<div><ol><li>li><li>li>ol><p>Blockchain has decentralized network participants, who are not necessarily known to each other. Credentials of an individual in such cases can’t be checked by the conventional means such as the identity of an individual using its an ID card. Participants can join and leave the chain as they wish. They operate beyond the boundaries of trust.
Many problems arise due to this context such as-
- Identity of the peer participants.
- Authorization of transactions.
- Authentication of transactions.
- Detection of forged and faulty transactions.
In public-key cryptography, instead of the conventional single key-value, it employs two different keys namely public-key(Specified to the user but publicly available to everyone) and private-key(Specified to the user and is kept secret from the rest of the world).
Working of the Public-key cryptography
Let, lowercase ‘b’ and uppercase ‘B’ be the private and public-key for a participant in Bangalore. ‘b’ and ‘B’
Let, lowercase ‘k’ and uppercase ‘K’ be the private and public-key for a participant in Kolkata. ‘k’ and ‘K’
Public-key publishes and the private key is kept safe and locked, typically using a passphrase and the pair works as follows,
Encrypting function holds two properties with a key pair, the public-key private-key pair has the unique quality that even though a data is encrypted with the private key, it can be decrypted with the corresponding public-key and vice-versa.
E.g.- Let’s say the participant in Bangalore wants to transact with the participant in Kolkata, instead of sending a simple message, the participant in Bangalore will send a transaction data encrypted by Bangalore participant’s private-key ‘b’, and then encrypted by Kolkata’s participant’s public-key ‘K’.
Participant in Kolkata will first decrypt the data using its own private-key ‘k’, then use Bangalore participant’s public-key ‘B’ to decrypt signed transaction data.
This ensures that only Kolkata’s participant can decrypt and receive the data and that only Bangalore’s participant could have sent the data.
The algorithm used for Public-key cryptography
Though RSA(Rivest-Shamir-Adleman) is a very commonly used public-key cryptography algorithm, in blockchain though we need a more efficient and strong algorithm. Efficiency is a critical requirement since the public key is frequently used in many different operations in the blockchain protocol.
Elliptic Curve Cryptography(ECC) family of the algorithm is used in the bitcoin as well as Ethereum blockchain scenario for generating the key pair.
The private-public key pair is a metaphorical passport to participating and transacting on the blockchain. You need to protect the private key for the security of your assets on the blockchain.
A hash function or hashing. Transforms and maps an arbitrary length of input data value to a unique fixed-length value. Input data can be a document, tree data, or block data. Even a slight difference in the input data would produce a totally different hash output value.
The algorithm chosen for the Hash function should be:-
- A one-way function, i.e., No one can derive the original items hashed from the hash value.
- Collision free, or exhibit low probability of collision, i.e., The Hash value uniquely represents the original items hashed. There should be an extremely low probability that two different datasets will map onto the same Hash value.
These requirements are achieved by choosing a strong algorithm such as a secure hash, and by using an appropriately large number of bits in the hash value. Most common functions for hashing are SHA-3, SHA-256, and Keccak.
Simple Hash Vs Merkle Tree Hash
Note:- The state is a variable that may be modified by a smart contract execution and the result of the execution may be returned in a receipt.
Tree structure helps the efficiency of repeated operations such as transaction modification and the state changes from one block to the next. (‘log(n)’ Vs ’n’)
In Ethereum, hashing is used to generate
- Account Address
- Digital Signature
- Transaction Hash
- State Hash
- Receipt Hash
- Block Header Hash
To manage the integrity of a transaction we need,
- Secure and unique account addresses, i.e., we need a standard approach to uniquely identify the participants in the decentralized network.
- Authorization of the transaction by the sender through a digital signature.
- Verification that the content of the transaction is not modified.
Address of the account
Address of the accounts is generated using the public key, private key pair.
- A 256-bit random number is generated and designated as the private key. Kept secure and locked using a passphrase.
- An ECC algorithm is applied to the private key, to get a unique public key. This is the private-public key pair.
- Then a Hashing function is applied to the public key to obtain account address. The address is shorter in size, only 20 bytes or 160 bits.
Authorization of Transaction
A transaction for transferring assets will have to be authorized, it has to be non-reputable, and unmodifiable. They first examine the digital signing process and then apply it to that transaction. The digital signature is hashed and encrypted data. The receiver gets the original data and the secure hash digitally signed. The receiver can recompute the hash of the original data received, and compare it with the received hash to verify the integrity of the document.
Consider the transaction to be a data
- Find the hash of the data files of the transaction.
- Encrypt that hash using the private key of the participant originating the transaction. Thus, digitally signing the transaction to authorize and making the transaction non-reputable.
- This hash is added to the transaction, it can be verified by others decrypting it using the public key of the sender of the transaction, and recomputing the hash of the transaction. Then compare the computed hash and the hash received at the digital signature. If there is a match, accept the transaction, otherwise reject it.
Note:- For a complete transaction verification, the timestamp, nonce, account balances, and sufficiency of fees are also verified.
The main component of Ethereum blockchain is
- Block Header
- Transaction Hash
- Transaction Root
- State Root
- State Hash
- State Root
The integrity of the block is managed by assuring that
- Block header contents are not tampered with
- The transactions are not tampered with
- State transitions are computed, hashed and verified
In Ethereum, the block hash is the block of all the elements in the block header, including the transaction root and the state root hashes. It is computed by applying a variant of SHA-3 algorithm called Keccak and all the items of the block header. A typical block has about 2,000 transactions in Bitcoin and about 100 transactions in Ethereum.
State Root and Receipt Root
Hashes of transaction in a block are processed in a tree structure called Merkle tree hash. Merkle tree hash is also used for computing the state root hash since only the hash of the chained states from block to block have to be re-computed. It is also used for receipt hash root. If any transaction is to be verified, only one path of the tree has to be checked, this gives an advantage as it doesn’t have to go through the entire transaction.
Smart contract execution in Ethereum results in state transitions. Every state change requires state root (hash) re-computation. Instead of computing hash for the entire set of states, only the affected path in the Merkle tree needs to be re-computed.
When the state 21 is changed to 15, that results in the path including 25, 35 and the root hash 54 to be recomputed, not the entire tree.
Block hash computation
Block hash in Ethereum is computed by first computing the state root hash, transaction root, and then receipt root hash. These roots and all the other items in the header are hashed together with the variable nodes to solve the proof of work puzzle.
Block hash serves two important purposes
- Verification of the integrity of the block and the transactions.
- Formation of the chain link by embedding the previous block hash in the current block header.
If any participant node tampers with the block, its hash value changes resulting in the mismatch of the hash values and rendering the local chain of the node in an invalid state. Any future blocks initiated by the node would be rejected by other miners due to hash mismatch. This enforces the immutability of the chain.
- Bitcoin Wiki
- Asymmetric Cryptography (Public-Key Cryptography)
- What Is Hashing? Under The Hood of Blockchain
- SHA: Secure Hashing Algorithm — Computerphile
- Blockchain demo
- Blockchains: Embedding Integrity
- Securing the Blockchain
- Is It Chain of Headers Rather Than a Chain of Blocks?