BLOCKCHAIN

Public-key Cryptography

Pr. TMIMI Mehdi

Inspired from Web3 Foundation course

 Main goal

Discuss the most fundamental

aspects of a Blockchain:
Public Key Cryptography & one-way
Functions

inspired from Web3 Foundation course

 Cryptocurrency

In order to really understand how cryptocurrency works, we need

to first understand Cryptography

inspired from Web3 Foundation course

 Encryption

• Encryption is the oldest use

for Cryptography
• Mehdi wants to send a
message 'm' to Sarah, but
Ghita can intercept that
message and read its
content.

=> How can Mehdi send a

message to Sarah without Ghita
understanding the message ?

inspired from Web3 Foundation course

 Symmetric-key Encryption

• Mehdi and Sarah share the same secret

Key: Ke.
• Mehdi can encrypt the message using the
encryption function and the secret key,
then send the encrypted message
(ciphertext c) to Sarah over the
unencrypted channel.
• Sarah can decrypt the ciphertext using the
decrypt function and the secret key.

E: Encrypt function
=> Ghita can only understand the message if D: decrypt function
Ke: secret key
she knows the decrypt function and also the
Ciphertext: encrypted message
secret key

inspired from Web3 Foundation course

 Caesar Cipher

• One of the simplest ciphers around

• Given a key Ke (number in this case),
all you need to do is to convert each
letter of the message to its
equivalent number, then add to it
the Ke and performing a modulo
operation according to the total
number of alphabets.

inspired from Web3 Foundation course

 Example: Caesar Cipher

Let's encrypt the message: RUNNOW using the secret Key: 4

inspired from Web3 Foundation course

 Kerckhoff's Principle

• The security of a system must only depends

on the secret key not on the algorithm. =>
Security through obscurity is not a valid
defense!

• How could you break our caesar cipher, even

if you don't know the key ?

inspired from Web3 Foundation course

 Breaking Caesar

• Frequency analysis.
• Known plaintext attack
• Brute force (there are really only 25
possibilities for our key)

inspired from Web3 Foundation course

 Authentication via
Encryption

• Let us assume that Ghita has

gained the ability to modify
traffic in-transit, or send a
different message entirely.

=> How can Sarah verify that

Mehdi sent the received
message?

inspired from Web3 Foundation course

 Authentication via symmetric-
key Cryptography

• Let us assume that Mehdi and Sarah

share another secret key: Ka and know
an authentication function h
• Mehdi sends the message m which
includes a message authentication code
(MAC)
a = h(Ka,m)
• When Sarah receives the message m, if
h(Ka,m) doest not return a, she will
know that it was not signed by Mehdi Ka

inspired from Web3 Foundation course

 Authentication +
Symmetric encryption

=> You can combine encryption and

authentication by including the MAC (a) inside
the ciphertext c and be able to:
1. Prove that a message came from a specific
person.
2. Prevent others from reading the message.

inspired from Web3 Foundation course

 Weakness of this approach

• How can Mehdi and Sarah share the keys

(encryption and authentication) ?
=> share them offline ? In a secure channel ?

inspired from Web3 Foundation course

 Asymmetric key Encryption
• We have two different keys: one (public key:
P) to encrypt and the other (private key: S) to
decrypt.
• Your public key (P) is known by everyone and
they can use it to send messages to you.
• Only you using your private Key (S) can
decrypt and read the message.

inspired from Web3 Foundation course

• Sarah tells the world about her public key (PSarah)
but keeps her private key (SSarah) secret. Authentication via
• If Mehdi wants to communicate with Sarah, he symmetric-key
needs to encrypt his message m to a cyphertext Cryptography
c using the function E.
• The only and unique way to decrypt the
message is with the function D which
require Sarah's private key
inspired from Web3 Foundation course
• Sarah can also communicate with Mehdi by using
Mehdi's public key
Secure Communication
Without Secure Channels
=> Mehdi and Sarah can communicate over an
insecure channel, even if from the start all
communication is over that channel.
=> Ghita will only see the ciphertext c

inspired from Web3 Foundation course

 Public/Private Key
Generation

• Public/Private keys share a relationship, they

are not just two random values.
• Bitcoin uses ECDSA to generate your key pair.
• There are other possibilities such RSA

inspired from Web3 Foundation course

 Efficiency

• Turns out that asymmetric encryption itself is extremely

inefficient in comparison to symmetric encryption.
=> use Hybrid Approach
1. Establish a secure communication using asymmetric
encryption
2. Share a symmetric key encryption
3. Use now symmetric encryption for further communication

inspired from Web3 Foundation course

 Public Key Infrastructure (PKI)

• How you will be sure that PSarah is actually the public key of
Sarah and not someone else.
=> certificate authorities, web of trust, SPKI, some blockchain-
based approaches

In most Cryptocurrencies, there is no PKI. Meaning if you the

private key => you own the coins of that public address.

inspired from Web3 Foundation course

 One way function

• A one way function (or trapdoor function) is a function y=f(x)

where given y, it is computationally infeasible to calculate
x. But given x, it's possible to calculate y.

inspired from Web3 Foundation course

 One way function (Example)

• Let's assume the function : y=f(x)=x2

• Calculating the square is easy: f(33)=1089
• However calculating the inverse is much more difficult.

=> Obviously the one way function that are used are much
complex than just a square calculation (but the idea is the
same)
inspired from Web3 Foundation course
 BLOCKCHAIN
Public-key Cryptography

Pr. TMIMI Mehdi

Inspired from Web3 Foundation course