● Advanced Technology

Cryptography – Putting the Crypto into Currency

10 minutes 8 months ago

Cryptography, often hailed as the guardian of digital security, has undergone a transformative journey since its ancient origins. With the advent of cryptocurrencies like Bitcoin, cryptography has not only revolutionised financial transactions but has also become synonymous with the future of currency. In this beginner's guide to cryptography, we delve into the intricate world of encrypting and decrypting information, exploring its historical significance and modern applications.

Beginner’s guide to cryptography

In 2009, with the introduction of the Bitcoin protocol, a novel currency system emerged, different from the traditional money in its method of security and issuance.

Unlike fiat currencies such as Australian Dollar or the U.S Dollar, which have no intrinsic value and rely on trust in the conventional banking system and are issued by central banks of respective nations, Bitcoin and subsequent cryptocurrencies operate on a fundamentally different principle. They are secured and issued through the application of cryptography.

While fiat currencies derive their value from trust in national financial institutions and the backing of military state power, Bitcoin's value is upheld by a transparent system of rules dictated by cryptographic techniques. Instead of relying on the discretion of governments, corporations, or individuals, Bitcoin users trust in the inherent security and predictability of its protocol, unaffected by market fluctuations or sentiment.

What is cryptography?

Cryptography is the study of encrypting and decrypting information. In short, it is the practice of altering a message so that only the sender and intended recipient or recipients can understand it.

Cryptography serves as a formidable barrier against unauthorised access to encrypted messages, rendering it highly improbable for anyone other than the intended recipient to decipher the information contained within.

The earliest form of cryptography could be dated back to the 7th century B.C. in ancient Greece with methods such as the scytale, where secret messages were inscribed on leather strips wrapped around sticks. These messages could only be deciphered by individuals who own a corresponding stick of identical diameter.

Throughout history, cryptography has played a crucial role, particularly in war time, by ensuring the security of communications between dispersed military units. Notably, during World War II, the decryption of Nazi radio transmissions encoded by the Enigma cipher machine was instrumental in halting the European invasion.

Today, cryptography is integral to the functionality and security of cryptocurrencies like Bitcoin. By leveraging cryptographic techniques, cryptocurrencies enable anonymous, secure, and decentralised transactions, eliminating the need for intermediaries such as banks, credit card companies, or governments. It is is essential for various functions:

  • Generating cryptographic wallet key pairs
  • Facilitating the mining process to issue new bitcoins
  • Digitally signing transaction messages.

Moreover, cryptography is pervasive in modern computing, safeguarding data transmission and storage, ranging from online searches to email correspondence.

Encryption & Decryption

Encryption

Encryption is the process by which a normal readable message is converted to an unreadable form to prevent unauthorised parties from reading it. The original message is called the plaintext message. The encrypted one is called the ciphertext message.

Decryption

Decryption is the process of converting an encrypted message back to its original (readable) format.

Digital encryption algorithms operate by mathematically altering the digital content of a plaintext message using an encryption algorithm and a digital key, resulting in a ciphertext rendition of the message. Secure communication between sender and recipient is achieved when they exclusively possess the key.

Encryption keys play a pivotal role in cryptography, rendering messages, transactions, or data values indecipherable to unauthorised readers or recipients. Only the intended recipient possesses the capability to decipher and process the information, thus ensuring its secrecy or "crypto" nature.

The fundamentals of cryptography

To completely understand Cryptography, you need to know their types and their work. Now based on the number of keys employed for encryption and decryption, there are two main sorts of Cryptography, which are:

  • Symmetric Encryption
  • Asymmetric Encryption

In this post, we will also cover an additional classification, the Hash Functions. Each has specific applications that are irreplaceable to each other. For example, asymmetric encryption is needed to generate the private/public key pairs, while hash functions are needed to produce unique digital fingerprints.

Symmetric Encryption

In symmetric encryption, a single key is employed for both encryption and decryption. The sender uses the key to encrypt the plaintext and sends the ciphertext to the receiver, who applies the same key to decrypt the message and recover the plaintext.

Compared to asymmetric key systems, symmetric key systems are faster and simpler. However, this sort of encryption bears a vital weakness: the key-exchange problem between sender and receiver if the key is not known in advance.

There are two types of symmetric encryption:

Decryption

Block ciphers

Block ciphers divide the input into fixed-size blocks, such as 128 bits, and each block undergoes processing by various functions utilising a secret key. The algorithm dictates the block length, key, and functions utilised in this process.

Several commonly employed block ciphers are:

Data Encryption Standard (DES)

  • Block length: 64 bits
  • Key length: 56 bits

DES emerged as a prominent block symmetric cipher during the early 1970s. It underwent extensive scrutiny and was endorsed as a federal standard by the National Bureau of Standards (US) in 1976, subsequently becoming part of ANSI standards as the Data Encryption Algorithm for the private sector in 1981. However, DES fell out of favour at the onset of the twenty-first century due to its relatively short key length, rendering it susceptible to brute-force attacks.

Advanced Encryption Standard (AES)

  • Block length: 128 bits
  • Key length: 128, 192, or 256 bits

AES, a contemporary block symmetric cipher, enjoys widespread adoption globally. Conceived in 1997 by Vincent Rijmen and Joan Daemen, AES received federal encryption standard accreditation in the United States in 2002. It is recognized for its robustness and security, with any reported attacks against its implementations being isolated incidents rather than systemic vulnerabilities.

Triple DES (3DES)

  • Block length: 64 bits
  • Key length: 56, 112, or 168 bits

3DES was developed as an enhancement to DES encryption, which, having originated in the early 1970s and relying on a 56-bit key, proved vulnerable to exploitation by contemporary computing capabilities.

Stream ciphers

Stream ciphers offer greater adaptability than block ciphers. They are created to encrypt individual characters, typically binary digits, of a plaintext message sequentially using an encryption process that evolves over time. In contrast, block ciphers typically encrypt blocks of plaintext simultaneously using a consistent encryption process.

In general, the hardware involved in stream ciphers operates at a faster pace than that of block ciphers. Stream ciphers are also more suitable and sometimes obligatory, such as in certain telecommunications scenarios, where buffering capacity is restricted or where characters need to be processed individually upon receipt. Due to their minimal or nonexistent error propagation, stream ciphers may also prove advantageous in contexts where transmission errors are highly probable.

Some popular stream ciphers include:

RC4

  • Key length = up to 2,048 bits

RC4 is a stream cipher with variable key sizes, employing byte-oriented operations. It finds extensive usage in prominent protocols, such as safeguarding Internet traffic (Transport Layer Security, TLS) or securing wireless networks (Wired Equivalent Privacy, WEP).

One-Time Pad (OTP)

  • Key length = message length

The concept behind the One-Time Pad (OTP) entails utilising a key with a length at least equal to that of the message (plaintext), comprising genuinely random numbers. Each character of the plaintext is combined with a corresponding element from the OTP, yielding a ciphertext devoid of any discernible relation to the plaintext when the key is unknown. Upon reception, the same OTP is employed to recover the original plaintext.

Salsa20

  • Key length = 32 bytes

Salsa20, a cipher introduced during the eSTREAM project from 2004 to 2008, aimed at fostering the advancement of stream ciphers. Regarded as a well-crafted and efficient algorithm, no known effective attacks against the Salsa20 cipher family have been documented.

Asymmetric Key Cryptography

Asymmetric encryption is also known as Public Key Cryptography (PKC). It uses a pair of complementary keys. The key that needs to be kept secret is called the private key, while the key that doesn’t is called the public key.

These two keys are mathematically related such that a message encoded with one key can only be decoded with the other key. However, having a public key does not make it possible to calculate the corresponding private key.

Initially described by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976, asymmetric encryption represents a dual-key cryptographic system enabling secure communication between two parties across an insecure channel san the necessity of sharing a mutual secret key.

Asymmetric cryptography algorithms hold extensive application in cryptocurrencies. For instance, the creation of a wallet address from a public key ensures that only individuals possessing the corresponding private key can access the funds within.

Some popular asymmetric encryption schemes include:

RSA

The selection of public and private keys in RSA follows specific procedures rather than arbitrary choices. The public key comprises two large integers (e, n), while the private key consists of two large integers (d, n). These numbers—e, d, and n—are interrelated in a special manner, with some mathematical understanding.

Now, suppose you're employing an encoder that converts English plaintext into Arabic numerals. For example, 'Hey! Hey! Hey!' becomes '7! 7! 7!' and 'bitconnnnnnnnect' transforms into '83333331'. Now, Alice desires to transmit the message 'Hello' (translated to '2') to Bob.

The simplest approach for Alice would be to directly convey '2' to Bob. However, both Alice and Bob wish to ensure their message remains confidential. Fortunately, Bob is versed in RSA. He has established a public/private key pair and has requested Alice to encode the message '2' using the public key he provided.

Alice encrypts the message '2' using Bob's public key (5, 14), resulting in the encrypted message '4', which ostensibly represents 'Translate Server Error'. Even if an eavesdropper intercepted their communication, they would be unable to discern the significance of transmitting '4'.

Bob recognizes that '4' does not represent Alice's true message. He proceeds to decrypt the message using his private key, known only to him (not even disclosed to Alice). His private key is (11, 14), and through decryption procedures, Bob unveils the original message as '2'.

From Bob's perspective, he only receives the encrypted message '4'. However, by employing decryption with his private key, he successfully retrieves the true message '2'.

But how do we obtain the public key (5, 14) and private key (11, 14)? This process is known as RSA key generation.

Elliptic Curve Cryptography (ECC)

ECC serves as an alternative asymmetric encryption algorithm to RSA. While ECC also allows users to generate a public/private key pair, the algorithms and procedures involved differ from those of RSA.

For instance, in ECC, the elliptic curve is defined by the formula y^2 = x^3 + ax + b, where coefficients a and b determine the curve's shape. The process begins with a specific point on the curve, followed by the utilisation of a function (referred to as the dot function) to determine a new point. This process is repeated until reaching the final point.

This presents a formidable trapdoor function, where knowing the starting point (A) and the number of steps to reach the ending point (E) facilitates easy determination of the latter. Conversely, if only the locations of the starting and ending points are known, as is the case here, discerning the number of steps taken becomes exceedingly challenging. Thus, in this example, the public key comprises the starting point (A) and the ending point (E), while the private key represents the number of steps from A to E.

To generalise, for a given elliptic curve, the public key is denoted as (P, G), where P is the starting point and G is a special predefined constant point on the elliptic curve, while the private key is represented by k (an integer), with P = k * G.

Diffie-Hellman Key Exchange Algorithm

The Diffie-Hellman algorithm facilitates the creation of a shared secret key for private communications while exchanging cryptographic keys across a public network.

Traditionally, encrypted communication between two parties necessitated the exchange of keys via a secure physical channel, such as paper key lists conveyed by a trusted courier. The Diffie-Hellman key exchange enables two parties with no prior acquaintance to collaboratively create a shared secret key over an insecure channel. This key can subsequently be used to encrypt subsequent communications employing a symmetric key cipher, as discussed previously.

To simplify the algorithm, the following diagram illustrates the encryption process. It's important to note that the letter P is randomly chosen in an elliptic curve, and G is a primitive root of P. The private keys a and b are also randomly selected.

Now, Alice and Bob can employ the same secret key (3) to encrypt messages between them without prior knowledge of this key.

Hash Functions

Hash functions, alternatively known as message digests and one-way encryption, condense plaintext into a set-length text termed a hash value (or digest). The reversal of the hash value back into the plaintext is unfeasible.

A hash function should fulfil three security properties:

  1. Collision-Resistant: Finding two different input strings that produce the same output when applied to the hash function is computationally infeasible.
  2. Hidden: Given H(x), it is infeasible to find x. This can be explained as, if given the hashed version of x, we will not find x.
  3. Puzzle-Friendly: If an individual seeks to target a specific hash function and obtain a certain value of y, it becomes challenging if a portion of the input is randomly chosen. Finding another value to target the hash function value becomes difficult under these circumstances. Given an output y of the hash function, if k is selected from a random distribution, it is practically impossible to find an x such that the hash of k|x (k concatenated with x) equals y: H(k|x) = y.

Popular Hash Functions

Message Digest (MD)

The MD family encompasses hash functions such as MD2, MD4, MD5, and MD6. These functions, standardised in RFC 1321, operate on 128-bit inputs. MD5, in particular, has been extensively employed in software to validate the integrity of transferred files. For instance, file servers commonly furnish pre-calculated MD5 checksums for downloaded files, enabling users to verify file integrity.

Secure Hash Function (SHA)

The Secure Hash Function (SHA) family includes SHA-0, SHA-1, SHA-2, and SHA-3, each with distinct structural characteristics. SHA-0, introduced by the US National Institute of Standards and Technology (NIST) in 1993, had some vulnerabilities but didn't gain widespread usage. Subsequently, SHA-1 was developed in 1995 to rectify these issues, though it has been compromised by the shattered attack, rendering the algorithm unreliable. SHA-2 introduces variants like SHA-224, SHA-256, SHA-384, and SHA-512, varying in hash value bit lengths. Among these, SHA-256 and SHA-512 are prevalent, with SHA-512 offering superior security, especially on 64-bit systems. In 2012, NIST selected the Keccak algorithm as the new SHA-3 standard due to its efficient performance and robust resistance to attacks.

RIPEMD

RIPEMD constitutes a family of cryptographic hash functions, including RIPEMD, RIPEMD-128, and RIPEMD-160, with additional 256- and 320-bit versions available. RIPEMD-160 stands out as an enhanced version and enjoys widespread adoption within the family.

What cryptography does Bitcoin use?

Generating private and public keys

The process of generating private and public keys in Bitcoin involves the utilisation of elliptic curve cryptography (ECC) and the Secure Hash Algorithm 256 (SHA-256). ECC operates on a symmetrical mathematical curve, crucial for deriving public keys. Conversely, SHA-256, developed by the NSA in 2001, transforms the coordinates of the public key into a unique, fixed-length code.

In this system, a private key, akin to a bank PIN, is necessary for transaction signing and fund ownership validation, while the public key, like a bank account number, is used for receiving transactions. These keys are stored in a crypto wallet, which essentially manages access to funds rather than the funds themselves, which are represented as blockchain entries.

Elliptic curve cryptography

As mentioned, ECC is the use of a horizontally symmetrical curve, and if you draw a line through this curve, it will intersec the shape up to a maximum of 3 times. ECC plays a pivotal role in allowing users to generate a public key.

To generate a Bitcoin key pair, a 256-bit private key (between 1 and 2256) is randomly generated. The public key is then derived from this private key through elliptic curve multiplication, resulting in a unique coordinate pair on the curve. It's practically infeasible to reverse-engineer the private key from the public key due to the complexity of guessing a random 256-bit number.

There’s approximately a one in 150,000 billion billion billion billion billion billion billion billion chance of getting it right.

Theoretically speaking, it would take a quantum computer with more than 13,000,000 physical qubits to find this number in a day. To date, one the world’s most advanced quantum computers, the IBM Eagle processor, possesses only 127 qubits (or 0.00097% of the number of required qubits).

SHA-256

The SHA-256 algorithm processes the public key coordinates to create a bitcoin wallet address, presented in a 64-character hexadecimal format, containing a mixture of numbers 0 to 9 and letters A-F. This cryptographic hash function was developed and published by the United States National Security Agency (NSA) in 2001. It essentially turns any input into a unique, fixed-length 256-bit code.

Both ECC and SHA-256 functions are "trapdoor" or "deterministic," meaning they only operate in one direction and cannot be reversed to unveil the original inputs.

An analogy to grasp this concept is imagining mixing various paints to produce a unique colour from an immense selection of options. Reproducing the exact colour without knowing the precise quantities of the paints used would be extremely challenging, akin to reversing the cryptographic functions employed in Bitcoin key generation. Thus, only the holder of the public key possesses the means to prove ownership of the associated bitcoin wallet address.

Share this article

Further Reading


● Advanced Coin Highlight
Introduction to Avalanche and its ecosystem
In this article we will do a deep dive on Avalanche, its history, purpose and underlying technology.
8 minutes 10 months ago
● Advanced Crypto Basics
What Is an IDO (Initial DEX Offering)?
This article will be looking at IDO’s or Initial DEX Offerings, how they play a part in the crypto industry and how the IDO model raises funds for projects.
10 minutes a year ago
● Beginner How to Deposit
How to Buy Bitcoin with ANZ Bank
Learn how to buy Bitcoin and crypto with ANZ Bank. Explore fees, deposit methods, and payment limits on approved crypto exchanges.
5 minutes a month ago

Join 2.5 million other users
and start earning!