BLOCK CHAIN TECHNOLOGY

UNIT-I
Blockchain Technology
CENTRALIZED SYSTEMS
Centralized systems are systems that use client/server architecture where one or more client
nodes are directly connected to a central server. This is the most commonly used type of
system in many organizations where a client sends a request to a company server and
receives the response.

Characteristics of Centralized Systems

 Run on a single computer system and do not interact with another computer system.
 A modern, general-purpose computer system consists of one to a few processors and a
number of device controllers that are connected through a common bus that provides
access to shared memory.
 The processors have local cache memories that store local copies of parts of the
memory, to speed up access to data.
 Centralized systems have specialized device controllers responsible for managing
various hardware components, such as disk drives and audio devices
 A typical single-user system is a desktop unit used by a single person, usually with only
one processor and one or two hard disks, and usually only one person using the machine
at a time.
 A typical multiuser system, has more disks and more memory and may have multiple
processors. It serves a large number of users who are connected to the system remotely.
 Database systems designed for use by single users usually do not provide many of the
facilities that a multiuser database provides.
 Centralized systems can have multiple processors, and fine-grained parallelism is a
characteristic that may be present in some centralized systems to improve performance
Example –
Wikipedia. Consider a massive server to which we send our requests and the server
responds with the article that we requested. Suppose we enter the search term ‘junk food’ in
the Wikipedia search bar. This search term is sent as a request to the Wikipedia servers
(mostly located in Virginia, U.S.A) which then responds back with the articles based on
relevance. In this situation, we are the client node, Wikipedia servers are the central server.
Characteristics of Centralized System –
 Presence of a global clock: As the entire system consists of a central node (a server/ a
master) and many client nodes(a computer/ a slave), all client nodes sync up with the
global clock(the clock of the central node).
 One single central unit: One single central unit which serves/coordinates all the other
nodes in the system.

 Dependent failure of components: Central node failure causes the entire system to
fail. This makes sense because when the server is down, no other entity is there to
send/receive responses/requests.

Scaling –
Only vertical scaling on the central server is possible. Horizontal scaling will contradict the
single central unit characteristic of this system of a single central entity.
Components of Centralized System –

Components of Centralized System are,

 Node (Computer, Mobile, etc.).
 Server.
 Communication link (Cables, Wi-Fi, etc.).

Architecture of Centralized System –

Client-Server architecture . The central node that serves the other nodes in the system is the
server node and all the other nodes are the client nodes.
Limitations of Centralized System –
 Can’t scale up vertically after a certain limit – After a limit, even if you increase the
hardware and software capabilities of the server node, the performance will not increase
appreciably leading to a cost/benefit ratio < 1.

 Bottlenecks can appear when the traffic spikes – as the server can only have a finite
number of open ports to which can listen to connections from client nodes. So, when
high traffic occurs like a shopping sale, the server can essentially suffer a Denial-of-
Service attack or Distributed Denial-of-Service attack.

Advantages of Centralized System –

 Easy to physically secure. It is easy to secure and service the server and client nodes by
virtue of their location
 Smooth and elegant personal experience – A client has a dedicated system which he
uses(for example, a personal computer) and the company has a similar system which
can be modified to suit custom needs
 Dedicated resources (memory, CPU cores, etc)
 More cost-efficient for small systems up to a certain limit – As the central systems take
fewer funds to set up, they have an edge when small systems have to be built
 Quick updates are possible – Only one machine to update.
 Easy detachment of a node from the system. Just remove the connection of the client
node from the server and voila! Node detached.
 Centralized control: In a centralized system, the central authority has complete control
over the system, which can lead to better coordination and decision-making.
 Easier to manage: As there is only one central node to manage, it is easier to maintain
and manage the system.
 Lower latency: Centralized systems can provide lower latency compared to distributed
systems as there is no delay in communication between different nodes.
 Higher performance: Centralized systems can achieve higher performance as the
resources can be optimized for specific tasks.
 Simpler implementation: Centralized systems are easier to implement as they require
less complex algorithms and protocols.
Disadvantages of Centralized System –
 Highly dependent on the network connectivity – The system can fail if the nodes lose
connectivity as there is only one central node.
 No graceful degradation of the system – abrupt failure of the entire system
 Less possibility of data backup. If the server node fails and there is no backup, you lose
the data straight away
 Difficult server maintenance – There is only one server node and due to availability
reasons, it is inefficient and unprofessional to take the server down for maintenance. So,
updates have to be done on-the-fly(hot updates) which is difficult and the system could
break.
 Single point of failure: Centralized systems have a single point of failure, which can
cause the entire system to fail if the central node goes down.
 Lack of transparency: Centralized systems lack transparency as the central authority has
complete control over the system, which can lead to issues like censorship and bias.
 Security risks: Centralized systems are more vulnerable to security risks as the central
authority has complete access to all the data.
 Limited scalability: Centralized systems have limited scalability as the central node can
only handle a limited number of clients at a time.
 Limited innovation: Centralized systems can stifle innovation as the central authority
has complete control over the system, which can limit the scope for experimentation
and creativity.
Applications of Centralized System –
 Application development – Very easy to set up a central server and send client requests.
Modern technology these days do come with default test servers which can be launched
with a couple of commands. For example, Express server, Django server.
 Data analysis – Easy to do data analysis when all the data is in one place and available
for analysis
 Personal computing
Use Cases –
 Centralized databases – all the data in one server for use.
 Single-player games like Need For Speed, GTA Vice City – an entire game in one
system(commonly, a Personal Computer)
 Application development by deploying test servers leading to easy debugging, easy
deployment, easy simulation
 Personal Computers
Organizations Using

National Informatics Center (India), IBM

2. DECENTRALIZED SYSTEMS:

These are other types of systems that have been gaining a lot of popularity, primarily
because of the massive hype of Bitcoin. Now many organizations are trying to find the
application of such systems.
In decentralized systems, every node makes its own decision. The final behavior of the
system is the aggregate of the decisions of the individual nodes. Note that there is no single
entity that receives and responds to the request.

Figure – Decentralized system visualization

Example –
Bitcoin. Let’s take Bitcoin for example because it is the most popular use case of
decentralized systems. No single entity/organization owns the bitcoin network. The
network is a sum of all the nodes who talk to each other for maintaining the amount of
bitcoin every account holder has.
Characteristics of Decentralized System –
 Lack of a global clock: Every node is independent of each other and hence, has
different clocks that they run and follow.
 Multiple central units (Computers/Nodes/Servers): More than one central unit which
can listen for connections from other nodes
 Dependent failure of components: one central node failure causes a part of the system
to fail; not the whole system
Scaling –
Vertical scaling is possible. Each node can add resources(hardware, software) to itself to
increase the performance leading to an increase in the performance of the entire system.
Components –
Components of Decentralized System are,
 Node (Computer, Mobile, etc.)
 Communication link (Cables, Wi-Fi, etc.)
Architecture of Decentralized System –
 peer-to-peer architecture – all nodes are peers of each other. No one node has
supremacy over other nodes
 master-slave architecture – One node can become a master by voting and help in
coordinating of a part of the system but this does not mean the node has supremacy over
the other node which it is coordinating
Limitations of Decentralized System –
 May lead to the problem of coordination at the enterprise level – When every node is
the owner of its own behavior, its difficult to achieve collective tasks
 Not suitable for small systems – Not beneficial to build and operate small decentralized
systems because of the low cost/benefit ratio
 No way to regulate a node on the system – no superior node overseeing the behavior of
subordinate nodes
Advantages of Decentralized System –
 Minimal problem of performance bottlenecks occurring – The entire load gets balanced
on all the nodes; leading to minimal to no bottleneck situations
 High availability – Some nodes(computers, mobiles, servers) are always
available/online for work, leading to high availability
 More autonomy and control over resources – As each node controls its own behavior, it
has better autonomy leading to more control over resources.
 Improved fault tolerance: Decentralized systems are designed to be fault tolerant,
meaning that if one or more nodes fail, the system can still continue to function. This is
because the workload is distributed across multiple nodes, rather than relying on a
single point of failure.
 Increased transparency: Decentralized systems often have a transparent and open
structure, which allows for greater accountability and trust. Each node has access to the
same information, making it more difficult to manipulate or corrupt the data.
 Greater security: Decentralized systems can be more secure than centralized systems
because there is no single point of failure or vulnerability that can be exploited by
attackers. Data is distributed across multiple nodes, making it more difficult to hack or
compromise.
 Improved scalability: Decentralized systems can be more scalable than centralized
systems because adding new nodes to the network can help to distribute the workload
and increase capacity. This can be particularly useful for large, complex systems that
need to be able to handle high volumes of traffic or data.
Disadvantages of Decentralized System –
 Difficult to achieve global big tasks – No chain of command to command others to
perform certain tasks
 No regulatory oversight
 Difficult to know which node failed – Each node must be pinged for availability
checking and partitioning of work has to be done to actually find out which node failed
by checking the expected output with what the node generated
 Difficult to know which node responded – When a request is served by a decentralized
system, the request is actually served by one of the nodes in the system but it is actually
difficult to find out which node indeed served the request.
 Security challenges: Decentralized systems can be vulnerable to security threats such as
DDoS attacks, sybil attacks, and 51% attacks. These attacks can compromise the
integrity and security of the network, leading to data breaches and loss of trust.
 Lack of scalability: Decentralized systems can face scalability issues as the number of
nodes increases. This is because each node needs to maintain a copy of the entire
database, which can be difficult to manage as the database grows.
 Inefficient resource utilization: Decentralized systems can suffer from inefficient
resource utilization as some nodes may have spare computing resources while others
may be overloaded. This can lead to a waste of resources and decreased performance.
 Lack of standardization: Decentralized systems lack standardization, which can make it
difficult to integrate with other systems and can lead to interoperability issues. This can
be a major challenge for organizations that need to work with multiple decentralized
systems.
 Slow transaction processing: Decentralized systems can be slower in processing
transactions compared to centralized systems. This is because each transaction needs to
be validated by multiple nodes, which can take time.
Applications of Decentralized System –
 Private networks – peer nodes joined with each other to make a private network.
 Cryptocurrency – Nodes joined to become a part of a system in which digital currency
is exchanged without any trace and location of who sent what to whom. However, in
bitcoin, we can see the public address and amount of bitcoin transferred, but those
public addresses are mutable and hence difficult to trace.
Use Cases –
 Blockchain
 Decentralized databases – Entire databases split into parts and distributed to different
nodes for storage and use. For example, records with names starting from ‘A’ to ‘K’ in
one node, ‘L’ to ‘N’ in the second node, and ‘O’ to ‘Z’ in the third node
 Cryptocurrency

Organizations
Using –
Bitcoin, Tor network
MAIN BARRIERS TO BLOCKCHAIN ADOPTION
Technical Complexity
One of the main barriers to blockchain adoption is the technical complexity of the
technology itself. Blockchain involves complex concepts such as cryptography, consensus
algorithms, smart contracts, and distributed ledger. These concepts require a high level of
technical expertise and skills to understand, implement, and maintain. Moreover,
blockchain technology is still evolving and developing, which means that there are no
standardized protocols, frameworks, or best practices for blockchain development and
integration. This creates interoperability, scalability, and security issues for blockchain
projects.

Regulatory uncertainty

Another barrier to blockchain adoption is the regulatory uncertainty surrounding the

technology. Blockchain technology operates in a global and decentralized manner, which
poses challenges for the existing legal and regulatory frameworks. Different countries and
regions have different laws and regulations regarding blockchain technology, such as data
privacy, consumer protection, taxation, and anti-money laundering. Some jurisdictions are
more supportive and flexible, while others are more restrictive and cautious. This creates
confusion and inconsistency for blockchain projects, especially those that involve cross-
border transactions or multiple stakeholders.

Organizational resistance

A third barrier to blockchain adoption is the organizational resistance that may arise from
the existing stakeholders and processes. Blockchain technology requires a paradigm shift in
the way organizations operate and collaborate. It challenges the traditional roles and
functions of intermediaries, central authorities, and legacy systems. It also requires a high
level of trust and cooperation among the participants of the blockchain network. Therefore,
blockchain adoption may encounter resistance from those who are reluctant to change, lose
control, or share information. This may result in cultural, political, or operational conflicts
within or between organizations.

Business value

A fourth barrier to blockchain adoption is the difficulty of demonstrating and measuring the
business value of the technology. Blockchain technology is often hyped as a disruptive and
innovative solution for various problems and opportunities. However, not all use cases and
scenarios require or benefit from blockchain technology. Some may be better served by
existing or alternative technologies. Therefore, blockchain projects need to have a clear and
realistic vision, strategy, and roadmap for how blockchain technology can create value for
the organization and its customers. They also need to have reliable and relevant metrics and
indicators to evaluate and communicate the impact and return on investment of blockchain
technology.
Skills gap

A fifth barrier to blockchain adoption is the skills gap that exists in the market. Blockchain
technology requires a diverse and multidisciplinary set of skills and competencies, such as
technical, business, legal, and social skills. However, there is a shortage of qualified and
experienced professionals who can design, develop, and deploy blockchain solutions.
According to a report by LinkedIn, blockchain was the most in-demand skill in 2020, but
there were not enough candidates to meet the demand. This creates a challenge for
organizations to find, attract, and retain talent for their blockchain projects.

User adoption

A sixth barrier to blockchain adoption is the user adoption that depends on the awareness,
understanding, and acceptance of the technology by the end-users. Blockchain technology
is still relatively new and unfamiliar to many people, who may not fully grasp its benefits,
risks, and implications. Moreover, some users may have concerns or misconceptions about
blockchain technology, such as its complexity, security, privacy, or legality. Therefore,
blockchain projects need to educate and engage their users and stakeholders, and provide
them with a user-friendly and intuitive interface and experience.
https://101blockchains.com/blockchain-adoption-challenges/

REAL TIME APPLICATIONS OF BLOCK CHAIN

1. Digital Rupee
2. Diglocker for CBSE certificates

https://builtin.com/blockchain/blockchain-applications
https://www.knowledgenile.com/blogs/top-10-applications-of-blockchain-
technology#:~:text=Hospitals%20have%20moved%20away%20from,who%20can%20see
%20that%20data.
UNIT-II
Cryptography is the science of secret writing with the intention of keeping the data secret.
Cryptography is classified into symmetric cryptography, asymmetric cryptography,
and hashing.
Public and private keys: an example
Bob wants to send Alice an encrypted email. To do this, Bob takes Alice’s public key and
encrypts his message to her. Then, when Alice receives the message, she takes the private key
that is known only to her in order to decrypt the message from Bob.

Although attackers might try to compromise the server and read the message, they will be
unable to because they lack the private key to decrypt the message. Only Alice will be able to
decrypt the message as she is the only one with the private key. And, when Alice wants to
reply, she simply repeats the process, encrypting her message to Bob using Bob’s public key.

The difference between public and private keys

Public keys have been described by some as being like a business’ address on the web – it’s
public and anyone can look it up and share it widely. In asymmetric encryption, public keys
can be shared with everyone in the system. Once the sender has the public key, he uses it to
encrypt his message.

Each public key comes paired with a unique private key. Think of a private key as akin to the
key to the front door of a business where only you have a copy. This defines one of the main
differences between the two types of keys. The private key ensures only you can get through
the front door. In the case of encrypted messages, you use this private key to decrypt
messages

Together, these keys help to ensure the security of the exchanged data. A message encrypted
with the public key cannot be decrypted without using the corresponding private key.

Generating public and private keys

The public and private key are not really keys but rather are really large prime numbers that
are mathematically related to one another. Being related in this case means that whatever is
 encrypted by the public key can only be decrypted by the related private key.

A person cannot guess the private key based on knowing the public key. Because of this, a
public key can be freely shared. The private key however belongs to only one person.

There are several well-known mathematical algorithms that are used to produce the public
and private key. Some well-respected algorithms include:

 Rivest-Shamir-Adelman (RSA) – Oldest of the public-private key cryptography systems.

Frequently used to transmit shared keys for symmetric key cryptography
 Digital Signature Standard (DSS) – a Federal Information Processing Standard specifying the
algorithms that can be used to generate digital signatures used by NIST
 Elliptic curve cryptography (ECC)– As its name implies, ECC relies on elliptic curves to
generate keys. Often used for key agreement and digital signatures. , we use elliptic-curve
cryptography’s Curve-25519 and NIST P-256.

Digital signatures
Public and private keys can also be used to create a digital signature. A digital signature
assures that the person sending the message is who they claim to be.

Typically, we use the recipient’s public key to encrypt the data and the recipient then uses
their private key to decrypt the data. However, using the scheme of digital signatures, there’s
no way to authenticate the source of the message. Mike could get a hold of Alice’s public key
(since it’s public) and pretend that Bob is the person sending a message to Alice.

To create a digital signature, Bob digitally signs his email to Alice using his private key.
When Alice receives the message from Bob, she can verify the digital signature on the
message came from Bob by using his public key. As the digital signature uses Bob’s private
key, Bob is the only person who could create the signature.

Business benefits of public private key encryption

By using a public and private key for encryption and decryption, recipients can be confident
that the data is what the sender says it is. The recipient is assured of the confidentiality,
integrity and authenticity of the data.

Confidentiality is ensured because the content that is secured with the public key can only be
decrypted with the private key. This ensures that only the intended recipient can ever review
the contents

Integrity is ensured because part of the decryption process requires checking that the
received message matches the sent message. This ensures that the message has not been
changed in between.

Authenticity is ensured because each message sent by Alice to Bob is also signed by Alice’s
private key. The only way to decrypt Alice’s private key is with her public key, which Bob
can access. By signing the message with her private key, Alice ensures the authenticity of the
message and shows that it really did come from her.

Private Key:
In the Private key, the same key (secret key) is used for encryption and decryption. In this
key is symmetric because the only key is copied or shared by another party to decrypt the
cipher text. It is faster than public-key cryptography.
Public Key:
In a Public key, two keys are used one key is used for encryption and another key is used
for decryption. One key (public key) is used to encrypt the plain text to convert it into
cipher text and another key (private key) is used by the receiver to decrypt the cipher text to
read the message. Now, we see the difference between them:
Difference between Private Key and Public Key:
S.N
O Private Key Public Key

The private key is faster than the public

It is slower than a private key.
1. key.

In this, the same key (secret key) and In public-key cryptography, two keys
algorithm are used to encrypt and are used, one key is used for encryption,
2. decrypt the message. and the other is used for decryption.

In private key cryptography, the key is In public-key cryptography, one of the

3. kept a secret. two keys is kept a secret.

The private key The public key

is Symmetrical because there is only is Asymmetrical because there are two
4. one key that is called a secret key. types of keys: private and public keys.

In this cryptography, the sender and

In this cryptography, the sender and
receiver do not need to share the same
receiver need to share the same key.
5. key.

In this cryptography, the public key can

In this cryptography, the key is private.
6. be public and a private key is private.

7. It is an efficient technology. It is an inefficient technology.

S.N
O Private Key Public Key

8. It is used for large amounts of text. It is used for only short messages.

There is the possibility of losing the key There is less possibility of key loss, as
9. that renders the systems void. the key is held publicly.

The private key is to be shared between

The public key can be used by anyone.
10. two parties.

The Performance testing checks the

The Load testing checks the
reliability, scalability, and speed of the
sustainability of the system.
11. system.

The private key is used in algorithms

The public key is used in algorithms
such as AES 128, AES 192 and AES
such as RSA, DSA, etc.
12. 256.

13. The private key is kept secret. The public key is widely distributed.

It is used to protect disk drives and It is used to secure web sessions and
14. other data storage devices. emails.

The recipient’s private key decrypts the The recipient’s public key encrypts the
15. message. message.

If the private key is the locking key,

If the public key is the locking key,
then the system can be used to verify
then it can be used to send private
documents sent by the holder of the
communication.
16. private key.
What Is a Blockchain Address?

Your blockchain address, the code you can share with others to receive cryptocurrencies, is
derived from your public key. When you send cryptocurrency to someone else, this is the
address they will see. For Ethereum, it’s that long hexadecimal number starting with 0x. Then
for Bitcoin, you might notice that your wallet will generate a new address each time you
transact. Both of these methods are fine, and, to clarify, this blockchain address is completely
safe to share. PKC guarantees that no one can access your funds with only your blockchain
address or the public key it was derived from.

Signing In Action
For example, let’s say you want to send 1ETH to your friend Bob using the Ethereum
Network. In this case, you would find out Bob’s blockchain address, which was derived from
his public key. Just like you, Bob also has a set of public and private keys, and his private key
is the only one that controls the address of the corresponding public key.

When you try to send any Ether, you will have to initiate a transaction request. Within that
request, you specify the amount you want to send and where you want to send it—in this case
we want to send 1 ETH to Bob’s account.

From there, your crypto wallet uses your private key to sign the transaction. To explain, a
signature is like a digital fingerprint; it proves to the blockchain that you intend to carry out
the plan in the attached message. It also proves you are who you say you are. Your signature
is created by your private key and includes the transaction details, which eventually become
part of the transaction’s data.

Once the transaction is signed using your private key, transaction and signature are then
broadcast to the network. That means every node in the network can review the transaction.
To follow, Ethereum validators verify that the signature matches your public key,
guaranteeing you are who you say you are, and thus own the funds that you are trying to
spend. They also check that Bob’s address actually exists on the network, and that the
transaction is sound overall. If all of these conditions are met, the transaction will be
confirmed. The 1 Ether will disappear from your account and arrive in Bob’s.

It’s important to reiterate that throughout this process, and as the owner of your private key,
only you can sign the transaction capable of moving your own funds. That’s because your
blockchain address is directly derived from your public key, which was originally derived
from your private key. Thus, as long as you keep your private key private, no one can move
your funds on the blockchain. Yes– even though you are sharing your public key, your
address, and signatures of all your transactions, your funds remain safe. This is the brilliance
of trapdoor functions in action.

What is a digital signature?

A digital signature is a mathematical technique used to validate the authenticity and integrity
of a digital document, message or software. It's the digital equivalent of a handwritten
signature or stamped seal, but it offers far more inherent security. A digital signature is
intended to solve the problem of tampering and impersonation in digital communications.

Digital signatures can provide evidence of origin, identity and status of electronic documents,
transactions or digital messages. Signers can also use them to acknowledge informed consent.
In many countries, including the U.S., digital signatures are considered legally binding in the
same way as traditional handwritten document signatures.

How do digital signatures work?

Digital signatures are based on public key cryptography, also known as asymmetric
cryptography. Using a public key algorithm -- such as Rivest-Shamir-Adleman, or RSA --
two keys are generated, creating a mathematically linked pair of keys: one private and one
public.

Digital signatures work through public key cryptography's two mutually authenticating
cryptographic keys. For encryption and decryption, the person who creates the digital
signature uses a private key to encrypt signature-related data. The only way to decrypt that
data is with the signer's public key.

If the recipient can't open the document with the signer's public key, that indicates there's a
problem with the document or the signature. This is how digital signatures are authenticated.

Digital certificates, also called public key certificates, are used to verify that the public key
belongs to the issuer. Digital certificates contain the public key, information about its owner,
expiration dates and the digital signature of the certificate's issuer. Digital certificates are
issued by trusted third-party certificate authorities (CAs), such as DocuSign or GlobalSign,
for example. The party sending the document and the person signing it must agree to use a
given CA.

Digital signature technology requires all parties trust that the person who creates the signature
image has kept the private key secret. If someone else has access to the private signing key,
that party could create fraudulent digital signatures in the name of the private key holder.

What are the benefits of digital signatures?

Digital signatures offer the following benefits:

 Security. Security capabilities are embedded in digital signatures to ensure a legal
document isn't altered and signatures are legitimate. Security features include asymmetric
cryptography, personal identification numbers (PINs), checksums and cyclic redundancy
checks (CRCs), as well as CA and trust service provider (TSP) validation.

 Timestamping. This provides the date and time of a digital signature and is useful when
timing is critical, such as for stock trades, lottery ticket issuance and legal proceedings.

 Globally accepted and legally compliant. The public key infrastructure (PKI) standard
ensures vendor-generated keys are made and stored securely. With digital signatures
becoming an international standard, more countries are accepting them as legally binding.

 Time savings. Digital signatures simplify the time-consuming processes of physical

document signing, storage and exchange, enabling businesses to quickly access and sign
documents.

 Cost savings. Organizations can go paperless and save money previously spent on the
physical resources, time, personnel and office space used to manage and transport
documents.

 Positive environmental effects. Reducing paper use also cuts down on the physical
waste generated by paper and the negative environmental impact of transporting paper
documents.

 Traceability. Digital signatures create an audit trail that makes internal record-
keeping easier for businesses. With everything recorded and stored digitally, there are
fewer opportunities for a manual signee or record-keeper to make a mistake or
misplace something.

How do you create a digital signature?

To create a digital signature, signing software -- such as an email program -- is used to

provide a one-way hash of the electronic data to be signed.

A hash is a fixed-length string of letters and numbers generated by an algorithm. The digital
signature creator's private key is used to encrypt the hash. The encrypted hash -- along with
other information, such as the hashing algorithm -- is the digital signature.
The reason for encrypting the hash instead of the entire message or document is because a
hash function can convert an arbitrary input into a fixed-length value, which is usually much
shorter. This saves time, as hashing is much faster than signing.

The value of a hash is unique to the hashed data. Any change in the data -- even a
modification to a single character -- results in a different value. This attribute enables others
to use the signer's public key to decrypt the hash to validate the integrity of the data.

If the decrypted hash matches a second computed hash of the same data, it proves that the
data hasn't changed since it was signed. But, if the two hashes don't match, the data has either
been tampered with in some way and is compromised or the signature was created with a
private key that doesn't correspond to the public key presented by the signer. This signals an
issue with authentication.

A digital signature can be used with any kind of message, whether or not it's encrypted,
simply so the receiver can be sure of the sender's identity and that the message arrived intact.
Digital signatures make it difficult for the signer to deny having signed something, as the
digital signature is unique to both the document and the signer and it binds them together.
This property is called nonrepudiation.

The digital certificate is the electronic document that contains the digital signature of the
issuing CA. It's what binds together a public key with an identity and can be used to verify
that a public key belongs to a particular person or entity. Most modern email programs
support the use of digital signatures and digital certificates, making it easy to sign any
outgoing emails and validate digitally signed incoming messages.

Digital signatures are also used extensively to provide proof of authenticity, data integrity and
nonrepudiation of communications and transactions conducted over the internet.
Uses for digital signatures

Digital signature tools and services are commonly used in contract-heavy industries,
including the following:

 Government. The U.S. Government Publishing Office publishes electronic versions of

budgets, public and private laws, and congressional bills with digital signatures.
Governments worldwide use digital signatures for processing tax returns, verifying
business-to-government transactions, ratifying laws and managing contracts. Most
government entities must adhere to strict laws, regulations and standards when using
digital signatures. Many governments and corporations also use smart cards to identify
their citizens and employees. These are physical cards with an embedded chip that
contains a digital signature that provides the cardholder access to an institution's systems
or physical buildings.

 Healthcare. Digital signatures are used in the healthcare industry to improve the
efficiency of treatment and administrative processes, strengthen data security, e-prescribe
and process hospital admissions. The use of digital signatures in healthcare must comply
with the Health Insurance Portability and Accountability Act of 1996.

 Manufacturing. Manufacturing companies use digital signatures to speed up processes,

including product design, quality assurance, manufacturing enhancements, marketing and
sales. The use of digital signatures in manufacturing is governed by the International
 Organization for Standardization and the National Institute of Standards and
Technology Digital Manufacturing Certificate.

 Financial services. The U.S. financial sector uses digital signatures for contracts,
paperless banking, loan processing, insurance documentation and mortgages. This heavily
regulated sector uses digital signatures, paying careful attention to the regulations and
guidance put forth by the Electronic Signatures in Global and National Commerce Act
(E-Sign Act), state Uniform Electronic Transactions Act regulations, the Consumer
Financial Protection Bureau and the Federal Financial Institutions Examination Council.

 Cryptocurrencies. Bitcoin and other cryptocurrencies use digital signatures to

authenticate the blockchain. They're also used to manage transaction data associated with
cryptocurrency and as a way for users to show ownership of currency or their
participation in a transaction.

 Non-fungible tokens (NFTs). Digital signatures are used with digital assets -- such as
artwork, music and videos -- to secure and trace these types of NFTs anywhere on the
blockchain.
HASH VALUE
A hash value is a numeric value of a fixed length that uniquely identifies data. Hash values
represent large amounts of data as much smaller numeric values, so they are used with digital
signatures. You can sign a hash value more efficiently than signing the larger value. Hash
values are also useful for verifying the integrity of data sent through insecure channels. The
hash value of received data can be compared to the hash value of data as it was sent to
determine whether the data was altered.
Data can be compared to a hash value to determine its integrity. Usually, data is hashed at a
certain time and the hash value is protected in some way. At a later time, the data can be
hashed again and compared to the protected value. If the hash values match, the data has not
been altered. If the values do not match, the data has been corrupted. For this system to work,
the protected hash must be encrypted or kept secret from all untrusted parties.
Hashing is the process of generating a value from a text or a list of numbers using a
mathematical function known as a hash function.
A Hash Function is a function that converts a given numeric or alphanumeric key to a small
practical integer value. The mapped integer value is used as an index in the hash table. In
simple terms, a hash function maps a significant number or string to a small integer that can
be used as the index in the hash table.
The pair is of the form (key, value), where for a given key, one can find a value using some
kind of a “function” that maps keys to values. The key for a given object can be calculated
using a function called a hash function.
What is a blockchain transaction?

A transaction refers to a contract, agreement, transfer, or exchange of assets between two or

more parties. The asset is typically cash or property. Likewise, a blockchain transaction is
nothing but data transmission across the network of computers in a blockchain system. The
network of computers in a blockchain store the transactional data as replicas with the storage
typically referred to as a digital ledger. Blockchain technology leverages peer-to-peer (P2P)
networks to form a shared and secured ledger that records transactions as immutable time-
stamped digital blocks. It is a decentralized ledger of transactions with no third-party
involvement, and only participants in the blockchain network can validate transactions among
them. While a blockchain can store different types of information, its most widespread use
has been as a digital ledger for transactions.

Blockchain Transaction Example

In the context of cryptocurrency, a blockchain transaction example is an individual payment,

such as Person A sending .10 BTC (bitcoin) to Person B. A blockchain transaction would
typically involve the following information getting stored in blocks:

 Data about the transaction, such as the date, time, amount of money paid, place, etc.
 Data about the participants of the blockchain transaction or the username.
 Block specific data or hash, a unique code that distinguishes one block from another.
Blockchain involves three key elements: cryptographic keys, a P2P network, and a computer
network to store and record transactions. A cryptographic key is a unique and secure digital
identity reference used for managing and authorizing transactions. Upon merging with the
P2P network, the digital signature is used by individuals on the network to reach a consensus
on transactions. Once a deal is authorized, a mathematical verification certifies it, resulting in
a successful transaction between the two connected parties in the network. Besides financial
transactions, blockchains also hold legal contracts, product inventories, transactional details
of other assets like vehicles, property, etc.

Steps of the Blockchain Transaction Process

A blockchain transaction has to undergo several steps before it becomes a part of the
blockchain, a critical aspect of the technology being the way it authorizes and confirms
transactions. The pointers below highlight the steps involved in a blockchain transaction:

1. Entry of a new transaction

2. Transmission of the transaction to a global network of peer-to-peer computers
 3. Peer network of computers confirms the validity of the transaction
4. Confirmed legitimate transactions are clustered into blocks
5. The blocks are chained together to create a long history of all transactions
6. Completion of the transaction

Fundamentals of a Blockchain Transaction

One of the most significant attributes of blockchain transactions is security. Let’s look at the
key aspects of blockchain technology that contribute to the safety of every blockchain
transaction:

Hash encryptions

Blockchain employs hashing and encryption technology, mainly the SHA256 algorithm, to
ensure data security. Therefore, the SHA256 algorithm transmits the transaction details as
encrypted information (hash encryption), which gets added to the blockchain post
verification. Thanks to the SHA256 algorithm, hash encryption becomes practically
impossible to hack.

Authentication and authorization

Blockchain transactions are authenticated using cryptographic keys that are essentially strings
of data identifying a blockchain user and giving access to their account on the system. The
two cryptographic keys that ensure successful and secure transactions between two parties are
private and public keys. Using these keys, a blockchain user creates a secure digital identity
for controlling and authorizing transactions.

Mining

In blockchain technology, mining means adding transactions to the distributed digital public
ledger of existing transactions (or the blockchain). Although primarily associated with
bitcoin, mining also applies to other blockchain usage scenarios. The mining process involves
generating a hash of a block of transactions. Since the hash is unforgeable, it protects the
integrity of the entire blockchain without requiring a central system such as a bank or
regulatory body.

Proof of work

The decision to add a transaction to a public blockchain is made by consensus whereby a

majority of the computers (nodes) in the network must agree to the validity of a transaction.
Thus, people who own the nodes in the network need to solve a complex mathematical puzzle
known as the proof of work problem to add a block to the chain. Solving the proof of work
problem is mining, the people doing it are miners, and they are rewarded for verifying
transactions.

Proof of stake

Proof of stake is a validation consensus protocol in a blockchain for processing transactions

and creating new blocks. It entails that blockchain participants must have a stake in the
blockchain, typically by owning cryptocurrency. Hence, cryptocurrency owners get a chance
to validate transactions by offering their stakes as collateral. An alternative to proof of work,
the proof of stake mechanism saves significant computing power and resources.

There are two main types of accounts involved in transactions:

1. Externally Owned Accounts (EOA). These are accounts controlled by human users
through public and private keys. The public key is the identifier of the account.
Transactions are signed by the private key to prove ownership of the EOA. An EOA
can be thought of as an individual’s bank account that can be used to send funds using
password verification.
2. Contract Accounts. These are accounts containing code and identified by a public
key. The code is commonly referred to as a smart contract and is an automated
program that runs when it receives a transaction from another EOA or contract
account.
Any transaction ultimately originates from an EOA. Contract accounts do not execute on
their own.

Different ways that transactions can occur

1. Between EOAs directly. This is usually a payment transaction between EOAs

involving the transfer of a blockchain’s native token (e.g. ETH on Ethereum) without
any smart contracts involved. These types of transactions are referred to
as external transactions.
2. Between EOAs and Contract Accounts. These transactions are initiated by the EOA
and invoke some smart contract function calls. For example, the transfer of an ERC20
token or an NFT first involves a call by the EOA to the approval function of the token
contract and, if successful, a subsequent call to the transfer function.
3. Between Contract Accounts. These transactions are referred to as internal
transactions. A smart contract calls a function on another smart contract, which can
trigger the transfer of tokens or the execution of some other logic.

Modifying Transactions
Modifying a transaction in a block will change the hash of all of the transactions which
ultimately changes the hash of the block header. This will likely make the block header's hash
have an invalid proof of work. Thus in order to modify the transaction, you would have to
redo the block's proof of work, i.e. remine the block.

Furthermore, the block header includes the hash of the previous block. So if you want to
change a transaction, you will need to also remine all of the blocks following the block which
contains the transaction you modified. Lastly, your set of modified blocks are actually a
blockchain fork. In order to get it to be accepted by the rest of the network, your fork will
need to have more cumulative work than the current blockchain, which effectively means that
your fork needs to be longer than the current blockchain.

Overall, modifying transactions already in the blockchain requires remining blocks, and after
a transaction already has a few confirmations, doing this requires immense amounts of
computing power. So much computing power is required that modifying blocks is effectively
impossible to do.

One can only change the block data and see if a valid hash is obtained, and do it over
and over again. But what data can you change in your block?
 It contains important transaction data that one can’t alter. Well, this is where
the nonce comes in.
 The nonce is there just so that miners have a piece of data that they can essentially play
with. They can change it randomly to change the block’s output hash until they luck out
and happened to find one that is below the required difficulty threshold.
 Once they have found a nonce that results in their block’s hash being below the difficulty
threshold, the block is finally considered valid and it can broadcast to the network with
that miner taking a reward for their effort.
 This process is purely based on chance. Miners just try over and over again changing the
nonce and rehashing the block and hoping that they will luck out and find a hash below
the threshold number.
Example: Now, Suppose a malicious person, Alex, was trying to alter the transactions on the
chain. As it is known, that one can’t just change data because that will create a new hash
which would create an invalid block.
 Alex would have to re-mine that block and find a nonce that yields a hash value below the
target difficulty.
 Since all the blocks must contain the hash of the previous blocks, all the following blocks
would be invalidated as well. Only if Alex had an incredible near impossible amount of
computing power, would he be able to rebuild the whole chain to include his fraudulent
transactions, and Alex doesn’t have nearly that much computing power.
 As a result, the distributed blockchain’s robustness is its strength, and it’s why it’s
regarded to be incorruptible.
It can be concluded that it’s nearly impossible to change records in blocks since all of the
blocks are linked through the inter-relationships of all of their hashes, and any modification
in a block anywhere in the chain invalidates all subsequent blocks.

Maintain Transactions
A consensus mechanism and a reward system are required to maintain the integrity and

functionality of a blockchain. In the Bitcoin blockchain, consensus is achieved by ‘mining’,

and the reward system is a protocol awarding a miner some amount of Bitcoin upon

successfully mining a block. Mining is undertaken by powerful computers solving complex

mathematical puzzles.Once a transaction verified, and accepted as true by the entire network,

miners start working on the next block. Thus, a blockchain keeps growing