Blockchain encryption algorithm
bitcoin, Ruitai coin, Laite coin, Ethereum and other digital cryptocurrencies all use blockchain technology
blockchain is an important concept of bitcoin, which is essentially a decentralized database and the underlying technology of bitcoin. Blockchain is a series of data blocks generated by cryptography. Each data block contains the information of a bitcoin network transaction, which is used to verify the validity of the information (anti-counterfeiting) and generate the next block.
Blockchain is a new application mode of distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and other computer technologies. Blockchain is an important concept of bitcoin,
in essence, it is a decentralized database. At the same time, as the underlying technology of bitcoin, it is a series of data blocks generated by using cryptographic methods. Each data block contains a batch of information of bitcoin network transactions, Used to verify the validity of its information (anti-counterfeiting) and generate the next block
extended data
most blockchain public chains are limited by scalability. The biggest feature of blockchain technology is decentralization, which requires that all accounts in the network need to deal with the accounting process. Distributed accounting has high security, low misoperation rate, political neutrality and correctness
however, blockchain technology embraces these features at the same time, sacrificing scalability, unable to meet the personalized supervision, and slightly insufficient in protecting data privacy. Moreover, with the increase of the number of ledger, the interaction delay will increase exponentially, that is to say, the more ledger in the blockchain network, the higher the delay
If you want to understand the application of blockchain, you can refer to many books and opinions, such as illustrated blockchain, blockchain: reshaping the economy and the world, blueprint and guide of new economy, and articles of coin'an community, including a detailed understanding of the platform of coin'an community, with great strength
As the name suggests, blockchain is composed of block and chain. It is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and so on. It is a kind of chain data structure that combines data blocks in order according to the time sequence, and it is a secure and reliable distributed account book that can not be tampered with and forged by means of cryptographyin 2008, in his paper bitcoin: a peer-to-peer e-cash system published by Nakamoto, he first proposed the idea of blockchain and encrypted digital currency. Starting from bitcoin, blockchain has become the underlying technology of various digital currencies
Second, the working principle of blockchain:1. The basic concepts include: (1) transaction: one operation will change the account status once, such as adding a record 2) Block: records the transaction and status data within a specified time, which is a consensus and preservation of the current account status 3) Chain: it is composed of a series of blocks in chronological order, which is the log record of the whole state change. If you understand the working concept of blockchain, it is not difficult to understand its working principle. Suppose there is a distributed data logbook, which can only be added, not deleted or changed. Its structure is a linear chain formed by a series of "blocks" (which is also the source of the name of "blockchain"), and new data must be put into a new block to be added, The maintenance node can propose a new block, but it must go through a certain consensus mechanism to reach an agreement on the final selected block
2. Take bitcoin as an example to see the working principle of blockchain
the block of bitcoin is divided into block head and block body
Core advantages and characteristics of blockchain1. The verification, accounting, storage, maintenance and transmission of decentralized blockchain data are all based on distributed system structure. There is no centralized hardware or management organization, and the rights and obligations of any node are equal, The data blocks in the system are jointly maintained by the nodes with maintenance function in the whole system. 2. The open and transparent system is open. In addition to the private information of all parties to the transaction is encrypted, the data of the blockchain is open to all. Anyone can query the blockchain data and develop related applications through the open interface, so the information of the whole system is highly transparent. 3. Security blockchain uses consensus based specifications and Protocols (such as a set of open and transparent algorithms) to enable all nodes in the whole system to exchange data freely and safely in a de trusted environment, so that the trust in "people" is changed into the trust in machines, and any human intervention does not work. 4. Information cannot be tampered with. Once the information is verified and added to the blockchain, it will be stored permanently. Unless more than 51% (almost impossible) nodes in the system can be controlled at the same time, the modification of the database on a single node is invalid. Therefore, the data stability and reliability of the blockchain are extremely high. 5. Anonymity because the exchange between nodes follows a fixed algorithm, and its data interaction does not need trust (the program rules in the blockchain will judge whether the activity is effective or not). Therefore, the counterparties do not need to let the counterparties generate their own trust by disclosing their identities, which is very helpful for credit accumulation
At present, the most popular classification of blockchain is to divide blockchain into public blockchain, private blockchain and consortium blockchain according to different participants1. Public chain: anyone can participate in the use and maintenance, and can obtain the effective confirmation of the blockchain. Public chain is the earliest blockchain and the most widely used blockchain at present, such as bitcoin blockchain. The information is completely public
if the licensing mechanism is introced, it includes private chain and alliance chain. 2. Private chain: a company or indivial only uses the blockchain technology, enjoys the exclusive write permission of the blockchain, and does not disclose the information. At present, conservative giants (traditional finance) want to experiment with private blockchain, and the application procts of private blockchain are still groping. 3. Alliance chain: it is a blockchain between the public chain and the existing chain, which is jointly controlled by multiple organizations. The use of the chain is managed with authority, which can be controlled by the manager, and also open to others according to the manager's wishes. In addition, according to the different use scenarios and purposes of blockchain, it can be divided into currency chain for the purpose of digital currency, property chain for the purpose of recording property rights, and crowdfunding chain for the purpose of crowdfunding
On May 28, Ma Huateng, CEO of Tencent, proposed the anti-counterfeiting method based on cloud integrated blockchain technology, which is far more efficient than traditional anti-counterfeiting methods. The future anti-counterfeiting verification scenario may only require users to use their mobile phones for simple scanning, and a large number of complete information based on different dimensions can be obtainedtake Maotai liquor as an example:
distillery address, proction workshop, operation staff, inspector, delivery time, transportation vehicle information and driver information,
liquor year, raw material source, raw material supplier, storage warehouse number, raw material transportation vehicle and driver information,
all information can be accurately traced, permanently recorded and tampered with
the above information can be easily verified
2. Food safety issues as early as last November, Wal Mart has cooperated with IBM to track the source of food by using blockchain technology, so as to ensure the safety of food and increase the circulation of food to rece costs. For Wal Mart and other large supermarkets, it took a few days to investigate the source of problem food, After using this technology, only one item of proct information is needed to achieve accurate traceability, and important information such as food origin, inspector, supplier, logistics and transportation can quickly find problems in a few minutes. Currently, procts tracked by blockchain include packaging procts from the United States and pork from China
3. Information security
blockchain technology is promoting an information security technology revolution. (1) identity protection PKI is a common public key encryption technology in e-mail, message application, website and other communication applications. However, since the implementation of most PKI, the centralized trusted third party certification authority (CA) is used to issue, activate and store user certificates. Hackers can attack PKI to fake user identity or crack encrypted information
certcoin is the first PKI implementation of blockchain, which comes from MIT, removes the centralized authentication center, and uses blockchain as a distributed ledger for domain name and public key
pomcor company: blockchain PKI implementation path: keep the authentication center, and use blockchain to store the hash value of issued and activated certificates. Users can verify the authenticity of certificates through decentralized and transparent sources, and can also improve the network access performance through local authentication of secret key and signature based on blockchain
(2) data integrity protection
guardtime developed a secret key free signature architecture (Ksi) based on blockchain technology to replace the secret key based data authentication technology. Ksi stores the hash table of the original data and files on the blockchain, runs the hash algorithm to verify other copies, and compares the results with the data stored in the blockchain. Any data tampering will be found quickly because the original hash table is stored in millions of nodes
(3) key infrastructure protection
the "Achilles heel" of the Internet, DDoS has entered the TB era, DDoS is still the simplest weapon for hackers to bring down the big target with low cost, DNS service is the primary target for hackers to carry out large-scale destruction, but blockchain technology is expected to fundamentally solve the problem
The distributed storage ofblockchain makes hacker attacks lose focus. Nebulis is developing a distributed DNS system, which uses Ethereum blockchain and interstellar Internet file system (IPFs, the distributed substitute of HTTP) to register and resolve domain names. The biggest weakness of DNS is caching, which makes DDoS attacks possible. It is also the bane of the centralized government's censorship of social networks and manipulation of DNS registration. A highly transparent and distributed DNS system can effectively prevent any entity, including the government, from arbitrarily manipulating records
(1) digital currency: improve the convenience of currency issuance and use, such as bitcoin and Ethernet in foreign countries, and guorenbao in Chinafrom the use of physical transactions, to physical currency and credit currency, and then to the rise of bitcoin network, more and more people are aware of the distributed ledger blockchain technology behind it, and graally apply it in many scenarios other than digital currency
(2) cross border payment and settlement: realize point-to-point transaction, rece intermediate fees
transfer and payment. At present, the most mature application of blockchain technology is payment and transfer. Blockchain technology can avoid complicated systems, save the process of inter-bank reconciliation and review, and accelerate the settlement speed; virtual currency can rece transaction costs without the intervention of clearing house. Different countries have different clearing proceres. It takes two or three days for a single remittance to arrive, which is inefficient and accounts for a large proportion of funds in transit. No longer through the third party, through the blockchain technology to form point-to-point payment. By eliminating the link of the third-party institutions, we can make full day payment, real-time payment, withdraw cash quickly and rece the hidden cost, which helps to avoid the capital risk. It is timely and convenient
(3) bills and supply chain financial business: rece human intervention, rece costs and operational risksvalue transfer between point-to-point, control and verify physical bills or central system; Intermediaries will be eliminated and human intervention reced. With the improvement of efficiency, financing channels are more unblocked, risks are lower, and multiple parties benefit
(4) securities issuance and Trading: realize quasi real-time asset transfer, accelerate the speed of transaction clearing
the application of blockchain technology can make the process of securities trading more concise, transparent and fast, rece the plication of IT system, and improve the efficiency of market operation. For stocks, blockchain can eliminate paper and pen or electronic form records, rece human errors in trading, and improve the transparency and traceability of trading platform. Citigroup and Nasdaq cooperate to promote blockchain applications
(5) customer credit investigation and anti fraud: rece the cost of legal compliance, prevent financial crimes
the customer information and transaction records recorded in the blockchain help banks identify abnormal transactions and effectively prevent fraud. The technical characteristics of blockchain can change the existing credit reference system, and store the data of customers with bad records in the blockchain when the bank concts "know your customer" (KYC)
equity crowdfunding:
One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring a major security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can attack successfully only when they hold more than 51% token, which is more difficult than 51% computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring greater losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contract, and the other is to follow the principle of smart contract security development
the security development principles of smart contract are: to be prepared for possible errors, to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
The second is to check the hash value before installing the software to ensure that the digital wallet software has not been tampered with The third is to use cold wallet The fourth is to back up the private keyin fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here, I only introce the basic knowledge of cryptography related to blockchain, including hash algorithm, encryption algorithm, information digest and digital signature, zero knowledge proof, quantum cryptography, etc. Through this lesson, you can learn how to ensure the confidentiality, integrity, authentication and non repudiation of the blockchain using cryptography technology
basic course lesson 7 basic knowledge of blockchain security
1. Hash algorithm (hash algorithm)
hash function (hash), also known as hash function. Hash function: hash (original information) = summary information. Hash function can map any length of binary plaintext string to a shorter (generally fixed length) binary string (hash value)
a good hash algorithm has the following four characteristics:
1. One to one correspondence: the same plaintext input and hash algorithm can always get the same summary information output
2. Input sensitivity: even if the plaintext input changes slightly, the newly generated summary information will change greatly, which is greatly different from the original output
3. Easy to verify: plaintext input and hash algorithm are public, anyone can calculate by themselves, and whether the output hash value is correct
4. Irreversibility: if there is only the output hash value, the hash algorithm can never dece the plaintext
5. Conflict avoidance: it is difficult to find two plaintexts with different contents, but their hash values are the same (collision)
for example:
hash (Zhang San lent Li Si 100000 yuan for 6 months) = 123456789012
such a record as 123456789012 is recorded in the account book
it can be seen that hash function has four functions:
simplify information
it is easy to understand, and the information after hashing becomes shorter
identification information
you can use 123456789012 to identify the original information, and summary information is also called the ID of the original information
hidden information
the account book is a record like 123456789012, and the original information is hidden
verification information
if Li Si cheated that Zhang San only lent Li Si 50000 when repaying, both parties can verify the original information with the hash value of 123456789012 recorded before
hash (Zhang San lent Li Si 50000 for 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, Then the information can't be tampered
common hash algorithms include MD4, MD5 and Sha series algorithms, and Sha series algorithms are basically used in mainstream fields. Sha (secure hash algorithm) is not an algorithm, but a group of hash algorithms. At first, it was SHA-1 series, and now the mainstream applications are sha-224, SHA-256, sha-384 and sha-512 algorithms (commonly known as SHA-2). Recently, Sha-3 related algorithms have been proposed, such as keccak-256 used by Ethereum
MD5 is a very classic hash algorithm, but unfortunately, both it and SHA-1 algorithm have been cracked. It is considered by the instry that its security is not enough to be used in business scenarios. Generally, sha2-256 or more secure algorithm is recommended
hash algorithm is widely used in blockchain. For example, in blocks, the latter block will contain the hash value of the previous block, and the content of the later block + the hash value of the previous block will jointly calculate the hash value of the later block, which ensures the continuity and non tamperability of the chain< Encryption and decryption algorithm is the core technology of cryptography, which can be divided into two basic types: symmetric encryption algorithm and asymmetric encryption algorithm. According to whether the key used in the encryption and decryption process is the same or not, the two modes are suitable for different needs, just forming a complementary relationship, and sometimes can be combined to form a hybrid encryption mechanism
symmetric cryptography (also known as common key cryptography) has the advantages of high computational efficiency and high encryption strength; Its disadvantage is that it needs to share the key in advance, which is easy to leak and lose the key. The common algorithms are des, 3DES, AES and so on
asymmetric cryptography (also known as public key cryptography) is different from the encryption and decryption key, and its advantage is that it does not need to share the key in advance; Its disadvantage is that it has low computational efficiency and can only encrypt short content. Common algorithms include RSA, SM2, ElGamal and elliptic curve series. Symmetric encryption algorithm is suitable for the encryption and decryption process of a large number of data; It can't be used in signature scenario: and it often needs to distribute the key in advance. Asymmetric encryption algorithm is generally suitable for signature scenario or key agreement, but it is not suitable for large amount of data encryption and decryption< Third, information digest and digital signature
as the name suggests, information digest is to hash the information content to obtain a unique digest value to replace the original and complete information content. Information digest is the most important use of hash algorithm. Using the anti-collision feature of hash function, information digest can solve the problem that the content has not been tampered
digital signature is similar to signing on paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and confirm the source (or non repudiation)
we have two requirements for digital signature to make it consistent with our expectation for handwritten signature. First, only you can make your own signature, but anyone who sees it can verify its validity; Second, we want the signature to be only related to a specific file and not support other files. These can be achieved by our asymmetric encryption algorithm above
in practice, we usually sign the hash value of information instead of the information itself, which is determined by the efficiency of asymmetric encryption algorithm. Corresponding to the blockchain, it is to sign the hash pointer. In this way, the front is the whole structure, not just the hash pointer itself< Zero knowledge proof means that the verifier can make the verifier believe that a certain conclusion is correct without providing any additional information to the verifier
zero knowledge proof generally meets three conditions:
1. Completeness: authentic proof can make the verifier successfully verify
2. Soundness: false proof can not make the verifier pass the verification
3. Zero knowledge: if you get proof, you can't get any information other than the proof information from the proof process< With more and more attention paid to the research of quantum computing and quantum communication, quantum cryptography will have a huge impact on the information security of cryptography in the future
the core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. Theoretically, a large amount of information can be expressed by a small number of qubits and processed at the same time, which greatly improves the computing speed
in this way, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing
as we all know, quantum computing is still in the theoretical stage, which is far from large-scale commercial use. However, the new generation of encryption algorithms should consider the possibility of this situation.
In today's era of high development of the Internet, we are using the Internet more and more frequently, which has become an indispensable and important tool in our life. In particular, the mobile phone used for Internet communication has been used as a medium. In today's era, we are using mobile payment more and more, There are more and more ways to move. So what is digital currency? What do you know about it{ But generally speaking, it is a form of money< p> Finally, for such a form of transaction, it's all for the convenience of our daily life, and it's also for serving our own broad masses of people, so we don't have to worry about the advantages and disadvantages of digital currency and mobile payment
there are about three kinds of currency in currency speculation. one is the base currency, which is similar to the representative of money. CNY and usdt Basic goods with value). One is the mainstream token, BTC, ETH (because of the national restrictions, the exchange can only trade in token, that is, take one kind of virtual currency to buy another kind of virtual currency, I don't know why.) The other is a variety of virtual currencies (commodities)
the purchase process is to first go to the exchange platform to find a personal seller with RMB to exchange for usdt, In the process of using usdt to exchange for the mainstream token BTC or eth used in purchasing various virtual coins, and finally using eth to purchase various virtual coins
A. base currency: CNY, usdt (exchangeable, need to be exchanged in good faith transactions with indivial buyers) B. mainstream token: BTC, ethc, virtual currency: all kinds of money, such as profit, need to be exchanged into usdt again, and then sold into CNY. Learn more about the coin circle
< blockquote >sharing area network ~ learn more about the coin circle
< / blockquote >experience: 1. Buy mainstream currency if you can't buy it. 2. If the new currency is not fried in January, it may become a banker to harvest leeks. 3. Just learned an experience, chasing up and killing down, meaning up do not buy, buy must be cut leeks If you have strength and value, you can hold it and wait for salted fish to turn over. 5. If the company is strong, the team is strong, and the executives are strong, you can pay more attention to it. Note: I don't understand the K line at all, and I don't understand the professional words, so I can only make a tentative decision on these purchase principles based on logical thinking