Block chain technology: Some related algorithms of block chain

Source: Internet
Author: User
Tags decrypt md5 md5 hash rfc asymmetric encryption

The author of 16 began to focus on block chain technology, block chain of typical representatives, is also the most familiar is the bitcoin, bitcoin from the beginning no one knew the hot world, China's national mining, the ZF ban trading, to now abroad or wind, bitcoin from the beginning of trading to now should be the longest-growing "futures" bar, Many programmers feel that they missed out on a chance to become a billionaire.

Bitcoin and block chain related documents can refer to:

"C%23 block chain programming. pdf"

"Proficiency in Bitcoin. pdf"

Block chain + + from digital currency to credit union. pdf

"Block chain + + technology-driven finance. pdf"

"Block chain + + New Economic Blueprint and guide. pdf"

"Block chain + how will redefine the world. pdf"

"Block chain technical guide. pdf"

"Block chain society. PDF"

Download Address:

Link: https://pan.baidu.com/s/14Mnhf6ZuLigW4KW-nUqHbg Password: TKDN

This article mainly talk about or review some of the university's basic algorithms.

1, hash algorithm


Defining hash (hash or hash) algorithms is a very basic and very important technology in the field of information technology.
It can map the binary value (plaintext) of any length to a shorter fixed-length binary value (hash value), and different plaintext is difficult to map to the same hash value.
For example, the MD5 hash value for a phrase "Hello Blockchain world, this is Yeasy@github" was calculated as 89242549883a2ef85dc81b90fb606046. $ echo "Hello Blockchain world, this is Yeasy@github" |md5 89242549883a2ef85dc81b90fb606046 which means we just have to do a MD5 hash calculation on a file and get the result For 89242549883a2ef85dc81b90fb606046, this means that the maximum probability of the file content is "Hello Blockchain world," the IS Yeasy@github.
As you can see, the core idea of hash is very similar to content-based addressing or naming.
NOTE: MD5 is a classic hash algorithm, and the SHA-1 algorithm has been proven to be inadequate for commercial scenarios.
A good hash algorithm, will be able to achieve: forward fast: Given plaintext and hash algorithm, in finite time and finite resources can calculate the hash value.
Reverse difficulty: given (some) hash value, it is difficult (basically impossible) to invert the plaintext in a finite time.
Input Sensitivity: Raw input information to modify a little information, the resulting hash value should look very different.
Conflict avoidance: It is difficult to find two clear text with different contents, so that their hash values are consistent (conflicts occur). Conflict avoidance is sometimes referred to as "collision resistance".
If a clear text is given, it is not possible to find another clear text of the collision, which is called "anti-weak collision", and if no two plaintext can be found, a collision is called the algorithm has "strong collision resistance".
The popular algorithms currently popular with hash algorithms include MD5 (which has been proven insecure) and SHA-1, both of which are based on MD4. MD4 (RFC 1320) was designed by MIT's Ronald L. Rivest in 1990, and MD is the abbreviation for message Digest. Its output is 128 bits.
MD4 is not safe enough. The hash algorithm, MD5 (RFC 1321), is an improved version of Rivest in 1991 for MD4. It still takes 5 for the input12-bit grouping with 128-bit output. MD5 is more complex than MD4, and it is a bit slower to calculate, but more secure.
MD5 is not safe enough. SHA1 (Secure Hash algorithm) is designed by the NIST NSA, and its output is a 160-bit length Hash value, so it's better to be poor.
The SHA-1 design is based on the same principle as the MD4 and imitates the algorithm.
To improve security, the NIST NSA also designed the SHA-224, SHA-256, SHA-384, and SHA-512 algorithms (collectively called SHA-2), similar to the SHA-1 algorithm principle.
Performance of the general, the hash algorithm is a force-sensitive, meaning that the calculation of resources is the bottleneck, the higher the frequency of the CPU to hash faster. There are also some hash algorithms are not sensitive, such as scrypt, require a large amount of memory resources, nodes can not simply add more CPU to get the performance of the hash improved.
2. Digital Summary
As the name suggests, a digital digest is a hash of the numeric content, obtaining a unique digest value to refer to the original digital content.
a digital digest is a problem that ensures that the content has not been tampered with (using the anti-collision feature of the hash function).
a digital digest is one of the most important uses of the hash algorithm.
when downloading software or files on a network, a numeric digest value is often provided, and the user downloads the original file to
compute on its own, and is compared to the provided summary value to ensure that the content has not been modified.
Number Summary
61

3, encryption algorithm

Public key Private Key System
the typical components of modern encryption algorithm include: Encryption and decryption algorithm, public key, private key. Encryption
process, through the encryption algorithm and public key, the plaintext encryption, access to ciphertext. Decryption
process, through the decryption algorithm and the private key, to decrypt the ciphertext to obtain clear text.
depending on whether the public key and the private key are the same, the algorithm can be divided into symmetric and asymmetric encryption. The two models are suitable for different needs
, just form complementary, often can be combined to form a combination mechanism.
symmetric encryption as the
name implies, the public and private keys are the same. The
advantages of encryption and decryption speed, space footprint small, high confidentiality. The
disadvantage is that participating parties need to hold the key, and if someone leaks it, security is compromised, and how other distribution keys
are also a problem. The
representative algorithm includes DES, 3DES, AES, idea and so on. For
a large number of data encryption and decryption, can not be used for signature scenes. Asymmetric
Encryption as
the name implies, public and private keys are different.
Public key is generally public, everyone can obtain, the private key is usually held by the individual, can not be acquired by others. The
advantage is that the public key is separate, easy to manage, and easy to complete key distribution.
The disadvantage is that the encryption and decryption speed is slow.
representative algorithm includes: RSA, ElGamal, Elliptic Curve Series algorithm.
generally applicable to the signature scene or key negotiation, not suitable for a large number of data encryption and decryption. The
combination mechanism
is the first to negotiate a temporary symmetric encryption key (session key) with asymmetric cryptography with high computational complexity, and then the two sides can encrypt and decrypt the
large amount of data transmitted by symmetric encryption.

4, digital signature and digital certificate

A digital signature is similar to a
signature confirmation contract on a paper contract, and a digital signature is used to verify the integrity and source of a digital content. A to
B a file. A Summary of the file, and then encrypted with its own private key, the file and the encrypted string to
B. B after receiving the file and encryption string, using a public key to decrypt the encryption string, get the original digital summary, and the text of the
summary after the results of the comparison. If consistent, the file is indeed a sent, and the contents of the file
have not been modified.
multiple signatures
N-holders, collected at least m () signatures, that are considered legal, are called multiple signatures.
where n is the number of public keys provided, M is the minimum number of signatures needed to match the public key, and the
group signature ring signature ring was
first proposed by Rivest,shamir and Tauman three cipher scientists in 2001. Ring signature belongs to a simplified
group signature. The
signer first selects a temporary signer's collection, which includes the signer itself. The signer then uses his private key
and the other person's public key in the signature collection to generate the signature independently, without the help of others. Other members of the signer's collection
may not know that they are included.
a digital certificate
digital certificate is used to prove who a public key is.
for digital signature applications, it is important to distribute the public key. Once the public key is replaced, the entire security body is
destroyed.
how to ensure that a public key is indeed a person's original public key.
This requires a digital certificate mechanism. As
the name suggests, a digital certificate is like a certificate, proving information and legality. Issued by the certification Authority
(certification AUTHORITY,CA).
digital signatures and digital certificates The contents of the
digital certificate may include the version, serial number, Signature algorithm type, issuer information, validity period, the issuer,
the public key of the signature, the CA digital signature, other information, and so on.
among them, the most important includes the public key issued, CA digital signature two information. As a result, it is possible to
prove that a public key is legal by using this certificate because of a digital signature with a CA.
further, how to prove that the CA's signature is legally illegal.
Similarly, the CA's digital signature is legally illegal and is certified by the CA's certificate. The mainstream operating system and browsers
will advance some CA certificates (acknowledging these are legitimate certificates), and all signatures based on their authentication will
naturally be considered legitimate.

5. PKI System

PKI (public Key infrastructure) system does not represent a certain technology, but a combination of multiple cryptography means to achieve an
all reliable transmission message and identity confirmation of a framework and norms. In
General, include the following components:
CA (certification authority): Responsible for issuing and invalidating certificates, receiving requests from RA
(registration Authority): Authenticating user identities, verifying data legality, registering, auditing
When it is approved, it is issued to the CA;
Certificate database: Storage certificate, generally using LDAP directory service, standard format using X.500 series. The
CA is the core component that completes the management of the public key. As we have described in previous chapters, there are two types of keys
: for signatures and for decryption, which are called signature key pairs and cryptographic key pairs.
users based on PKI system to apply for a certificate, generally can be generated by the CA certificate and private key, you can generate the public
key and private key, and then by the CA to issue the public key.

6. Merkle Tree

Merkel (also called Hashi) is a binary tree consisting of a root node, a set of intermediate nodes, and a set of leaf nodes. The
Bottom leaf node contains the stored data or its hash value, each intermediate node is the hash value of its two child node content
, and the root node consists of the hash value of its two child node contents.
Further, the Merkel tree can be extended to the case of a fork-tree.
The hallmark of Ms Merkel's tree is that any changes to the underlying data are passed on to their father's node, all the time to the roots.
Typical scenarios for Ms Merkel's tree include:
A quick comparison of large amounts of data: When two Merkelshigen are the same, it means that the data represented is necessarily the same.
Rapid Positioning Modification: for example, in the above example, if the data in D1 is modified, it affects N1,n4 and Root. Because of
this, along the Root--> N4--> N1, you can quickly locate the D1 that has changed;
0 Proof of knowledge: for example, how to prove a data (D0 ...). D3) includes the given content D0, very simply, constructs
a Merck tree, announces that n0,n1,n4,root,d0 owners can easily detect D0 presence, but do not know
what else

7, the same state of encryption

The definition of
homomorphic encryption (homomorphic encryption) is a special encryption method, which allows the processing of ciphertext to be still encrypted, that is, the direct processing of ciphertext, with the
processing of plaintext and then encryption, the results are the same. From
The algebraic point of view, that is, homomorphism.
If an operator is defined, the encryption algorithm E and decryption algorithm D are satisfied:
This means that the operation satisfies the homomorphism.
the homomorphism includes the additive homomorphism, the multiplication homomorphism, the subtraction homomorphism and the division homomorphism in algebra. The same state of addition and multiplication is also satisfied, which
means that it is an algebraic homomorphism, that is, the whole homomorphism. It is called the arithmetic homomorphism to satisfy four kinds of homomorphism at the same time.
The problem of historical homomorphic encryption was first proposed by Ron Rivest, Leonard Adleman and Michael L. Dertouzos in 1978
, but the first "all homomorphism" algorithm was Cregg Kintry by 2009 (C Raig Gentry) proved.
algorithms that satisfy only the additive homomorphism include paillier and Benaloh algorithms; algorithms that satisfy only multiplicative homomorphism include RSA and
ElGamal algorithm.
homomorphic Cryptography is of great significance in the cloud era. At present, from the security point of view, users are also afraid to put sensitive information directly to the
third party cloud processing. If there is a more practical homomorphic encryption technology, then we can rest assured that the use of a variety of cloud
services.
Unfortunately, the current known homomorphic encryption technology needs to consume a lot of computing time, still far from the practical level.
one problem with function encryption
related to Homomorphic cryptography is function encryption.
the same state encryption protects the data itself, while function encryption, as the name implies, protects the processing function itself, which means that the third party does not see the
processing process under the premise of processing the data.
the problem has proved to be that there are no multiple key schemes for multiple common functions, and only one key scheme for a particular function is currently available
.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.