区块链的密码技术有数字签名算法和什么算法,区块链的密码技术有数字签名算法和什么算
区块链是一种分布式数据库技术,它采用密码技术加密,使数据安全可靠。它的密码技术主要有数字签名算法和哈希算法。今天,我们就来聊聊这两种算法。
数字签名算法数字签名算法是一种非对称加密算法,它是一种可以用来确保电子文件的完整性和真实性的技术。数字签名算法分为签名和验证两个步骤,签名步骤是将原文加密,得到签名,验证步骤是将签名和原文进行解密,并将结果与原文进行比较,以确定是否为真实的签名。数字签名算法可以保证文件的完整性和真实性,是区块链技术中最重要的安全保障技术。
哈希算法哈希算法是一种单向加密算法,它可以将任意长度的数据转换成固定长度的数据,即哈希值。哈希算法可以将原文转换成一个定长的哈希值,以此来保证原文的安全性,因为从哈希值无法推断出原文的内容。哈希算法主要用于数据的安全传输,可以保证数据在传输过程中不被篡改。
椭圆曲线算法椭圆曲线算法是一种非对称加密算法,它是一种公开密钥密码,它使用一对密钥,包括公开密钥和私有密钥,公开密钥可以公开分发,私有密钥必须保密。椭圆曲线算法可以用来进行数据的加密和解密,也可以用来验证数字签名,保证数据的安全性。椭圆曲线算法是区块链技术中重要的安全保障技术,它可以有效保护用户的隐私。
总之,数字签名算法、哈希算法和椭圆曲线算法都是区块链技术中重要的安全保障技术,它们可以有效保证数据的安全性和完整性,为用户的隐私提供有力的保障。请查看相关英文文档
❶ What technology development is needed for blockchain
What technology development is needed for blockchain:
1. Blockchain theory: Blockchain developers need to Being familiar with the theoretical knowledge of blockchain is the most basic requirement for a blockchain developer. The content includes blockchain network architecture, decentralization and other related application technologies. Expanding technical theory is mastery of Ethereum development.
2. Smart contract: Smart contract is a string of codes that blockchain developers need to write in blockchain programming language. It is a trust mechanism developed after imagining logic according to different scenarios, aiming to eliminate the intervention of third parties. Create an efficient and high-trust blockchain network. Blockchain developers need to realize automatic execution of this string of code, and the operation effect is irreversible.
3. Cryptography: Many blockchain application scenarios have high encryption, and point-to-point encryption mode is a characteristic of cryptography. By studying cryptography, blockchain developers understand encryption concepts such as wallets, keys, and a wide range of encryption and decryption technologies
4. Distributed architecture: Blockchain developers must understand the functions of distributed architecture and networks . Decentralized network is the foundation of the blockchain architecture. The transmission of information in the blockchain network must follow a decentralized approach so that everyone can enjoy the same network rights.
❷ How to ensure the security of using blockchain
Blockchain itself solves the problem of large-scale collaboration between strangers, that is, strangers do not need to trust each other. You can collaborate with each other. So how to ensure trust between strangers to achieve each other's consensus mechanism? The centralized system uses credible third-party endorsements, such as banks. Banks are regarded as reliable and trustworthy institutions by ordinary people. People can trust banks and let banks resolve real-life disputes. But how does a decentralized blockchain ensure trust?
In fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. I will only introduce the basic knowledge of cryptography related to blockchain, including Hash algorithm, encryption algorithm, information digest and digital signature, zero-knowledge proof, quantum cryptography, etc. You can use this lesson to understand how the blockchain using cryptography technology can ensure its confidentiality, integrity, authentication and non-repudiation.
Lesson 7 of the basic course: Basic knowledge of blockchain security
1. Hash algorithm (Hash algorithm)
Hash function (Hash), also known as hash function. Hash function: Hash (original information) = digest information. The hash function can map a binary plaintext string of any length into a shorter (usually fixed-length) binary string (Hash value).
A good hash algorithm has the following 4 characteristics:
1. One-to-one correspondence: The same plaintext input and hash algorithm can always get the same summary information output.
2. Input sensitive: Even if there is any slight change in the plain text input, the newly generated summary information will change greatly, which is hugely different from the original output.
3. Easy to verify: both the plaintext input and the hash algorithm are public, and anyone can calculate by themselves whether the output hash value is correct.
4. Irreversible: If there is only the output hash value, it is absolutely impossible to deduce the plaintext from the hash algorithm.
5. Conflict avoidance: It is difficult to find two plaintexts with different contents, but their hash values are consistent (collision occurs).
Example:
Hash (Zhang San lent Li Si 100,000, with a loan period of 6 months) = 123456789012
A record of 123456789012 is recorded in the ledger.
It can be seen that the hash function has 4 functions:
Simplifying information
It is easy to understand, and the hashed information becomes shorter.
Identification information
You can use 123456789012 to identify the original information, and the summary information is also called the id of the original information.
Concealed information
The ledger contains a record such as 123456789012, and the original information is concealed.
Verification information
If Li Si deceives when repaying the loan, Zhang San only lent Li Si 50,000, both parties can use the hash value and the previously recorded hash value 123456789012 to verify the original information
Hash (Zhang San lent Li Si 50,000, with a loan period of 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, successfully ensuring that the information cannot be tampered with .
Common Hash algorithms include MD4, MD5, and SHA series algorithms. Nowadays, the SHA series algorithms are basically used in mainstream fields. SHA (Secure Hash Algorithm) is not an algorithm, but a set of hash algorithms. It was originally the SHA-1 series. Now the mainstream applications are SHA-224, SHA-256, SHA-384, and SHA-512 algorithms (commonly known as SHA-2). Recently, SHA-3 related algorithms have also been proposed, such as those used by Ethereum. KECCAK-256 belongs to this algorithm.
MD5 is a very classic Hash algorithm, but unfortunately both it and the SHA-1 algorithm have been cracked, and are considered by the industry to be not secure enough to be used in commercial scenarios. It is generally recommended to use at least SHA2-256 or higher. Safe algorithm.
Hash algorithms are widely used in blockchains. For example, in a block, the next block will contain the hash value of the previous block, and the content of the next block + the hash value of the previous block The hash values are used together to calculate the hash value of the next block, ensuring the continuity and non-tamperability of the chain.
2. Encryption and decryption algorithm
Encryption and decryption algorithms are the core technology of cryptography. They can be divided into two basic types from the design concept: symmetric encryption algorithms and asymmetric encryption algorithms. They are distinguished according to whether the keys used in the encryption and decryption processes are the same. The two modes are suitable for different needs and form a complementary relationship. Sometimes they can also be used in combination to form a hybrid encryption mechanism.
Symmetric encryption algorithm (symmetric cryptography, also known as common-key cryptography) uses the same encryption and decryption keys. Its advantages are high computational efficiency and high encryption strength; its disadvantage is that it needs to be advanced in advance. Shared key, easy to leak and lose the key. Common algorithms include DES, 3DES, AES, etc.
Asymmetric encryption algorithm (asymmetric cryptography, also known as public-key cryptography) is different from the encryption and decryption keys. Its advantage is that it does not need to share the key in advance; its disadvantage is that the calculation efficiency is low. Only short content can be encrypted. Common algorithms include RSA, SM2, ElGamal and elliptic curve series algorithms. Symmetric encryption algorithm is suitable for the encryption and decryption process of large amounts of data; it cannot be used in signature scenarios: and the key often needs to be distributed in advance. Asymmetric encryption algorithms are generally suitable for signature scenarios or key negotiation, but are not suitable for encryption and decryption of large amounts of data.
3. Information Digest and Digital Signature
As the name suggests, information digest is to perform a Hash operation on the information content to obtain a unique summary value to replace the original complete information content. Information summary is the most important use of the Hash algorithm. Utilizing the anti-collision characteristics of the Hash function, information summary can solve the problem that the content has not been tampered with.
Digital signatures are similar to signing on paper contracts to confirm contract content and prove identity. Digital signatures are based on asymmetric encryption and can be used to prove the integrity of a certain digital content and at the same time confirm the source (or non-repudiation) .
We have two property requirements for digital signatures that make them consistent with what we expect from handwritten signatures. First, only you can make your signature, but anyone who sees it can verify its validity; second, we want the signature to be relevant only to a specific file and not to other files. These can all be used to achieve digital signatures through our asymmetric encryption algorithm above.
In practice, we generally sign the hash value of the information rather than the information itself. This is determined by the efficiency of the asymmetric encryption algorithm. Corresponding to the blockchain, the hash pointer is signed. If this method is used, the previous one is the entire structure, not just the hash pointer itself.
4. Zero Knowledge proof
Zero knowledge proof means that the prover does not provide any additional information to the verifier.Convince the verifier that a certain assertion is correct.
Zero-knowledge proofs generally meet three conditions:
1. Completeness: a true proof can allow the verifier to successfully verify;
2. Reliability (Soundness): a false proof It is impossible for the verifier to pass the verification;
3. Zero-Knowledge: If it is proved, no information other than the proof information can be learned from the proof process.
5. Quantum cryptography
As the research on quantum computing and quantum communication receives more and more attention, quantum cryptography will have a huge impact on cryptographic information security in the future.
The core principle of quantum computing is to use qubits to be in multiple coherent superposition states at the same time. In theory, a large amount of information can be expressed through a small number of qubits and processed at the same time, greatly increasing the calculation speed.
In this case, a large number of current encryption algorithms are theoretically unreliable and can be cracked, which makes the encryption algorithms have to be upgraded, otherwise they will be broken by quantum computing.
As we all know, quantum computing is still in the theoretical stage and is still far away from large-scale commercial use. However, the new generation of encryption algorithms must take into account the possibility of this situation.
❸ What technology does the blockchain apply to achieve this function?
The blockchain applies the following technologies to achieve
The first is the consensus mechanism. The commonly used consensus mechanisms are mainly There are PoW, PoS, DPoS, PBFT, PAXOS, etc. Since there is no center in the blockchain system, there needs to be a preset rule to guide the nodes of all parties to reach an agreement on data processing. All data interactions must be carried out in accordance with strict rules and consensus;
The second It is cryptography technology. Cryptography technology is one of the core technologies of blockchain. Many classic algorithms of modern cryptography are used in current blockchain applications, mainly including: hash algorithm, symmetric encryption, asymmetric encryption, digital Signature etc.
The third type is distributed storage. Blockchain is a distributed ledger on a peer-to-peer network. Each participating node will independently and completely store and write block data information. The advantages of distributed storage compared with traditional centralized storage are mainly reflected in two aspects: data information is backed up on each node to avoid data loss due to single point failure; data on each node is stored independently, effectively avoiding Malicious tampering with historical data.
Smart contracts: Smart contracts allow trusted transactions without a third party. As long as one party reaches the pre-set goals of the agreement, the contract will automatically execute the transaction. These transactions are trackable and irreversible. It has the advantages of transparency, credibility, automatic execution, and mandatory performance. Blockchain technology has many unique features that make it a unique invention and give it unlimited horizons to explore.
❹ What is the blockchain cryptographic algorithm?
As an emerging technology, blockchain has received more and more widespread attention. It is a new application of traditional technology in the Internet era, including distributed Data storage technology, consensus mechanism and cryptography, etc. With the creation of various blockchain research alliances, related research has received more and more funding and personnel support. Hash algorithm, zero-knowledge proof, ring signature and other cryptographic algorithms used in the blockchain:
Hash algorithm
Hash algorithm is the basic technology of the blockchain. The essence of the Hash function is to A set of data of arbitrary length (finite) is mapped into a set of data streams of defined length. If this function satisfies both:
(1) The calculation of the Hash value of any input set of data is very simple;
(2) Think It is computationally difficult to find 2 different data with the same hash value.
Hash functions that satisfy the above two properties are also called cryptographic Hash functions. Unless there is any contradiction, the Hash function usually refers to the cryptographic Hash function. For the Hash function, finding such a value is called a collision. Currently popular Hash functions include MD5, SHA1, SHA2, and SHA3.
Bitcoin uses SHA256, and most blockchain systems use the SHA256 algorithm. So here we will introduce SHA256 first.
1. SHA256 algorithm steps
STEP1: Add padding bits. The message is padded so that the message length is congruent with 448 mod 512 (length = 448 mod 512). The number of padding bits ranges from 1 to 512. The highest bit of the padding bit string is 1 and the remaining bits are 0.
STEP2: Additional length value. Append the bit length of the initial message (before padding) expressed in 64-bit to the result of step 1 (low-order byte first).
STEP3: Initialize the cache. Use a 256-bit cache to store the intermediate and final results of the hash function.
STEP4: Process 512-bit (16 words) message packet sequence. The algorithm uses six basic logic functions and consists of 64 steps of iterative operations. Each step takes a 256-bit cache value as input and then updates the cache content. Each step uses a 32-bit constant value Kt and a 32-bit Wt. Where Wt is the message after grouping, t=1,2,...,16.
STEP5: After all 512-bit packets are processed, the output generated by the last packet of the SHA256 algorithm is a 256-bit message.
2. Ring signature
In 2001, three cryptographers, Rivest, Shamir and Tauman, first proposed ring signatures. It is a simplified group signature, with only ring members and no managers, and does not require cooperation among ring members. In the ring signature scheme, the signer first selects a temporary set of signers, which includes the signer. The signer can then use his own private key and the public keys of others in the signature set to generate signatures independently without the help of others. Members of a set of signers may not be aware that they are included.
The ring signature scheme consists of the following parts:
(1) Key generation. Generate a key pair (public key PKi, private key SKi) for each member in the ring.
(2) Signature. The signer uses his own private key and the public keys of any n ring members (including himself) to generate signature a for message m.
(3) Signature verification. The verifier verifies whether the signature is signed by a member of the ring based on the ring signature and message m. If it is valid, it will be accepted, otherwise it will be discarded.
The properties that ring signatures satisfy:
(1) Unconditional anonymity: The attacker cannot determine which member of the ring generated the signature, even after obtaining the ring member’s private In the case of key, the probability does not exceed 1/n.
(2) Correctness: The signature must be verified by all others.
(3) Unforgeability: Other members in the ring cannot forge the signature of the real signer. Even if an external attacker obtains a valid ring signature, he cannot forge a signature for message m.
3. Comparison between ring signature and group signature
(1) Anonymity. It is a system in which individuals sign on behalf of a group. The verifier can verify that the signature is signed by a member of the group, but cannot know which member, so as to achieve the anonymity of the signer.
(2) Traceability. In group signatures, the existence of the group administrator ensures the traceability of the signature. Group administrators can revoke signatures to reveal the true signer. The ring signature itself cannot reveal the signer unless the signer himself wants to reveal or add additional information to the signature. A verifiable ring signature scheme is proposed. In the scheme, the real signer hopes that the verifier knows his identity. At this time, the real signer can verify his identity by revealing the secret information he possesses.
(3) Management system. Group signatures are managed by the group administrator, while ring signatures do not need to be managed. The signer only has to select a possible set of signers, obtain its public key, and then publish the set. All members are equal.
The Xueshuo Innovation Blockchain Technology Workstation under Lianqiao Education Online is the only approved "Smart Learning Factory 2020- Xueshuo Innovation Workstation" launched by the School Planning and Construction Development Center of the Ministry of Education of China. "Blockchain Technology Professional" pilot workstation. Professional standingIt is sufficient to provide students with diversified growth paths, promote the reform of the training model integrating professional degree research, production, and research, and build an applied and compound talent training system.
❺ (p+1)(p-4)+7p+8 formula method
Introduction
This class uses easy-to-understand formulas This series of content presents relevant knowledge in the fields of blockchain and cryptography. There is knowledge and stories here, from interest to fun, Diankuan Classroom is waiting for you to learn.
The course content in this series starts with an introductory introduction to Bitcoin, then extends to the relevant technical principles and development trends of blockchain, and then introduces various types of applications in blockchain in a simple and easy-to-understand manner. Cryptographic techniques. Everyone is welcome to subscribe to this public account and continue to learn.
[The contents of this class are all selected from the "Blockchain and Cryptography" lecture notes, textbooks and the Internet by Professor He Debiao, chief cryptographer of PlatON, professor at the National Cyber Security School of Wuhan University, and doctoral supervisor. Copyright It belongs to its original author. If there is any infringement, please contact us immediately and we will deal with it promptly. 】
6.3
Other digital signature algorithms
EIGamal algorithm
Digital signatures are generally implemented using public key cryptography, in which the private key It is used to sign, and the public key is used to verify the signature. The ElGamal public key cryptographic algorithm is a type of public key cryptographic algorithm that has important applications in cryptographic protocols. Its security is based on the intractability of discrete pairs of mathematical problems in finite fields. It is still a public key cryptographic algorithm with good security. It is a public-key cryptosystem that can be used for both encryption and digital signatures.
Suppose p is a large prime number and g is the generator of GF(p). Alice's public key is y = gx mod p, g, and p's private key is x.
Signature algorithm:
Alice uses H to process message m, and gets h=H(m).
< p>Alice chooses a secret random number k that satisfies0
calculation
r=gk (mod p)
s=( h- x · r) · k-1(mod (p-1))
Alice sends (m, r, s) to Bob
Verification signature process:
p>
After the receiver receives M and its signature (r, s):
Calculate the hash value H(M) of message M
Verification formula
< p>If established, it is confirmed as a valid signature, otherwise the signature is considered forgedEncoding operation process of PSS algorithm
The security of the above scheme is based on the following discrete logarithm problem: Knowing the large prime number p, the generator g of GF(p) and the non-zero element y∈GF(p), solve for the unique integer k, 0≤k≤p – 2, such that y≡gk (mod p), k is called the discrete logarithm of y versus g.
At the Proceedings of EUROCRYPT 96 in 1996, David Pointcheval and Jacques Stern presented a variant of the ElGamal signature and proved it based on the so-called bifurcation technology under the random oracle model. The given scheme is secure (can resist existential forgery under adaptive chosen message attack).
Schnorr algorithm
The Schnorr signature scheme is a short signature scheme, which is a variant of the ElGamal signature scheme. Its security is based on the difficulty of discrete logarithms and the one-way hash function. sexual.
Assume p and q are large prime numbers, q is divisible by p-1, q is an integer greater than or equal to 160 bits, and p is an integer greater than or equal to 512 bits, ensuring that the solution in GF(p) is discrete. Logarithmically difficult; g is an element in GF(p), and gq≡1mod p.
Key generation:
Alice chooses a random number x as the private key, where 1
Alice calculates the public key y≡gx (mod p)
Signature algorithm:
①Alice first random number k, here 1
②Alice calculates e=h(M, gk mod p)
③Alice calculates s=k-x·e(mod q)
④Alice outputs signature (e, s)
Verification algorithm:
Bob calculates gkmod p=gs·ye mod p
Bob verifies whether e = h(M, gk mod p) is true. If true, it outputs "Accept", otherwise it outputs "Reject".
The difference between Schnorr signature and ElGamal signature:
Security comparison: In the ElGamal system, g is the original element of the domain GF(p); in the Schnorr system, g is just an element of order q in the field GF(p), not a primitive element. Therefore, although both are based on the difficulty of discrete logarithms, ElGamal's discrete logarithm order is p-1, and Schnorr's discrete logarithm order is q
Signature length comparison: Schnorr signature than ElGamal signature Short length
ElGamal: (m, r, s), where the length of r is |p| and the length of s is |p-1|
Schnorr: (m, e , s), where the length of e is |q|, and the length of s is |q|
DSA algorithm
In 1991, the US government promulgated the digital signature standard (Digital Signature Standard, DSS), also known as Digital Signature Algorithm (DSA).
Like DES, DSS has also aroused fierce debate. Opponents believe that the key is too short, not as efficient as RSA, cannot achieve data encryption, and suspect that NIST has left a backdoor in DSS.
Subsequently, the U.S. government made some improvements to it. Currently, DSS has been widely used and has been adopted as an international standard by some international standardization organizations. In 2000, the U.S. government introduced RSA and elliptic curve cryptography into the digital signature standard, further enriching the DSA algorithm.
Main parameters of DSA:
Global public key component, which can be shared by users
p: prime number, requires 2L-1
q: Prime factor of (p-1), 2159
g: =h(p-1)/q mod p. Where h is an integer, 11
User private Key
x: random or pseudo-random integer, requires 0
User public key
y: =gx mod p
Random number k
Random or pseudo-random integer, requiring 0
DSA signature process:
User randomly selects k
Calculate e= h(M);
Calculate r=(gk mod p) mod q
Calculate s=k-1(e+x · r) mod q
Output (r, s), which is the digital signature of message M
DSA verification process:
After receiving M, r, s, the receiver first verifies 0
Calculate e=h(M);
Calculate w=(s)-1 mod q
Calculate u1=e · w mod q
p>Calculate u2=r · w mod q
Calculate ①v=[(gu1 · yu2) mod p] mod q
If v=r, confirm that the signature is correct , otherwise reject
Workflow of DSA algorithm
That’s it for today’s lesson. In the next lesson we will learn the digital signature algorithm based on elliptic curves and take everyone to continue to understand digital signatures. , so stay tuned!
Follow Diankuan Academy, which continuously updates the blockchain series of courses every week, allowing you to enter the world of blockchain. See you in the next class.
[Blockchain and Cryptozoology] Class Review:
FOLLOW US
© DigQuant
Click "Read Original text", log in to the official website www.digquant.com to unlock more financial technology postures: coveringPython, financial basics, quantitative investment, blockchain, big data, artificial intelligence. Dig More, Learn More!
❻ [In-depth knowledge] Illustration of the encryption principle of the blockchain (encryption, signature)
First put an architecture diagram of Ethereum:
In The learning process mainly uses a single module to learn and understand, including P2P, cryptography, network, protocols, etc. Let’s start with the summary directly:
The problem of secret key distribution is also the problem of secret key transmission. If the secret key is symmetric, then the secret key can only be exchanged offline. If the secret key is transmitted online, it may be intercepted. Therefore, asymmetric encryption is used, with two keys, one private key is kept privately, and the other public key is made public. Public keys can be transmitted over the Internet. No offline transactions required. Ensure data security.
As shown in the figure above, node A sends data to node B, and public key encryption is used at this time. Node A obtains the public key of node B from its own public key, encrypts the plaintext data, and sends the ciphertext to node B. Node B uses its own private key to decrypt.
2. Unable to solve message tampering.
As shown in the figure above, node A uses B's public key to encrypt, and then transmits the ciphertext to node B. Node B uses the public key of node A to decrypt the ciphertext.
1. Since A’s public key is public, once an online hacker intercepts the message, the ciphertext will be useless. To put it bluntly, this encryption method can be decrypted as long as the message is intercepted.
2. There is also the problem of being unable to determine the source of the message and the problem of message tampering.
As shown in the figure above, before sending data, node A first encrypts it with B's public key to obtain ciphertext 1, and then uses A's private key to encrypt ciphertext 1 to obtain ciphertext 2. After node B obtains the ciphertext, it first decrypts it using A's public key to obtain ciphertext 1, and then decrypts it using B's private key to obtain the plaintext.
1. When data ciphertext 2 is intercepted on the network, since A's public key is public, you can use A's public key to decrypt ciphertext 2 and obtain ciphertext 1. So this seems to be double encryption, but in fact the private key signature of the last layer is invalid. Generally speaking, we all hope that the signature is signed on the most original data. If the signature is placed later, the signature lacks security since the public key is public.
2. There are performance issues. Asymmetric encryption itself is very inefficient, and encryption is performed twice.process.
As shown in the figure above, node A is first encrypted with A's private key, and then encrypted with B's public key. After receiving the message, node B first uses B's private key to decrypt it, and then uses A's public key to decrypt it.
1. When the ciphertext data 2 is intercepted by a hacker, since the ciphertext 2 can only be decrypted using B's private key, and B's private key is only owned by node B, others cannot keep it secret. Therefore, the safety is the highest.
2. When node B decrypts and obtains ciphertext 1, it can only use A’s public key to decrypt it. Only data encrypted by A's private key can be successfully decrypted with A's public key. Only node A has A's private key, so it can be determined that the data was transmitted by node A.
After two asymmetric encryptions, the performance problem is serious.
Based on the above problem of data tampering, we introduced message authentication. The encryption process after message authentication is as follows:
Before node A sends a message, it first performs a hash calculation on the plaintext data. A digest is obtained, and then the illumination and original data are sent to Node B at the same time. When node B receives the message, it decrypts the message. Parse out the hash digest and original data, then perform the same hash calculation on the original data to obtain digest 1, and compare the digest and digest 1. If they are the same, they have not been tampered with; if they are different, they have been tampered with.
As long as ciphertext 2 is tampered with during the transmission process, the resulting hash will be different from hash1.
The signature problem cannot be solved, that is, both parties attack each other. A never acknowledges the message he sent. For example, A sends an error message to B, causing B to suffer losses. But A denied that he did not send it himself.
In the process of (3), there is no way to solve the problem of mutual attacks between the two interacting parties. What does that mean? It may be that the message sent by A is not good for node A, and later A denies that the message was not sent by it.
In order to solve this problem, signatures were introduced. Here we combine the encryption method in (2)-4 with the message signature.
In the above figure, we use node A's private key to sign the summary information sent by it, then add the signature + original text, and then use B's public key to encrypt. After B obtains the ciphertext, he first uses B's private key to decrypt it, and then uses A's public key to decrypt the digest. Only the content of the two digests is compared to see if they are the same. This not only avoids the problem of anti-tampering, but also circumvents the problem of attacks from both parties. Because A signed the information, it cannot be repudiated.
ForTo solve the performance problem when asymmetrically encrypting data, hybrid encryption is often used. Here we need to introduce symmetric encryption, as shown below:
When encrypting data, we use a symmetric secret key shared by both parties to encrypt. The symmetric secret key should not be transmitted on the network to avoid loss. The shared symmetric key here is calculated based on one's own private key and the other party's public key, and then the symmetric key is used to encrypt the data. When the other party receives the data, it also calculates the symmetric secret key and decrypts the ciphertext.
The above symmetric key is unsafe because A's private key and B's public key are generally fixed in the short term, so the shared symmetric key is also fixed. To enhance security, the best way is to generate a temporary shared symmetric key for each interaction. So how can we generate a random symmetric key during each interaction without transmitting it?
So how to generate a random shared secret key for encryption?
For the sender node A, a temporary asymmetric secret key pair is generated every time it is sent, and then a symmetric secret key can be calculated based on the public key of node B and the temporary asymmetric private key. (KA algorithm-Key Agreement). The symmetric secret key is then used to encrypt the data. The process here for the shared secret key is as follows:
For node B, when receiving the transmitted data, the random public key of node A is parsed. Then the symmetric secret key (KA algorithm) is calculated using the random public key of node A and the private key of node B itself. The data is then encrypted using a symmetric key.
For the above encryption methods, there are still many problems, such as how to avoid replay attacks (adding Nonce to the message), and problems such as rainbow tables (refer to the KDF mechanism to solve). Due to limited time and ability, I will ignore it for now.
So what kind of encryption should be used?
Mainly based on the security level of the data to be transmitted. Unimportant data can actually be authenticated and signed, but very important data needs to use an encryption scheme with a relatively high security level.
Cipher suite is a concept of network protocol. It mainly includes algorithms for identity authentication, encryption, message authentication (MAC), and secret key exchange.
During the entire network transmission process, algorithms are mainly divided into the following categories according to cipher suites:
Secret key exchange algorithms: such as ECDHE, RSA. Mainly used for handshake between client and serverHow to authenticate.
Message authentication algorithm: such as SHA1, SHA2, SHA3. Mainly used for message summarization.
Batch encryption algorithm: such as AES, mainly used to encrypt information flow.
Pseudo-random number algorithm: For example, the pseudo-random function of TLS 1.2 uses the hash function of the MAC algorithm to create a master key - a 48-byte private key shared by both parties in the connection. The master key serves as a source of entropy when creating session keys (such as creating a MAC).
In the network, a message transmission generally needs to be encrypted in the following four stages to ensure safe and reliable transmission of the message.
Handshake/network negotiation phase:
During the handshake phase between both parties, link negotiation is required. The main encryption algorithms include RSA, DH, ECDH, etc.
Identity authentication phase:
In the identity authentication phase, the source of the sent message needs to be determined. The main encryption methods used include RSA, DSA, ECDSA (ECC encryption, DSA signature), etc.
Message encryption stage:
Message encryption refers to encrypting the sent information flow. The main encryption methods used include DES, RC4, AES, etc.
Message identity authentication phase/anti-tampering phase:
Mainly to ensure that the message has not been tampered with during transmission. The main encryption methods include MD5, SHA1, SHA2, SHA3, etc.
ECC: Elliptic Curves Cryptography, elliptic curve cryptography. It is an algorithm that generates public and private keys based on point multiple products on ellipses. Used to generate public and private keys.
ECDSA: used for digital signatures and is a digital signature algorithm. A valid digital signature gives the recipient reason to believe that the message was created by a known sender, so that the sender cannot deny that the message has been sent (authentication and non-repudiation), and that the message has not been altered in transit. The ECDSA signature algorithm is a combination of ECC and DSA. The entire signature process is similar to DSA. The difference is that the algorithm used in the signature is ECC, and the final signed value is also divided into r and s. Mainly used in the identity authentication phase.
ECDH: It is also a Huffman tree secret key based on the ECC algorithm. Through ECDH, both parties can negotiate a shared secret without sharing any secrets, and this shared secret key is the current The communication is temporarily generated randomly, and the secret key disappears once the communication is interrupted. Mainly used in the handshake negotiation phase.
ECIES: It is an integrated encryption scheme, also known as a hybrid encryptionscheme, which provides semantic security against chosen plaintext and chosen ciphertext attacks. ECIES can use different types of functions: key agreement function (KA), key derivation function (KDF), symmetric encryption scheme (ENC), hash function (HASH), H-MAC function (MAC).
ECC is an elliptical encryption algorithm, which mainly describes how the public and private keys are generated on the ellipse, and is irreversible. ECDSA mainly uses the ECC algorithm to make signatures, while ECDH uses the ECC algorithm to generate symmetric keys. All three of the above are applications of the ECC encryption algorithm. In real-world scenarios, we often use hybrid encryption (a combination of symmetric encryption, asymmetric encryption, signature technology, etc.). ECIES is a set of integrated (hybrid) encryption solutions provided by the underlying ECC algorithm. This includes asymmetric encryption, symmetric encryption and signature functions.
<meta charset="utf-8">
This precondition is to ensure that the curve does not contain singular points .
Therefore, as the curve parameters a and b continue to change, the curve also shows different shapes. For example:
All the basic principles of asymmetric encryption are basically based on a formula K = k G. Among them, K represents the public key, k represents the private key, and G represents a selected base point. The asymmetric encryption algorithm is to ensure that the formula cannot be inverted (that is, G/K cannot be calculated). *
How does ECC calculate the public and private keys? Here I describe it according to my own understanding.
I understand that the core idea of ECC is to select a base point G on the curve, then randomly pick a point k on the ECC curve (as the private key), and then calculate our public key based on k G K. And ensure that the public key K is also on the curve. *
So how to calculate k G? How to calculate k G to ensure that the final result is irreversible? This is what the ECC algorithm is supposed to solve.
First, we randomly select an ECC curve, a = -3, b = 7 and get the following curve:
On this curve, I randomly select two points. How to calculate the multiplication of these two points? We can simplify the problem. Multiplication can be expressed by addition, such as 2 2 = 2+2, 3 5 = 5+5+5. Then as long as we can calculate addition on the curve, we can theoretically calculate multiplication. Therefore, as long as addition calculations can be performed on this curve, multiplication can be calculated theoretically, and the value of expressions such as k*G can also be calculated theoretically.
How to calculate the addition of two points on the curve? Here, in order to ensure irreversibility, ECC has customized an addition system on the curve.
In reality, 1+1=2, 2+2=4, but in the ECC algorithm, the addition system we understand is impossible. Therefore, it is necessary to customize a set of addition systems suitable for this curve.
The definition of ECC is to randomly find a straight line in the graph and intersect the ECC curve at three points (or possibly two points). These three points are P, Q, and R respectively.
Then P+Q+R = 0. Among them, 0 is not the 0 point on the coordinate axis, but the infinity point in ECC. In other words, the infinity point is defined as point 0.
Similarly, we can get P+Q = -R. Since R and -R are symmetrical about the X-axis, we can find their coordinates on the curve.
P+R+Q = 0, so P+R = -Q, as shown in the figure above.
The above describes how addition operations are performed in the world of ECC curves.
As can be seen from the above figure, there are only two intersection points between a straight line and a curve, which means that the straight line is the tangent line of the curve. At this time, P and R coincide.
That is, P = R. According to the above-mentioned ECC addition system, P+R+Q = 0, it can be concluded that P+R+Q = 2P+Q = 2R+Q=0
So we get 2 P = -Q (is it getting closer to the formula K = k G of our asymmetric algorithm?).
So we come to the conclusion that multiplication can be calculated, but it can only be calculated at the tangent point, and it can only be calculated by 2.
If 2 can be turned into any number for multiplication, then it means that multiplication can be performed in the ECC curve, then the ECC algorithm can meet the requirements of an asymmetric encryption algorithm.
So can we calculate the multiplication of any random number? The answer is yes. That is, the dot product calculation method.
Choose a random number k, then what is k * P equal to?
We know that in the computer world, everything is binary. Since ECC can calculate the multiplication of 2, we can describe the random number k as binary and then calculate it. Suppose k = 151 = 10010111
Since 2 P = -Q, so k P is calculated. This is the dot product algorithm. Therefore, multiplication can be calculated under the ECC curve system, so this asymmetric encryption method is feasible.
As for why this calculation is irreversible. This requires a lot of deduction, and I don't understand it either. But I think it can be understood this way:
Our watches usually have time scales. Now if we take 0:00:00 on January 1, 1990 as the starting point, and if we tell you that a full year has passed until the starting point, then we can calculate the current time, that is, we can calculate it on the watch. The hour, minute and second hands should point to 00:00:00. But conversely, I said that the hour, minute and second hands on the watch are now pointing to 00:00:00. Can you tell me how many years have passed since the starting point?
The ECDSA signature algorithm is basically similar to other DSA and RSA, both using private key signature and public key verification. It’s just that the algorithm system uses the ECC algorithm. Both parties interacting must adopt the same set of parameter systems. The signature principle is as follows:
Select an infinite point on the curve as the base point G = (x, y). Randomly pick a point k on the curve as the private key, and K = k*G to calculate the public key.
Signature process:
Generate a random number R and calculate RG.
According to the random number R, the HASH value H of the message M, and the private key k, Calculate the signature S = (H+kx)/R.
Send the message M, RG, S to the receiver.
Signature verification process:
Receive message M, RG, S
Calculate the HASH value H according to the message
According to the sender For the public key K, calculate HG/S + xK/S, and compare the calculated result with RG. If equal, the verification is successful.
Formula inference:
HG/S + xK/S = HG/S + x(kG)/S = (H+xk)/GS = RG
< p> Before introducing the principle, explain oneThe lower ECC satisfies the associative law and the commutative law, that is to say, A+B+C = A+C+B = (A+C)+B.Here is an example on WIKI to illustrate how to generate a shared secret key. You can also refer to the example of Alice And Bob.
For Alice and Bob to communicate, both parties must have public and private keys generated by ECC based on the same parameter system. So there is a common base point G for ECC.
Secret key generation stage:
Alice uses the public key algorithm KA = ka * G, generates the public key KA and the private key ka, and makes the public key KA public.
Bob uses the public key algorithm KB = kb * G, generates the public key KB and the private key kb, and makes the public key KB public.
Calculation ECDH stage:
Alice uses the calculation formula Q = ka * KB to calculate a secret key Q.
Bob uses the calculation formula Q' = kb * KA to calculate a secret key Q'.
Shared key verification:
Q = ka KB = ka * kb * G = ka * G * kb = KA * kb = kb * KA = Q'
Therefore, the shared secret keys calculated by both parties do not need to be disclosed before they can be encrypted using Q. We call Q the shared secret key.
In Ethereum, other contents of the ECIEC encryption suite used:
1. The HASH algorithm uses the most secure SHA3 algorithm Keccak.
2. The signature algorithm uses ECDSA
3. The authentication method uses H-MAC
4. The ECC parameter system uses secp256k1, others The parameter system can be found here
The whole process of H-MAC is called Hash-based Message Authentication Code. Its model is as follows:
In Ethereum's UDP communication (RPC communication encryption methods are different), then The above implementation method is adopted and extended.
First of all, the structure of Ethereum’s UDP communication is as follows:
Among them, sig is the signature information encrypted by the private key. mac can be understood as a summary of the entire message, ptype is the event type of the message, and data is the RLP-encoded transmission data.
The entire encryption, authentication, and signature model of UDP is as follows:
❼ The entire system of blockchain uses a large number of cryptographic algorithms, and the more representative ones are used for PoW hash algorithm.
The entire system of the blockchain uses a large number of cryptographic algorithms, and the more representative one is the hash algorithm used for PoW. Zheng Zheng doesn’t know how to solve the problem. For this reason, the editor will collect and organize for everyone. The entire system of blockchain uses a large number of cryptographic algorithms, and the more representative one is the hash algorithm used for PoW. If you are interested, come and take a look at the solution.
The entire system of the blockchain uses a large number of cryptographic algorithms, and the more representative one is the hash algorithm used for PoW.
A. Correct
B. Wrong
Correct answer: A
The encryption algorithm in blockchain technology plays a crucial role. In addition to hashing algorithms for PoW, there are also symmetric and asymmetric encryption algorithms for encrypted data transmission, digital signature algorithms, etc. These algorithms ensure the security, immutability and anonymity of the blockchain.
❽ Encryption technology of blockchain
Digital encryption technology is the key to the application and development of blockchain technology. Once the encryption method is cracked, the data security of the blockchain will be challenged, and the tamperability of the blockchain will no longer exist. Encryption algorithms are divided into symmetric encryption algorithms and asymmetric encryption algorithms. Blockchain primarily uses asymmetric encryption algorithms. Public key cryptography systems in asymmetric encryption algorithms are generally divided into three categories according to the problems they are based on: large integer differentiation problems, discrete logarithm problems and elliptic curve problems. First, introduce blockchain encryption technology. Encryption algorithms are generally divided into symmetric encryption and asymmetric encryption. Asymmetric encryption refers to encryption technology integrated into the blockchain to meet security requirements and ownership verification requirements. Asymmetric encryption usually uses two asymmetric keys, called public and private keys, in the encryption and decryption process. Asymmetric key pairs have two characteristics: First, after one key (public key or private key) encrypts information, it can only decrypt the other corresponding key. Second, the public key can be disclosed to others, while the private key is kept confidential, and others cannot calculate the corresponding private key through the public key. Asymmetric encryption is generally divided into three main types: large integer differentiation problems, discrete logarithm problems and elliptic curve problems. The problem class of large integer differentiation refers to using the product of two large prime numbers as the encrypted number. Since the appearance of prime numbers is irregular, solutions can only be found through constant trial calculations. The discrete logarithm problem class refers to an asymmetric distributed encryption algorithm based on the difficulty of discrete logarithms and strong one-way hash functions. Elliptic curve refers to the use of flat elliptic curves to calculate a set of asymmetric special values. Bitcoin uses this encryption algorithm. Asymmetric encryption technology in the areaThe application scenarios of blockchain mainly include information encryption, digital signature and login authentication. (1) In the information encryption scenario, the sender (denoted as A) encrypts the information with the public key of the receiver (denoted as B) and sends it to
B, who uses his own private key Decrypt the information. Encryption of Bitcoin transactions falls into this scenario. (2) In a digital signature scenario, sender A uses its own private key to encrypt the information and sends it to B. B uses A's public key to decrypt the information and then ensures that the information was sent by A. (3) In the login authentication scenario, the client uses the private key to encrypt the login information and sends it to the server. The server then uses the client's public key to decrypt the authenticated login information. Please note the differences between the above three encryption schemes: information encryption is public key encryption and private key decryption, ensuring the security of the information; digital signature is private key encryption and public key decryption, ensuring the ownership of the digital signature. Authenticated private key encryption and public key decryption. Taking the Bitcoin system as an example, its asymmetric encryption mechanism is shown in Figure 1: The Bitcoin system generally generates a 256-bit random number as a private key by calling the random number generator at the bottom of the operating system. The total number of Bitcoin's private keys is large, and it is extremely difficult to traverse all private key spaces to obtain Bitcoin's private keys, so cryptography is safe. In order to facilitate identification, the 256-bit binary Bitcoin private key will be converted through the SHA256 hash algorithm and Base58 to form a 50-character long private key, which is easy for users to identify and write. Bitcoin's public key is a 65-byte random number generated by the private key through the Secp256k1 elliptic curve algorithm. Public keys can be used to generate addresses used in Bitcoin transactions. The generation process is that the public key is first hashed through SHA256 and RIPEMD160 to generate a 20-byte summary result (that is, the result of Hash160), and then converted through the SHA256 hash algorithm and Base58 to form a 33-character Bitcoin address. The public key generation process is irreversible, that is, the private key cannot be derived from the public key. Bitcoin’s public and private keys are usually stored in Bitcoin wallet files, with the private key being the most important. Losing the private key means losing all the Bitcoin assets of the corresponding address. In the existing Bitcoin and blockchain systems, multi-private key encryption technology has been derived based on actual application requirements to meet more flexible and complex scenarios such as multi-signatures.
❾ How is cryptography used in blockchain?
In blockchain technology, cryptography mechanisms are mainly used to ensure the integrity, authenticity and integrity of transaction information. Privacy.
Cryptography in blockchain includes Bloom filters, hash functions, encryption and decryption algorithms, digital certificates and digital signatures, homomorphic encryption, PKI systems, etc.
- 上一篇: 区块链运行速度,区块链多少年了
- 下一篇: 智能路由器区块链是什么,智能路由器区块链接不上
