"Nodejs Development Crypto Currency" IX: Using encryption and decryption technology in Nodejs

About

"Nodejs development Crypto Currency" is a detailed development document for cryptocurrency products, involving all aspects of developing products using NODEJS, from front-end to backstage, from server to client, from PC to mobile, encryption and decryption, and District section chain. The code is completely open source and the article is free to share. Related Resources See http://ebookchain.org

QQ Exchange Group: 185046161

Objective

The role of encryption and decryption technology in crypto currency development is self-evident. But the technology itself is not new, it is important that if there is no front-to-peer network, and the following to introduce the blockchain, the separate encryption and decryption is obviously not so magical, the crypto currency will not be a no authentication, highly credible strong network.

However, referring to the encryption and decryption technology, the industry's general rule is that the use of ready-made components, strictly follow the document to do, do not be smart, this is the use of encryption and decryption technology is the safest way. This article is to study Ebookcoin how to use the encryption and decryption technology.

Source

EbookcoinNo extensions are provided, all using Nodejs's own crypto module for encryption, using Ed25519 component signing authentication. The code involved in this article:

Accounts.js:https://github.com/ebookcoin/ebookcoin/blob/master/modules/accounts.js

Account.js:https://github.com/ebookcoin/ebookcoin/blob/master/logic/account.js

Class diagram

Flow chart

Concept

Just introduce the least of the concepts involved (to tell the truth, we will not, even dare).

(1) Private key and public key

The concept of cryptography involves obscure, telling a small story, just a little bit clear. University a buddy Chase girlfriend has zeixin not Zeidan, has not dared to say "I love You", just think of a trick, write down "J MPWF ZPV" to another girl, let her help the messenger. Then, when his girlfriend was curious to call, he told her to postpone the 1 letters in turn, combining them with what he wanted to say.

Regardless of success or not, first look at the concept: here "I Love You" is 明文 , "J mpwf ZPV" is 密文 , the backward 1 letter is the 加密 process, forward is the 解密 process, and this rule is 算法 . This simple encryption and decryption process is called "symmetric encryption." The disadvantage is obviously, must have to call to tell the girlfriend how to decrypt, do not know walls have ears.

Of course, the safer way is not to call and handle. Nature is here the private key and the public key, they are long string values, the private key is like a bank card password, the public key is like a bank card account, account who can know, but only the person who master the private key password can operate. However, the private key and the public key are more intimate and advanced, with the private key signature information, the public key can be authenticated, the opposite can be. This provides the convenience of network transmission and encryption. This is "asymmetric encryption."

(2) Encrypted currency address

The originator of the cryptocurrency, Bitcoin, a bitcoin address is a public key, in the transaction, the Bitcoin address is usually the payee appears. If the bitcoin transaction must be a cheque, the Bitcoin address is the payee, that is, we have to write the payee column of the content.

The private key is a randomly selected number, in the bitcoin transaction, the private key is used to generate the signature necessary to pay the Bitcoin to prove the ownership of the funds, that is, the control of all funds in the address depends on the ownership and control of the corresponding private key.

The private key must always remain confidential because once it is leaked to a third party, the equivalent of the Bitcoin under the protection of the private key is lost. The private key must also be backed up to prevent accidental loss because the private key is hard to recover once it is lost, and its protected bitcoins are lost forever.

EbookcoinThe same is true, but more directly the generated public key address as the user's ID, as a network of identity proof. More emphasis on the user should carefully save the initial set of long password string, instead of simple private key preservation, more flexible.

(3) encryption process

The Nodejs Crypto module provides a way to encapsulate security credentials for HTTPS networks or HTTP connections, and also encapsulates the HASH,HMAC, encryption, decryption, signing, and verification methods of OpenSSL.

In the coin ring, when it comes to cryptography, hash algorithms are often heard. Many small pots are often confused with data formats such as arrays (array) and hash (hash), so that the results obtained by the hash algorithm are like key-value pairs in JSON format.

In fact, this is the language difference, Hash but also n. 混杂，拼凑; vt. 搞糟，把…弄乱 the meaning. Therefore, the so-called hash algorithm, interpreted as hybrid algorithm or scrambling algorithm, more intuitive.

EbookcoinUsing the sha256 hash algorithm (in addition to md5,sha1,sha512, etc.), this is one of the most effective security algorithms verified by many people (see reference). With Crypto a module, simple encryption generates a hash value:

var hash = crypto.createHash(‘sha256‘).update(data).digest()

In this case, the algorithm is used to crypto.createHash(‘sha256‘) sha256 create a hash instance, and then the method is used to receive the data, and then the .update(data) 明文 .digest() encrypted string is obtained 密文 .

Then, using the Ed25519 component, simply generate the corresponding key pair directly:

var keypair = ed.MakeKeypair(hash);

(4) Verification process

The role of encryption technology, heavy in transmission and verification. Therefore, crypto currency does not need to study how to decrypt the original text. Instead, it is safe and quick to validate. Ebookcoin Ed25519 Third-party components are used.

The component is a digital signature algorithm. The signature process does not rely on random number generators, there is no time channel attack problem, and the signature and public key are small. Signature and verification performance is very high, a 4-core 2.4GHz Westmere CPU, 71,000 signatures per second can be verified, security is very high, equivalent to RSA about 3000-bit. One line of code is sufficient:

var res = ed.Verify(hash‘ ‘‘ ‘);

Practice

In the Ebookcoin world, the Ebookcoin user-set password is generated by generating the private key and the public key, and the public key is converted into a 16-character string to generate the account ID (similar to the Bitcoin address). When making a payment, just enter the account ID (or user alias). The ID, usually 160 (20 bytes) long, plus the suffix at the end L , which is 21 bytes in length.

Therefore, in the course of use, it will be found that the software (wallet program) only requires the password (usually very long), rather than the traditional website, but also the user name and other information. This is usually the benefit of cryptocurrency, which guarantees security and anonymity.

EbookcoinAsk the user to save the long plaintext cipher string that was originally set, which is the real key to retrieve the account (wealth). This is much more convenient than just keeping the private key, and of course, there are risks, especially those who prefer to use short passwords. Of course, Ebookcoin the practice is to provide two of signatures (similar to payment password), multiple signatures and other measures to compensate for these problems.

Here, just look at the generation of the user ID, and experience the above process, see the code:

Modules/accounts628Line Shared.generatepublickey =function(req, CB)    {var BODY = Req.body; Library.scheme.validate (Body, {...Required: ["Secret"]    },function(ERR) {...//644Line Private.openaccount (Body.secret,function(Err, account) {...CB (Err, {publickey:publickey});    }); });};/ /447Line Private.openaccount =function(Secret, CB) {var hash = Crypto.createhash (' sha256 '). Update (Secret,' UTF8 '). Digest (); var keypair = ed.    Makekeypair (hash); Self.setaccountandget ({publicKey:keypair.publicKey.toString (' Hex ')}, CB);};/ /482Line Accounts.prototype.setAccountAndGet =function(Data, CB) {var address = Data.address | | null;if(address = = = NULL) {if(Data.publickey) {//486Line address = Self.generateaddressbypublickey (Data.publickey);...}    }...//494Line Library.logic.account.set (address, data,function(ERR) {...});};/ /modules/accounts455Line Accounts.prototype.generateAddressByPublicKey =function(PublicKey) {var Publickeyhash = Crypto.createhash (' sha256 '). Update (PublicKey,' Hex '). Digest (); var temp = new Buffer (8); for(var i =0; I <8; i++) {Temp[i] = publickeyhash[7-I]; } var address = Bignum.frombuffer (temp). toString () +' L ';if(!address) {Throw Error ("Wrong PublicKey"+ PublicKey); }returnAddress;};

Description: The above 628 lines, is the method of generating the public key, usually requires the user to provide one secret . 447 lines, you can see that the user password is encrypted, and then directly generated a key pair, and then continue to process the public key. 486 lines Call the method generateAddressByPublicKey , 455 rows, the method of the public key once again encrypted, and then do 16 binary processing, to get the address.

Process, the private key has no processing, directly ignored. This is because the use of this method ed25519 , based on a clear-text password processing results are not random, the user as long as the protection of their own plaintext password string, you can generate the corresponding private key and public key.

Summarize

Encryption and decryption technology is very professional, it takes time, in-depth study. This article right when the introduction, and does not have the transaction, the block and the principal and so on the cryptographic verification processing process carries on the analysis, the procedure is similar, the subsequent reading will further explain.

Link

This series of articles is updated immediately, to keep up to date, please follow the link below

Source Address: Https://github.com/imfly/bitcoin-on-nodejs

ebook reading: http://bitcoin-on-nodejs.ebookchain.org

Reference

ED25519 official website

A practical Guide to Modern Cryptography (2015)

One hour of cryptography must be known

Talking about the crypto module in Nodejs

"Nodejs Development Crypto Currency" IX: Using encryption and decryption technology in Nodejs