Computer industry practitioners should be very familiar with the word hash. Hash can map data from one dimension to another, and hash function is usually used to realize this mapping. Usually, the industry uses the way of y = hash(x), and this hash function can calculate a hash value y by operating on x.
Characteristics of blockchain hash function:
Function parameter belongs to string type;
Fixed size output;
Computational efficiency;
No collision means that the probability of collision is small: x! = y => hash (x)! = hash (y)
Hide the original information: For example, the verification of transactions between nodes in the blockchain only needs to verify the information entropy of the transaction, and does not need to compare the original information. Nodes do not need to transmit the original data of the transaction, but only the hash of the transaction. The common algorithms are SHA series and MD5.
1.2. Use of hash
Hash is widely used in blockchain, and one of them is called hash pointer.
Hash pointer means that the value of the variable is calculated from the actual data and points to the location of the actual data, that is, it can represent both the content of the actual data and the storage location of the actual data. The following figure is a schematic diagram of hash pointer.
HashPointer is mainly used in two places in the blockchain. The first is to establish a blockchain data structure. Readers who understand blockchain should know that the data structure of blockchain is connected backwards from Genesis block through pointers between blocks, which uses the illustrated HashPointer. Each block stores the HashPointer of the previous block. The advantage of this data structure is that the following blocks can find the information in all the previous blocks, and the calculation of the HashPointer of the block contains the information of the previous block, thus ensuring the tamper-proof characteristics of the blockchain to some extent. The second purpose is to establish MerkleTree. Every node of MerkleTree is built with HashPointer. We will further introduce the blockchain data structure and MerkleTree in subsequent articles.
Hash is also used in other technologies, such as transaction verification and digital signature.
2. Coding algorithm
2. 1 Introduction
Encryption is simply the process of transforming the original information through an algorithm, and the receiver of the information can decrypt the ciphertext through the key to get the original text. According to whether the encryption and decryption keys are the same, encryption algorithms can be roughly divided into three subtypes:
Symmetric encryption
Symmetric encryption uses the same key for encryption and decryption, which has the advantage of fast encryption and decryption, but it is difficult to distribute the key safely. Common symmetric encryption algorithms include DES, AES, ...
Asymmetric encryption
Asymmetric encryption system is also called public key system. When encrypting and decrypting, the encryptor has a public key and a private key. The encryptor can send the public key to other interested parties, and the private key is kept strictly by itself. For example, the private key issued by the bank to individual users is stored in the personal U shield; Asymmetric encryption can be encrypted with private key, and others can decrypt it with public key, and vice versa; Asymmetric encryption algorithm is usually more complicated and takes longer to execute than symmetric encryption. The advantage is that there is no key distribution problem. Other common asymmetric encryption algorithms are RSA and ECC, and ECC elliptic curve algorithm is mainly used in blockchain.
Combination of symmetric encryption and asymmetric encryption
In this way, the encryption process is divided into two stages. In the first stage, asymmetric encryption is used to distribute secret keys so that the other party can obtain symmetric encryption keys safely. In the second stage, symmetric encryption is used to encrypt and decrypt the original text.
2.2 digital signature
Digital signature, also known as public key digital signature, is a kind of physical signature similar to writing on paper. Digital signature is mainly used to identify the signer of data change and resist denial. Digital signature contains three important features:
Only you can sign your own digital signature, but others can verify whether the signature is signed by you;
Digital signature needs to be bound to specific digital documents, just like your signature needs to be bound to paper media in reality;
Digital signature cannot be forged;
The above three characteristics can be easily realized by asymmetric encryption mechanism.
First, you need to generate a personal public key and private key pair:
(sk, pk) := generateKeys(keysize), the sk private key is kept by the user himself, and the pk public key can be distributed to others.
Secondly, you can sign a specific message through sk:
Sig := sign(sk, message) to obtain a specific signature sig.
Finally, the party who owns the signing public key can verify the signature:
IsValid := verify (primary key, message, signature)
In the blockchain system, every data transaction needs to be signed. In the design process of bitcoin, the user's public key is directly used to represent the user's bitcoin address. In this way, when a user initiates a bitcoin transaction such as transfer, it is convenient to verify the legitimacy of the user's transaction.
2.3 Digital Certificate and Certification Center
2.3. 1 digital certificate
Digital certificate, also known as "digital ID card" and "network ID card", is an electronic file authorized by the certification center and digitally signed by the certification center, which contains the owner of the public key and information related to the public key and can be used to identify the identity of the owner of the digital certificate.
Digital certificate includes: public key, certificate name information, digital signature of certificate issued by issuing authority and matching private key.
Certificates can be stored in a database on the network. Users can exchange certificates with each other using the network. When the certificate is revoked, the CA that issued the certificate still keeps a copy of the certificate for solving possible disputes in the future.
2.3.2 Certification bodies
Certification center is generally referred to as CA for short. CA is generally recognized as a trusted third-party organization, and its main function is to issue a unique digital certificate containing name and public key for each user.
2.4 Comparison of common encryption algorithms