为广大币圈朋友提供币圈基础入门专业知识!
当前位置首页 > 比特币基础> 正文

区块链怎么加密的,区块链怎么加密码保护

发布时间:2023-12-22-01:20:00 来源:网络 比特币基础 区块

区块链怎么加密的,区块链怎么加密码保护

区块链是一种分布式账本技术,它可以提供安全、可信的数据存储和传输服务。为了保护用户的隐私和安全,区块链技术使用加密技术来保护用户的数据,从而防止数据被篡改或泄露。下面我们就来聊聊区块链加密的三种关键技术:散列函数、公钥加密和数字签名。

一、散列函数

散列函数是一种单向加密算法,它可以将任意长度的输入(如文本或文件)转换为固定长度的输出(如数字摘要)。散列函数的特点是不可逆,即不可以通过摘要反推原文,这也是散列函数在区块链中用于加密的原因。在区块链中,散列函数用于计算区块头的摘要,以确保数据的完整性,同时也可以用于计算交易的摘要,以确保交易的安全。

二、公钥加密

公钥加密是一种对称加密算法,它使用一对特殊的数字钥匙(公钥和私钥)来加密和解密数据。公钥加密的特点是可以通过公钥加密的数据只能用私钥来解密,而通过私钥加密的数据只能用公钥来解密。在区块链中,公钥加密用于保护用户的身份信息和账号密码,以及保护用户的隐私。

三、数字签名

数字签名是一种非对称加密算法,它使用两个密钥(公钥和私钥)来加密和解密数据。其中,私钥用于加密,公钥用于解密;私钥是只有拥有者才知道的,而公钥是可以被任何人获取的。在区块链中,数字签名用于验证交易的合法性,以确保交易的安全性。

总之,区块链加密技术可以有效地保护用户的数据安全,防止数据被篡改或泄露。散列函数、公钥加密和数字签名是区块链加密技术的三大关键技术,它们可以有效地保护用户的隐私和安全。


请查看相关英文文档

Ⅰ How to set private privacy in Jack Ma's blockchain

As a decentralized database technology, the private privacy setting of blockchain is a very important part. Jack Ma may set up the following aspects of privacy protection on his own blockchain:
1. Identity verification: On Jack Ma’s blockchain, individual users can protect their privacy through identity verification. This means that only authenticated users can access specific information.
2. Encrypted data: Jack Ma can use blockchain technology to encrypt personal data to prevent unauthorized access. This encryption technology protects user privacy by ensuring that only authorized users can access data.
3. Anonymous transactions: An anonymous transaction function can be set up on Jack Ma’s blockchain, allowing users to conduct transactions without exposing their identities. This approach can protect user privacy to the greatest extent.
4. Restrict access rights: Jack Ma can set access limits on the blockchain to only allow specific users or organizations to access specific information. This approach protects user privacy by ensuring that only authorized people have access to sensitive information.
In short, Jack Ma can protect his blockchain privacy through various means such as identity verification, encrypted data, anonymous transactions and restricted access rights. These measures ensure that users’ data and privacy are protected to the greatest extent possible.

II What is the blockchain cryptographic algorithm?

As an emerging technology, blockchain has received more and more widespread attention. It is a new application of traditional technology in the Internet era. , which includes distributed data storage technology, consensus mechanism and cryptography, etc. With the creation of various blockchain research alliances, related research has received more and more funding and personnel support. Hash algorithm, zero-knowledge proof, ring signature and other cryptographic algorithms used in the blockchain:

Hash algorithm

Hash algorithm is the basic technology of the blockchain. The essence of the Hash function is to A set of data of arbitrary length (finite) is mapped into a set of data streams of defined length. If this function satisfies both:

(1) The calculation of the Hash value of any input set of data is very simple;

(2) Think It is computationally difficult to find 2 different data with the same hash value.

Hash functions that satisfy the above two properties are also called cryptographic Hash functions. Unless there is any contradiction, the Hash function usually refers to the cryptographic Hash function. For the Hash function, finding such a value is called a collision. Currently popular Hash functions include MD5, SHA1, SHA2, and SHA3.

Bitcoin uses SHA256, and most blockchain systems use the SHA256 algorithm. So here we will introduce SHA256 first.

1. SHA256 algorithm steps

STEP1: Additional padding bits. The message is padded so that the message length is congruent with 448 mod 512 (length = 448 mod 512). The number of padding bits ranges from 1 to 512. The highest bit of the padding bit string is 1 and the remaining bits are 0.

STEP2: Additional length value. Append the bit length of the initial message (before padding) expressed in 64-bit to the result of step 1 (low-order byte first).

STEP3: Initialize the cache. Use a 256-bit cache to store the intermediate and final results of the hash function.

STEP4: Process 512-bit (16 words) message packet sequence. The algorithm uses six basic logic functions and consists of 64 steps of iterative operations. Each step takes a 256-bit cache value as input and then updates the cache content. Each step uses a 32-bit constant value Kt and a 32-bit Wt. Where Wt is the message after grouping, t=1,2,...,16.

STEP5: After all 512-bit packets are processed, the output generated by the last packet of the SHA256 algorithm is a 256-bit message.

2. Ring signature

In 2001, three cryptographers, Rivest, Shamir and Tauman, proposed the ring signature for the first time. It is a simplified group signature, with only ring members and no managers, and does not require cooperation among ring members. In the ring signature scheme, the signer first selects a temporary set of signers, which includes the signer. The signer can then use his own private key and the public keys of others in the signature set to generate signatures independently without the help of others. Members of a set of signers may not be aware that they are included.

The ring signature scheme consists of the following parts:

(1) Key generation. Generate a key pair (public key PKi, private key SKi) for each member in the ring.

(2) Signature. The signer uses his own private key and the public keys of any n ring members (including himself) to generate signature a for message m.

(3) Signature verification. The verifier verifies whether the signature is signed by a member of the ring based on the ring signature and message m. If it is valid, it will be accepted, otherwise it will be discarded.

The properties that ring signatures satisfy:

(1) Unconditional anonymity: The attacker cannot determine which member of the ring generated the signature, even after obtaining the ring member’s private In the case of key, the probability does not exceed 1/n.

(2) Correctness: The signature must be verified by all others.

(3) Unforgeability: other members in the ring cannotForging the signature of the real signer, an external attacker cannot forge a signature for message m even if he obtains a valid ring signature.

3. Comparison between ring signature and group signature

(1) Anonymity. It is a system in which individuals sign on behalf of a group. The verifier can verify that the signature is signed by a member of the group, but cannot know which member, so as to achieve the anonymity of the signer.

(2) Traceability. In group signatures, the existence of the group administrator ensures the traceability of the signature. Group administrators can revoke signatures to reveal the true signer. The ring signature itself cannot reveal the signer unless the signer himself wants to reveal or add additional information to the signature. A verifiable ring signature scheme is proposed. In the scheme, the real signer hopes that the verifier knows his identity. At this time, the real signer can verify his identity by revealing the secret information he possesses.

(3) Management system. Group signatures are managed by the group administrator, while ring signatures do not need to be managed. The signer only has to select a possible set of signers, obtain its public key, and then publish the set. All members are equal.

The Xueshuo Innovation Blockchain Technology Workstation under Lianqiao Education Online is the only approved "Smart Learning Factory 2020- Xueshuo Innovation Workstation" launched by the School Planning and Construction Development Center of the Ministry of Education of China. "Blockchain Technology Professional" pilot workstation. The professional position is based on providing students with diversified growth paths, promoting the reform of the training model integrating professional degree research, production, and research, and building an applied and compound talent training system.

Ⅲ What is a blockchain encryption algorithm

Blockchain encryption algorithm (EncryptionAlgorithm)
Asymmetric encryption algorithm is a function that uses an encryption The key converts the original plaintext file or data into a string of unreadable ciphertext codes. The encryption process is irreversible. Only by holding the corresponding decryption key can the encrypted information be decrypted into readable plain text. Encryption allows private data to be transmitted through public networks with low risk and protects data from being stolen and read by third parties.
The core advantage of blockchain technology is decentralization. It can achieve decentralized credit in a distributed system where nodes do not need to trust each other by using data encryption, timestamps, distributed consensus and economic incentives. Point-to-point transactions, coordination and collaboration, thereby providing solutions to the problems of high cost, low efficiency and insecure data storage common in centralized institutions.
The application fields of blockchain include digital currency, certificates, finance, anti-counterfeiting and traceability, privacy protection, supply chain, entertainment, etc. With the popularity of blockchain and Bitcoin, many related top domain names have been registered. , which has had a relatively large impact on the domain name industry.

IV Blockchain cryptography technology includes

Cryptography technology is the core of blockchain technology.The cryptographic technology of blockchain includes digital signature algorithm and hash algorithm.
Digital Signature Algorithm
Digital signature algorithm is a subset of the digital signature standard, representing a specific public key algorithm used only for digital signatures. The key is run on the message hash generated by SHA-1: to verify a signature, the hash of the message is recalculated, the signature is decrypted using the public key and the results are compared. The abbreviation is DSA.

Digital signature is a special form of electronic signature. So far, at least more than 20 countries have passed laws recognizing electronic signatures, including the European Union and the United States. my country's electronic signature law was adopted at the 11th meeting of the Standing Committee of the 10th National People's Congress on August 28, 2004. . A digital signature is defined in the ISO 7498-2 standard as: “Some data appended to a data unit, or a cryptographic transformation made to the data unit, which allows the recipient of the data unit to confirm the source and origin of the data unit. The integrity of the data unit and protects the data from forgery by a person (e.g. the recipient)”. The digital signature mechanism provides an identification method to solve problems such as forgery, denial, impersonation and tampering. It uses data encryption technology and data transformation technology to enable both parties to send and receive data to meet two conditions: the receiver can identify what the sender claims. Identity; the sender cannot later deny that it sent the data.
Digital signature is an important branch of cryptography theory. It is proposed to sign electronic documents to replace handwritten signatures on traditional paper documents, so it must have 5 characteristics.
(1) The signature is credible.
(2) The signature cannot be forged.
(3) Signatures are not reusable.
(4) Signed documents are immutable.
(5) The signature is non-repudiation.
Hash algorithm
Hash is to convert an input of any length (also called pre-mapping, pre-image) into a fixed-length output through a hash algorithm. The output is a hash. value. This transformation is a compressed mapping in which the space of hash values ​​is usually much smaller than the space of inputs. Different inputs may hash to the same output, but the input values ​​cannot be deduced in reverse. Simply put, it is a function that compresses a message of any length into a message digest of a fixed length.
Hash algorithm is a one-way cryptographic system, that is, it is an irreversible mapping from plaintext to ciphertext, with only encryption process and no decryption process. At the same time, the hash function can change an input of any length to obtain a fixed-length output. The one-way characteristics of the hash function and the fixed length of the output data allow it to generate messages or data.
Take the Bitcoin blockchain as a representative, in which secondary hashing is used many times in the workload proof and key encoding process, such as SHA(SHA256(k)) or RIPEMD160(SHA256(K)). The advantage of this method is that it increases the workload or increases the difficulty of cracking without knowing the protocol.
Represented by the Bitcoin blockchain, the two main hash functions used are:
1.SHA-256, mainly used to complete PoW (proof of work) calculations;
2.RIPEMD160, mainly used to generate Bitcoin addresses. As shown in Figure 1 below, the process of generating an address from a public key for Bitcoin.

IV [In-depth knowledge] Illustration of the encryption principle of the blockchain (encryption, signature)

First put an architecture diagram of Ethereum:

In The learning process mainly uses a single module to learn and understand, including P2P, cryptography, network, protocols, etc. Let’s start with the summary directly:

The problem of secret key distribution is also the problem of secret key transmission. If the secret key is symmetric, then the secret key can only be exchanged offline. If the secret key is transmitted online, it may be intercepted. Therefore, asymmetric encryption is used, with two keys, one private key is kept privately, and the other public key is made public. Public keys can be transmitted over the Internet. No offline transactions required. Ensure data security.

As shown in the figure above, node A sends data to node B, and public key encryption is used at this time. Node A obtains the public key of node B from its own public key, encrypts the plaintext data, and sends the ciphertext to node B. Node B uses its own private key to decrypt.

2. Unable to solve message tampering.

As shown in the figure above, node A uses B's public key to encrypt, and then transmits the ciphertext to node B. Node B uses the public key of node A to decrypt the ciphertext.

1. Since A’s public key is public, once an online hacker intercepts the message, the ciphertext will be useless. To put it bluntly, this encryption method can be decrypted as long as the message is intercepted.

2. There is also the problem of being unable to determine the source of the message and the problem of message tampering.

As shown in the figure above, before sending data, node A first encrypts it with B's public key to obtain ciphertext 1, and then uses A's private key to encrypt ciphertext 1 to obtain ciphertext 2. After node B obtains the ciphertext, it first decrypts it using A's public key to obtain ciphertext 1, and then decrypts it using B's private key to obtain the plaintext.

1. When data ciphertext 2 is intercepted on the network, since A's public key is public, you can use A's public key to decrypt ciphertext 2, and you getCipher text 1. So this seems to be double encryption, but in fact the private key signature of the last layer is invalid. Generally speaking, we all hope that the signature is signed on the most original data. If the signature is placed later, the signature lacks security since the public key is public.

2. There are performance issues. Asymmetric encryption itself is very inefficient, and two encryption processes are performed.

As shown in the figure above, node A is first encrypted with A's private key, and then encrypted with B's public key. After receiving the message, node B first uses B's private key to decrypt it, and then uses A's public key to decrypt it.

1. When the ciphertext data 2 is intercepted by a hacker, since the ciphertext 2 can only be decrypted using B's private key, and B's private key is only owned by node B, others cannot keep it secret. Therefore, the safety is the highest.
2. When node B decrypts and obtains ciphertext 1, it can only use A’s public key to decrypt it. Only data encrypted by A's private key can be successfully decrypted with A's public key. Only node A has A's private key, so it can be determined that the data was transmitted by node A.

After two asymmetric encryptions, the performance problem is serious.

Based on the above problem of data tampering, we introduced message authentication. The encryption process after message authentication is as follows:

Before node A sends a message, it first performs a hash calculation on the plaintext data. A digest is obtained, and then the illumination and original data are sent to Node B at the same time. When node B receives the message, it decrypts the message. Parse out the hash digest and original data, then perform the same hash calculation on the original data to obtain digest 1, and compare the digest and digest 1. If they are the same, they have not been tampered with; if they are different, they have been tampered with.

As long as ciphertext 2 is tampered with during the transmission process, the resulting hash will be different from hash1.

The signature problem cannot be solved, that is, both parties attack each other. A never acknowledges the message he sent. For example, A sends an error message to B, causing B to suffer losses. But A denied that he did not send it himself.

In the process of (3), there is no way to solve the problem of mutual attacks between the two interacting parties. What does that mean? It may be that the message sent by A is not good for node A, and later A denies that the message was not sent by it.

In order to solve this problem, signatures were introduced. Here we combine the encryption method in (2)-4 with the message signature.

In the above figure, we use the private key of node A to sign the summary information sent by it, then add the signature + original text, and then use B’s public key to encrypt. After B obtains the ciphertext, he first uses B's private key to decrypt it, and then uses A's public key to decrypt the digest. Only the content of the two digests is compared to see if they are the same. This not only avoids the problem of anti-tampering, but also circumvents the problem of attacks from both parties. Because A signed the information, it cannot be repudiated.

In order to solve the performance problem when asymmetrically encrypting data, hybrid encryption is often used. Here we need to introduce symmetric encryption, as shown below:

When encrypting data, we use a symmetric secret key shared by both parties to encrypt. The symmetric secret key should not be transmitted on the network to avoid loss. The shared symmetric key here is calculated based on one's own private key and the other party's public key, and then the symmetric key is used to encrypt the data. When the other party receives the data, it also calculates the symmetric secret key and decrypts the ciphertext.

The above symmetric key is unsafe because A's private key and B's public key are generally fixed in the short term, so the shared symmetric key is also fixed. To enhance security, the best way is to generate a temporary shared symmetric key for each interaction. So how can we generate a random symmetric key during each interaction without transmitting it?

So how to generate a random shared secret key for encryption?

For the sender node A, a temporary asymmetric secret key pair is generated every time it is sent, and then a symmetric secret key can be calculated based on the public key of node B and the temporary asymmetric private key. (KA algorithm-Key Agreement). The symmetric secret key is then used to encrypt the data. The process here for the shared secret key is as follows:

For node B, when receiving the transmitted data, the random public key of node A is parsed. Then the symmetric secret key (KA algorithm) is calculated using the random public key of node A and the private key of node B itself. The data is then encrypted using a symmetric key.

For the above encryption methods, there are still many problems, such as how to avoid replay attacks (adding Nonce to the message), and problems such as rainbow tables (refer to the KDF mechanism to solve). Due to limited time and ability, I will ignore it for now.

So what kind of encryption should be used?

Mainly based on the security level of the data to be transmitted. Unimportant data can actually be authenticated and signed, but very important data needs to use an encryption scheme with a relatively high security level.

A cipher suite is aThe concept of a network protocol. It mainly includes algorithms for identity authentication, encryption, message authentication (MAC), and secret key exchange.

During the entire network transmission process, algorithms are mainly divided into the following categories according to cipher suites:

Secret key exchange algorithms: such as ECDHE, RSA. Mainly used for authentication when the client and server handshake.

Message authentication algorithm: such as SHA1, SHA2, SHA3. Mainly used for message summarization.

Batch encryption algorithm: such as AES, mainly used to encrypt information flow.

Pseudo-random number algorithm: For example, the pseudo-random function of TLS 1.2 uses the hash function of the MAC algorithm to create a master key - a 48-byte private key shared by both parties in the connection. The master key serves as a source of entropy when creating session keys (such as creating a MAC).

In the network, a message transmission generally needs to be encrypted in the following four stages to ensure safe and reliable transmission of the message.

Handshake/network negotiation phase:

During the handshake phase between both parties, link negotiation is required. The main encryption algorithms include RSA, DH, ECDH, etc.

Identity authentication phase:

In the identity authentication phase, the source of the sent message needs to be determined. The main encryption methods used include RSA, DSA, ECDSA (ECC encryption, DSA signature), etc.

Message encryption stage:

Message encryption refers to encrypting the sent information flow. The main encryption methods used include DES, RC4, AES, etc.

Message identity authentication phase/anti-tampering phase:

Mainly to ensure that the message has not been tampered with during transmission. The main encryption methods include MD5, SHA1, SHA2, SHA3, etc.

ECC: Elliptic Curves Cryptography, elliptic curve cryptography. It is an algorithm that generates public and private keys based on point multiple products on ellipses. Used to generate public and private keys.

ECDSA: used for digital signatures and is a digital signature algorithm. A valid digital signature gives the recipient reason to believe that the message was created by a known sender, so that the sender cannot deny that the message has been sent (authentication and non-repudiation), and that the message has not been altered in transit. The ECDSA signature algorithm is a combination of ECC and DSA. The entire signature process is similar to DSA. The difference is that the algorithm used in the signature is ECC, and the final signed value is also divided into r and s. Mainly used in the identity authentication phase.

ECDH: Huffman tree secret also based on ECC algorithmThrough ECDH, both parties can negotiate a shared secret without sharing any secrets, and this shared secret key is temporarily and randomly generated for the current communication. Once the communication is interrupted, the secret key disappears. Mainly used in the handshake negotiation phase.

ECIES: is an integrated encryption scheme, also known as a hybrid encryption scheme, which provides semantic security against selected plaintext and selected ciphertext attacks. ECIES can use different types of functions: key agreement function (KA), key derivation function (KDF), symmetric encryption scheme (ENC), hash function (HASH), H-MAC function (MAC).

ECC is an elliptical encryption algorithm, which mainly describes how the public and private keys are generated on the ellipse, and is irreversible. ECDSA mainly uses the ECC algorithm to make signatures, while ECDH uses the ECC algorithm to generate symmetric keys. All three of the above are applications of the ECC encryption algorithm. In real-world scenarios, we often use hybrid encryption (a combination of symmetric encryption, asymmetric encryption, signature technology, etc.). ECIES is a set of integrated (hybrid) encryption solutions provided by the underlying ECC algorithm. This includes asymmetric encryption, symmetric encryption and signature functions.

<meta charset="utf-8">

This precondition is to ensure that the curve does not contain singular points .

Therefore, as the curve parameters a and b continue to change, the curve also shows different shapes. For example:

All the basic principles of asymmetric encryption are basically based on a formula K = k G. Among them, K represents the public key, k represents the private key, and G represents a selected base point. The asymmetric encryption algorithm is to ensure that the formula cannot be inverted (that is, G/K cannot be calculated). *

How does ECC calculate the public and private keys? Here I describe it according to my own understanding.

I understand that the core idea of ​​ECC is to select a base point G on the curve, then randomly pick a point k on the ECC curve (as the private key), and then calculate our public key based on k G K. And ensure that the public key K is also on the curve. *

ThatHow to calculate k G? How to calculate k G to ensure that the final result is irreversible? This is what the ECC algorithm is supposed to solve.

First, we randomly select an ECC curve, a = -3, b = 7 and get the following curve:

On this curve, I randomly select two points. How to calculate the multiplication of points? We can simplify the problem. Multiplication can be expressed by addition, such as 2 2 = 2+2, 3 5 = 5+5+5. Then as long as we can calculate addition on the curve, we can theoretically calculate multiplication. Therefore, as long as addition calculations can be performed on this curve, multiplication can theoretically be calculated, and the value of an expression such as k*G can theoretically be calculated.

How to calculate the addition of two points on the curve? Here, in order to ensure irreversibility, ECC has customized an addition system on the curve.

In reality, 1+1=2, 2+2=4, but in the ECC algorithm, the addition system we understand is impossible. Therefore, it is necessary to customize a set of addition systems suitable for this curve.

The definition of ECC is to randomly find a straight line in the graph and intersect the ECC curve at three points (or possibly two points). These three points are P, Q, and R respectively.

Then P+Q+R = 0. Among them, 0 is not the 0 point on the coordinate axis, but the infinity point in ECC. In other words, the infinity point is defined as point 0.

Similarly, we can get P+Q = -R. Since R and -R are symmetrical about the X-axis, we can find their coordinates on the curve.

P+R+Q = 0, so P+R = -Q, as shown in the figure above.

The above describes how addition operations are performed in the world of ECC curves.

As can be seen from the above figure, there are only two intersection points between a straight line and a curve, which means that the straight line is the tangent line of the curve. At this time, P and R coincide.

That is, P = R. According to the above-mentioned ECC addition system, P+R+Q = 0, it can be concluded that P+R+Q = 2P+Q = 2R+Q=0

So we get 2 P = -Q (is it getting closer to the formula K = k G of our asymmetric algorithm?).

So we come to the conclusion that multiplication can be calculated, but it can only be calculated at the tangent point, and it can only be calculated by 2.

If 2 can be turned into any number for multiplication, then it means that multiplication can be performed in the ECC curve, then the ECC algorithm can meet the requirements of an asymmetric encryption algorithm.

So can we calculate the multiplication of any random number? The answer is yes. That is the dot product calculation method.

Choose a random number k, then what is k * P equal to?

We know that in the computer world, everything is binary. Since ECC can calculate the multiplication of 2, we can describe the random number k as binary and then calculate it. Suppose k = 151 = 10010111

Since 2 P = -Q, so k P is calculated. This is the dot product algorithm. Therefore, multiplication can be calculated under the ECC curve system, so this asymmetric encryption method is feasible.

As for why this calculation is irreversible. This requires a lot of deduction, and I don't understand it either. But I think it can be understood this way:

Our watches usually have time scales. Now if we take 0:00:00 on January 1, 1990 as the starting point, and if we tell you that a full year has passed until the starting point, then we can calculate the current time, that is, we can calculate it on the watch. The hour, minute and second hands should point to 00:00:00. But conversely, I said that the hour, minute and second hands on the watch are now pointing to 00:00:00. Can you tell me how many years have passed since the starting point?

The ECDSA signature algorithm is basically similar to other DSA and RSA, both using private key signature and public key verification. It’s just that the algorithm system uses the ECC algorithm. Both parties interacting must adopt the same set of parameter systems. The signature principle is as follows:

Select an infinite point on the curve as the base point G = (x, y). Randomly pick a point k on the curve as the private key, and K = k*G to calculate the public key.

Signature process:

Generate a random number R and calculate RG.

According to the random number R, the HASH value H of the message M, and the private key k, Calculate the signature S = (H+kx)/R.

Send the message M, RG, S to the receiver.

Signature verification process:

Receive message M, RG, S

Calculate the HASH value H according to the message

According to the sender public key K, calculate HG/S+ xK/S, compare the calculated result with RG. If equal, the verification is successful.

Formula inference:

HG/S + xK/S = HG/S + x(kG)/S = (H+xk)/GS = RG

< p> Before introducing the principle, explain that ECC satisfies the associative law and the commutative law, that is to say, A+B+C = A+C+B = (A+C)+B.

Here is an example on WIKI to illustrate how to generate a shared secret key. You can also refer to the example of Alice And Bob.

For Alice and Bob to communicate, both parties must have public and private keys generated by ECC based on the same parameter system. So there is a common base point G for ECC.

Secret key generation stage:

Alice uses the public key algorithm KA = ka * G, generates the public key KA and the private key ka, and makes the public key KA public.

Bob uses the public key algorithm KB = kb * G, generates the public key KB and the private key kb, and makes the public key KB public.

Calculation ECDH stage:

Alice uses the calculation formula Q = ka * KB to calculate a secret key Q.

Bob uses the calculation formula Q' = kb * KA to calculate a secret key Q'.

Shared key verification:

Q = ka KB = ka * kb * G = ka * G * kb = KA * kb = kb * KA = Q'

Therefore, the shared secret keys calculated by both parties do not need to be disclosed before they can be encrypted using Q. We call Q the shared secret key.

In Ethereum, other contents of the ECIEC encryption suite used:

1. The HASH algorithm uses the most secure SHA3 algorithm Keccak.

2. The signature algorithm uses ECDSA

3. The authentication method uses H-MAC

4. The ECC parameter system uses secp256k1, others The parameter system can be found here

The whole process of H-MAC is called Hash-based Message Authentication Code. Its model is as follows:

In Ethereum's UDP communication (RPC communication encryption methods are different), the above implementation method is adopted and expanded.

First of all, the structure of Ethereum's UDP communication is as follows:

Among them, sig is the signature information encrypted by the private key. mac can be understood as a summary of the entire message, ptype is the event type of the message, and data is the RLP-encoded transmission data.

The entire encryption, authentication, and signature model of UDP is as follows:

博客主人唯心底涂
男,单身,无聊上班族,闲着没事喜欢研究股票,无时无刻分享股票入门基础知识,资深技术宅。
  • 39838 文章总数
  • 3637508访问次数
  • 3094建站天数