Bitcoin encryption algorithms there are two categories: Asymmetric encryption Algorithm (Elliptic curve encryption algorithm) and hashing algorithm (sha256,rimped160 algorithm).
Bitcoin private key (private key), public key, public key hash value (Pubkeyhash), Bitcoin address
The public key and private key are generated by elliptic curve encryption algorithm, the private key can be launched public key and vice versa, this is the second part of this article to be a grand introduction of the part.
With the private key, you can sign the text. If someone takes your public key, you can verify that you have a private key based on your signature. This is the way to prove that you have a deposit.
For security reasons, the public key should be hidden. So hash the public key, generate the public key hash value, and then compute the hash value of the Bitcoin address:
Public key hash Value =rimped160 (SHA256 (public key))
Bitcoin address =*1*+base58 (0+ public key hash + check code)
Check digit = First four bytes (SHA256 (SHA256 (0+ public key hash))
As you can see, the address and public key hash values are equivalent (can be mutually pushed) but the public key hash value can only be calculated by the public key (cannot be reversed).
The signature and the public key are required for validation, the public key hash is calculated and compared to the public key hash of the Bitcoin expense script, and the signature is finally verified. This ensures that the public key is not present in the expense script.
(The revenue Slip provides a signature, the expense slip provides a public key, or the revenue slip provides a signature and a public key, and the expense order provides the public key hash value, both of which are standard scripts for bitcoin)
hashing (hash) algorithm
The hashing algorithm (also known as hash algorithm) is not a cryptographic decryption algorithm, because its encryption process is irreversible (you can only encrypt cannot decrypt), there is no concept of the so-called public key private key.
The hashing algorithm works by converting a piece of information into a fixed-length string. This string of strings has two features:
1. If two pieces of information are the same, then the string is the same.
2, even if the two pieces of information are very similar, but as long as it is different, then the string will be very messy random and two strings are completely unrelated.
Information can be a bunch of numbers, a file, a book ... As long as it can be encoded into a series of numbers.
Obviously, there are countless kinds of information and the type of string is finite (because it is fixed length), so this encryption is irreversible.
The purpose of the hashing algorithm
1. Verify that the two pieces of information are the same.
A use QQ to send a file to B, this file will be stored on the QQ server. If c also pass this file to D,QQ will compare the hash value of this file and a to B file hash value is the same, if the same is the same file, C does not need to upload the file to the server again. This is called the second pass.
A compressed package may be damaged when it is transmitted. Calculate the hash value of the original file before compressing and put it into the compressed package, and then compute the hash value of the extracted file again after decompression. Compare the hashes in the compressed package to know if the file is corrupt. The same is true of the so-called hash verification in BT and Thunderbolt downloads.
2. Verify that someone is the bearer of information.
In a forum to register the account, if the forum to save the password, because no forum how safe can be cracked, so the password will always have the possibility of leakage.
If you do not save the password, the hash encrypted value of the password is saved. The next time you log on to the forum, the hash of the password you entered is the same as the hash value of the password you registered, and if the same you can prove that you are the password holder. This ensures that the password is compromised and that the function of the verification holder is ensured.
decoding of hashing algorithms
If the forum is cracked, hackers get a hash value, but the hacker only hash value is still unable to log on to the forum, he has to calculate the user's password.
He can randomly generate a password a try, if the calculated hash value is exactly the same as this hash value, then the password is available. This is the so-called guess password.
Obviously, the longer the password, the more complex the password, and the less likely it is to guess. If there is a way to increase the likelihood of guessing so large that it can be tolerated, the hashing algorithm is cracked.
For example, the probability of the original guess is 1/10000000000000, now increases to 1/1000. If it takes 1 seconds to guess a password, guess that the sun is destroyed by the probability of the previous one, but the latter only takes 1 hours.
In addition, because the type of information is unlimited, so you guess the password is not necessarily the original password, they may happen to the same hash value, this is called collision.
Like increasing the probability of guessing, if you can increase the probability of collisions, then the same can be easily logged into the forum (because the forum does not know what the original password, so guess the password and the original password is not the same, as long as the same hash value).
Once a collision is easily generated, the hashing algorithm is cracked. A few years ago a noisy hash algorithm cracking is so, mathematicians through a certain way to increase the probability of collisions.
approximate encryption process for hashing algorithms
1, the original text is supplemented and split processing (generally divided into a plurality of 512-bit texts, and further divided into 16 32-bit integers).
2. Initialize the hash value (typically split into multiple 32-bit integers, e.g. SHA256 is a 256-bit hash value decomposed into 8 32-bit integers).
3, to calculate the hash value (depending on the different algorithms for the calculation of the number of rounds, each 512-bit text will have to pass the calculation of the number of rounds).
After this processing, the hash value appears to be very cluttered and random.
Asymmetric Encryption Algorithm
Asymmetric encryption algorithm is the most important encryption and decryption algorithm in the world.
The so-called asymmetric means that the public and private keys used for encryption and decryption are different.
Asymmetric encryption algorithm relies on solving a mathematical problem difficult to verify a mathematical problem simple.
The well-known RSA encryption algorithm is based on the principle that the factorization of a large integer is difficult and the verification factor is easy to make up a large integer.
Specifically, for example, for a factor of 143, you may need to divide 11 times to get 143=11*13 results. But to validate the 11*13=143, only one multiplication is needed.
To crack RSA, you only need to be able to quickly decompose large integers, which is obviously the simplest and quickest way to crack RSA. But it is not easy to decompose large integers (mathematically called np-hard problems), which is why RSA can guarantee that it cannot be cracked.
Conversely, if humans find a way to quickly decompose large integers (for example, by using quantum computers) one day, the RSA algorithm is immediately cracked.
general principles of the RSA algorithm
Generate public and private keys:
1, generate a pair of large prime number p,q, find out N=p*q and f= (p-1) * (q-1).
2, generate a random number E, meet E<f and E,f coprime.
3, find out e about the inverse d of F, that is to find E*d=1 mod F.
Set clear text to M, ciphertext to G.
Encrypt with public key n,e: M^e=g mod n
Decrypt with private key n,d: G^d=m mod n
Proof that the decrypted plaintext is the original plaintext:
According to the encryption and decryption rules, the G=M^E mod n into g^d=m mod n, found as long as the proof m^ (e*d) =m mod n (the principle of congruence operation).
Since e*d=1 MoD F, just prove m^ (f+1) =m mod n. According to Euler's theorem, F is the Euler function, so the proof. (Specific mathematical principles are not mentioned here)
Obviously, if you know F, you can calculate the D crack plaintext based on the public key n,e. To know F, you have to know P and Q. To know P and Q, n must be decomposed. So RSA's hack relies on integer decomposition.
If you are interested in RSA algorithms, look at these two articles.
Elliptic curve encryption algorithm
Imagine a multiplication that computes a c=a*b in the case of a known a, B, but is known that c,a cannot be calculated.
We can use this multiplication for encryption and decryption.
Set clear m, ciphertext g1,g2.
Encrypt with public key a,c=a*b,r (random number):
Decrypt with private key, a: M=G1-B*G2
We can also use this multiplication for signature authentication.
Set the original m, signature g1,g2.
Sign with the private key a,b,r (random number):
Verify with Public key:
= (r-g1*b) *a+g1*c
Calculates whether the SHA (m,x) is equal to G1.
This is the Elliptic Curve encryption algorithm at the encryption and decryption level.
the point multiplication of elliptic curve encryption algorithm
How to find such a multiplication is the key of elliptic curve encryption algorithm. The usual multiplication of integers is not enough to satisfy this requirement. Multiplication comes from addition, we must define new arithmetic rules.
For example, defining A!+b=a*b,a!*b=b^a, where!+ and!* are new definitions of addition and multiplication of numbers, we get the conclusion that:
Addition Exchange Law: A!+b=b!+a
Addition binding law: (a!+b!) +c=a!+ (B!+c)
The addition 0 element exists: a!+1=a*1=a, where 1 equals 0 of the normal addition.
Addition negative elements exist: a!+b=a!+ (1/a) =a* (1/a) =1
Quantity multiplication unit element exists: 1!*b=b^1=b
Number Multiplication Binding law: (a*b)!*c=c^ (a*b) =c^ (b*a) =c^b^a=a!* (c^b) =a!* (b!*c)
Addition multiplication ratio: (k+l)!*a=k!*a+l!*a
Add multiplication rate: k!* (a!+b) =k!*a!+k!*b
Such addition and multiplication satisfies many of the properties of ordinary addition and multiplication, but satisfies certain conditions, for example, it is more difficult than the original multiplication to find B based on A and c=a!*b=a^b (requires a logarithmic operation).
Our goal is to find such an addition and multiplication so that it satisfies the conditions described in the preceding article. Mathematicians found this approach by studying the elliptic curve:
Set the plane on the two point P (x1,y1), Q (x2,y2), then P+q=r (x3,y3), meet X3=k^2-2x1,y3=k (X1-X3)-y1,k= (3*x1)/(2Y1). Define K*P=P+P+P+....+P.
Such a set (for the point on the plane) algorithm (addition and point multiplication) satisfies this requirement.
What does this have to do with elliptic curves? In fact, if both P and Q are points on the curve y^2=x^3+7, then P+q=r is also a point on the y^2=x^3+7 of the elliptic curve and the three points are on a straight line.
This is not a coincidence, but a counter-launch. That is, when P and Q are points on the curve, then the intersection of the line PQ and the curve is r, and the coordinates of R are calculated as (x3,y3).
The Elliptic Curve encryption algorithm is used because it is faster than the RSA algorithm and is capable of implementing functions similar to those of the RSA algorithm.
When actually used, the curves and points need to be discretized, and the coordinate system is extended. This involves more mathematical knowledge and, if you are interested, refer to this article:
For the parameters used in the elliptic curve in Bitcoin, refer to this:
Encryption algorithm for Bitcoin