Principles of cryptography:
hash:
cryptocurrency (crypto-currency)
The hash function used in cryptography is called a cryptographic hash function
It has two important properties:
1. Collisiion resistance (hash collision)
Two different input hash functions yield the same result
Hash collisions are inevitable because the input space is much larger than the output space
The input can be any text or number space is infinite with any number of input possibilities
However, the output space has only one possibility because the hash value is a 256-bit binary number
So there will inevitably be a situation where two inputs map to the same output
In practice, it is almost impossible to find such a hash collision by brute force, also known as brute-force.
Suppose there is a text m, then the hash value H(m) of this text is called the digest of m to detect tampering with this text
The hash collision we mentioned earlier can also be understood as hash resistance in English , which means that this kind of situation is not expected to happen, and in fact it is almost impossible to happen.
We can hardly find a H( ) = H(m) so the hash value digest can verify the authenticity of the text
Example:
I want to put an important text information on the Tencent cloud server. Before I put it, I generated the hash value of the text and recorded it on my computer. When I want to retrieve the text information file, if I calculate the hash value again If the Hash value is found to be the same as the hash value I recorded at the beginning, then it can be determined that the text has not been modified when it was on the Tencent Cloud server
Note ⚠️: In this world, no mathematician or cryptographer can find a way to artificially create a hash 256 collision, but it is also impossible to use mathematics to prove that artificial creation is not possible. This theory is based on perceptual experience
There are also many forms of hash functions. There used to be a famous hash function called MD5. At first, this hash function was considered to be unmanufactured, but it was finally cracked by Chinese cryptography expert Wang Xiaoyun in 2004.
2. hiding (hidden attribute)
Given an x, a hash value H(x) can be calculated, but H(x) cannot be deduced from x
We can also understand that this H(x) does not leak any information about the input
Of course, we can also solve it by brute force, but the premise of hiding is that the input space must be large enough and the value range is relatively scattered.
Thus, the two properties together form a digital commitment (digital equivalent of a sealed envelope)
Here we interpret this English
Question: The sealed envelope is a sealed envelope. I added the information of predicting tomorrow's stocks in it. Why should it be sealed?
Because if the forecast is made public in advance, it will affect the rise and fall of tomorrow’s stock. For example, as an authoritative expert, I predict that a certain stock may rise tomorrow. As a result, everyone buys as soon as it follows the trend. The daily limit interferes with the predicted thing, so it must be sealed. Then the addition of digital means that I convert the predicted content of this envelope into a hash value because no one can deduce my predicted content before the hidden attribute result is announced. However, after the result is released, I will publish the content and convert it again. The hash value is compared with the hash value before my prediction because the first hash collides. If the hash value is the same, it proves that the content of the prediction I announced before and after the result is consistent.
But in order to make the input space large enough, we will add a random number nonce to the contents of the envelope
Bitcoin
In addition to the two attributes in cryptography, Bitcoin also requires an attribute called:
Puzzle Friendly
The hash function used by Bitcoin is called SHA-256
SHA-256 (Secure Hash Algorithm-256) is 256 bits converted into hexadecimal is divided by 4 and the result is 64 bits
Suppose we want to get a hash value so that the first 10 hexadecimal digits of these 64 bits are all 0
Then the puzzle friendly attribute means that there is no shortcut to narrow the range of input and can only be tried one by one by brute force.
Here we start talking about Bitcoin mining:
Mining is actually looking for such a random number nonce. This random number nonce is combined with other information in the block as input to get a hash value.
H(block header)
target
The bloack header becomes the block header, which contains the nonce and some other information. Only the nonce can be manipulated and modified. Mining is actually constantly trying the combination of the nonce and other information, and the hash value obtained falls within the range less than the target.
Question: Why is it smaller than target? Say we're looking for a hexadecimal hash with zeros in the first 10 digits and the target is 0000000000FFFFFFFFFF...
That is to say, 10 zeros plus 54 Fs is the target, as long as it is less than or equal to it, it falls into this range (friends with computer foundation should be easy to understand)
And because the attribute of puzzle friendly says that there is no shortcut to go, so this search for a suitable random number nonce can be used as
proof of work
You got the mine (found the right nonce) it must be because you did a lot of work because there is no shortcut
Once a person (miner) finds such a nonce, he broadcasts his results to the whole network
Others can verify whether he is correct, just take his nonce and combine it with other information to get a hash value to see if the hash value is really less than or equal to the target.
Note ⚠️: Miners all over the world are frantically looking for nonce random numbers, but the "other information" combined with nonce is exactly the same for everyone
Summary: Finding nonce is as difficult as sky-high, but verification is very simple, just calculate the hash value once
This property is called:
difficult to solve but easy to verify
The core idea of Bitcoin as a digital currency is decentralization , which means that there is no need for a banking system to help us supervise bookkeeping
Question: How do I open an account if I have a question? The answer is that each user decides to open an account without anyone's approval. The process of opening an account is very simple. It is to create a public key and private key pair (public key, private key)
The public and private keys are derived from:
asymmetric encryption algorithm asymmetric encryption system
Before explaining the asymmetric encryption system, let's understand the symmetric encryption system:
Suppose I have some information that I want to send to my good friend Xiaohong on the Internet, but I don’t want anyone to know the content, so I choose to encrypt it with an encryption key (encyption key) and put the encryption key in the I sent it to my good friend Xiaohong on the Internet and asked him to use the same encryption key to decrypt it. This is a kind of symmetry
However, it is still not safe to use an encryption key. Others can also use this key to decrypt the file information I sent.
So at this time, the non-pairwise encryption system was introduced
In the asymmetric encryption system, the public key is used for encryption and the private key is used for decryption. For example, I still pass on confidential files to my friend Xiaohong, but this time when I encrypt, I use Xiaohong’s public key to encrypt the public key, just like object-oriented. The public permission in the file can be accessed by anyone, and after receiving the encrypted file, Xiaohong can use her private key to unlock the private key, just like the private in object-oriented, and no one can access it except herself.
Note ⚠️: Encryption and decryption use the same person's public key and private key and are the recipient's
The generation of a Bitcoin account is to generate a public key and a private key on the local computer. The public key is like a bank account. If someone transfers money to you, you only need to know your public key to transfer money. The private key is equivalent to your account password. The private key can transfer the money in the account
In Bitcoin, we all know that the transaction bill is public, so why do we need encryption? Then came the "signature"
sign:
Question: When there is a transaction record initiated by me in the public bill, how can others know that this transaction was really initiated by me? Is it possible that someone intends to impersonate me and send this false transaction record?
So in this transaction record I initiated, I still need to sign it with my private key . When other people receive the transaction record broadcast by me, they need to use my public key to verify that the signature is the private key of the same person "me". key and public key
Question: Here is a question, how to ensure that the public and private keys generated by each person are independent?
If someone does nothing every day and keeps creating public and private keys to try to log in to other people's accounts to steal money, is it really feasible?
The answer is theoretically feasible, but with our current computer computing power and 256-bit hash function, the probability of getting the same public and private keys is less than the probability of the earth exploding, so it can be ignored
Remark:
This article mainly talks about the two major modules of Bitcoin-hashing and signature based on theory. In subsequent articles, specific data structures and algorithm implementations will be involved.