Elliptic curve cryptography must be used in blockchain
first, through the application in the field of digital currency, blockchain provides a solution for the flow of capital flow (or capital flow) information on the Internet
secondly, blockchain solves the problem of right confirmation in the transaction process through encryption and reference of distributed ledger
thirdly, blockchain determines the exchange of digital assets through the technology of consensus mechanism.
One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring a major security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can attack successfully only when they hold more than 51% token, which is more difficult than 51% computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring greater losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contract, and the other is to follow the principle of smart contract security development
the security development principles of smart contract are: to be prepared for possible errors, to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
The second is to check the hash value before installing the software to ensure that the digital wallet software has not been tampered with The third is to use cold wallet The fourth is to back up the private keyBlockchain is not deceiving, but deceiving people under the guise of blockchain. In fact, blockchain scam is to make use of people's ignorance of the technology, and then fraudsters rely on various and fancy means to set up scams. Many people only look at the surface when making investments, and finally fall into the trap of high profits
in the current society, more and more people are willing to take this risk to make investment in order to get rich returns, but not all of them can make profits. After all, where there are interests, there are many people waiting, and they will set traps for people to take the t
extended data:
precautions
blockchain is a technology. In short, this technology is a new way of data management based on cryptography. Blockchain technology has broad application prospects because it has the advantages of decentralization, non tampering, tracing and so on. And issuing currency is a kind of behavior derived from blockchain technology. At present, the vast majority of blockchain applications which mainly focus on currency issuance and speculation are suspected of illegal fund-raising
blockchain technology is still in early development, and it is difficult to apply it. If you only rely on a white paper to claim that there is an application, it is a deception in itself
in fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here, I only introce the basic knowledge of cryptography related to blockchain, including hash algorithm, encryption algorithm, information digest and digital signature, zero knowledge proof, quantum cryptography, etc. Through this lesson, you can learn how to ensure the confidentiality, integrity, authentication and non repudiation of the blockchain using cryptography technology
basic course lesson 7 basic knowledge of blockchain security
1. Hash algorithm (hash algorithm)
hash function (hash), also known as hash function. Hash function: hash (original information) = summary information. Hash function can map any length of binary plaintext string to a shorter (generally fixed length) binary string (hash value)
a good hash algorithm has the following four characteristics:
1. One to one correspondence: the same plaintext input and hash algorithm can always get the same summary information output
2. Input sensitivity: even if the plaintext input changes slightly, the newly generated summary information will change greatly, which is greatly different from the original output
3. Easy to verify: plaintext input and hash algorithm are public, anyone can calculate by themselves, and whether the output hash value is correct
4. Irreversibility: if there is only the output hash value, the hash algorithm can never dece the plaintext
5. Conflict avoidance: it is difficult to find two plaintexts with different contents, but their hash values are the same (collision)
for example:
hash (Zhang San lent Li Si 100000 yuan for 6 months) = 123456789012
such a record as 123456789012 is recorded in the account book
it can be seen that hash function has four functions:
simplify information
it is easy to understand, and the information after hashing becomes shorter
identification information
you can use 123456789012 to identify the original information, and summary information is also called the ID of the original information
hidden information
the account book is a record like 123456789012, and the original information is hidden
verification information
if Li Si cheated that Zhang San only lent Li Si 50000 when repaying, both parties can verify the original information with the hash value of 123456789012 recorded before
hash (Zhang San lent Li Si 50000 for 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, Then the information can't be tampered
common hash algorithms include MD4, MD5 and Sha series algorithms, and Sha series algorithms are basically used in mainstream fields. Sha (secure hash algorithm) is not an algorithm, but a group of hash algorithms. At first, it was SHA-1 series, and now the mainstream applications are sha-224, SHA-256, sha-384 and sha-512 algorithms (commonly known as SHA-2). Recently, Sha-3 related algorithms have been proposed, such as keccak-256 used by Ethereum
MD5 is a very classic hash algorithm, but unfortunately, both it and SHA-1 algorithm have been cracked. It is considered by the instry that its security is not enough to be used in business scenarios. Generally, sha2-256 or more secure algorithm is recommended
hash algorithm is widely used in blockchain. For example, in blocks, the latter block will contain the hash value of the previous block, and the content of the later block + the hash value of the previous block will jointly calculate the hash value of the later block, which ensures the continuity and non tamperability of the chain< Encryption and decryption algorithm is the core technology of cryptography, which can be divided into two basic types: symmetric encryption algorithm and asymmetric encryption algorithm. According to whether the key used in the encryption and decryption process is the same or not, the two modes are suitable for different needs, just forming a complementary relationship, and sometimes can be combined to form a hybrid encryption mechanism
symmetric cryptography (also known as common key cryptography) has the advantages of high computational efficiency and high encryption strength; Its disadvantage is that it needs to share the key in advance, which is easy to leak and lose the key. The common algorithms are des, 3DES, AES and so on
asymmetric cryptography (also known as public key cryptography) is different from the encryption and decryption key, and its advantage is that it does not need to share the key in advance; Its disadvantage is that it has low computational efficiency and can only encrypt short content. Common algorithms include RSA, SM2, ElGamal and elliptic curve series. Symmetric encryption algorithm is suitable for the encryption and decryption process of a large number of data; It can't be used in signature scenario: and it often needs to distribute the key in advance. Asymmetric encryption algorithm is generally suitable for signature scenario or key agreement, but it is not suitable for large amount of data encryption and decryption< Third, information digest and digital signature
as the name suggests, information digest is to hash the information content to obtain a unique digest value to replace the original and complete information content. Information digest is the most important use of hash algorithm. Using the anti-collision feature of hash function, information digest can solve the problem that the content has not been tampered
digital signature is similar to signing on paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and confirm the source (or non repudiation)
we have two requirements for digital signature to make it consistent with our expectation for handwritten signature. First, only you can make your own signature, but anyone who sees it can verify its validity; Second, we want the signature to be only related to a specific file and not support other files. These can be achieved by our asymmetric encryption algorithm above
in practice, we usually sign the hash value of information instead of the information itself, which is determined by the efficiency of asymmetric encryption algorithm. Corresponding to the blockchain, it is to sign the hash pointer. In this way, the front is the whole structure, not just the hash pointer itself< Zero knowledge proof means that the verifier can make the verifier believe that a certain conclusion is correct without providing any additional information to the verifier
zero knowledge proof generally meets three conditions:
1. Completeness: authentic proof can make the verifier successfully verify
2. Soundness: false proof can not make the verifier pass the verification
3. Zero knowledge: if you get proof, you can't get any information other than the proof information from the proof process< With more and more attention paid to the research of quantum computing and quantum communication, quantum cryptography will have a huge impact on the information security of cryptography in the future
the core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. Theoretically, a large amount of information can be expressed by a small number of qubits and processed at the same time, which greatly improves the computing speed
in this way, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing
as we all know, quantum computing is still in the theoretical stage, which is far from large-scale commercial use. However, the new generation of encryption algorithms should consider the possibility of this situation.
1. POW workload proof, which is familiar with mining, calculates a random number that meets the rules through and or operation, that is, obtains the bookkeeping right, sends out the data that needs to be recorded in this round, and stores it together with other nodes in the whole network after verification
advantages: complete decentralization, free access of nodes
disadvantages: bitcoin has attracted most of the computing power in the world, and other blockchain applications using POW consensus mechanism are difficult to obtain the same computing power to ensure their own security; Mining causes a lot of waste of resources; The period of reaching consensus is long, which is not suitable for commercial application.
2. Proof of rights and interests of POS, a mechanism of upgrading consensus of pow; According to the token proportion and time of each node; It can rece the difficulty of mining in equal proportion, so as to speed up the speed of finding random numbers< Advantages: to a certain extent, it shortens the time to reach a consensus
disadvantages: mining is still needed, which does not solve the pain point of commercial application in essence
3. Dpos share authorization certification mechanism is similar to the voting of the board of directors, in which the coin holders cast a certain number of nodes to verify and account on their behalf
advantages: greatly rece the number of participating verification and accounting nodes, which can achieve second level consensus verification
disadvantages: the whole consensus mechanism still depends on token, and many commercial applications do not need token to exist
4. Pool verification pool, which is based on traditional distributed consistency technology and data verification mechanism; It is a consensus mechanism widely used in the instry chain at present.
advantages: it can work without token, and realizes second level consensus verification on the basis of mature distributed consistency algorithms (pasox and raft)
disadvantages: the degree of decentralization is not as good as that of bictin; The multi center business model is more suitable for multi-party participation
it has great advantages in using consensus mechanism to ensure data consistency (the consensus mechanism is first proposed by ripple, and the network transaction synchronization mechanism with data correctness priority. In the consensus network, no matter how the software code changes, if you can't reach a consensus, you can't enter the network, let alone fork)
- - - - - - - -
PS: a little black, although the consensus mechanism can absolutely ensure that there will be no hard bifurcation at any time. However, the disadvantage of this mechanism is obvious, that is, it is much longer than the current bitcoin network to reach a consensus with other nodes. In extreme cases, the consequences of disconnection in ripple consensus mechanism network are also very terrible
it is possible that one day after the power failure in your home, the whole system will no longer be able to reach a consensus with other rippled nodes (in fact, the consensus mechanism requires more than 80% of the nodes to acknowledge your data before your submission will be accepted by other nodes, otherwise it will be rejected by exclusive nodes), Even you can only empty all your 500 GB data and resynchronize to connect to other ripple nodes
so at present, the existing rippled end is not suitable for civil use (if it is commercial, the impact is relatively small. For example, RL's own rippled node is hosted in Amazon cloud data center. If it has no response for a long time, it can make high claims, and there is almost no break in that place except for large disasters). This is one of the aspects RL has always wanted to improve.
asymmetric encryption algorithm is a function that converts the original plaintext file or data into a series of unreadable ciphertext codes by using an encryption key. The encryption process is irreversible. Only holding the corresponding decryption key can the encrypted information be decrypted into readable plaintext. Encryption enables private data to be transmitted through the public network under the condition of low risk, and protects the data from being stolen and read by the third party
the core advantage of blockchain technology is decentralization, which can realize point-to-point transaction, coordination and cooperation based on decentralized credit in a distributed system without mutual trust by means of data encryption, time stamp, distributed consensus and economic incentive, so as to solve the high cost and low cost of centralized institutions Low efficiency and data storage insecurity provide solutions
the application fields of blockchain include digital currency, token, finance, anti-counterfeiting traceability, privacy protection, supply chain, entertainment, etc. with the popularity of blockchain and bitcoin, many related top domain names have been registered, which has a great impact on the domain name instry.
I hope I can help you:
webpage link
abey blockchain technology is from Ciprian pungela & amp; Co., two doctors in the Department of artificial intelligence from the Department of computer science, School of mathematics and information, Western University of timishwara, Romania; Vorel negru's own research project. Constant lightweight blockchain technology and multi-layer programming and extended blockchain solution are adopted. The scale of abey's blockchain remains unchanged, with only 50 active blocks. Abey blockchain technology is suitable for the use of e-money in e-commerce system for mass transactions, and has multi-level, scalability and security, and can be programmed
according to the official white paper, abey is suitable for the blockchain solution in e-commerce system, which uses digital currency to carry out mass transactions and can carry out multi-layer programming and expansion
specific implementation method of abey blockchain Technology:
using a multi-level and programmable blockchain method to realize digital currency (for simplicity, we call it "DC"). This method can pave the way for the implementation of various e-commerce purposes, such as loan financing, completion of refundable transactions and non refundable transactions. In the first layer of the blockchain, we can realize the inherent digital currency design, which is commonly referred to as the base layer ("FL"). The various upper layers built on this foundation can be used to describe various additional functions related to various business driven application examples (which we will briefly introce below). All of the above levels are fully programmable, and can be easily adapted for various applications
although most of today's digital goods store transaction balance in the blockchain, abey's method is more similar to Pascal coin digital currency. This method uses what we call a "vault" encryption structure“ The "vault" structure can only save the balance of all accounts in the network, instead of a complete list of all completed transactions, and can be reconstructed in the evolution history of the blockchain. Since vault allows the deletion of useless content at any time, it can significantly rece the storage cost of blockchain. In contrast, at the time of writing this article, the storage space required to download bitcoin database is 70gb (the alarm rate is still growing, and it is expected to reach 300gb in 2019), so it is not feasible to use ultrabooks or notebooks with small storage space (such as 120GB or 256gb) to carry out mining operation. On the other hand, the size of the abey blockchain will remain unchanged, with only 50 blocks (at the time of writing, there are more than 525000 blocks in the bitcoin blockchain)
vault fully supports digital currency transfer between accounts. In addition, vault can assign an owner defined name to each account instead of using hashing algorithms like today's cryptocurrency - which makes the account easier to remember and makes the name public
one of the important functions that vault can help prevent the daily expenses of blockchain from being too high (especially those related to transaction history) is that vault can save such states and rece the size of blockchain itself by creating a secure of blockchain states. Because there is no transaction history and all accounts can save their direct balance, the blockchain information has the feature of partial erasure. All the blockchain states that can be stored can be regarded as landmarks of the blockchain
secure data sharing:
through the block chain structure design, for each transaction sent to the network, the block chain may contain encrypted metadata. The metadata can only be decrypted by the transaction recipient. For the transaction sent to the network, the sender's public key is included in the transaction, and the transaction receiver decrypts the metadata using the public key. Since the transaction receiver holds the private key for decryption, only the transaction receiver can implement the data decryption process. From the perspective of encryption method, although bitcoin is limited to elliptic curve cryptography, blockchain metadata can use any other encryption mechanism to complete the encryption process. This not only provides complete flexibility in security selection, but also does not have any adverse impact on the structure or function of the blockchain
scalability:
since the abey blockchain supports the creation of historical landmarks by design, it is very easy for the network itself to achieve high scalability from the point of view that the blockchain will always need to store (related to the latest existing SLS). This method completely eliminates the need to store transaction history to calculate the balance of all accounts, and can directly store all account balances, so as to ensure that the specific balance information provided by all nodes in the network meets the requirements of Byzantine consistency
proof of security and workload:
it is impossible to have two-way payment operation in abey's method (in the specified appropriate scenario, the vast majority of today's mainstream cryptocurrencies may theoretically have two-way payment operation). Each transaction means that the balance of the corresponding account is updated in a relatively simple way, and there is no special way to restore the transaction from the network pending transaction team. For the abey blockchain, since all technical / functional layers are built on vault, vault is the infrastructure of our blockchain, so vault is very important for mining operations. Our proposed blockchain model is composed of a series of blocks, each of which is generated by the nodes in the network who are willing to mine. All nodes in the network can update the account balance independently according to the transaction (part of the block), and are independent of other nodes. The mining operation will affect the first functional layer. In addition to updating the balance, each node can also update other matters that may belong to the upper functional layer in the composition of the blockchain structure. Once an update occurs, a new mining incentive block will be created. The mining reward block contains a number of new reward accounts that have been assigned to miners. The miner is the winner of the above reward according to the workload Certificate (currently there are 50 reward accounts). The way to reward is to distribute the public key of all such accounts to the reward recipient
blockchain technology layer:
abey's digital currency model contains a multi-layer structure, in which the first layer represents the realization of the digital currency itself (see Figure 7 for graphic explanation). The corresponding levels include:
tier 1 → digital currency (cryptocurrency): currency transfer, mining
tier 2 → refundable transaction and non refundable transaction: allowing the use of digital justice system to complete refundable transaction
Tier 3 → related parties and commission: allowing the automatic distribution of Commission to related parties
Tier 4 → contacting currency: by lending currency, Income based on interest
layer 5 → programmable: reserved for future realization of Turing complete programming model, so as to process blockchain data in a customized way (such as smart contract)
layer 6 → custom protocol: reserved for future use
transaction type:
abey mode allows different levels in blockchain through design, Complete a variety of transaction types. The transaction types in the second layer are as follows:
1 → fund transfer: fund transfer between accounts (1-to-1 transfer)
2 → refundable fund transfer: refundable transaction between accounts. Use escrow balance instead of regular account balance
3 → key change: change the key that can be used to process the account
4 → restore the account: recover funds from the lost and invalid account
5 → set account name: define the name of the account held by the founder
6 → sales preparation: mark the account for sale
7 → move out of the sales queue: remove the account sales mark, And the account is marked as non saleable
refundable transaction and mediator:
for the vast majority of cases, non refundable transaction is equivalent to all "pay to pay" transactions in blockchain based digital currency mode. But abey has introced the concept of refundable transactions into its digital currency model. In abey mode, the transaction marked with small flag belongs to refundable or non refundable transaction. In addition, in abey's blockchain network, each account contains two types of balance: regular and unchangeable balance (used to mark the amount that the account has received and can be paid immediately, but cannot be recovered after the payment) and escrow balance (including the transaction list marked as refundable transaction and the minutes of each transaction)
8 → payment dispute: for the corresponding transaction that has been marked as a refundable transaction, the payment dispute can be initiated only by the payer
9 → refund request: for the corresponding transaction previously marked as a refundable transaction, a refund request can be initiated, but only by the payer
10 → cancel escrow: cancel the escrow funds and return the funds to the payer immediately. It can only be initiated by the payee
11 → release trusteeship: release the trusteeship fund and add the amount to the balance of the payee's account immediately. It can only be initiated by the payer
related parties and commissions:
one of the important deficiencies in today's blockchain driven financial technology is the lack of the ability to provide rewards to related parties who sell specific procts or services. The third layer of abey blockchain can solve this problem< Lending digital currency:
lending digital currency is not only a simple and quick way to allow people to borrow legal tender, but also to ensure the security of encrypted assets. Given that today's valuable digital currencies are also used for transactions, the reason why lending digital currencies is feasible is not only that it allows borrowers to mortgage any type of cryptocurrency they save, but also that it is attractive because it is a way to retain their digital assets in a completely safe or very low-risk way. In addition, abey's model also provides built-in protection through the customer vault lending gateway (VLG), and enables the VLG to act as a buffer between the lender and the borrower
12 → borrowed funds: the borrower initiates transactions in the network, announces the intention of borrowing funds, and specifies the VLG account of the borrowed funds. The transaction is similar to depositing the balance of the regular / escrow account in the selected VLG account
13 → return of collateral: the transaction is initiated by the VLG itself. VLG will return the collateral to the borrower in accordance with the risk management policy
14 → loan repayment: the transaction is initiated by the borrower. If VLG accepts repayment of the loan in digital currency, the borrower may choose to repay the loan in digital currency. Under this condition, the digital monetary fund will be converted into VLG regular account balance<
programmable blockchain:
with its associated metadata payload, the layer of blockchain can be retained to allow the further creation of intelligent contracts between peers in the network by executing the grammar based "complete Turing basic programming language" according to the original blockchain data processing mode. For each payload, encryption or public visibility processing can be implemented, and can be performed in a dedicated virtual environment (similar to a virtual machine). This method can effectively protect data security and avoid the impact of data destruction and security vulnerabilities. The main advantage of this method is that this layer can create and enforce digital contracts without any blockchain specific programming. For Ben