80
HOW DOES THE HASH FUNCTION WORK?
• The hash function accepts variable-length inputs and returns
fixed-length outputs.
• Transactions are used as inputs in cryptographic hash functions,
and the hash algorithm produces a fixed-size output.
• The figure below illustrates how hashes work
81
HOW DOES THE HASH FUNCTION WORK?
• If we only focus on the SHA-256 hash value of the above-
mentioned text value then it is it
“5eff5ed15fe083a69bdfa7b40a28928602cd1d622adc4fdad5305b7
a29c0f199”
• SHA-256 is a very famous hash function, it stands for Secure
Hashing Algorithm which produces 256bit of hash, which is a
collision, preimage, and second preimage resistant. This
secured hash function is also used in Bitcoin Blockchain.
• Hash is totally case-sensitive so if you alter a single letter it will
change the whole hash value.
• If we calculate the hash for “hello world, this is a hash
function” then the resulting SHA-256 hash value will be –
“f6fe4a652671717ac3717431ddb407a61b3a7a04c126e5c24528f025
6b882b17”
82
CODE TO PRODUCE SHA-256 HASH
83
OTHER APPLICATION
84
PROPERTY 2: HIDING
• The hiding property declares that if we’re given the output of the
hash function y = H(x), there’s no feasible way to figure out what
the input, x, was.
• The problem is that this property can’t be true in the form stated.
• Consider the following simple example:
✓ Let’s say we throw a dice; input will always be either tails or head.
✓ If the result of the coin flip was heads, we’re going to announce the
hash of the string “heads.”
✓ If the result was tails, we’re going to announce the hash of the
string “tails.”
✓ So it is easy to identify input (call it x). But if we throw a dice along
with a particular playing card, then it becomes very difficult to
find the input, if the output is given in the experiment.
✓ In the same fashion, we do this to the hash function to incorporate
hiding property in them 85
PROPERTY 2: HIDING
86
PROPERTY 2: HIDING
• “r || x” stands for “r concatenated with x”
• Hiding. A hash function H is said to be hiding if when a secret
value r is chosen from a probability distribution that has high min-
entropy, then, given H(r ‖ x), it is infeasible to find x.
• If y = H(x|r) & given y to a hacker/thief, then it is very

difficult to find x
87
PROPERTY 2: HIDING
• Here x is the input, and r is some arbitrary number.
• (x|r) is called concatenating(mixing) x with r &
H(x|r) is hash of x and r. This is the hiding property.
• In information theory, min-entropy is a measure of how
predictable an outcome is, and high min-entropy
captures the intuitive idea (spontaneous) that the
distribution (i.e., of a random variable) is very spread
out.
88
APPLICATION: COMMITMENTS
89
• To use a commitment scheme, we first need to generate a
random nonce /key.
• We then apply the commit function to this nonce/key together
with msg , the value being committed to, and we publish the
commitment com .
• This stage is similar to putting the sealed envelope on the table. At
a later point, if we want to reveal the value that they committed to
earlier.
• We publish the random nonce /key that we used to create this
commitment, and the message , msg . Now, anybody can verify
that msg was actually the message committed to earlier. This stage
is similar to opening up an envelope.
90
91
Commitments Schemes & Identification /Authentication
Bob. Alice. – Role player. Example: Alice and Bob must agree on who
will clean tonight. They are at their offices. Each tosses a coin & they
call it. If tosses are the same, then Alice cleans
92
Commitment Schemes
93
Commitment Schemes
94
Commitment Schemes
95
Commitment Schemes
96
PUZZLE FRIENDLY
A hash function H is said to be puzzle friendly if for every possible n-
bit output value y if k is chosen from a distribution with high min-
entropy, then it is infeasible to find x such that H(k || x) = y, in
time significantly less than 2n.
Ie:
97
PUZZLE FRIENDLY
Application: Search puzzle
98
Secure Hash Algorithm (SHA)
• Here we will see the design of SHA-256
• Used in Bitcoin and Ethereum, respectively.
Design of SHA-256
• SHA-256 has an input message size < 264 bits.
• Block size is 512 bits, and it has a word size of 32 bits.
• The output is a 256-bit digest.
• The compression function processes a 512-bit message
block and a 256-bit intermediate hash value.
• There are two main components of this function: the
Compression Function and a Message Schedule.
99
General Construction of a Secure Hash Function
100
General Construction of a Secure Hash Function
101
The algorithm works as follows, in Eight steps:
1. Preprocessing:
1. Padding of the message is used to adjust the length of a
block to 512 bits if it is smaller than the required block size
of 512 bits.
2. Parsing the message into message blocks, ensures that the
message and its padding are divided into equal blocks of
512- bits.
3. Setting up the initial hash value, which consists of the
eight 32-bit words obtained by taking the first 32-bits of
the fractional parts of the square roots of the first eight
prime numbers. These initial values are randomly chosen
to initialize the process, and they provide a level of 102
2. Hash computation:
4. Each message block is then processed in a sequence, and
it requires 64 rounds to compute the full hash output. Each
round uses slightly different constants to ensure that no two
rounds are the same.
5. The message schedule is prepared.
6. Eight working variables are initialized.
7. The intermediate hash value is calculated.
8. Finally, the message is processed, and the output hash is
produced
103
Design and Working of Hashing Algorithms
The data block size (s) differs from one algorithm to another.
• But for a particular algorithm, it remains the same.
For example,
• SHA-1 takes in the message/data in blocks of 512-bit only.
• if the message is exactly 512-bit in length, the hash function runs
only once (80 rounds in the case of SHA-1)
• Similarly, if the message is 1024-bit, it’s divided into two blocks of
512-bit and the hash function is run twice
• However, 99% of the time, the message won’t be in the multiples
of 512-bit.
• A technique called Padding is used for such cases (almost all
cases).
• The entire message is divided into fixed-size data blocks using a
padding technique.
• The hash function is repeated as many times as the number of
data blocks. 104
As shown above, the blocks are processed one at a time.
• The output of the first data block is fed as input along with the second
data block.
• Consequently, the output of the second is fed along with the third block,
and so on.
• Thus, making the final output the combined value of all the blocks.
• If you change one bit anywhere in the message, the entire hash value
changes.
• This is called ‘the avalanche effect’. 105
Padding and Length Field in SHA-512
106
Padding and Length Field in SHA-512
107
SHA Versions
SHA‐256.
• There are lots of hash functions, but this is the one
Bitcoin uses primarily, and it’s a good one to use.
• It’s called SHA‐256.
108
Security Hash Function Properties
• Arbitrary-length message to fixed-length digest
• Preimage resistant (One-way property)
• Second preimage resistant (Weak collision
resistant)
• Collision resistant (Strong collision resistance)
109
Fixed Length Output (Hash Value)
• A hash function converts data of arbitrary length to a
fixed length. This process is often referred to as hashing
the data.
• In general, the hash is much smaller than the input
data, hence hash functions are sometimes called
compression functions.
• Since a hash is a smaller representation of larger data, it
is also referred to as a digest.
• Hash function with n-bit output is referred to as an n-
bit hash function.
• Popular hash functions generate values between 160 and
512 bits.
110
111
Pre-image resistance (One way property)
• This property means that it should be computationally hard to
reverse a hash function.
• In other words, if a hash function h produced a hash value z, then
it should be a difficult process to find any input value x that
hashes to z.
• This property protects against an attacker who only has a hash
value and is trying to find the input.
• It is computationally infeasible to invert a hash function (find an
input that hashes to the given output). The following is not
possible.
112
Pre-image resistance (One way property)
113
Second pre-image resistance
• It is computationally infeasible to find a second input
that hashes to the same output as the given input. e.g.,
Given h(Cat) = AB38DA, it is computationally very hard
to find another input that maps to the same output
• This property means that given an input and its hash, it
should be hard to find a different input with the same
hash.
• In other words, if a hash function h for an input x
produces the hash value h(x), then it should be difficult
to find any other input value y such that h(y) = h(x).
114
• This property of the hash function protects against an
attacker who has an input value and its hash and wants
to substitute different value as valid value in place of
original input value.
115
Collision Resistance
• This property means it should be hard to find two
different inputs of any length that result in the same
hash. This property is also referred to as a collision-free
hash function.
• In other words, for a hash function h, it is hard to find
any two different inputs x and y such that h(x) = h(y).
• Since, the hash function is compressing function with a
fixed hash length, it is impossible for a hash function
not to have collisions. This property of collision-free
only confirms that these collisions should be hard to
find.
• This property makes it very difficult for an attacker to
find two input values with the same hash.
• Also, if a hash function is collision-resistant then it 116
is
second pre-image resistant.
Information about MD5
• It is widely used in cryptographic hash functions
• Message is processed in 512 bits (16*32 bit Words) block. Ex:
if the message is M then blocks are {m0,m1,m2…. M15} of
32bits
• Digest is a 128-bit quantity i.e. 4* 32-bit words having the
predefined hex constant value.
Ex digests : d0=67543201,d1= efcdab89, d2=85bacade,
d3=10325476
• It makes 4 passes over each message word.
• Every pass has a specific function to blend on the message
digest
• Each word of the processed message digest is added to the
pre-stage value(constant) to obtain the post-stage value.
• This post-stage value will be the pre-stage value for the next
stage
• The final result is the Message Digest of the entire message. 117
Merkle‐Damgard transform
What is Merkle Damgard transform?
• In cryptography, the Merkle–Damgård construction or Merkle–
Damgård hash function is a method of building collision-
resistant cryptographic hash functions from collision-
resistant one-way compression functions. This construction
was used in the design of many popular hash algorithms such as
MD5, SHA-1, and SHA-2.
• There’s a generic method to convert into a hash function that
works on arbitrary‐length inputs. It’s called the
Merkle‐Damgard transform .
• SHA‐256 is one of a number of commonly used hash functions
that make use of this method.
• The fixed‐length collision‐resistant hash function is called the
compression function. It has been proven that if the
compression function is collision-resistant, then the overall hash
function is collision-resistant as well. 118
• The compression function takes inputs of length m and
produces an output of a smaller length n .
• The input to the hash function, which can be of any size, is
divided into blocks of length m‐n .
The construction works as follows:
• Pass each block together with the output of the previous
block into the compression function. Notice that the input
length will then be ( m‐n ) + n =m , which is the input
length of the compression function.
• For the first block, to which there is no previous block
output, we instead use an Initialization Vector (IV) .
• This number is reused for every call to the hash function,
and in practice, you can just look it up in a standards
document.
• The last block’s output is the result that you return. 119
• SHA‐256 uses a compression function that takes 768‐bit input
and produces 256‐bit outputs.
• The block size is 512 bits.
• Figure below shows a graphical depiction of how SHA‐256 works
• SHA‐256 uses the Merkle‐Damgard transform to turn a

fixed‐length collision‐resistant compression function into a
hash function that accepts arbitrary‐length inputs.
• The input is “padded” so that its length is a multiple of 512 bits.
120
Hash Pointers and Data Structures
Hash Pointers
• A hash pointer is a pointer to where data is stored together with
a cryptographic hash of the value of that data at some fixed
point in time.
• if we have a hash pointer, we can ask to get the info back and
verify that the info hasn’t changed.
key idea:
• build data structures with hash pointers
121
• We can use hash pointers to build all kinds of data structures.
• We can take a familiar data structure that uses pointers such as a
linked list or a binary search tree and implement it with hash
pointers, instead of pointers as we normally do.
A blockchain is a linked list that is built with hash pointers
instead of pointers.
• In the above fig, we built a linked list using hash pointers.

• We’re going to call this data structure a blockchain . 122
• In a regular linked list, you have a series of blocks,
✓ Each block has data as well as a pointer to the
previous block in the list.
✓ In a blockchain, the previous block pointer will be
replaced with a hash pointer.
• So each block not only tells us where the value of the
previous block was, but it also contains a digest of that
value that allows us to verify that the value hasn’t
changed.
• In a Blockchain, nodes are referred to as a block, so we
will use the same convention.
• The Head hash pointer will point to the latest block
added to the Blockchain.
123
• In the above fig three latest blocks are shown. The latest block
(B3) can be located using Head.
• B2 was added just before B3 so B3 will store a pointer to it, and
also the hash of the contents of B2.
• Each block in a Blockchain will have
✓ Pointer to the block added just before it (previous block)
✓ Hash of all the contents stored on the previous block
(the one added just before it)
✓ Some data that needs to be stored (in case of bitcoin
multiple transactions)
• Any new blocks will be added next to B3 and will store pointers124
The structure of the block in the blockchain
125
How is this tamper-proof ?
use case: A use case for a blockchain is a
tamper‐evident log
• That is, we want to build a log data structure that
stores a bunch of data, and allows us to append data
onto the end of the log. But if somebody alters data
that is earlier in the log, we’re going to detect it.
• Let’s say some adversaries(Bob) want to change the
data in this leftmost block in the picture. But if the data
in that block is changed, the hash pointer of the
middle block will be invalid.
126
How is this tamper proof ?
• Now to make that hash valid
✓ one will need to update the hash of B1 stored in B2
✓ but since it will change the make hash in B3 invalid
✓ If we change B3 it will make the head hash invalid
• One thing you need to keep in mind is that when a hash
is calculated for a block it would include all the
contents of that block.
• For example, the hash in B3 will be the hash of
everything in B2 (i.e. B2's hash, pointer, as well as the
data).
127
Merkle Tree
• Another useful data structure that we can build using
hash pointers is a binary tree.
• A binary tree with hash pointers is known as a Merkle
tree after its inventor, Ralph Merkle
• Merkle trees enable secure and efficient verification of
large datasets
• Merkle trees are hash-based data structures used to
validate large amounts of data in an efficient
manner.
• This data structure is used to solve the previously time-
consuming and computationally expensive problem of
keeping data consistent across multiple computers.
• Prominent uses of a Merkle tree - and its variations in peer-to-
peer networks such as Bitcoin, and Ethereum. 128
Merkle Tree Diagram
• A Merkle tree is a binary tree in which the
inputs are first placed at the leaves (node
with no children), and then the values of
pairs of child nodes are hashed together
to produce a value for the parent node
(internal node) until a single hash value
known as Merkle root is achieved.
129
Merkle Tree Diagram
A diagram of the Merkle tree is shown here.
130
MerkleTree Example
131
MerkleTree Diagram
132
The uses of Merkle tree in blockchain
133
Proof of Membership
• If there are n nodes in the tree,
only log(n) items need to be
shown.
• Each step just requires
computing the hash of the child
block, it takes about log(n) time
for us to verify it.
• Even if the Merkle tree contains
a large number of blocks, we can
still prove membership in a
relatively short time.
• Verification runs in time and
space that’s logarithmic in the
number of nodes in the tree. 134
Advantages of Merkle trees
• Use hash pointers in any pointer-based data structure

that has no cycles
135
DIGITAL SIGNATURES
• A digital signature is supposed to be the digital analog to
a handwritten signature on paper.
• Digital signatures are used to provide data origin
authentication and non-repudiation.
• We desire two properties from digital signatures that
correspond well to the handwritten signature analogy.
• First, only you can make your signature, but anyone
who sees it can verify that it’s valid.
• Second, we want the signature to be tied to a particular
document so that the signature cannot be used to
indicate your agreement or endorsement of a different
document.
• For handwritten signatures, this latter property is similar to
ensuring that somebody can’t take your signature and snip136it
off one document and glue it to the bottom of another one.
DIGITAL SIGNATURES
What do we want from signatures?
137
DIGITAL SIGNATURES
• Digital signatures are used in blockchain where
the transactions are digitally signed by senders
using their private key before broadcasting the
transaction to the network.
• This digital signing, proves they are the rightful
owner of the asset, for example, bitcoins.
• These transactions are verified again by other
nodes on the network to ensure that the funds
indeed belong to the node (user) who claims to
be the owner.
138
DIGITAL SIGNATURES SCHEME
• Digital signature scheme. A digital signature
scheme consists of the following three
algorithms.
139
• API(Application Programming Interface) for
digital signatures
140
Requirements for signatures
141
142
Example: Simple Cryptocurrency
There are two rules for a simplified cryptocurrency:
1. A designated entity can create new coins whenever it
wants and those newly created coins belong to the entity.
2. Second rule is whoever owns a coin can transfer it on to

someone else. Transferring is done using cryptographic
operations.
• Bank creates a statement "Pay this to Bank2", where "this" is a
hash pointer that references the coin.
• Bank2 refers to Bank2 public key.So Bank1 signs the coin Once
the data structure signed by Bank1 exists, Bank2 owns the coin.
143
Two properties of Digital signature
• The first property is straightforward — that a
valid signature must verify.
• If I sign a message with sk , my secret key, and
someone later tries to validate that signature over
that same message using my public key, pk ,
the signature must validate correctly.
• This property is a basic requirement for signatures
to be useful at all.
144
Basic Diagram of Digital signature
145
Unforgeability game
• The adversary and the challenger play the unforgeability game.
• If the attacker is able to successfully output a signature on a
message that he has not previously seen, he wins.
• If he is unable, the challenger wins and the digital signature
scheme is unforgeable.
146
Unforgeability game
Property: 1
• The first property is straightforward
• Valid signatures must be verifiable. If I sign a
message with sk, my secret key, and someone
later tries to validate that signature over that
same message using my public key, pk, the
signature must validate correctly.
• This property is a basic requirement for
signatures to be useful.
147
Unforgeability game
Property: 2
• Unforgeability. The second requirement is that it’s
computationally infeasible to forge signatures.
• That is, an adversary who knows your public key and
sees your signatures on some other messages can’t forge
your signature on some message for which he has not
seen your signature.
• This unforgeability property is generally formalized in
terms of a game that we play with an adversary.
• The use of games is quite common in cryptographic
security proofs.
148
Cryptocurrency
• In this section, we’ll discuss two very simple
cryptocurrencies.
Goofycoin
• There are just two rules of Goofycoin.
• The first rule is that a designated entity, Goofy, can create
new coins whenever he wants and these newly created coins
belong to him.
• To create a coin, Goofy generates a unique coin ID
uniqueCoinID that he’s never generated before and constructs
the string CreateCoin [uniqueCoinID].
• He then computes the digital signature of this string with his
secret signing key.
• The string, together with Goofy’s signature, is a coin.
• Anyone can verify that the coin contains Goofy’s valid signature
of a CreateCoin statement and is therefore a valid coin. 149
Cryptocurrency
• The second rule of Goofycoin is that whoever owns
a coin can transfer it to someone else.
• Transferring a coin is not simply a matter of sending
the coin data structure to the recipient—it’s done using
cryptographic operations.
To summarize, the rules of Goofycoin are:
• Goofy can create new coins by simply signing a statement that
he’s making a new coin with a unique coin ID.
• Whoever owns a coin can pass it on to someone else by signing a
statement that says, “Pass on this coin to X” (where X is
specified as a public key).
• Anyone can verify the validity of a coin by following the chain
of hash pointers back to its creation by Goofy, verifying all
signatures along the way.
150
Cryptocurrency
151
Cryptocurrency
152
Cryptocurrency
• Goofycoin coin. Shown here is a coin that’s been created(bottom)
and spent twice (middle and top)
153
Double spending attack refer previous slides
• Let’s say Alice passed her coin on to Bob by
sending her signed statement to Bob but didn’t
tell anyone else.
• She could create another signed statement that
pays the same coin to Chuck.
• To Chuck, it would appear that it is a perfectly
valid transaction, and now he’s the owner of the
coin.
• Bob and Chuck would both have valid-looking
claims to be the owner of this coin.
• This is called a double-spending attack—Alice is
spending the same coin twice 154
155
Scroogecoin
• Scroogecoin is built off of Goofycoin, but it’s a bit
more complicated in terms of data structures
• The first key idea is that a designated entity called
Scrooge publishes an append-only ledger containing the
history of all transactions.
• The append-only property ensures that any data written
to this ledger will remain forever in the ledger.
• If the ledger is truly append only, we can use it to
defend against double spending by requiring all
transactions to be written in the ledger before they are
accepted.
• That way, it will be publicly documented if coins were
previously sent to a different owner
156
Scroogecoin
• To implement this append-only functionality, Scrooge
can build a block chain which he will digitally sign.
• It consists of a series of data blocks, each with one
transaction in it
• Each block has the ID of a transaction, the transaction’s
contents, and a hash pointer to the previous block.
• Scrooge digitally signs the final hash pointer, which
binds all the data in this entire structure, and he
publishes the signature along with the block chain.
157
Scroogecoin
158
Scroogecoin
159
Scroogecoin
160
Scroogecoin
161
Scroogecoin block chain
CreateCoins transaction.
• This CreateCoins transaction creates multiple coins.
• Each coin has a serial number in the transaction.
• Each coin also has a value; it’s worth a certain number
of scroogecoins.
• Finally, each coin has a recipient, which is a public key
that gets the coin when it’s created.
• So CreateCoins creates multiple new coins with
different values and assigns them to people as initial
owners.
• We refer to coins by CoinIDs.
• A CoinID is a combination of a transaction ID and the
coin’s serial number in that transaction.
162
• The consumed coins are valid, that is, they were created
in previous transactions.
• The consumed coins have not already been consumed
in some previous transaction. That is, this is not a
double-spend transaction.
• The total value of the coins that come out of this
transaction is equal to the total value of the coins that
went in. That is, only Scrooge can create new value.
163
164
EXTRAS
165
Hash Functions: This is a different kind of method that
does not involve any key. A cipher is used to generate a
hash value of a fixed length from the plaintext. It is highly
secure.
• Mining is the process by which transactions are verified and

added to a blockchain.
• Difficulty in Proof-of-Work mining is how hard it is to verify
blocks in a blockchain network
• Proof of Work is a system that ties mining capability to
computational power. When a block is successfully hashed, the
hashing must have taken some time and computational effort, and
a hashed block is considered proof of work. 166
EXAMPLES
167

CSE1006 Module 1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CSE1006 Module 1

Uploaded by

Copyright:

Available Formats

CSE1006 – Blockchain and Cryptocurrency Technologies

Introduction to Cryptography &

• Satoshi Nakamoto published a whitepaper on 31st

• Blockchain is a list of records called blocks that

Why do we need blockchain?

• Even though it is not organized by a central

Ie: Two entities want to perform a transaction, it could be financial, like

How blockchain works

What is „double spending“ and how it works?

How is this even possible?

How is bitcoin managing the double spending problem?

A method used by bitcoin to handle the risk of double

Bitcoin: A Decentralized Solution for the Double Spending

What makes blockchain so secure?

• We can break down the word cryptography into two

• The encrypted text or information is also known

Understanding symmetric key encryption

Understanding Asymmetric key encryption

• There are numerous hash functions designed in order

Blockchain and Hashing

For a hash function to be cryptographically secure,

• The above figure shows the Hash Collision.

• From the above fig, the “number of inputs exceeds the

• This function meets our requirements of a hash

• If y = H(x|r) & given y to a hacker/thief, then it is very

• SHA‐256 uses the Merkle‐Damgard transform to turn a

• In the above fig, we built a linked list using hash pointers.

• Use hash pointers in any pointer-based data structure

2. Second rule is whoever owns a coin can transfer it on to

• Mining is the process by which transactions are verified and

You might also like