当前位置首页 > 区块链知识> 正文

区块链如何实现数据加密解密功能,区块链如何实现数据加密解密

发布时间：2023-12-06-08:45:00 来源：网络区块链知识区块如何实现加密解密

区块链如何实现数据加密解密功能,区块链如何实现数据加密解密

请查看相关英文文档

『一』 [In-depth knowledge] Illustration of the encryption principle of the blockchain (encryption, signature)

First, let’s put an architecture diagram of Ethereum:

In the learning process, I mainly use a single module to learn and understand, including P2P, cryptography, network, protocols, etc. Let’s start with the summary directly:

The problem of secret key distribution is also the problem of secret key transmission. If the secret key is symmetric, then the secret key can only be exchanged offline. If the secret key is transmitted online, it may be intercepted. Therefore, asymmetric encryption is used, with two keys, one private key is kept privately, and the other public key is made public. Public keys can be transmitted over the Internet. No offline transactions required. Ensure data security.

As shown in the figure above, node A sends data to node B, and public key encryption is used at this time. Node A obtains the public key of node B from its own public key, encrypts the plaintext data, and sends the ciphertext to node B. Node B uses its own private key to decrypt.

2. Unable to solve message tampering.

As shown in the figure above, node A uses B's public key to encrypt, and then transmits the ciphertext to node B. Node B uses the public key of node A to decrypt the ciphertext.

1. Since A’s public key is public, once an online hacker intercepts the message, the ciphertext will be useless. To put it bluntly, this encryption method can be decrypted as long as the message is intercepted.

2. There is also the problem of being unable to determine the source of the message and the problem of message tampering.

As shown in the figure above, before sending data, node A first encrypts it with B's public key to obtain ciphertext 1, and then uses A's private key to encrypt ciphertext 1 to obtain ciphertext 2. After node B obtains the ciphertext, it first decrypts it using A's public key to obtain ciphertext 1, and then decrypts it using B's private key to obtain the plaintext.

1. When data ciphertext 2 is intercepted on the network, since A's public key is public, you can use A's public key to decrypt ciphertext 2 and obtain ciphertext 1. So this seems to be double encryption, but in fact the private key signature of the last layer is invalid. Generally speaking, we all hope that the signature is signed on the most original data. If the signature is placed later, the signature lacks security since the public key is public.

2. There are performance issues. Asymmetric encryption itself is very inefficient, and two encryption processes are performed.

As shown above, Section AClick to encrypt with A's private key first, and then encrypt with B's public key. After receiving the message, node B first uses B's private key to decrypt it, and then uses A's public key to decrypt it.

1. When ciphertext data 2 is intercepted by a hacker, since ciphertext 2 can only be decrypted using B’s private key, and B’s private key is only owned by node B, others cannot keep it secret. Therefore, the safety is the highest.
2. When node B decrypts and obtains ciphertext 1, it can only use A’s public key to decrypt it. Only data encrypted by A's private key can be successfully decrypted with A's public key. Only node A has A's private key, so it can be determined that the data was transmitted by node A.

After two asymmetric encryptions, the performance problem is serious.

Based on the above problem of data tampering, we introduced message authentication. The encryption process after message authentication is as follows:

Before node A sends a message, it first performs a hash calculation on the plaintext data. A digest is obtained, and then the illumination and original data are sent to Node B at the same time. When node B receives the message, it decrypts the message. Parse out the hash digest and original data, then perform the same hash calculation on the original data to obtain digest 1, and compare the digest and digest 1. If they are the same, they have not been tampered with; if they are different, they have been tampered with.

As long as ciphertext 2 is tampered with during the transmission process, the resulting hash will be different from hash1.

The signature problem cannot be solved, that is, both parties attack each other. A never acknowledges the message he sent. For example, A sends an error message to B, causing B to suffer losses. But A denied that he did not send it himself.

In the process of (3), there is no way to solve the problem of mutual attacks between the two interacting parties. What does that mean? It may be that the message sent by A is not good for node A, and later A denies that the message was not sent by it.

In order to solve this problem, signatures were introduced. Here we combine the encryption method in (2)-4 with the message signature.

In the above figure, we use node A's private key to sign the summary information sent by it, then add the signature + original text, and then use B's public key to encrypt. After B obtains the ciphertext, he first uses B's private key to decrypt it, and then uses A's public key to decrypt the digest. Only the content of the two digests is compared to see if they are the same. This not only avoids the problem of anti-tampering, but also circumvents the problem of attacks from both parties. Because A signed the information, it cannot be repudiated.

In order to solve the performance problem when asymmetrically encrypting data, hybrid encryption is often used. Here you need to introduce symmetric encryption, as shown below:

When encrypting data, we use a symmetric secret key shared by both parties. The symmetric secret key should not be transmitted on the network to avoid loss. The shared symmetric key here is calculated based on one's own private key and the other party's public key, and then the symmetric key is used to encrypt the data. When the other party receives the data, it also calculates the symmetric secret key and decrypts the ciphertext.

The above symmetric secret key is unsafe because A's private key and B's public key are generally fixed in the short term, so the shared symmetric secret key is also fixed. To enhance security, the best way is to generate a temporary shared symmetric key for each interaction. So how can we generate a random symmetric key during each interaction without transmitting it?

So how to generate a random shared secret key for encryption?

For the sender node A, a temporary asymmetric secret key pair is generated every time it is sent, and then a symmetric secret key can be calculated based on the public key of node B and the temporary asymmetric private key. (KA algorithm-Key Agreement). The symmetric secret key is then used to encrypt the data. The process here for the shared secret key is as follows:

For node B, when receiving the transmitted data, the random public key of node A is parsed. Then the symmetric secret key (KA algorithm) is calculated using the random public key of node A and the private key of node B itself. The data is then encrypted using a symmetric key.

For the above encryption methods, there are still many problems, such as how to avoid replay attacks (adding Nonce to the message), and problems such as rainbow tables (refer to the KDF mechanism to solve). Due to limited time and ability, I will ignore it for now.

So what kind of encryption should be used?

Mainly based on the security level of the data to be transmitted. Unimportant data can actually be authenticated and signed, but very important data needs to use an encryption scheme with a relatively high security level.

Cipher suite is a concept of network protocol. It mainly includes algorithms for identity authentication, encryption, message authentication (MAC), and secret key exchange.

During the entire network transmission process, algorithms are mainly divided into the following categories according to cipher suites:

Secret key exchange algorithms: such as ECDHE, RSA. Mainly used for authentication when the client and server handshake.

Message authentication algorithm: such as SHA1, SHA2, SHA3. Mainly used for message summarization.

Batch encryption algorithm: such as AES, mainly used to encrypt information flow.

Pseudo-random number algorithm: For example, the pseudo-random function of TLS 1.2 uses the hash function of the MAC algorithm to create a master key - a 48-byte private key shared by both parties in the connection. The master key serves as a source of entropy when creating session keys (such as creating a MAC).

In the network, a message transmission generally needs to be encrypted in the following four stages to ensure safe and reliable transmission of the message.

Handshake/network negotiation phase:

During the handshake phase between both parties, link negotiation is required. The main encryption algorithms include RSA, DH, ECDH, etc.

Identity authentication phase:

In the identity authentication phase, the source of the sent message needs to be determined. The main encryption methods used include RSA, DSA, ECDSA (ECC encryption, DSA signature), etc.

Message encryption stage:

Message encryption refers to encrypting the sent information flow. The main encryption methods used include DES, RC4, AES, etc.

Message identity authentication phase/anti-tampering phase:

Mainly to ensure that the message has not been tampered with during transmission. The main encryption methods include MD5, SHA1, SHA2, SHA3, etc.

ECC: Elliptic Curves Cryptography, elliptic curve cryptography. It is an algorithm that generates public and private keys based on point multiple products on ellipses. Used to generate public and private keys.

ECDSA: used for digital signatures and is a digital signature algorithm. A valid digital signature gives the recipient reason to believe that the message was created by a known sender, so that the sender cannot deny that the message has been sent (authentication and non-repudiation), and that the message has not been altered in transit. The ECDSA signature algorithm is a combination of ECC and DSA. The entire signature process is similar to DSA. The difference is that the algorithm used in the signature is ECC, and the final signed value is also divided into r and s. Mainly used in the identity authentication phase.

ECDH: It is also a Huffman tree secret key based on the ECC algorithm. Through ECDH, both parties can negotiate a shared secret without sharing any secrets, and this shared secret key is the current The communication is temporarily generated randomly, and the secret key disappears once the communication is interrupted. Mainly used in the handshake negotiation phase.

ECIES: is an integrated encryption scheme, also known as a hybrid encryption scheme, which provides semantic security against selected plaintext and selected ciphertext attacks. ECIES can use different types of functions: key agreement function (KA),Key derivation function (KDF), symmetric encryption scheme (ENC), hash function (HASH), H-MAC function (MAC).

ECC is an elliptical encryption algorithm, which mainly describes how the public and private keys are generated on the ellipse, and is irreversible. ECDSA mainly uses the ECC algorithm to make signatures, while ECDH uses the ECC algorithm to generate symmetric keys. All three of the above are applications of the ECC encryption algorithm. In real-world scenarios, we often use hybrid encryption (a combination of symmetric encryption, asymmetric encryption, signature technology, etc.). ECIES is a set of integrated (hybrid) encryption solutions provided by the underlying ECC algorithm. This includes asymmetric encryption, symmetric encryption and signature functions.

This precondition is to ensure that the curve does not contain singular points .

Therefore, as the curve parameters a and b continue to change, the curve also shows different shapes. For example:

All the basic principles of asymmetric encryption are basically based on a formula K = k G. Among them, K represents the public key, k represents the private key, and G represents a selected base point. The asymmetric encryption algorithm is to ensure that the formula cannot be inverted (that is, G/K cannot be calculated). *

How does ECC calculate the public and private keys? Here I describe it according to my own understanding.

I understand that the core idea of ECC is to select a base point G on the curve, then randomly pick a point k on the ECC curve (as the private key), and then calculate our public key based on k G K. And ensure that the public key K is also on the curve. *

So how to calculate k G? How to calculate k G to ensure that the final result is irreversible? This is what the ECC algorithm is supposed to solve.

First, we randomly select an ECC curve, a = -3, b = 7 and get the following curve:

On this curve, I randomly select two points. How to calculate the multiplication of points? We can simplify the problem, multiplicationcan be expressed by addition, such as 2 2 = 2+2, 3 5 = 5+5+5. Then as long as we can calculate addition on the curve, we can theoretically calculate multiplication. Therefore, as long as addition calculations can be performed on this curve, multiplication can be calculated theoretically, and the value of expressions such as k*G can also be calculated theoretically.

How to calculate the addition of two points on the curve? Here, in order to ensure irreversibility, ECC has customized an addition system on the curve.

In reality, 1+1=2, 2+2=4, but in the ECC algorithm, the addition system we understand is impossible. Therefore, it is necessary to customize a set of addition systems suitable for this curve.

The definition of ECC is to randomly find a straight line in the graph and intersect the ECC curve at three points (or possibly two points). These three points are P, Q, and R respectively.

Then P+Q+R = 0. Among them, 0 is not the 0 point on the coordinate axis, but the infinity point in ECC. In other words, the infinity point is defined as point 0.

Similarly, we can get P+Q = -R. Since R and -R are symmetrical about the X-axis, we can find their coordinates on the curve.

P+R+Q = 0, so P+R = -Q, as shown in the figure above.

The above describes how addition operations are performed in the world of ECC curves.

As can be seen from the above figure, there are only two intersection points between a straight line and a curve, which means that the straight line is the tangent line of the curve. At this time, P and R coincide.

That is, P = R. According to the above-mentioned ECC addition system, P+R+Q = 0, it can be concluded that P+R+Q = 2P+Q = 2R+Q=0

So we get 2 P = -Q (is it getting closer to the formula K = k G of our asymmetric algorithm?).

So we come to the conclusion that multiplication can be calculated, but it can only be calculated at the tangent point, and it can only be calculated by 2.

If 2 can be turned into any number for multiplication, then it means that multiplication can be performed in the ECC curve, then the ECC algorithm can meet the requirements of an asymmetric encryption algorithm.

So can we calculate the multiplication of any random number? The answer is yes. That is the dot product calculation method.

Choose a random number k, then what is k * P equal to?

We know that in the computer world, allSome are binary. Since ECC can calculate the multiplication of 2, we can describe the random number k as binary and then calculate it. Suppose k = 151 = 10010111

Since 2 P = -Q, so k P is calculated. This is the dot product algorithm. Therefore, multiplication can be calculated under the ECC curve system, so this asymmetric encryption method is feasible.

As for why this calculation is irreversible. This requires a lot of deduction, and I don't understand it either. But I think it can be understood this way:

Our watches usually have time scales. Now if we take 0:00:00 on January 1, 1990 as the starting point, and if we tell you that a full year has passed until the starting point, then we can calculate the current time, that is, we can calculate it on the watch. The hour, minute and second hands should point to 00:00:00. But conversely, I said that the hour, minute and second hands on the watch are now pointing to 00:00:00. Can you tell me how many years have passed since the starting point?

The ECDSA signature algorithm is basically similar to other DSA and RSA, both using private key signature and public key verification. It’s just that the algorithm system uses the ECC algorithm. Both parties interacting must adopt the same set of parameter systems. The signature principle is as follows:

Select an infinite point on the curve as the base point G = (x, y). Randomly pick a point k on the curve as the private key, and K = k*G to calculate the public key.

Signature process:

Generate a random number R and calculate RG.

According to the random number R, the HASH value H of the message M, and the private key k, Calculate the signature S = (H+kx)/R.

Send the message M, RG, S to the receiver.

Signature verification process:

Receive message M, RG, S

Calculate the HASH value H according to the message

According to the sender For the public key K, calculate HG/S + xK/S, and compare the calculated result with RG. If equal, the verification is successful.

Formula inference:

HG/S + xK/S = HG/S + x(kG)/S = (H+xk)/GS = RG

< p> Before introducing the principle, explain that ECC satisfies the associative law and the commutative law, that is to say, A+B+C = A+C+B = (A+C)+B.

Here is oneThe example on the WIKI shows how to generate a shared secret key. You can also refer to the example of Alice And Bob.

For Alice and Bob to communicate, both parties must have public and private keys generated by ECC based on the same parameter system. So there is a common base point G for ECC.

Secret key generation stage:

Alice uses the public key algorithm KA = ka * G, generates the public key KA and the private key ka, and makes the public key KA public.

Bob uses the public key algorithm KB = kb * G, generates the public key KB and the private key kb, and makes the public key KB public.

Calculation ECDH stage:

Alice uses the calculation formula Q = ka * KB to calculate a secret key Q.

Bob uses the calculation formula Q' = kb * KA to calculate a secret key Q'.

Shared key verification:

Q = ka KB = ka * kb * G = ka * G * kb = KA * kb = kb * KA = Q'

Therefore, the shared secret keys calculated by both parties do not need to be disclosed before they can be encrypted using Q. We call Q the shared secret key.

In Ethereum, other contents of the ECIEC encryption suite used:

1. The HASH algorithm uses the most secure SHA3 algorithm Keccak.

2. The signature algorithm uses ECDSA

3. The authentication method uses H-MAC

4. The ECC parameter system uses secp256k1, others The parameter system can be found here

The whole process of H-MAC is called Hash-based Message Authentication Code. Its model is as follows:

In Ethereum's UDP communication (RPC communication encryption methods are different), then The above implementation method is adopted and extended.

First of all, the structure of Ethereum's UDP communication is as follows:

Among them, sig is the signature information encrypted by the private key. mac can be understood as a summary of the entire message, ptype is the event type of the message, data is the transmitted data after RLP encoding.

The entire encryption, authentication, and signature model of UDP is as follows:

『二』How does Heshu Software blockchain technology achieve digital encryption

Blockchain refers to a technical solution that collectively maintains a reliable database through decentralization and trustlessness. This technical solution mainly allows any number of nodes participating in the system to associate and generate a series of data blocks (blocks) using cryptographic methods. Each data block contains all the information exchange data of the system within a certain period of time, and generates The data fingerprint is used to verify the validity of its information and chain to the next database block.
Blockchain technology originated from Bitcoin. Its essence is to use computer algorithms and cryptography to create a decentralized digital currency system to realize the issuance and transaction functions of currency.
Characteristics of blockchain technology:
1. Decentralized: The entire network has no centralized hardware or management organization, and the rights and obligations between any nodes are equal, and any The damage or loss of one node will not affect the operation of the entire system. Therefore, the blockchain system can also be considered to have excellent robustness.

2. Trustless: Data exchange between each node participating in the entire system does not require mutual trust. The operating rules of the entire system are open and transparent, and all data contents are also open and transparent. It is public, so within the rule range and time range specified by the system, nodes cannot and cannot deceive other nodes.
3. Collectively maintain: The data blocks in the system are jointly maintained by all nodes with maintenance functions in the entire system, and these nodes with maintenance functions can be participated by anyone.
4. Reliable Database: The entire system will be divided into databases so that each participating node can obtain a copy of the complete database. Unless more than 51% of the nodes in the entire system can be controlled at the same time, modifications to the database on a single node are invalid and cannot affect the data content on other nodes. Therefore, the more nodes and stronger computing power participating in the system, the higher the data security in the system.
The four characteristics will lead to two other characteristics:
5. Open Source: Since the operating rules of the entire system must be open and transparent, for the program, the entire system must It's open source.
6. Anonymity: Since nodes do not need to trust each other, there is no need to disclose their identities between nodes. Each participating node in the system is anonymous.

Encrypted digital assets EGD: E-Gold Coin, referred to as EGD, is a network encrypted digital asset formed based on the peer-to-peer Internet open source protocol. It circulates in a decentralized network system. As a consumer asset that global business consumers receive from merchants, EGD is used to replace the points issued by merchants in traditional commercial society, realizing the network, integration and assetization of global business points.
EGD, Internet gold, is an encrypted digital asset generated based on decentralized digital encryption technology. EGD was born in January 2014 and was developed by a team of 17 technical experts from 7 countries around the world, headed by a former Microsoft engineer. EGD has introduced encrypted digital asset technology into the field of global commercial unified points, allowing global consumers to continue to share the profits of the commercial society through the circulation and value-added of EGD commercial points, creating a win-win economic model for merchants and consumers.
Features of customized EGD:
Using customized technology, we can easily build a variety of smart assets based on the EGD protocol, including stocks, bonds, or various derivative points, etc.
More importantly, while customization technology expands the application scope of EGD, it still retains the characteristics of clear property rights and decentralization of EGD. Moreover, because the number of customization points is limited, customization points are even more scarce.

『三』 The cryptography technology of blockchain includes

Cryptozoology technology is the core of blockchain technology. The cryptographic technology of blockchain includes digital signature algorithm and hash algorithm.
Digital Signature Algorithm
Digital signature algorithm is a subset of the digital signature standard, representing a specific public key algorithm used only for digital signatures. The key is run on the message hash generated by SHA-1: to verify a signature, the hash of the message is recalculated, the signature is decrypted using the public key and the results are compared. The abbreviation is DSA.

Digital signature is a special form of electronic signature. So far, at least more than 20 countries have passed laws recognizing electronic signatures, including the European Union and the United States. my country's electronic signature law was adopted at the 11th meeting of the Standing Committee of the 10th National People's Congress on August 28, 2004. . A digital signature is defined in the ISO 7498-2 standard as: “Some data appended to a data unit, or a cryptographic transformation made to the data unit, which allows the recipient of the data unit to confirm the source and origin of the data unit. The integrity of the data unit and protects the data from forgery by a person (e.g. the recipient)”. The digital signature mechanism provides an identification method to solve problems such as forgery, denial, impersonation and tampering. It uses data encryption technology and data transformation technology to enable both parties to send and receive data to meet two conditions: the receiver can identify what the sender claims. Identity; the sender cannot later deny that it sent the data.
Digital signature is an important branch of cryptography theory. It was proposed to sign electronic documents, to replace handwritten signatures on traditional paper documents, so it must have 5 characteristics.
(1) The signature is credible.
(2) The signature cannot be forged.
(3) Signatures are not reusable.
(4) Signed documents are immutable.
(5) The signature is non-repudiation.
Hash algorithm
Hash is to convert an input of any length (also called pre-mapping, pre-image) into a fixed-length output through a hash algorithm, and the output is a hash value. This transformation is a compressed mapping in which the space of hash values is usually much smaller than the space of inputs. Different inputs may hash to the same output, but the input values cannot be deduced in reverse. Simply put, it is a function that compresses a message of any length into a message digest of a fixed length.
Hash algorithm is a one-way cryptographic system, that is, it is an irreversible mapping from plaintext to ciphertext, with only encryption process and no decryption process. At the same time, the hash function can change an input of any length to obtain a fixed-length output. The one-way characteristics of the hash function and the fixed length of the output data allow it to generate messages or data.
Represented by the Bitcoin blockchain, secondary hashing is used many times in the workload proof and key encoding process, such as SHA (SHA256(k)) or RIPEMD160 (SHA256(K)). This The advantage of this method is that it increases the workload or increases the difficulty of cracking if the protocol is not clear.
Represented by the Bitcoin blockchain, the two main hash functions used are:
1. SHA-256, mainly used to complete PoW (proof of work) calculations;
2.RIPEMD160, mainly used to generate Bitcoin addresses. As shown in Figure 1 below, the process of generating an address from a public key for Bitcoin.

『四』How does blockchain improve security and data sharing

In view of the security features and shortcomings of existing blockchain technology, it is necessary to focus on physics, data, application systems, and encryption. , risk control and other aspects to build a security system to improve the overall security performance of the blockchain system.
1. Physical security
The network and hosts running the blockchain system should be in a protected environment. The protection measures vary according to the regulatory requirements of the specific business. They can be not limited to VPN private networks, firewalls, physical Isolation and other methods are used to protect physical networks and hosts.
2. Data security
Data exchange between nodes in the blockchain should not be transmitted in plain text in principle. For example, asymmetric encryption negotiation keys can be used, and symmetric encryption algorithms can be used to encrypt data. and decryption. Data providers should also strictly evaluate the sensitivity and security level of the data, decide whether to send the data to the blockchain, whether to desensitize the data, and adopt strict access control measures..
3. Application system security
The security of the application system needs to start from the aspects of identity authentication, permission system, transaction rules, anti-fraud strategy
and other aspects. The relevant personnel involved in the operation of the application, transaction nodes, Transaction data should be controlled beforehand and auditable afterward. Taking the financial blockchain as an example, a consensus algorithm with stronger fault tolerance, fraud resistance and higher performance can be used to avoid joint fraud by some nodes.
4. Key security
The keys used to encrypt communication data between blockchain nodes and to encrypt data stored on blockchain nodes should not exist in plain text on the same node and should be passed through The encryption machine keeps the private key securely. When a key is lost or leaked, the system can identify relevant records of the original key, such as account control, communication encryption, data storage encryption, etc., and implement response measures to invalidate the original key. Keys should also undergo strict life cycle management and should not be permanently valid and need to be replaced after a certain period of time.
5. Risk control mechanism
There should be careful detection measures for the network layer of the system, host operation, data access of the application system, transaction frequency and other dimensions, and alarms should be issued for any suspicious operations. , record, and verify. If illegal operations are discovered, damage assessment should be conducted, remediation should be carried out at the technical and business levels, security measures should be strengthened, and the source of the illegal operations should be traced to prevent further attacks.

Article source: China Blockchain Technology and Application Development White Paper

『Wu』 What is the blockchain encryption algorithm

Blockchain encryption algorithm ( EncryptionAlgorithm)
Asymmetric encryption algorithm is a function that converts the original plaintext file or data into a string of unreadable ciphertext codes by using an encryption key. The encryption process is irreversible. Only by holding the corresponding decryption key can the encrypted information be decrypted into readable plain text. Encryption allows private data to be transmitted through public networks with low risk and protects data from being stolen and read by third parties.
The core advantage of blockchain technology is decentralization. It can achieve decentralized credit in a distributed system where nodes do not need to trust each other by using data encryption, timestamps, distributed consensus and economic incentives. Point-to-point transactions, coordination and collaboration, thus providing solutions to the problems of high cost, low efficiency and insecure data storage common in centralized institutions.
The application fields of blockchain include digital currency, certificates, finance, anti-counterfeiting and traceability, privacy protection, supply chain, entertainment, etc. With the popularity of blockchain and Bitcoin, many related top domain names have been registered. , which has had a relatively large impact on the domain name industry.

『Lu』What is the cryptographic algorithm of blockchain?

As an emerging technology, blockchain has received more and more widespread attention. It is a new version of traditional technology in the Internet era. Applications, including distributed data storage technology, consensus mechanism and cryptography, etc.With the creation of various blockchain research alliances, related research has received more and more funding and personnel support. Hash algorithm, zero-knowledge proof, ring signature and other cryptographic algorithms used in the blockchain:

Hash algorithm

Hash algorithm is the basic technology of the blockchain. The essence of the Hash function is to A set of data of arbitrary length (finite) is mapped into a set of data streams of defined length. If this function satisfies both:

(1) The calculation of the Hash value of any input set of data is very simple;

(2) Think It is computationally difficult to find 2 different data with the same hash value.

Hash functions that satisfy the above two properties are also called cryptographic Hash functions. Unless there is any contradiction, the Hash function usually refers to the cryptographic Hash function. For the Hash function, finding such a value is called a collision. Currently popular Hash functions include MD5, SHA1, SHA2, and SHA3.

Bitcoin uses SHA256, and most blockchain systems use the SHA256 algorithm. So here we will introduce SHA256 first.

1. SHA256 algorithm steps

STEP1: Add padding bits. The message is padded so that the message length is congruent with 448 mod 512 (length = 448 mod 512). The number of padding bits ranges from 1 to 512. The highest bit of the padding bit string is 1 and the remaining bits are 0.

STEP2: Additional length value. Append the bit length of the initial message (before padding) expressed in 64-bit to the result of step 1 (low-order byte first).

STEP3: Initialize the cache. Use a 256-bit cache to store the intermediate and final results of the hash function.

STEP4: Process 512-bit (16 words) message packet sequence. The algorithm uses six basic logic functions and consists of 64 steps of iterative operations. Each step takes a 256-bit cache value as input and then updates the cache content. Each step uses a 32-bit constant value Kt and a 32-bit Wt. Where Wt is the message after grouping, t=1,2,...,16.

STEP5: After all 512-bit packets are processed, the output generated by the last packet of the SHA256 algorithm is a 256-bit message.

2. Ring signature

In 2001, three cryptographers, Rivest, Shamir and Tauman, proposed the ring signature for the first time. It is a simplified group signature, with only ring members and no managers, and does not require cooperation among ring members. Ring signature scheme wonThe signer first selects a temporary set of signers, which includes the signers. The signer can then use his own private key and the public keys of others in the signature set to generate signatures independently without the help of others. Members of a set of signers may not be aware that they are included.

The ring signature scheme consists of the following parts:

(1) Key generation. Generate a key pair (public key PKi, private key SKi) for each member in the ring.

(2) Signature. The signer uses his own private key and the public keys of any n ring members (including himself) to generate signature a for message m.

(3) Signature verification. The verifier verifies whether the signature is signed by a member of the ring based on the ring signature and message m. If it is valid, it will be accepted, otherwise it will be discarded.

The properties that ring signatures satisfy:

(1) Unconditional anonymity: The attacker cannot determine which member of the ring generated the signature, even after obtaining the ring member’s private In the case of key, the probability does not exceed 1/n.

(2) Correctness: The signature must be verified by all others.

(3) Unforgeability: Other members in the ring cannot forge the signature of the real signer. Even if an external attacker obtains a valid ring signature, he cannot forge a signature for message m.

3. Comparison between ring signature and group signature

(1) Anonymity. It is a system in which individuals sign on behalf of a group. The verifier can verify that the signature is signed by a member of the group, but cannot know which member, so as to achieve the anonymity of the signer.

(2) Traceability. In group signatures, the existence of the group administrator ensures the traceability of the signature. Group administrators can revoke signatures to reveal the true signer. The ring signature itself cannot reveal the signer unless the signer himself wants to reveal or add additional information to the signature. A verifiable ring signature scheme is proposed. In the scheme, the real signer hopes that the verifier knows his identity. At this time, the real signer can verify his identity by revealing the secret information he possesses.

(3) Management system. Group signatures are managed by the group administrator, while ring signatures do not need to be managed. The signer only has to select a possible set of signers, obtain its public key, and then publish the set. All members are equal.

The Xueshuo Innovation Blockchain Technology Workstation under Lianqiao Education Online is the only approved "Smart Learning Factory 2020- Xueshuo Innovation Workstation" launched by the School Planning and Construction Development Center of the Ministry of Education of China. "Blockchain Technology Professional" pilot workstation. The professional base is based on providing students with diversified growth paths, promoting the reform of the training model integrating professional degree research, production, and research, and building an applied and compound talent training system.

『撒』 Lesson 4 Cryptography in Blockchain Learning Summary

This is the fourth course of deep learning in public Ulord. Dr. Yang lectures on cryptography issues in the blockchain. This course allowed me to understand a question about public keys and public keys that has been bothering me. Regarding the private key issue, what is the relationship between them? I got the answer in this study, and now I will share with you what I learned.

The public key and private key in the blockchain are two basic concepts in asymmetric encryption.

Public key and private key are a key pair obtained through an algorithm. The public key is the public part of the key pair, and the private key is the non-public part. Public keys are usually used to encrypt conversations, that is, messages or information, and can also be used to verify digital signatures signed with private keys.

The private key can be used to sign and the corresponding public key can be used for verification. The key pair obtained through this public key system can be guaranteed to be unique worldwide. When using this key pair, if you use one of the keys to encrypt data, you must use its corresponding other key to decrypt it.

For example, data encrypted with a public key must be decrypted with a private key. If a private key is used for encryption, the corresponding public key must be used to decrypt it, otherwise the decryption cannot be successful. In addition, in the Bitcoin blockchain, the public key is calculated through the private key, and the address is calculated through the public key, and this process is irreversible.

『8』How does blockchain ensure data security?

In blockchain technology, digital encryption technology is the key, and asymmetric encryption algorithms are generally used. That is, the password used when encrypting is different from the password used when unlocking.
To put it simply, we have an exclusive private key. As long as we protect our private key and give the public key to the other party, the other party will use the public key to encrypt the file to generate ciphertext, and then pass the ciphertext to you, and we will Using the private key to decrypt the plain text can ensure that the transmission content is not seen by others. In this way, the encrypted data is transmitted. At the same time, there are digital signatures that provide us with an extra layer of protection to prove that the document has not been tampered with during the process of sending it to the other party.
As the underlying encryption technology, blockchain encryption technology can effectively ensure data security, change the current situation where data is easily leaked and easily exploited, and allow personal information data to be fully protected. It is also expected to provide benefits to the Internet of Things, big data, and credit It will bring about much-needed changes in areas such as supervision and mobile office.