Public key verification of blockchain
The price of a bitcoin soared from more than $20000 to $40000. This can not help but arouse my research interest, or simply understand what bitcoin is, what its mechanism looks like, and uncover its mystery. Therefore, after a simple search of some information and some understanding of the special currency, I sorted out the information on hand< (3) purpose: decentralize, rece risk
all servers in the distributed network can store and process data, and each server has equal status, which can store more data and has higher security<
this is the general content of popular science. If you want to know more about it, you can take a look at Nakamoto's paper and the official popular science video below
public key and private key can also ensure the security of new point-to-point transmission in distributed network
in the information transmission of blockchain, the encryption and decryption of the public key and private key of both sides of the information transmission are often not paired.
in fact, blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here, I only introce the basic knowledge of cryptography related to blockchain, including hash algorithm, encryption algorithm, information digest and digital signature, zero knowledge proof, quantum cryptography, etc. Through this lesson, you can learn how to ensure the confidentiality, integrity, authentication and non repudiation of the blockchain using cryptography technology
basic course lesson 7 basic knowledge of blockchain security
1. Hash algorithm (hash algorithm)
hash function (hash), also known as hash function. Hash function: hash (original information) = summary information. Hash function can map any length of binary plaintext string to a shorter (generally fixed length) binary string (hash value)
a good hash algorithm has the following four characteristics:
1. One to one correspondence: the same plaintext input and hash algorithm can always get the same summary information output
2. Input sensitivity: even if the plaintext input changes slightly, the newly generated summary information will change greatly, which is greatly different from the original output
3. Easy to verify: plaintext input and hash algorithm are public, anyone can calculate by themselves, and whether the output hash value is correct
4. Irreversibility: if there is only the output hash value, the hash algorithm can never dece the plaintext
5. Conflict avoidance: it is difficult to find two plaintexts with different contents, but their hash values are the same (collision)
for example:
hash (Zhang San lent Li Si 100000 yuan for 6 months) = 123456789012
such a record as 123456789012 is recorded in the account book
it can be seen that hash function has four functions:
simplify information
it is easy to understand, and the information after hashing becomes shorter
identification information
you can use 123456789012 to identify the original information, and summary information is also called the ID of the original information
hidden information
the account book is a record like 123456789012, and the original information is hidden
verification information
if Li Si cheated that Zhang San only lent Li Si 50000 when repaying, both parties can verify the original information with the hash value of 123456789012 recorded before
hash (Zhang San lent Li Si 50000 for 6 months) = 987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, Then the information can't be tampered
common hash algorithms include MD4, MD5 and Sha series algorithms, and Sha series algorithms are basically used in mainstream fields. Sha (secure hash algorithm) is not an algorithm, but a group of hash algorithms. At first, it was SHA-1 series, and now the mainstream applications are sha-224, SHA-256, sha-384 and sha-512 algorithms (commonly known as SHA-2). Recently, Sha-3 related algorithms have been proposed, such as keccak-256 used by Ethereum
MD5 is a very classic hash algorithm, but unfortunately, both it and SHA-1 algorithm have been cracked. It is considered by the instry that its security is not enough to be used in business scenarios. Generally, sha2-256 or more secure algorithm is recommended
hash algorithm is widely used in blockchain. For example, in blocks, the latter block will contain the hash value of the previous block, and the content of the later block + the hash value of the previous block will jointly calculate the hash value of the later block, which ensures the continuity and non tamperability of the chain< Encryption and decryption algorithm is the core technology of cryptography, which can be divided into two basic types: symmetric encryption algorithm and asymmetric encryption algorithm. According to whether the key used in the encryption and decryption process is the same or not, the two modes are suitable for different needs, just forming a complementary relationship, and sometimes can be combined to form a hybrid encryption mechanism
symmetric cryptography (also known as common key cryptography) has the advantages of high computational efficiency and high encryption strength; Its disadvantage is that it needs to share the key in advance, which is easy to leak and lose the key. The common algorithms are des, 3DES, AES and so on
asymmetric cryptography (also known as public key cryptography) is different from the encryption and decryption key, and its advantage is that it does not need to share the key in advance; Its disadvantage is that it has low computational efficiency and can only encrypt short content. Common algorithms include RSA, SM2, ElGamal and elliptic curve series. Symmetric encryption algorithm is suitable for the encryption and decryption process of a large number of data; It can't be used in signature scenario: and it often needs to distribute the key in advance. Asymmetric encryption algorithm is generally suitable for signature scenario or key agreement, but it is not suitable for large amount of data encryption and decryption< Third, information digest and digital signature
as the name suggests, information digest is to hash the information content to obtain a unique digest value to replace the original and complete information content. Information digest is the most important use of hash algorithm. Using the anti-collision feature of hash function, information digest can solve the problem that the content has not been tampered
digital signature is similar to signing on paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and confirm the source (or non repudiation)
we have two requirements for digital signature to make it consistent with our expectation for handwritten signature. First, only you can make your own signature, but anyone who sees it can verify its validity; Second, we want the signature to be only related to a specific file and not support other files. These can be achieved by our asymmetric encryption algorithm above
in practice, we usually sign the hash value of information instead of the information itself, which is determined by the efficiency of asymmetric encryption algorithm. Corresponding to the blockchain, it is to sign the hash pointer. In this way, the front is the whole structure, not just the hash pointer itself< Zero knowledge proof means that the verifier can make the verifier believe that a certain conclusion is correct without providing any additional information to the verifier
zero knowledge proof generally meets three conditions:
1. Completeness: authentic proof can make the verifier successfully verify
2. Soundness: false proof can not make the verifier pass the verification
3. Zero knowledge: if you get proof, you can't get any information other than the proof information from the proof process< With more and more attention paid to the research of quantum computing and quantum communication, quantum cryptography will have a huge impact on the information security of cryptography in the future
the core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. Theoretically, a large amount of information can be expressed by a small number of qubits and processed at the same time, which greatly improves the computing speed
in this way, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing
as we all know, quantum computing is still in the theoretical stage, which is far from large-scale commercial use. However, the new generation of encryption algorithms should consider the possibility of this situation.
Many small white just admission, was the private key, public key, address, and other relations confused. Some of them even lost their private key. They had money on the address, but they just couldn't get it out. Today, Xiao will try to figure out the relationship between the private key, the public key and the address
The relationship among < H2 > private key, public key and address is as follows:the private key is converted into (generated) public key, and then converted into address. If there is bitcoin or integrity coin on an address, the private key converted into the address can be used to spend the above integrity coin. The generation of public key and address depends on private key, so private key is the most important
mobile wallet is the same, but the file management method of mobile phone is not as convenient as computer. Therefore, the general mobile wallet will provide a function called or similar to "export private key". Through this function, the private key can be exported in various forms
for example, bitcoin mobile wallet can be exported as a two-dimensional code, which can be printed or scanned on paper. When replacing a mobile phone, install a bitcoin wallet and scan the QR code to migrate bitcoin. Bitcoin mobile wallet and trustcoin mobile wallet can be exported as a clear text string and printed on paper - this is paper wallet
paper wallet allows users to spend your bitcoin or trustcoin at any terminal with bitcoin or trustcoin wallet
because the wallet is lost or damaged, the private key will be lost, and the transfer right of the digital currency will be lost completely. To prevent such tragedies, you should always back up the data in your wallet. In addition to the address, all the private keys are saved ring the backup
< H2 > summary-
the private key should be protected to prevent loss and forgetting. When the mobile phone clears the information, it is best to it by hand, but do not disclose it
-
you should prevent your wallet from being lost or damaged, resulting in the loss of your private key and the loss of the transfer right of digital currency. Otherwise, you will not be able to withdraw more money, which is not useless
in the distributed network of blockchain, the communication and trust between nodes need to rely on digital signature technology, which mainly realizes the identity confirmation and information authenticity and integrity verification
digital signature
digital signature (also known as public key digital signature, electronic signature) is a kind of common physical signature written on paper, but it uses the technology in the field of public key encryption to identify digital information. A digital signature usually defines two complementary operations, one for signature and the other for verification. Only the sender of information can proce a digital string which can not be forged by others. This digital string is also an effective proof of the authenticity of the information sent by the sender. Simply prove that "I am who I am."
When did you buy 500? Now you make a lot of money
distributed
git ensures that each code warehouse maintains a complete project library locally, not just the branch in which it works and its own submission history. At the same time, it also keeps all the snapshot and index information after the latest pull
on the blockchain, each node keeps a complete database locally, not just its own transaction information
traceability
in Git commit chain, each commit object contains a parent object (the object of the last commit, except the first commit), which can trace all the previous records
on the blockchain, each block contains the index of the previous block (except the genesis block), which can trace all valid transactions before<
tamper proof
in Git's commit chain, each object itself calculates a checksum before storing, and then references it with a checksum. Once modified, the checksums will not be correct, which means that it is impossible to change the contents of any file or directory without git's knowledge< The mechanism used by git to calculate the checksums is called SHA-1 hash. This is a string composed of 40 hexadecimal characters (0-9 and A-F), which is calculated based on the content or directory structure of the file in GIT. SHA-1 hash looks like this:
in the blockchain, each block contains the last block ID, and this block ID has two SHA-256 hashes, which are calculated based on the block content. Once the content is modified, the hash will change, which is inconsistent with the chain of other nodes and cannot be added to the longest chain, so the content cannot be tampered with< 2. Difference
collective consensus and central node will: 1 - blockchain merges based on collective consensus (POW / POS) to form the longest chain, which is the main chain
2 - in Git system, when multi node cooperation is carried out through the warehouse hosting platform, it is the manager of the platform project who controls the power of merge, which reflects the will of the central node<
cryptography
1 - in bitcoin blockchain, cryptography mainly uses the following methods
in the whole system of bitcoin blockchain, a large number of public encryption algorithms are used, such as Merkle tree hash number algorithm, elliptic curve algorithm, hash algorithm, symmetric encryption algorithm and some coding algorithms. The functions of various algorithms in bitcoin blockchain are as follows:
A) hash algorithm
the two hash functions used in bitcoin system are: 1. SHA-256, which is mainly used to complete pow (proof of workload) calculation; 2. Ripemd160, mainly used to generate bitcoin address
b) Merkle hash tree
binary tree or multi tree based on hash value. In the computer field, Merkle tree is mostly used for integrity verification. In the distributed environment, integrity verification can greatly rece the complexity of data transmission and calculation<
C) elliptic curve algorithm
in bitcoin, the public key cryptography algorithm based on secp256k1 elliptic curve mathematics is used for signature and verification. On the one hand, it can ensure that the user's account is not replaced by an impostor, on the other hand, it can ensure that the user can not deny the signed transaction. The private key is used to sign the transaction information, and the user's public key is used to verify the signature. If the verification is passed, the transaction information will be recorded and the transaction will be completed
d) symmetric encryption algorithm
the official bitcoin client uses AES (symmetric block cipher algorithm) to encrypt the wallet file. After the user sets the password, the private key of the wallet is encrypted by the user set password through AES to ensure the security of the private key of the client
e) base58 encoding
base58 is a unique encoding method used in bitcoin. It is mainly used to generate the wallet address of bitcoin, which is similar to the permutation algorithm mechanism in classical cryptography. Its purpose is to increase the readability of bitcoin and change the binary hash value into the address we see
2 - git: SSH key is mainly used for remote login verification, SHA-1 is used for code content checking sum<
SSH is the abbreviation of secure shell, developed by IETF's network working group. It is a protocol designed to provide security for remote login sessions and other network services. SSH protocol can effectively prevent information leakage in the process of remote management< The process of SSH transmission is as follows: (1) the remote host receives the user's login request and sends its public key to the user 2) The user uses the public key to encrypt the login password and send it back 3) The remote host uses its own private key to decrypt the login password. If the password is correct, the user is allowed to log in.
As an emerging technology, blockchain has attracted more and more attention. It is a new application of traditional technology in the Internet era, including distributed data storage technology, consensus mechanism and cryptography. With the establishment of various blockchain research alliances, more and more funds and personnel support related research. Hash algorithm, zero knowledge proof, ring signature and other cryptographic algorithms used in blockchain:
hash algorithm
as the basic technology of blockchain, the essence of hash function is to map a set of data of any length (limited) to a set of defined length data stream. If this function satisfies the following conditions:
(1) the calculation of hash value for any group of data is very simple
(2) it is difficult to find two different data with the same hash value
hash functions satisfying the above two properties are also called encrypted hash functions. In case of no contradiction, hash functions usually refer to encrypted hash functions. For the hash function, finding such that is called a collision. The current popular hash functions are MD5, SHA1, Sha2, Sha3
bitcoin uses sha256, and most blockchain systems use sha256 algorithm. So here's sha256< Step 1: additional filling bits. The length of the message is congruent with that of 448 mod512 (length = 448 mod512). The number of bits to be filled ranges from 1 to 512. The highest bit of the filled bit string is 1, and the rest bits are 0
Step2: additional length value. The bit length of the initial message (before filling) represented by 64 bit is appended to the result of step 1 (the low byte takes precedence)
Step3: initialize cache. A 256 bit cache is used to store the intermediate and final results of the hash function
Step 4: process 512 bit (16 word) packet sequence. The algorithm uses six basic logic functions and consists of 64 steps of iterative operation. Each step takes the 256 bit cache value as the input, and then updates the cache content. Each step uses a 32-bit constant KT and a 32-bit wt. Where WT is the packet after the packet, t = 1,2,..., 16
step5: after all 512 bit packets are processed, the output of the last packet of sha256 algorithm is 256 bit packet< In 2001, Rivest, Shamir and TauMan proposed ring signature for the first time. It is a simplified group signature, only ring members have no manager, and it does not need the cooperation between ring members. In the ring signature scheme, the signer first selects a temporary signer set, which includes signers. Then the signer can generate the signature independently by using his private key and the public key of others in the signature set without the help of others. Members of the signer collection may not know that they are included in it
ring signature scheme consists of the following parts:
(1) key generation. A key pair (public key PKI, private key ski) is generated for each member of the ring
(2) signature. The signer uses his private key and the public keys of any n ring members (including himself) to generate the signature a for the message M
(3) signature verification. According to the ring signature and message M, the verifier verifies whether the signature is signed by the member in the ring. If it is valid, it will be received, otherwise it will be discarded
ring signature satisfies the following properties:
(1) unconditional anonymity: the attacker can not determine which member of the ring generated the signature, even if the private key of the ring member is obtained, the probability is not more than 1 / n
(2) Correctness: the signature must be verifiable by all others
(3) unforgeability: other members of the ring can't forge the real signer's signature, and even if an external attacker obtains a valid ring signature, he can't forge a signature for message M
(1) anonymity. The verifier can verify that the signature is signed by a member of the group, but can't know which member it is, so that the signer can be anonymous< (2) traceability. In group signature, the existence of group administrator ensures the traceability of signature. The group administrator can revoke the signature and expose the real signer. The ring signature itself cannot reveal the signer unless the signer wants to expose or add additional information to the signature. A verifiable ring signature scheme is proposed. In this scheme, the real signer wants the verifier to know his identity. At this time, the real signer can confirm his identity by disclosing his secret information< (3) management system. Group signature is managed by group administrator, ring signature does not need to be managed, signer can only select a set of possible signers, obtain its public key, and then publish the set, all members are equalthe Xueshuo innovation blockchain Technology Workstation of Lianqiao ecation online is the only approved "blockchain Technology Specialty" pilot workstation of "smart learning workshop 2020 Xueshuo innovation workstation" launched by the school planning, construction and development center of the Ministry of ecation of China. Based on providing diversified growth paths for students, the professional station promotes the reform of the training mode of the combination of professional degree research, proction, learning and research, and constructs the applied and compound talent training system< br />
compared with traditional stocks, real estate, bonds, gold and so on, blockchain assets are a very abstract and virtual form of assets. Represented by bitcoin, blockchain assets are a very professional computer language and program operation mode, and there is no credit endorsement from any country behind them, In this case, although the operation logic of decentralization has been completed, its experiment is still in the initial stage and development stage. Participating in relevant investment is actually a kind of brave adventurer behavior
2. The price of blockchain assets fluctuates violently
many blockchain projects are completely dependent on community operation and market speculation because there is not much support from the use level of entities, so it is difficult for investors to hold blockchain assets from the perspective of value investment, which leads to frequent capital flow, and the situation of price fluctuations has become a normal. A blockchain related token can soar by 500% in a day, or fall by 90% in a few hours. This kind of drastic price fluctuation is not affordable to ordinary investors
3. The uncertainty of national policies is too great
as an underlying technology, blockchain has basically accepted its value all over the world. However, as the "companion proct" of blockchain, there are still great controversies on national policies, and with the continuous increase of digital currency trading volume, the impact on the global financial market is also increasing. At present, the daily trading volume of the whole digital currency field exceeds US $60 billion, which is comparable to the trading volume of China's Shanghai and Shenzhen stock exchanges, or the average daily trading volume of the New York Stock Exchange. It is impossible to continue to operate outside the supervision. There is a very large regulatory game cycle, and the policies of various countries in this regard may be introced one after another, The impact on the market cannot be ignored
4. All kinds of blockchain projects are good and bad.
blockchain technology is originally a very basic architecture technology. At present, e to the global pursuit of funds, many project parties who have nothing to do with blockchain begin to use the concept of blockchain to design procts, And can complete the writing of the white paper of blockchain in a very short time, and then raise market funds. In this case, the technical threshold of the whole blockchain has been lowered. Many companies without the strength and willingness of blockchain development have developed the concept of blockchain purely to obtain financial support, resulting in the flooding of projects. The gap between projects is widening, but ordinary investors are difficult to identify and easy to fall into the trap
5. Currency speculation is not equal to blockchain investment
at present, there are many views that blockchain and digital currency are a whole. You can't develop blockchain technology while suppressing digital currency. I agree with this logic, but currency speculation is not the same as blockchain investment in the real sense. The thing with real investment value must be the thing with scarce supply. If any digital currency is issued, it can represent the application value of the blockchain and bring some innovation to the society. Then any blockchain technology team that can issue digital currency can issue dozens of digital currencies and change its name in a very short time. Therefore, digital currency itself has little logical relationship with blockchain assets. Blockchain projects must be a market with obvious scarcity, but digital currency does not have great scarcity. This is like saying that any Internet company can develop a chat software similar to wechat, but the chat software itself does not have much value. The real value lies in how many people participate in the chat software. Digital money is just a chat software. The current situation is that everyone is frying the software, and few people are concerned about what is on the software.
6. Short term overheated, easy to be used by lawless elements
the particularity of the blockchain instry is that many of its ecology has become very financial. In the whole process of operation, funds will be very concentrated, and most of the links are related to funds. From raising funds by ICO to sending tokens to investors, to online trading of exchanges, and trading of tokens by users in exchanges, the whole process is almost full of financialization. If the practitioners are not professional enough, have no self-discipline ability, and lack of supervision, then every link may be used by criminals to manipulate the market and obtain all kinds of illegal profits< In order to catch up with the next round of financial technology and digital revolution, Japan holds a very open attitude towards bitcoin and other transactions. Digital currency transactions denominated in yen account for half of the whole French currency trading area in the world, Japan hopes to use digital currency to revive its financial competitiveness. The United States hopes to use mainstream financial markets, such as futures and options derivatives market, to tame bitcoin and make it another powerful tool for us dollar hegemony. And China is also trying to promote sovereign cryptocurrency, one of the important purposes is to promote the internationalization of RMB. The field of digital currency and blockchain assets is likely to become the next big country's game and contention point, which will virtually increase the systematic risk to investors. It's hard to know what unexpected policies appear behind this big country's game and what impact they will bring to the whole market
8. The threat of quantum computer
blockchain generates a set of self-motivated system to ensure its self-operation under decentralized conditions. Most of them use asymmetric encryption, and use the corresponding public key to verify the transactions signed by the private key, so as to ensure that bitcoin and other blockchain assets can only be used by legitimate owners. But quantum computer can solve the problem of asymmetric encryption. Quantum computer can calculate the private key from the public key in a few minutes. After knowing all the private keys, people with quantum computer can spend bitcoin and other digital currency at will. Of course, when the quantum computer will come out is also a problem. The digital currency protocol is constantly adding new encryption standards, but the potential threat brought by the quantum computer has to attract the attention of investors
9. There is a possibility of a big reversal in the supply and demand level
the market value of the blockchain token market has hovered around one trillion US dollars. Although OTC funds are still pouring in, the stability and growth rate of the capital inflow are questionable. The supply of encrypted digital currency is a very embarrassing thing. From the perspective of a single digital currency, the total amount is strictly limited. For example, there are only 21 million bitcoins, but the threshold of issuing encrypted digital currency is getting lower and lower. Anyone and any organization can issue encrypted digital currency anytime and anywhere, and the supply is almost unlimited. On the other hand, the increasing transaction cost is restraining the demand side. At present, investors in the transaction link need to pay the transaction fees in the exchange, and also pay the miners' fees when transferring money. If countries begin to tax digital currency transactions in the future, it means that this market will have to bear more operating costs without generating its own profitability, If coupled with the increasing supply level, the overall market supply and demand expectations may reverse in a moment
10. The block chain assets are lack of legal protection
it is not uncommon that global digital currency exchanges are "hacked", and in the process of all kinds of over-the-counter and on-the-spot transactions, fraud also occurs from time to time, and the legal protection for investors is very limited. Especially for domestic investors, once they are stolen or cheated because of trading digital currency, it is almost difficult to recover effectively. Due to the lack of intermediary guarantee from banks and other levels, the security of digital currency is entirely under their own responsibility. Although this is in line with the logic of self preservation of private property, it also brings greater uncertainty to the storage and transaction of digital currency assets. Before there is no complete legal system to protect the rights and interests of personal digital currency assets, the legal security of investment in blockchain related assets is a very serious problem.