UNIT I

Role of Cryptography in
Blockchain
 Introduction to Cryptography

 Blockchain Technology is based on three main pillars;

 Distributed ledger,
 Peer-to-peer network,
 Cryptographic security.
 The successful and safe working of a distributed ledger
system and the point-to-point network is impossible
without a robust security technique.
 Introduction to Cryptography

 Cryptography is a method of securing data from

unauthorized access.
 Cryptography is used to secure transactions taking
place between two nodes in a blockchain network.
 Blockchain uses two types of security approaches -
Cryptography and Hashing.
 Cryptography is used to encrypt messages in a P2P
network.
 Hashing is used to secure the block information and
the link blocks in a blockchain.
Types of Cryptography
 Cryptography are further divided into two parts:

 Symmetric-key cryptography.

 Asymmetric-key cryptography.
 Symmetric-key cryptography

 It is also described as secret key cryptography.

 Both parties have the same key to keep the secret.
 It is suitable for bulk encryption.
 It requires less processing power and faster transfer.
 The Data Encryption System (DES) is a popular
symmetric key cryptographic system.
 Asymmetric-key cryptography
(Public Key Cryptography)

 Encryption method uses different keys for encryption and decryption.

 Encryption method uses public key and private key methods.
 Public key method helps completely unknown parties share
information like email ID.
 Private key helps to decrypt the messages and also helps in verifying
the digital signature.
 Private key cannot be derived from the public key, but the public key
can be derived from the private key.
Hash Cryptography Function in the Blockchain

 Cryptographic hashing refers to coding the information

or data on blockchain into an unreadable, unhackable
text.
 This is done using a special kind of hashing algorithm
known as SHA-256 (Secure Hash Algorithm).
 It creates a 32-byte long hash value.
 The hash is always of a fixed length no matter what the
length of the input value.
 But it is impossible to have the same hash values for
different inputs.
Hash Cryptography Function in the Blockchain

 If Input data is “dataflair” the hash value will be

 “07e42324292ec3bfc150958da854dd8d0357b021dc
5e4cfd75e65eed43bfe382”
 But if we change our input to “DataFlair” with two
letters made capital, the hash will be:
 “64a5c3aade499eabcc677bd5445c84636ea64fbf0c7
c01a49e469ff05da179ef”
Wallets and Digital Signatures
 A blockchain wallet is a software
(e.g. Electrum, Bitcoin core) or even a special
hardware device (e.g. Trezor, Ledger) that is used to
keep transaction information and personal
information (private and public key) of the user.
 Important ,wallets do not contain actual currency in it
(e.g. Bitcoin, Ethereum).
 Wallets are just a secure place to keep one’s keys
(especially private keys) and maintain a transaction
balance.
Wallets and Digital Signatures
 That is, a wallet is only a communication tool and the
blockchain stores the real information/data/currency in
blocks.
 Digital signature is like proof that given to the receiver
and the entire network that nodes are a legitimate node
in the blockchain network.
 When a node initiate a transaction with another node,
node (Sender) have to create a unique digital signature
by combining node transaction data and node private key
using a special algorithm.
 This will guarantee the authenticity of sender node and
the integrity of the information.
 Classification Of Cryptography
Algorithms
 Cryptography algorithms broadly classified:

 Symmetric-key algorithms (secret-key algorithms).

 Asymmetric-key algorithms (public-key

algorithms).

 Additionally, hash functions, essential for ensuring

data integrity.
Cryptographic Algorithm
 Symmetric-key algorithms:
• Definition: In symmetric-key cryptography, the same key
is used for both encryption and decryption.
• The communicating parties must share the secret key
beforehand.
• Examples:
• Data Encryption Standard (DES)
• Advanced Encryption Standard (AES)
• Triple DES (3DES)
• Blowfish
• Twofish
• Serpent
Cryptographic Algorithm
 Symmetric Cryptography :
 Stream Ciphers and Block Ciphers.
 Stream Ciphers:
• Definition: Stream ciphers encrypt data one bit or byte at a
time, usually in a continuous stream.
• They are often faster than block ciphers for certain
applications.
• Examples:
• RC4(Rivest Cipher 4).
• Salsa20
• A5/1 (used in GSM mobile networks)
Cryptographic Algorithm
 In stream ciphers, encryption and decryption are basically
the same function I.e. XOR operation.
 The basic idea is to use a key to generate a pseudorandom
stream of bits, and then combine (XOR) this stream with
the plaintext to produce the ciphertext.
 Stream ciphers encrypting voice and video calls, where a
continuous flow of data needs to be encrypted or decrypted
without introducing
 delays.
 Cryptographic Algorithm

 Stream Ciphers :
 Two types of stream ciphers: synchronous and asynchronous.
• Synchronous Stream Ciphers: The keystream is generated
independently of the plaintext and ciphertext.
• Both the sender and receiver must be synchronized to use the
same part of the key stream for encryption and decryption at the
same time.
• Asynchronous Stream Ciphers: The keystream generation is
dependent on the plaintext and/or ciphertext.
• The synchronization between the sender and receiver is more
flexible in asynchronous stream ciphers.
Cryptographic Algorithm
 Block Ciphers:
• Definition: Block ciphers operate on fixed-size blocks of
data and encrypt them as a single unit. The most common
block size is 64 or 128 bits.
• Examples:
• Data Encryption Standard (DES)
• Triple DES (3DES)
• Advanced Encryption Standard (AES)
• Blowfish
• Serpent
• Twofish
Cryptographic Algorithm
 Block ciphers :
 Block ciphers are usually built using a design strategy
known as Fiestel cipher.
 Fiestel ciphers are based on the Fiestel network, which is a
structure developed by Horst Fiestel.
 Structure is based on the idea of combining multiple rounds
of repeated operations to achieve desirable cryptographic
properties knows as confusion and diffusion.
• Example:
• Data Encryption Standard (DES)
• Triple DES (3DES)
Cryptographic Algorithm
 DES is a prime example of Fiestel based ciphers
Cryptographic Algorithm
 Simplified operation of a block cipher
 Modes of operation for block ciphers are Electronic
Code Book (ECB), Cipher block chaining (CBC),
Output Feedback Mode (OFB), or Counter mode
(CTR).
 Block encryption mode
 Plaintext is divided into blocks of fixed length
depending on the type of cipher used and then the
encryption function is applied on each block.
 Keystream generation modes
 The encryption function generates a keystream that is
then XORed with the plaintext stream in order to achieve
Cryptographic Algorithm
 Message authentication modes
 A message authentication code is computed as a result
of an encryption function.
 MAC is basically a cryptographic checksum that
provides an integrity service.
 Cryptographic hashes
 Hash functions are basically used to compress a
message to a fixed length digest.
 Mode in which, block ciphers are used as a
compression function to produce a hash of plain text.
Cryptographic Algorithm
 Electronic code book
 This is a basic mode of operation in which the
encrypted data is produced as a result of applying the
encryption algorithm one by one separately to each
block of plain text.
Cryptographic Algorithm
 Cipher block chaining
 Each block of plain text is XORed with the previous
encrypted block.
 The CBC mode uses initialization vector IV to encrypt
the first block.
 It is recommended that IV be randomly chosen.
Cryptographic Algorithm
 Counter mode :
 CTR mode effectively uses a block cipher as a stream
cipher.
 In this case, a unique nonce is supplied that is
concatenated with the counter value in order to
produce a key stream.
Cryptographic Algorithm
 Asymmetric-key algorithms:
• Definition: Asymmetric-key cryptography uses a pair
of public and private keys for encryption and
decryption. Information encrypted with the public key
can only be decrypted with the corresponding private
key, and vice versa.
• Examples:
• Rivest-Shamir-Adleman (RSA)
• Elliptic Curve Cryptography (ECC)
• Diffie-Hellman key exchange
• ElGamal
• Digital Signature Algorithm (DSA)
 Compare DES & AES
DES AES
Key Length: Uses a fixed key length of 56 Supports key lengths of 128,
bits. 192, and 256 bits.
Block Size: Operates on 64-bit blocks of Operates on variable block
data. sizes: 128-bit blocks for AES-
128, 192-bit blocks for AES-
192, and 256-bit blocks for
AES-256.
Rounds: Applies 16 rounds of a Feistel The number of rounds varies :
network structure to the data. 10 rounds for AES-128, 12
rounds for AES-192, and 14
rounds for AES-256.
Algorithm Structure: DES uses a Feistel network AES uses a substitution-
structure permutation network (SPN)
structure
Security: DES is considered insecure for AES is widely considered
many practical applications due secure and is used in various
to its short key length. applications, including
government and military
systems.
Cryptocurrency
 Cryptocurrency, sometimes called crypto-currency or
crypto, is any form of currency that exists digitally or
virtually and uses cryptography to secure transactions.
 Cryptocurrencies don't have a central issuing or regulating
authority, instead using a decentralized system to record
transactions and issue new units.
 Transfer cryptocurrency funds, the transactions are recorded
in a public ledger.
 Cryptocurrency is stored in digital wallets.
 The first cryptocurrency was Bitcoin, which was founded in
2009 and remains the best.
Cryptocurrency
 Cryptocurrencies run on a distributed public ledger
called blockchain, a record of all transactions updated
and held by currency holders.
 Units of cryptocurrency are created through a process
called mining, which involves using computer power
to solve complicated mathematical problems that
generate coins.
 Users can also buy the currencies from brokers, then
store and spend them using cryptographic wallets.
Cryptocurrency
 Ethereum:
 Developed in 2015, Ethereum is a blockchain platform
with its own cryptocurrency, called Ether (ETH) or
Ethereum. It is the most popular cryptocurrency after
Bitcoin.
 Litecoin:
 This currency is most similar to bitcoin but has moved
more quickly to develop new innovations, including faster
payments and processes to allow more transactions.
 Ripple:
 Ripple is a distributed ledger system that was founded in
2012. Ripple can be used to track different kinds of
transactions, not just cryptocurrency.
Cryptocurrency
 Benefits :
 Funds transfer between two parties will be easy without the
need of third party like credit/debit cards or banks.
 It is a cheaper alternative compared to other online
transactions.
 Funds transfer are completed with minimal processing fees.
 A cryptocurrency transaction is generally a quick and
straightforward process.
 Example, Bitcoins can be transferred from one digital wallet
to another, using only a smartphone or computer.
Cryptocurrency
 Benefits :
 Every cryptocurrency transaction is recorded in a
public list called the blockchain, which is the
technology that enables its existence.
 Blockchain aims to cut out intermediaries, such as
banks and online marketplaces, which means there are
no payment processing fees.
 Cryptocurrency payments are becoming more widely
used, amongst large organizations, and in sectors
including fashion and pharmaceuticals.
Centralized vs Decentralized vs Distributed Systems
Centralized vs Decentralized vs Distributed Systems

Centralized Decentralized Distributed System

s
 Simple  Less likely to fail  Fault-tolerant
Deployment. than centralized  Transparent and
 Can be developed system. secure
quickly  Better  Promotes
 Affordable to performance resource sharing.
maintain.  Allows for a  Extremely
 Practical when more diverse and scalable.
data needs to be more flexible
controlled system.
centrally.
Centralized vs Decentralized vs Distributed Systems

Centralized Decentralized Distributed System

s
 Prone to failure.  Security &  More difficult to
 Higher security & Privacy risks to deploy.
privacy risks to users.  Higher
users.  Higher maintenance cost.
 Longer access maintenance cost.
times to data for  Inconsistent
users who are far performance
from the server. when not
properly
optimized.
Decentralized System
 Decentralized systems refer to computing architectures
where multiple nodes or components work together in a
distributed manner, without relying on a central authority.
 Decentralized System Security:
 Distributed Trust:
• In decentralized systems, trust is distributed among
participants rather than relying on a central authority.
• Establishing and maintaining trust in a peer-to-peer
network is a critical aspect of security.
• Cryptographic techniques, such as public-key
cryptography, are often used to ensure secure
communication.
Decentralized System
 Consensus Mechanisms:
• Decentralized systems often employ consensus
mechanisms to achieve agreement among nodes on
the state of the system.
• Examples include Proof-of-Work (PoW), Proof-of-
Stake (PoS), and Practical Byzantine Fault Tolerance
(PBFT).
• Security concerns arise from potential attacks on
these consensus mechanisms.
• As 51% attacks in PoW or long-range attacks in PoS.
Decentralized System
 Smart Contracts and Code Security:
• Decentralized systems, based on blockchain
technology, utilize smart contracts.
• These are self-executing contracts with the terms of
the agreement directly written into code.
• Code vulnerabilities in smart contracts can lead to
serious security issues, such as exploits and
financial losses.
• Formal verification and rigorous code audits are
essential to ensure smart contract security.
Decentralized System
 Network Security:
• Decentralized systems rely on peer-to-peer
networks for communication and data exchange.
• Ensuring the security of these networks is crucial to
prevent various attacks, including sybil attacks,
eclipse attacks, and man-in-the-middle attacks.
• Encryption, secure communication protocols, and
network monitoring are essential components of
decentralized network security.
Decentralized System
 Data Privacy and Anonymity:
• Decentralized systems often aim to enhance user
privacy and anonymity.
• Maintaining security is challenging.
• Techniques like zero-knowledge proofs and
privacy-preserving protocols are employed to
protect user data while still allowing for
meaningful interactions.
Decentralized System
 Adaptability and Resilience:
• Decentralized systems should be designed to adapt
to changing conditions and resist various forms of
attacks.
• Resilience against node failures, network partitions,
and malicious activities is vital for maintaining
system functionality.
Decentralized System
 Governance and Regulatory Compliance:
Security measures need to align with legal and
regulatory requirements while preserving the
decentralized nature of the system.
 User Education:
Security in decentralized systems also relies on the
education and awareness of users.
Understanding the implications of key management,
private key security, and responsible participation in the
network contributes to a more secure ecosystem.
Privacy Issues of a Decentralized System
 Pseudonymity and Privacy:
Decentralized systems often use pseudonymous addresses
or public keys for transactions.
While this provides a degree of privacy, it is not
completely anonymous.
Analyzing transaction patterns could potentially reveal
user identities or behaviors over time.
 Immutable Ledger:
The immutability of blockchain, once information is
added to the ledger, it cannot be altered or deleted.
While this ensures data integrity, it can pose a challenge
for privacy, as any sensitive information recorded on the
blockchain becomes permanently visible.
Privacy Issues of a Decentralized System
 Linkability:
Transactions on a blockchain are transparent and can be
linked together, potentially revealing a user's transaction
history.
This linkability can compromise privacy by allowing third
parties to trace and analyze patterns of behavior.
 Smart Contract Execution:
Smart contracts, while providing automated and trustless
execution of agreements.
The details of these contracts, including their inputs and
outputs, are visible to all participants.
This transparency may expose sensitive business logic or
personal information.
Privacy Issues of a Decentralized System
 Decentralized Identifiers (DIDs):
Decentralized identity systems aim to give users control
over their personal information.
However, improper implementation or inadequate privacy
measures could lead to the exposure of sensitive identity-
related data.
 Consensus Mechanisms:
Some consensus mechanisms, such as Proof-of-Work
(PoW) and Proof-of-Stake (PoS), may reveal information
about participants, particularly in smaller networks.
This information leakage can be exploited for various
purposes, including potential privacy breaches.
Privacy Issues of a Decentralized System
 Off-Chain Data Storage:
Decentralized systems often require off-chain data
storage solutions, and the privacy of this data depends
on the chosen storage mechanisms.
If not properly encrypted or managed, off-chain data
may be vulnerable to unauthorized access.
 Distributed Applications (DApps):
Decentralized applications may have privacy
implications depending on their design.
If a DApp requires extensive personal information or
uses centralized components, it may compromise user
privacy.
Privacy Issues of a Decentralized System
 Interoperability and Data Leakage:
• Interoperability between different decentralized
systems or blockchains may result in unintentional
data leakage.
• Transferring assets or information between
different networks could expose data to unintended
parties.
 User Education and Behavior:
• Poor user practices, such as reusing addresses or
sharing private keys, can lead to privacy
vulnerabilities.
Elliptic Curve Cryptography
 Elliptic Curve Cryptography (ECC) is a key-based technique for
encrypting data.
 ECC focuses on pairs of public and private keys for decryption
and encryption of web traffic.
 ECC is frequently discussed in the context of the Rivest–Shamir–
Adleman (RSA) cryptographic algorithm.
 ECC, an alternative technique to RSA, is a powerful
cryptography approach.
 It generates security between key pairs for public key encryption
by using the mathematics of elliptic curves.
 Neal Koblitz and Victor S. Miller independently proposed the use
of elliptic curves in encryption in 1985.
Components of Elliptic Curve Cryptography

 ECC keys:
• Private key: ECC cryptography’s private key creation is as
simple as safely producing a random integer in a specific
range, making it highly quick.
• Any integer in the field represents a valid ECC private key.
• Public keys: Public keys within ECC are EC points, which
are pairs of integer coordinates x, and y that lie on a curve.
• Because of its unique features, EC points can be compressed
to a single coordinate + 1 bit (odd or even).
• As a result, the compressed public key corresponds to a 256-
bit ECC.
Elliptic Curve Cryptography
Elliptic Curve Cryptography
 ECC bases its approach to public key cryptographic
systems on how elliptic curves are structured algebraically
over finite fields.
 Therefore, ECC creates keys that are more difficult,
mathematically, to crack.
 For this reason, ECC is considered to be the next
generation implementation of public key cryptography and
more secure than RSA.
 ECC is increasingly in wider use as websites strive for
greater online security in customer data and greater mobile
optimization
Elliptic Curve Cryptography
 An elliptic curve is a plane curve over a finite field which is
made up of the points satisfying the equation:
y²=x³ + ax + b.
 ECC supports digital signatures using algorithms like Elliptic
Curve Digital Signature Algorithm (ECDSA).
 With ECDSA, a user can sign a message using their private
key, and others can verify the signature using the
corresponding public key.
 ECC is widely used in various security applications, including
SSL/TLS for secure communication over the internet, digital
signatures, and key exchange protocols.
ECC vs RSA
Key Length Comparison: