Shulou(Shulou.com)06/02 Report--

This article mainly explains "how to apply cryptographic technology in blockchain". The explanation in this article is simple and clear, easy to learn and understand. Please follow the ideas of Xiaobian and go deep into it slowly to study and learn "how to apply cryptographic technology in blockchain" together.

I. Bloom filter

Bloom filter is an efficient search structure based on Hash, which can quickly determine whether an element is in a set. Given a content and storage array, fast content-based lookups can be achieved by constructing Hash functions such that the total Hash value does not exceed the size of the array. For example, if the Hash value of "algorithm changes life" is "1000", it will be stored in the 1000th unit of the array. If you need to quickly find any content, such as whether the string "algorithm changes life" is in the storage system, you only need to calculate the Hash value and use the Hash value to check the corresponding element in the system.

Bloom filter uses multiple Hash functions to improve space utilization. For a given input, multiple Hash functions compute multiple addresses, each marked with a 1. When searching, perform the same calculation process and check the corresponding elements. If both are 1, it means that there is a greater probability that the input exists. Bloom filter greatly improves the space utilization ratio compared with single Hash algorithm, and can use less space to express the existence relationship of large sets. The basic idea of Hash lookup and Bloom filter mentioned above is content-based addressing.

2. Homomorphic encryption

This is a way to process ciphertext directly, and then encrypt the processing result after processing plaintext, and get the same result. Homomorphic encryption ensures that implementers cannot access information about the data itself. What is homomorphism? It comes from algebra and includes four types: additive homomorphism, multiplicative homomorphism, subtractive homomorphism and division homomorphism. Satisfying additive homomorphism and multiplicative homomorphism at the same time means algebraic homomorphism, that is, total homomorphism. If four homomorphisms are satisfied simultaneously, they are called arithmetic homomorphisms. In computers, if total homomorphism is implemented, it means homomorphism can be implemented for all processes. A homomorphism that only partially implements a particular operation is called a particular homomorphism.

Application in blockchain: Using homomorphic encryption technology, smart contracts running on blockchain can process ciphertext without knowing the real data, greatly improving privacy security. Although the advantages of homomorphic encryption are obvious and have been realized, the problem is that it requires high computation time or storage cost, and there is still a gap between the performance and strength of traditional encryption algorithms.

III. Digital signatures

Digital signature can prove the integrity of a digital content and confirm its origin, that is, non-repudiation. Theoretically, all asymmetric encryption algorithms can be used to implement digital signatures, including DSA (Digital Signature Algorithm, based on ElGamal algorithm) and ECSDA (Elliptic Curve Digital Signature Algorithm, based on Elliptic Curve algorithm). For some specific security requirements, some special digital signature technologies have been produced:

Blind signature: Signers need to sign information without being able to see the original content. The protection of the signed content is realized, preventing the signer from seeing the original content; at the same time, the tracking is prevented, and the signer cannot correspond the signed content and the signed result.

Multiple signatures: When at least y (x >= y >= 1) signatures are collected from x signers, they are considered legal. x is the number of public keys provided and y is the minimum number of signatures required to match the public key. It can be effectively applied to multi-person voting scenarios. Bitcoin transactions support multiple signatures, enabling multiple people to jointly manage bitcoin transactions in an account.

Group Signature: A member of a group can sign anonymously on behalf of the group. The signature can be verified as coming from the group, but it cannot be traced exactly to which member. There are also problems in that group signatures require the presence of a group administrator to add new group members, so there is a risk that the group administrator may trace the identity of the signing member.

4. Ring signature: The signer first selects a temporary signer set that includes the signer himself. Using one's own private key and the public keys of others in the signature set, one can generate signatures independently without the help of others. Other members of the signer set may not know they are included in the final signature. Ring signatures are mainly used to protect anonymity and belong to a simplified group signature.

IV. Digital Certificate

Digital certificates fall into two categories: encryption digital certificates, which protect public keys used for encryption purposes, and signature verification digital certificates, which protect public keys used for signature purposes. Both types of public keys can also be placed in the same certificate. At the same time, certificates need to be issued and endorsed by certificate authority CA. Authoritative commercial certification bodies include DigiCert, GlobalSign, etc. Users can also build CA systems themselves and use them in Private Cloud. The contents of a digital certificate may include the certificate domain (version of the certificate, serial number, signature algorithm type, issuer information, validity period, issued subject, issued public key), CA signature algorithm and signature value of the certificate, etc. The issuer of the certificate also needs to sign the certificate content with his own private key to prevent others from tampering with the certificate content.

5. PKI system

PKI is the full name of Public Key Infrastructure, which is a general framework for secure and reliable message delivery and identity verification based on public and private keys. It consists of three core components:

CA: Certification Authority, responsible for issuing and revoking certificates, receiving requests from RA;

RA: Full name Registration Authority, verify user identity, verify data legitimacy, be responsible for registration, and send it to CA after verification;

Certificate database: store certificates, mostly in X.500 series standard format. User information can be managed in conjunction with LDAP directory services.

CA is the core component responsible for maintaining certificate information. The usual operation flow is: the user applies for a certificate through RA registration, provides identity and authentication information, etc.= > CA completes the manufacture of the certificate after review, and issues it to the user = > If the user needs to revoke the certificate, he needs to apply to CA again.

Thank you for your reading. The above is the content of "How to Apply Cryptography Technology in Block Chain." After studying this article, I believe everyone has a deeper understanding of how to apply Cryptography Technology in Block Chain. The specific use situation still needs to be verified by practice. Here is, Xiaobian will push more articles related to knowledge points for everyone, welcome to pay attention!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.