Subject :- Blockchain Technology

Unit 1
Mathematical
Foundation for
Blockchain
 Syllabus
1. Cryptography: Symmetric Key Cryptography and
Asymmetric
2. Key Cryptography
3. Elliptic Curve Cryptography (ECC)
4. Cryptographic Hash Functions: SHA256
5. Digital Signature Algorithm (DSA)
6. Merkel Trees.
 Information Security Concepts
1. Computer data travel from one to another. Sensitive and confidential
information must be protect.

2. Computer Security: The protection afforded to an automated information

system in order to attain the applicable objectives of preserving the integrity,
availability, and confidentiality of information system resources (includes
hardware, software, firmware, information/data, and telecommunications).

3. Network and Internet security consists of measures to prevent, detect, and

correct security violations that involve the transmission of information
1. User A transmits a file to user B. The file contains sensitive information (e.g.,
payroll records). User C, who is not authorized to read the file, is able to
monitor the transmission and capture a copy of the file during its transmission.

2. A network manager, D, transmits a message to a computer, E. The message

instructs computer E to update identities of new users. User F intercepts the
message, alters its contents to add or delete entries, and then forwards the
message to computer E.

3. Rather than intercept a message, user F constructs its own message with the
desired entries and transmits that message to computer E as if it had come from
manager D
Three key objectives that are at the heart of computer security:
• Confidentiality:

Data confidentiality: Assures that private or confidential information is not made available or disclosed to
unauthorized individuals.

Privacy: Assures that individuals control or influence what information related to them may be collected and
stored and by whom that information may be disclosed.

• Integrity:

Data integrity: Assures that information and programs are changed only in a specified and authorized manner.

System integrity: Assures that a system performs its intended function in an unimpaired manner, free from
deliberate or inadvertent unauthorized manipulation of the system.

• Availability:
Assures that systems work promptly and service is not denied to authorized users.
 Security Threats and Vulnerabilities
▪ Asset
□ People, property, and information.

▪ Security Threats:
□ Means anything that has capacity to harm your computer system
□ It is something that may or may not happen, but has potential to cause serious damage

▪ Vulnerability:
□ It is gap or weakness in our security system or less protection
□ It is loophole between security programs
□ An asset is what we’re trying to protect.

□ A threat is what we’re trying to protect against.

□ A vulnerability is a weakness or gap in our protection efforts.

□ Risk is the intersection of assets, threats, and vulnerabilities.

A + T+ V = R
□ The main aim of encryption technique is to hide information from unauthorized
users, protection from unauthorized change and data should available to authorized
users when required
Plain Text
□ It is ordinary readable text before being encrypted into cipher text or after being
decrypted.(original message)
Ciphertext
□ Output of encryption perform on plain text. Plain text converted into non-readable
form with some algorithms
Encryption
□ The process of converting plain text message to cipher text message is known as
encryption
Decryption
□ The process of restoring the plain text message from the cipher text message is
known as decryption OR process of converting ciphertext message into plaintext
message is called as decryption
Cryptography
□ It is a art as well as science of writing secrete information/message and make them
non-readable.
Types of Cryptography.

Types of cryptography

Symmetric Key Cryptography

Asymmetric Key Cryptography

 Symmetric Key Cryptography

□ Also called as secret key

□ Same key for encryption and decryption
□ Eg.DES(Data Encryption Standers)
 Asymmetric Key Cryptography

□ Also called as public key cryptography

□ Two key for encryption and decryption
□ Eg.RSA(Rivest Shamir Adlman)
 Public Key Cryptography and RSA
• RSA algorithm is a public key encryption technique and is considered as the
most secure way of encryption.
• It was invented by Rivest, Shamir and Adleman in year 1978 and hence name
RSA algorithm.
 MODCalculation
1. 250 mod 24 (250 % 24 if using different convention).

2. Divide one number by the other, rounding down: 250 / 24 = 10.

3. This is the quotient. Also, you can think of that operation as an integer division - the type of the
division,

4. where we don't care about the fractional part of the result.

5. Multiply the divisor by the quotient. So it's 10 * 24 = 240 in our example.

6. Subtract this number from your initial number (dividend). Here: 250 - 240 = 10.

7. The number you obtain is the result of the modulo operation. We can write it down as 250 mod
24 = 10.
RSAAlgorithm
1. a=13,b=11

2. Prime no a=3,b=11,e=3,m =00111011 then calculate private

key d and cipher text C

3. Perform Encryption and Decryption using RSA algorithm

P=7,q=11,e=17 and M=8

4. Determine gcd(13,120)
Data Encryption standards (DES)
Detail steps in DSE
1. Initial Permutations
Process of rearranging or shuffling each bit of original plaintext block with any other random
bit of same plaintext message block
2. Rounds
2. Rounds
S-box rule is illustrated below
1. Key discarding process : 56th bit key transform into 48bit key by
discarding every 8th bit of initial key
2. Expansion Permutation Process: 2 32bit plaintext called Left Plaintext
(LPT) and 32-bit Right Plaintext(RPT).Here PT is expanded from 32bit to
48 bit and process called Expansion permutation
3. S-box substitution: process in which accept 48bit key and expanded right
plaintext to 48 bit which is XORed and produces 32-bit output
4. P-box permutation: output of s box–Input to P box in witch 32 bit are
permuted ie replace each bit with another bit
5. XOR and swapping:
3. Final Permutations
it perform after completion of 16 rounds
 Elliptic Curve Cryptography (ECC)
● Overhead of the RSA-based approach to public-key cryptography increases with the size
of the keys.
● Elliptic curve cryptography (ECC) can provide the same level and type of security as
RSA but with much shorter keys.
 Elliptic Curve Cryptography (ECC)
● In contrast to RSA, ECC bases its approach to public key cryptographic systems on how
elliptic curves are structured algebraically over finite fields.

● ECC creates keys that are more difficult, mathematically, to crack.

● For this reason, ECC is considered to be the next generation implementation of public key
cryptography and more secure than RSA.

● An elliptic curve for current ECC purposes is a plane

curve over a finite field which is made up of the points
satisfying the equation:
y²=x³ + ax + b.

● ECC use a mathematical process to merge two distinct keys

and then use the output to encrypt and decrypt data.
● ECC is based on the properties of a set of values for which operations can be performed on
any two members of the group to produce a third member, which is derived from points where
the line intersects the axes as shown with the green line and three blue dots in the below
diagram labeled A, B and C.
● Multiplying a point on the curve by a number produces another point on the curve (C). Taking
point C and bringing it to the mirrored point on the opposite
side of the x-axis produces point D.

● From here, a line is drawn back to our original point A, creating an intersection at point E.
This process can be completed n number of times within
a defined max value.

● The n is the private key value, which indicates how many times the equation should be run,
ending on the final value that is used to encrypt and decrypt data. The maximum defined value
of the equation relates to the key size used.

Video : Link Image : Link

Let's imagine this curve as the setting for a bizarre game of billiards. Take any two points on
the curve and draw a line through them, it will intersect the curve at exactly one more place.
● In this game of billiards, you take a ball at point A, shoot it towards point B. When it hits the
curve, the ball bounces either straight up (if it's below the x-axis) or straight down (if it's above
the x-axis) to the other side of the curve.

● A dot B = C A dot C = D

● It turns out that if you have two points, an initial point "dotted" with itself n times to arrive at a
final point, finding out n when you only know the final point and the first point is hard

● To continue our bizzaro billiards metaphor, imagine one person plays our game alone in a room
for a random period of time. It is easy for him to hit the ball over and over following the rules
described above.

● If someone walks into the room later and sees where the ball has ended up, even if they know all
the rules of the game and where the ball started, they cannot determine the number of times the
ball was struck to get there without running through the whole game again until the ball gets to
the same point. Easy to do, hard to undo: this is the basis for a very good Trapdoor Function.
Cryptographic Hash Functions:
Encryption
vs
Hashing
Password Verification
Hash Function Usages (I)
Hash Function Properties
Video: Link
Example
Markle Tree
Online Demo:

● Encryption and Decryption

https://www.online-toolz.com/tools/text-encryption-decryption.php

● Hash Generation
https://www.online-toolz.com/tools/md5-generator.php
References
1. https://www.cs.jhu.edu/~abhishek/classes/CS601-641-441-Spring2018/Lecture2.pdf
2.https://slideplayer.com/slide/6187260/
3.