Unit-2

Blockchain Technology

Cryptographic basics for cryptocurrency in blockchain technology

Cryptography is the foundation of cryptocurrency and blockchain technology. It ensures

security, privacy, and integrity in transactions and data storage. Here are the cryptographic
basics used in blockchain technology:

1. Hash Functions

 A hash function takes an input and produces a fixed-length string, which is unique to
that input.
 In blockchain, SHA-256 (Secure Hash Algorithm 256-bit) is commonly used in
Bitcoin.
 Properties:
o Deterministic: Same input always gives the same output.
o Collision-resistant: No two different inputs should produce the same hash.
o Irreversible: Cannot retrieve the original input from the hash.

2. Public-Key Cryptography (Asymmetric Cryptography)

 Used for generating digital signatures and securing transactions.

 Involves two keys:
o Public Key: Shared with others for encryption and verification.
o Private Key: Kept secret and used for decryption and signing.
 Example: Elliptic Curve Digital Signature Algorithm (ECDSA) is used in Bitcoin
to sign transactions.

3. Digital Signatures

 A mathematical scheme to prove authenticity and integrity of a message.

 Uses a combination of a private key (to sign) and a public key (to verify).
 Prevents tampering and forgery in transactions.

4. Encryption

 Ensures confidentiality in blockchain networks.

 Symmetric Encryption: Uses one key for both encryption and decryption (e.g.,
AES).
 Asymmetric Encryption: Uses public and private keys (e.g., RSA, ECC).

5. Merkle Trees

 A structure that enables efficient verification of transactions in a block.

 Transactions are hashed and combined in a tree-like structure.
 The Merkle root (top hash) represents all transactions in a block.

6. Consensus Algorithms and Cryptographic Security

Unit-2

 Proof of Work (PoW): Uses cryptographic puzzles (hashing) to validate transactions

(e.g., Bitcoin).
 Proof of Stake (PoS): Uses cryptographic signatures and stake-based validation.

7. Zero-Knowledge Proofs (ZKP)

 Allows one party to prove knowledge of information without revealing it.

 Example: zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of
Knowledge) are used in privacy-focused cryptocurrencies like Zcash.

8. Cryptographic Hash Linking

 Each block in a blockchain contains the hash of the previous block, creating a
tamper-proof chain.
 Any change in a block alters the hash, invalidating subsequent blocks.

What are Cryptographic Primitives?

In Blockchains, there are no third parties or Governments involved. It is fully decentralized
and various transactions happen in these networks. So security is of utmost importance in
Blockchain. Cryptographic primitives are used for building cryptographic protocols for a
strong secured network. They are the low-level algorithms that are used to build algorithms.
They are the basic building blocks of the cryptosystem. The programmers develop new
cryptographic algorithms with the help of cryptographic primitives.
Why Cryptographic Primitives are Important?
Cryptographic primitives are the basic building blocks for the development of security
protocols. Hence they are an integral part of the blockchain because of the following reasons:
 Security: To secure a transaction in the network or confidential information, strong
cryptography is required. So cryptographic primitives are used to develop high-level
algorithms.
 Encryption and Decryption: The Cryptographic primitives are used to develop
encryption and decryption algorithms. Encryption algorithms encrypt the data and
decryption algorithms decrypt the data as and when required.
 Validation: The validation of data is done with the help of digital signatures. These
digital signatures are public key primitives which the receivers use to validate the
message.
 Specific: Cryptographic primitives are very specific in nature. It means one
cryptographic primitive can perform only one function. For example, the encryption
algorithms developed using crypto primitives are only responsible for encrypting the
text. It is not responsible for hashing or decryption.
Combining Cryptographic Primitives
Cryptographic primitives are very specific in nature and new Cryptographic primitives cannot
be developed even by experts because it is very prone to errors and requires complex
mathematical analysis.
Unit-2

 Cryptographic designers combine the cryptographic primitives to form a strong security

protocol.
 For example, it is always beneficial to have a security protocol that can detect flaws
and remove the flaw as well.
 In the blockchain, SHA-256 a hashing algorithm is used in combination with a public
key algorithm to encrypt the data.
common cryptographic primitives:
 One-way Hash Functions: It is a mathematical function used to encrypt variable
length data to fixed binary data. It is a one-way function. It means that once the input
has been converted to a binary sequence, there is no scope for reverting back. It is also
known as fingerprint or compression function. It is to be noted that a slight change in
input can also change the hash function. This is known as the avalanche effect. A
popular hash function is SHA-256.
 Symmetric Key cryptography: This is also known as Symmetric Encryption.
Suppose a message is encrypted using a key. The message is now converted to
ciphertext which is readable but has no meaning. The same key is used to decrypt the
message. A key is a variable used to encrypt or decrypt a text. It is basically used to
‘lock’ or ‘unlock’ data. In this cryptography, the key is shared between two users. The
sharing of keys is a problem. However, this technique is faster than public-key
cryptography. Examples are Advanced Encryption Standard (AES) and the Data
Encryption Standard (DES).
 Asymmetric key cryptography: It is also known as public key cryptography. Since
there is a problem with sharing keys in symmetric encryption, this method is used. Here
one key is public and another key is private. The public key is used to encrypt or ‘lock’
data. The private key is only accessible to the receiver. The receiver uses a private key
to ‘unlock’ the data. For example, Suppose Bob encrypts the data using the public key.
The public key is available to everyone but this key works in one way. The receiver has
the private key which works in one way and is used to decrypt the message. Examples
of public key algorithms are DSA and RSA.
 Randomized Algorithms: These algorithms produce random ciphertexts for
encryption. The ciphertext is an encrypted text. It is very secure as random texts are
produced for encryption. It is impossible for hackers to find various combinations of
texts. It employs randomness as a logical part. It uses random inputs and gives correct
output. For Example, Monte Carlo.
 Mix Network: It is a routing algorithm that uses public key cryptography to encrypt
data. The proxy servers take messages, encrypt them and shuffle them so that
communication cannot be traced. It basically breaks the flow of messages between the
sender and the target.
 Retrieval of Private information: It is a protocol that allows the user to retrieve
information from the database. Other users don’t get to know about it. The user can
anonymously retrieve data without taking permission.
 Initialization Vector: It is a number that is used along with a key for encryption. It is
used to prevent the duplicate generation of ciphertext.
Unit-2

Cryptography
Cryptography is a technique or a set of protocols that secure information from any third party
during a process of communication. It is also made up of two Greek terms, Kryptos term
meaning “hidden” and Graphein, a term meaning “to write”. Some terminologies related to
Cryptography:
 Encryption: Conversion of normal text to a random sequence of bits.
 Key: Some amount of information is required to get the information of the
cryptographic algorithm.
 Decryption: The inverse process of encryption, conversion of a Random sequence of
bits to plaintext.
 Cipher: The mathematical function, i.e. a cryptographic algorithm which is used to
convert plaintext to ciphertext (Random sequence of bits).
Types of Cryptography
The two types of cryptography are:

 Symmetric-key cryptography.
 Asymmetric-key cryptography.
1. Symmetric-key Encryption: It focuses on a similar key for encryption as well as
decryption. Most importantly, the symmetric key encryption method is also applicable to
secure website connections or encryption of data. It is also referred to as secret-key
cryptography. The only problem is that the sender and receiver exchange keys in a secure
manner. The popular symmetric-key cryptography system is Data Encryption System(DES).
The cryptographic algorithm utilizes the key in a cipher to encrypt the data and the data must
be accessed. A person entrusted with the secret key can decrypt the data. Examples: AES, DES,
etc.
Features:
 It is also known as Secret key cryptography.
 Both parties have the same key to keeping secrets.
 It is suited for bulk encryptions.
 It requires less computational power and faster transfer.
Unit-2

2. Asymmetric-key Encryption: This cryptographic method uses different keys for the
encryption and decryption process. This encryption method uses public and private key
methods. This public key method helps completely unknown parties to share information
between them like email id. private key helps to decrypt the messages and it also helps in the
verification of the digital signature. The mathematical relation between the keys is that the
private key cannot be derived from the public key, but the public key can be derived from the
private key. Example: ECC, DSS etc.
Features:
 It is also known as Public-key cryptography.
 It is often used for sharing secret keys of symmetric cryptography.
 It requires a long processing time for execution.
 Plays a significant role in website server authenticity.

Asymmetric Cryptography
Cryptography Hash Function in Blockchain
One of the most notable uses of cryptography is cryptographic hashing. Hashing enables
immutability in the blockchain. The encryption in cryptographic hashing does not involve any
use of keys. When a transaction is verified hash algorithm adds the hash to the block, and a
new unique hash is added to the block from the original transaction. Hashing continues to
combine or make new hashes, but the original footprint is still accessible. The single combined
hash is called the root hash. Hash Function helps in linking the block as well as maintaining
the integrity of data inside the block and any alteration in the block data leads to a break of the
blockchain. Some commonly used hashed function is MD5 and SHA-1.
Properties of Cryptographic Hash:
 For a particular message hash function does not change.
Unit-2

 Every minor change in data will result in a change in a major change in the hash value.
 The input value cannot be guessed from the output hash function.
 They are fast and efficient as they largely rely on bitwise operations.
Benefits of Hash function in Blockchain:
1. Reduce the bandwidth of the transaction.
2. Prevent the modification in the data block.
3. Make verification of the transaction easier.
Use of Cryptographic Hash Functions
As the blockchain is also public to everyone it is important to secure data in the blockchain and
keeps the data of the user safe from malicious hands. So, this can be achieved easily by
cryptography. When the transaction is verified through a hash algorithm, it is added to the
blockchain, and as the transaction becomes confirmed it is added to the network making a chain
of blocks. Cryptography uses mathematical codes, it ensures the users to whom the data is
intended can obtain it for reading and processing the transaction. Many new tools related to the
application of cryptography in blockchain have emerged over the years with diverse
functionalities.
Benefits of Cryptography in Blockchain
There are a huge number of benefits of cryptography in blockchain some of them are stated
below:
 Encryption: Cryptography uses asymmetric encryption to ensure that the transaction
on their network guards the information and communication against unauthorized
revelation and access to information.
 Immutability: This feature of cryptography makes it important for blockchain and
makes it possible for blocks to get securely linked by other blocks and also to ensure
the reliability of data stored in the blockchain, it also ensures that no attacker can derive
a valid signature for unposed queries from previous queries and their corresponding
signatures.
 Security: Cryptography makes the records of transactions easier using encryption of
data, and accessing of data using public and private keys. Cryptographic hashing
tampering with data is not possible, making blockchain more secure.
 Scalability: Cryptography makes the transaction irreversible giving the assurance that
all users can rely on the accuracy of the digital ledger. It allows limitless transactions
to be recorded securely in the network.
 Non-repudiation: The digital signature provides the non-repudiation service to guard
against any denial of a message passed by the sender. This benefit can be associated
with collision resistance i.e.; since every input value has a unique hash function so there
is no clash between the messages that are sent and one message can be easily
differentiated from the other.
 Prevent hackers: The digital signature prevents hackers from altering the data because
if the data changes, the digital signature becomes invalid. With the help of
cryptography, it protects the data from hackers and makes cryptography in blockchain
unstoppable.
Unit-2

Limitations of Cryptography in Blockchain

Below are some of the limitations of cryptography in the blockchain:
 Information difficult to access: Strongly encrypted and digitally signed information
can be difficult to access even for a legitimate user at the most critical time of decision-
making. The network can be attacked and rendered non-functional by an intruder.
 High availability: It is one of the fundamental aspects of information security, and
cannot be ensured through the use of cryptography. Other methods are needed to guard
against the threats such as denial of service or complete breakdown of the information
systems.
 No protection against vulnerabilities: Cryptography does not guard against the
vulnerabilities and threats that emerge from the poor design of protocols, procedures,
and systems. These issues need to be fixed with the proper design of the defense
infrastructure.
 Expensive: Cryptography needs huge time and money investments. Public key
cryptography needs setting up and maintenance of public key infrastructure which
requires huge investment. Addition of cryptographic techniques while sending
messages and information processing adds to the delay.
 Vulnerability: The security of cryptographic techniques depends on the complexity
and difficulty of the mathematical problem. Any breakthrough in solving such
mathematical problems can make cryptographic techniques vulnerable.
Blockchain – Elliptic Curve Digital Signature Algorithm (ECDSA)
What is ECDSA?
The Elliptic Curve Digital Signature Algorithm is a Digital Signature Algorithm (DSA) that
uses elliptic curve cryptography keys. It is a very efficient equation that is based on
cryptography with public keys. ECDSA is utilized in many security systems, is popular in
encrypted messaging apps, and is the foundation of Bitcoin security (with Bitcoin “addresses”
serving as public keys). Elliptic Curve Digital Signature Algorithms (ECDSA) have recently
received significant attention, particularly from standards developers, as alternatives to existing
standard cryptosystems such as integer factorization cryptosystems and discrete logarithm
problem cryptosystems. In security applications, crypto-algorithms are always the most
significant fundamental tool.
Digital Signature of ECDSA
A digital signature is an electronic equivalent of a handwritten signature that allows a receiver
to persuade a third party that the message was indeed sent by the sender. Handwritten signatures
are substantially less secure than digital signatures. A digital signature cannot be forged in any
way. Another advantage of digital signatures over handwritten signatures is that they apply to
the entire message.

Every part of the digital message is affected by the signature key. On the bottom of a paper
document, a handwritten signature is applied. Nothing prohibits the text displayed above the
penned signature from being altered while the signature remains unaltered. Digital signatures
Unit-2

do not allow for such changes. Today’s digital signature methods can be categorized based on
a mathematical issue that provides the foundation for their security:
 Integer Factorization (IF) Schemes: They rely their security on the integer
factorization problem’s intractability. RSA Signature Schemes are one example.
 Discrete Logarithm (DL) Schemes: Their security is based on the intractable nature
of the discrete logarithm challenge in a finite field.
 Elliptic Curve (EC) Schemes: They rely their security on the elliptic curve discrete
logarithm problem’s intractability. The Elliptic Curve Digital Signature Algorithm, for
example, is being used in this investigation and without a doubt the most recent of the
many designs.
Domain Parameter of ECDSA
An elliptic curve E defined over a discrete space Fq with characteristic p and a base point G
Domain parameters might be distributed by a group of entities or unique to a single user.
Domain parameter generation methods:
One method for generating cryptographically safe domain parameters is as follows:
 Step 1: Select coefficients a and b from Fq verifiable using a random method.
 Step 2: Compute the value of Number N.
 Step 3: Verify N is divisible by the large prime number if not go to step 1.
 Step 4: Verify N does not divisible by qk -1 for each k where k ranges from 1 to 20.
 Step 5: Verify N is not equal to q if not then go to step 1.
 Step 6: Select an arbitrary point G’∈ Nq and set G=(N/n).

Domain parameter validation:

Validation of domain parameters ensures that the domain parameters have the necessary
arithmetic features. In practice, domain parameter validation is performed for two reasons:
1. To prevent the intentional insertion of erroneous domain parameters, which may enable
some attacks
2. To detect inadvertent coding or transmission mistakes.

The use of an improper set of domain parameters can render all intended security attributes null
and void. A concrete (though implausible) attack that can be conducted if domain parameter
validation for a signature scheme is not done was demonstrated. The attack is directed at a key
agreement protocol that uses the ElGamal signature technique.
Steps for domain parameter validation:
 Step 1: usage of a specific algorithm is used to do explicit domain parameter validation.
 Step 2: D is generated by A utilizing a trustworthy system.
 Step 3: A obtains confirmation from a trusted party T, a certification authority, that T
Validated D’s explicit domain parameters using a specified Algorithm.
 Step 4: A obtains assurance from a trustworthy third party T that D was generated using
a trustworthy system.

Implementation of ECDSA
Prerequisite: Basics of python programming language, basics of cryptography techniques, and
Elliptic Curve Cryptography.
Unit-2

Below is the python program to implement ECDSA:

# Python program to implement
# ECDSA
p = pow(2, 255) - 19

base =
1511222134953540077250115140958853151145401269304185720604611328394984776
2202,
4631683569492647816942839400347516314130799386625622561578303360316525185
5960

# Function for finding positive modulus

# of the number
def findPositiveModulus(a, p):
if a < 0:
a = (a + p * int(abs(a)/p) + p) % p
return a

# Function for typecasting from

# string to int
def textToInt(text):
encoded_text = [Link]('utf-8')
hex_text = encoded_text.hex()
int_text = int(hex_text, 16)
return int_text

# Function to find greatest

# common divisor(gcd) of a and b
def gcd(a, b):
while a != 0:
a, b = b % a, a
return b

# Function to find the modular inverse

# of a mod m
def findModInverse(a, m):

if a < 0:
a = (a + m * int(abs(a)/m) + m) % m

# no mod inverse if a & m aren't

# relatively prime
if gcd(a, m) != 1:
return None

# Calculate using the Extended

# Euclidean Algorithm:
u1, u2, u3 = 1, 0, a
Unit-2

v1, v2, v3 = 0, 1, m
while v3 != 0:

# // is the integer division operator

q = u3 // v3
v1, v2, v3, u1, u2, u3 = (u1 - q * v1), (u2 - q * v2), (u3 - q * v3), v1, v2, v3
return u1 % m

def applyDoubleAndAddMethod(P, k, a, d, mod):

additionPoint = (P[0], P[1])

# 0b1111111001
kAsBinary = bin(k)

# 1111111001
kAsBinary = kAsBinary[2:len(kAsBinary)]
# print(kAsBinary)

for i in range(1, len(kAsBinary)):

currentBit = kAsBinary[i: i+1]

# always apply doubling

additionPoint = pointAddition(additionPoint, additionPoint, a, d, mod)

if currentBit == '1':

# add base point

additionPoint = pointAddition(additionPoint, P, a, d, mod)

return additionPoint

# Function to calculate the point addition

def pointAddition(P, Q, a, d, mod):
x1 = P[0]; y1 = P[1]
x2 = Q[0]; y2 = Q[1]

x3 = (((x1*y2 + y1*x2) % mod) * findModInverse(1+d*x1*x2*y1*y2, mod)) % mod

y3 = (((y1*y2 - a*x1*x2) % mod) * findModInverse(1- d*x1*x2*y1*y2, mod)) % mod

return x3, y3

# ax^2 + y^2 = 1 + dx^2y^2

# ed25519
a = -1; d = findPositiveModulus(-121665 * findModInverse(121666, p), p)

# print("curve: ",a,"x^2 + y^2 = 1 + ",d,"x^2 y^2")

x0 = base[0]; y0 = base[1]

print("----------------------")
Unit-2

print("Key Generation: ")

# privateKey = 47379675103498394144858916095175689
# 779086087640336534911165206022228115974270 #32 byte secret key
import random
privateKey = [Link](256) #32 byte secret key

# print("private key: ",privateKey)

publicKey = applyDoubleAndAddMethod(base, privateKey, a, d, p)
print("public key: ", publicKey)

message = textToInt("Hello, world!")

# Function for hashing the message

def hashing(message):
import hashlib
return int(hashlib.sha512(str(message).encode("utf-8")).hexdigest(), 16)

# ---------------------------------------
# sign
r = hashing(hashing(message) + message) % p
R = applyDoubleAndAddMethod(base, r, a, d, p)

h = hashing(R[0] + publicKey[0] + message) % p

#%p
s = (r + h * privateKey)

print("----------------------")
print("Signing:")
print("message: ",message)
print("Signature (R, s)")
print("R: ",R)
print("s: ",s)

# -----------------------------------
# verify
h = hashing(R[0] + publicKey[0] + message) % p

P1 = applyDoubleAndAddMethod(base, s, a, d, p)

P2 = pointAddition(R, applyDoubleAndAddMethod(publicKey, h, a, d, p), a, d, p)

print("----------------------")
print("Verification:")
print("P1: ",P1)
print("P2: ",P2)
print("----------------------")
print("result")
Unit-2

if P1[0] == P2[0] and P1[1] == P2[1]:

print("The Signature is valid")
else:
print("The Signature violation detected!")
# ----------------------------------

Output
...blic key:
(269181201033618000857736105772776670313763414234868585905516943989
78343506914,
4157178981202974166473387550896614747783466116885192252148425106954
6513750379)
----------------------
Signing:
message: 5735816763073854953388147237921
Signature (R, s)
R:
(173985822063869202426971613887281215479708117899119611143944354338
84805588241,
4477075765930951269674344356261240319783403544001405833534737085436
262538822)
s:
3291674092131697202311675745525475365064968319467374939508492134906
8395654214543605956927736278542370661501367413488882286133990596652
46158159645036462397
----------------------
Verification:
P1:
(542104436996572550063075598390800419468167419741021446135552500531
80514162101,
4628466715744708775612314743655145107939475081807629871535652216251
6164752308)
P2:
(542104436996572550063075598390800419468167419741021446135552500531
80514162101,
4628466715744708775612314743655145107939475081807629871535652216251
6164752308)
----------------------
result
The Signature is valid
Unit-2

Explanation:
 The python code first generates both the private key and the public key.
 The calculation is then done by converting the message to an integer.
 The hashing method is used to determine the values of r and s.
 Then the signature process takes places
 The ApplyDoubleAndAdd method is used to calculate the value of points p1 and p2.
 The signature is valid if both points p1 and p2 are equal; else, it is invalid.

Benefits of ECDSA

 High Security: It is a public key cryptography-based equation that is especially effective

(PKC). ECDSA serves as the foundation for the security of Bitcoin and is widely utilized
in secure messaging apps. For a number of reasons, smaller keys are preferable over
larger keys. Because the math is simpler with smaller keys, faster algorithms can generate
signatures.
 Good application performance: The key pairs needed for the digital signature’s signing
and verification are created using ECC by the ECDSA digital signature algorithm. ECC
is frequently used to sign transactions or events in blockchain applications due to its
advantages over other public-key algorithms.
 High speed of verification: The signed message msg, the signature r, s generated by the
signing algorithm, and the public key pubKey, which corresponds to the signer’s private
key, are all inputs to the process used to validate an ECDSA signature. The result is a
boolean value, either valid or invalid.
 Support government standards: The Digital Signature Standard (DSS), a Federal
Information Processing Standard (FIPS) of the United States Government, contains the
Digital Signature Algorithm (DSA) specifications. The discrete logarithm problem’s
(DLP) computational intractability in prime-order subgroups of Z serves as the
foundation for its security.
 Complaints with modern requirement: ECC comply with FIPS as ECDSA is one of
the FIPS-approved techniques for asymmetric key functions in FIPS 140-2, along with
RSA and DSA. Based on public key cryptography, it is a highly effective equation (PKC).

Limitations of ECDSA

 Standard curve: Secure implementation is difficult and challenging, particularly for

conventional curves. Modern standards are outdated, especially ECDSA, which is a hack
in comparison to Schnorr signatures.
 Signing verification error: The key is compromised if a faulty or compromised
generator of random numbers is used for signing.
In particular for binary curves, still has certain patent issues. It might be expensive.
 Problem with curves: In particular, for binary curves, it still has certain patent issues. It
might be expensive. The increasing use of elliptic curves has collided with the ongoing
development of quantum computing research.
 The size of encryption process: ECC’s primary drawback is that it greatly increases the
size of the encrypted message compared to RSA encryption. Additionally, the ECC
algorithm is more complex and challenging to implement than RSA, increasing the risk
of implementation errors and lowering the technique’s security.
 the same random value: Private key for Bitcoin obtained via ECDSA signatures. The
usage of the same nonce value across many messages is one of the flaws.
Unit-2

Applications of ECDSA

 ECDSA-dependent systems, like Bitcoin, are a suitable example. An ECDSA public key
is hashed using cryptography to create each Bitcoin address. Whoever has access to the
ECDSA private key is the account’s true owner.
 This implies that you can get the same level of security with ECDSA as RSA while using
smaller keys. For a number of reasons, smaller keys are preferable over larger keys.
Because the math is simpler with smaller keys, faster algorithms can generate signatures.
 In order to create a TLS connection, smaller public keys imply smaller certificates, and
fewer data must be transmitted. Faster connectivity and speedier page loading are the
results of this.