Introduction to

Blockchain
CSEg5304
CHAPTER THREE
A DA M A S C I E N C E A N D T E C H N OLOGY U N IV E R S IT Y
C OE E C – C S E D E PA RT M E N T
Outline
CRYPTOGRAPHY IN BLOCKCHAIN
 Cryptography
Symmetric vs Asymmetric Encryption
 Hash Functions: SHA-256 and Beyond
 Hashing vs Encryption
 Digital Signatures
 Quantum Computing and Its Implications for Blockchain
 Anonymity, Privacy, and Pseudonymity in Blockchain

2
 Cryptography
Cryptography is the science of making information secure in the presence of adversaries. It does so
under the assumption that limitless resources are available to adversaries.
Ciphers are algorithms used to encrypt or decrypt data, so that if intercepted by an adversary, the
data is meaningless to them without decryption, which requires a secret key.
Cryptography is primarily used to provide a confidentiality service. On its own, it cannot be
considered a complete solution, rather it serves as a crucial building block within a more extensive
security system to address a security problem.
For example, securing a blockchain ecosystem requires many different cryptographic primitives,
such as hash functions, symmetric key cryptography, digital signatures, and public key cryptography.
In addition to a confidentiality service, cryptography also provides other security services such as
integrity, authentication (entity authentication and data origin authentication), and non-repudiation.
Additionally, accountability is also provided, which is a requirement in many security systems.

3
Cryptography Model
In the diagram, P, E, C, and D represent plaintext,
encryption, ciphertext, and decryption, respectively.
Entity: Either a person or system that sends, receives,
or performs operations on data
Sender: This is an entity that transmits the data
Receiver: This is an entity that takes delivery of the
data
Adversary: This is an entity that tries to circumvent
the security service
Key: A key is data that is used to encrypt or decrypt
other data
Channel: Channel provides a medium of
communication between entities
4
 Cryptography Services
Confidentiality is the assurance that information is only available to authorized entities.
Integrity is the assurance that information is modifiable only by authorized entities.
Authentication provides assurance about the identity of an entity or the validity of a message.
There are two types of authentication mechanisms, namely entity authentication and data origin
authentication.
Entity authentication is the assurance that an entity is currently involved and active in a communication
session. Examples include single-factor authentication (username/password), multifactor authentication
(something you have (hardware/card) + something you are (biometric))
 Data origin authentication (message authentication) is an assurance that the source of the information is
indeed verified. It guarantees data integrity because if a source is corroborated, then the data must not have
been altered. Examples include Message Authentication Codes (MACs) and Digital Signatures.
Accountability is the assurance which states that actions affecting security can be traced back to the
responsible party. This is usually provided by logging and audit mechanisms in systems where a
detailed audit is required
5
Non-repudiation
 Non-repudiation is the assurance that an entity cannot deny a previous commitment or action
by providing incontrovertible evidence. It is a security service that offers definitive proof that a
particular activity has occurred.
 The non-repudiation protocol usually runs in a communication network, and it is used to provide
evidence that an action has been taken by an entity (originator or recipient) on the network.
 The primary requirements of a non-repudiation protocol are fairness, effectiveness, and
timeliness. In many scenarios, there are multiple participants involved in a transaction, as opposed
to only two parties.
 For example, in electronic trading systems, there can be many entities, such as clearing agents,
brokers, and traders that can be involved in a single transaction. In this case, two-party non-
repudiation protocols are not appropriate. To address this problem, Multi-Party Non-Repudiation
(MPNR) protocols have been developed.

6
Cryptographic Primitives
Cryptographic
Primitives

Keyless Symmetric Asymmetric

Primitives Key Primitives Key Primitives

Random Hash Secret Key Digital Public Key

MACs
Numbers Functions Ciphers Signatures Ciphers

Stream
Block Ciphers
Ciphers
7
 Symmetric Cryptography
Symmetric Cryptography refers to a type of cryptography where the key that is used to encrypt
the data is the same one that is used for decrypting the data. Thus, it is also known as Shared Key
Cryptography.
The key must be established or agreed upon before the data exchange occurs between the
communicating parties. This is the reason it is also called Secret Key Cryptography.
There are two types of symmetric ciphers: Stream Ciphers and Block Ciphers.
Data Encryption Standard (DES) and Advanced Encryption Standard (AES) are typical examples
of block ciphers, whereas RC4 and A5 are commonly used stream ciphers.
Stream ciphers are encryption algorithms that apply encryption algorithms on a bit-by-bit basis
(one bit at a time) to plaintext using a keystream.
Block ciphers are encryption algorithms that break up the text to be encrypted (plaintext) into
blocks of a fixed length and apply the encryption block-by-block.

8
 Asymmetric Cryptography
Asymmetric cryptography refers to a type of cryptography where the key that is used to encrypt the
data is different from the key that is used to decrypt the data. This is also known as Public Key
Cryptography.
 It uses both public and private keys to encrypt and decrypt data, respectively. Various asymmetric
cryptography schemes are in use, including RSA, DSA, and ElGammal
 Public key algorithms are slower in terms of computation than symmetric key algorithms. Therefore,
they are not commonly used in the encryption of large files or the actual data that requires
encryption.
 Public key cryptography algorithms are based on various underlying mathematical functions. The
three main categories of asymmetric algorithms are Integer factorization (RSA), Discrete logarithm
and Elliptic Curves Algorithms.
 The most prominently used cryptosystems based on elliptic curves are the Elliptic Curve Digital
Signature Algorithm (ECDSA) and the Elliptic Curve Diffie-Hellman (ECDH) key exchange.

9
Encryption-Decryption
using Public Key
Cryptography
 The diagram illustrates how a sender encrypts
data P using the recipient's public key and
encryption function E and producing an output
encrypted data C which is then transmitted over
the network to the receiver.
 Once it reaches the receiver, it can be decrypted
using the receiver's private key by feeding the C
encrypted data into function D, which will output
plaintext P.
 This way, the private key remains on the receiver's
side, and there is no need to share keys in order to
perform encryption and decryption, which is the
case with symmetric encryption.

10
Signing & Verification
using Public Key
Cryptography
The diagram shows how the receiver uses
public key cryptography to verify the integrity
of the received message.
The diagram shows that sender digitally signs
the plaintext P with his private key using
signing function S and produces data C which is
sent to the receiver who verifies C using sender
public key and function V to ensure the
message has indeed come from the sender.
Security mechanisms offered by public key
cryptosystems include key establishment,
digital signatures, identification, encryption,
and decryption.

11
 Public and Private keys
PUBLIC KEY PRIVATE KEY
 A public key is freely available and published by the A private key, as the name suggests, is a randomly
private key owner. generated number that is kept secret and held
Anyone who would then like to send the publisher of privately by its users.
the public key an encrypted message can do so by Private keys need to be protected and no
encrypting the message using the published public key unauthorized access should be granted to that key;
and sending it to the holder of the private key.
otherwise, the whole scheme of public key
No one else is able to decrypt the message because the cryptography is jeopardized, as this is the key that is
corresponding private key is held securely by the used to decrypt messages.
intended recipient.
Private keys can be of various lengths depending on
Once the public key encrypted message is received, the
the type and class of algorithms used.
recipient can decrypt the message using the private
key. For example, in RSA, typically a key of 1024-bits or
There are a few concerns, however, regarding public 2048-bits is used. The 1024-bit key size is no longer
keys. These include authenticity and identification of considered secure, and at least a 2048-bit key size is
the publisher of the public keys. recommended.
12
Elliptic Curve Cryptography
Elliptic Curve Cryptography (ECC) is based on the discrete logarithm problem
founded upon elliptic curves over finite fields (Galois fields).
The main benefit of ECC over other types of public key algorithms is that it
requires a smaller key size while providing the same level of security as, for
example, RSA.
Two notable schemes that originate from ECC are ECDH for Key Exchange and
ECDSA for Digital Signatures.
ECC can also be used for encryption, but it is not usually used for this purpose in
practice. Instead, it is used for key exchange and digital signatures commonly.
As ECC needs less space to operate, it is becoming very popular on embedded
platforms and in systems where storage resources are limited such as Blockchain.
13
Hash Functions
 Hash functions are used to create fixed-length digests of arbitrarily-long input strings.
 Hash functions are keyless, and they provide the data integrity service. They are usually built
using iterated and dedicated hash function construction techniques.
 Hash functions have many practical applications ranging from simple file integrity checks and
password storage to use in cryptographic protocols and algorithms.
 They are used in hash tables, distributed hash tables, bloom filters, virus fingerprinting, peer-to-
peer file sharing, and many other applications.
They have three security properties, namely preimage resistance, second preimage resistance,
and collision resistance.
There are two practical and three security properties of hash functions that must be met
depending on the level of integrity required.

14
Hash Functions: Practical
Properties
1. Compression of Arbitrary messages into Fixed-length digest
This property relates to the fact that a hash function must be able to take an
input text of any length and output a fixed-length compressed message. Hash
functions produce a compressed output in various bit sizes, usually between
128-bits and 512-bits.
2. Easy to Compute
Hash functions are efficient and fast one-way functions. It is required that hash
functions be very quick to compute regardless of the message size. The
efficiency may decrease if the message is too big, but the function should still be
fast enough for practical use.

15
Hash Functions: Security
Properties
1. Preimage Resistance
Pre-image resistance means that, given a hash value y, it should be computationally infeasible to
find any input x such that the hash function H(x) = y
In simpler terms, you can’t reverse-engineer the original input just by looking at the hash
output.
Here, h is the hash function, x is the input, and y is the hash. The first security property requires
that y cannot be reverse-computed to x. x is considered a preimage of y, hence the name
preimage resistance. This is also called a one-way (hiding) property.
The "computationally infeasible" part typically means it would take an impractical amount of
time—like billions of years—even with the fastest computers.

16
Hash Functions: Security
Properties
2. Second Preimage Resistance
The second preimage resistance property requires that given x and h(x), it is almost impossible to
find any other message m, where m != x and hash of m = hash of x or H(m) = H(x).
This property is also known as weak collision resistance.
Second pre-image resistance means that, given an input m1 and its hash H(m1), it should be
computationally infeasible to find a different input m2 (where m1≠m2 ​) such that H(m1)=H(m2).
In other words, you can’t find a second, distinct input that produces the same hash as the first.
This property protects against someone swapping out a legitimate message with a fraudulent one
that hashes to the same value. For instance, if a software update’s hash is published, an attacker
shouldn’t be able to craft a malicious update with the same hash to trick users into installing it.

17
Hash Functions: Security
Properties
3. Collision Resistance
The collision resistance property requires that two different input messages should not hash to the
same output. In other words, H(x) != H(m). This property is also known as strong collision
resistance.
Collision resistance means it should be computationally infeasible to find any two distinct inputs
m1 and m2 (where m1≠m2​) such that H(m1)=H(m2).
This is about preventing any pair of different inputs from producing the same hash, not just finding
a match for a specific input.
Due to their very nature, hash functions will always have some collisions. This is where two
different messages hash to the same output. However, they should be computationally
impractical to find. A concept known as the Avalanche Effect is desirable in all hash functions. The
avalanche effect specifies that a small change, even a single character change in the input text, will
result in an entirely different hash output.

18
Secure Hash Algorithms (SHAs)
SHA-0: This is a 160-bit function introduced by NIST in 1993.
SHA-1: SHA-1 was introduced in 1995 by NIST as a replacement for SHA-0. This is also a 160-
bit hash function. SHA-1 is used commonly in SSL and TLS implementations. It should be
noted that SHA-1 is now considered insecure, and it is being deprecated by certificate
authorities. Its usage is discouraged in any new implementations.
SHA-2: This category includes four functions defined by the number of bits of the hash:
SHA-224, SHA-256, SHA-384, and SHA-512.
SHA-3: This is the latest family of SHA functions. SHA-3-224, SHA-3-256, SHA-3-384, and
SHA-3-512 are members of this family. SHA-3 is a NIST standardized version of Keccak.
 Keccak uses a new approach called Sponge Construction instead of the commonly used Merkle-
Damgard transformation.
RIPEMD (RACE Integrity Primitives Evaluation Message Digest) and Whirlpool are also other
SHAs.
19
 Design of SHA-256
SHA-256 has the input message size < 264-bits. Block size is 512-bits, and it has a word size of 32-bits. The
output is a 256-bit digest.
The compression function processes a 512-bit message block and a 256-bit intermediate hash value.
Preprocessing:
1. Pad the message to ensure its length is a multiple of 512 bits.
2. Parse the message into 512-bit blocks.
3. Initialize the hash value with eight 32-bit words derived from the fractional parts of the square roots of the
first eight primes.
Hash Computation:
4. Process each 512-bit block through 64 rounds, using unique constants per round.
5. Prepare the message schedule.
6. Initialize eight working variables.
7. Compute the intermediate hash value.
8. Finalize the hash output after processing all blocks.
20
 Hashing vs Encryption
Encryption Hashing
Encryption is the process of converting Hashing is a one-way mathematical
plaintext (readable data) into ciphertext function that converts input data (plaintext)
(unreadable data) using an algorithm and a into a fixed-size string of characters, called a
key. hash value or hash digest.
The primary goal of encryption is to ensure Unlike encryption, hashing is irreversible,
confidentiality by preventing unauthorized meaning you cannot derive the original
parties from accessing sensitive information. input from the hash value.
Encrypted data can be decrypted back into Hash functions are designed to be fast and
its original form using the appropriate deterministic, producing the same hash
decryption key. value for identical inputs.

21
 Hashing vs Encryption
Purpose: Encryption is primarily used for confidentiality, while hashing is used for data integrity and
verification.
Reversibility: Encryption is reversible (with the correct decryption key), whereas hashing is irreversible.
Key Management: Encryption often involves key management for secure key exchange, while hashing does
not require keys.
Output: Encryption produces ciphertext, which can be decrypted back to plaintext. Hashing produces a fixed-
size hash value, which cannot be reversed to retrieve the original input.
Use Cases: Encryption is used for securing communication and data storage, while hashing is used for data
integrity, password storage, and digital signatures.
In summary, encryption and hashing are both essential cryptographic techniques with distinct purposes and
applications. Encryption focuses on confidentiality and reversible transformation of data, while hashing
emphasizes data integrity and irreversible transformation. Understanding the differences and appropriate use
cases of each technique is crucial for implementing robust security measures.

22
 Digital Signatures
Digital signatures provide a means of associating a message with an entity from which the message has
originated. Digital signatures are used to provide data origin authentication and non-repudiation.
Digital signatures are used in blockchain where the transactions are digitally signed by senders using
their private key before broadcasting the transaction to the network. This digital signing, proves they
are the rightful owner of the asset, for example, bitcoins. These transactions are verified again by other
nodes on the network.
Digital signatures have some important properties:
 Authenticity means that the digital signatures are verifiable by a receiving party.
 Unforgeability property ensures that only the sender of the message can use the signing functionality
using the private key. No one else can produce the signed message produced by a legitimate sender.
 Non-reusability means that the digital signature cannot be separated from a message and used again
for another message.

23
 Digital Signatures
A digital signature scheme consists of the following three algorithms:

(sk, pk) := generateKeys(​keysize​) ​

◦ The generateKeys method takes a key size and generates a key pair. The secret key sk is kept privately
and used to sign messages. pk is the public verification key that you give to everybody. Anyone with
this key can verify your signature.
sig := sign(​sk​, ​message​) ​
◦ The sign method takes a message and a secret key, sk, as input and outputs a signature for message
under sk
isValid := verify(​pk​, ​message​, ​sig​) ​
◦ The verify method takes a message, a signature, and a public key as input. It return a boolean value,
isValid, that will be true​if sig is a valid signature for message under public key pk, and false ​otherwise.

24
Sign + Encrypt
If a sender wants to send an authenticated message to a receiver, there are two methods that
can be used: sign then encrypt and encrypt then sign.
Sign then Encrypt: With this approach, the sender digitally signs the data using the private key,
appends the signature to the data, and then encrypts the data and the digital signature using the
receiver's public key. This is considered a more secure scheme as compared to the encrypt then
sign scheme.
Encrypt then Sign: With this method, the sender encrypts the data using the receiver's public
key and then digitally signs the encrypted data.
In practice, a digital certificate that contains the digital signature is issued by a Certificate
Authority (CA) that associates a public key with an identity.
Various schemes, such as RSA, Digital Signature Algorithm (DSA), and ECDSA-based digital
signature schemes are used in practice. RSA is the most commonly used; however, with the
traction of ECC, ECDSA-based schemes are also becoming quite popular. This is beneficial in
blockchains because ECC provides same level of security that RSA does, but it uses less space.
25
Signing and Validating
Transactions
Each transaction input into a block contains a signature that provides proof that the owner of
the sending address has authorized the transaction. The signature is generated and encrypted
using ECDSA, a cryptographic algorithm that takes the private key and transaction data as inputs.
Encryption process to generate a transaction signature

When all the nodes are verifying the transaction, they can easily verify the validity of the
signature by using an ECDSA verify function. Verifying the signature on a transaction:

26
Zero-Knowledge Proofs
Zero-Knowledge Proofs (ZKPs) were introduced by Goldwasser, Micali, and Rackoff in 1985.
These proofs are used to prove the validity of an assertion without revealing any information
whatsoever about the assertion. There are three properties of ZKPs that are required:
completeness, soundness, and zero-knowledge property.
Completeness ensures that if a certain assertion is true, then the verifier will be convinced of
this claim by the prover.
Soundness property makes sure that if an assertion is false, then no dishonest prover can
convince the verifier otherwise.
Zero-Knowledge Property, as the name implies, is the key property of ZKPs whereby it is
ensured that absolutely nothing is revealed about the assertion except whether it is true or false.
ZKPs have sparked a special interest among researchers in the blockchain space due to their
privacy properties, which are very much desirable in financial and many other fields, including
law and medicine.

27
Limitations in Cryptographic
Functions
Cryptography used in the Bitcoin blockchain is exceptionally secure and has stood the test of
time.
In other blockchains, similar security techniques are used and are also very secure. However,
specific security issues such as the possibility of generation and usage of duplicate signature
nonces in elliptic curve digital signature schemes (leading to private key recovery attack),
collisions in hash functions, and a possibility of quantum attacks that may break the
underlying cryptographic algorithms remain an exciting area of research.
It should be noted that Bitcoin is also somewhat protected against quantum attacks because
the quantum attacks can only work on exposed public keys which are only revealed on the
blockchain if both send and receive transactions are made.
If the public key is not revealed, which is the case in unused addresses or the addresses that
may have only used to receive bitcoins, then quantum safety can be guaranteed.
In other words, using a different address for each transaction protects against quantum attacks.
Also, in Bitcoin, it is quite easy to change to another quantum signature protocol if required.
28
 Quantum Computing and Its
Implications for Blockchain
Quantum computing leverages the principles of quantum mechanics—such as superposition,
entanglement, and interference—to perform computations exponentially faster than classical
computers for certain problems.
Most blockchains, like Bitcoin and Ethereum, rely on cryptographic algorithms such as the Elliptic
Curve Digital Signature Algorithm (ECDSA) for securing transactions and wallets, and SHA-256 for
hashing.
Quantum computers, using algorithms like Shor’s algorithm, could potentially break ECDSA by
efficiently solving the discrete logarithm problem, compromising private keys derived from public
keys. This would undermine the security of existing blockchains.
While SHA-256 (used in proof-of-work) is less vulnerable, Grover’s algorithm could still reduce the
time to reverse hashes quadratically, potentially weakening mining security.
A sufficiently powerful quantum computer could enable attackers to forge signatures, double-
spend coins, or disrupt consensus mechanisms, threatening the integrity of decentralized
networks.
29
Anonymity, Privacy, and
Pseudonymity in Blockchain
Cryptography secures blockchain and shapes identity management. Three concepts
define this:
•Anonymity: Fully hides a user’s real identity using tools like zero-knowledge proofs
(e.g., Zcash shielded transactions). Protects users in sensitive cases but can enable
illegal acts, worrying regulators.
•Privacy: Lets users control what’s revealed, using techniques like ring signatures and
stealth addresses (e.g., Monero hides transaction details). Balances protection with
accountability, though it’s complex and attracts scrutiny.
•Pseudonymity: Ties actions to pseudonyms like addresses, not real names (e.g.,
Bitcoin’s public keys). Simple and basic, but analysis can link addresses to identities.
Core tools include public-key cryptography for pseudonyms, hashing for integrity, and
advanced methods like zero-knowledge proofs for stronger privacy and anonymity.
30