Introduction to cryptography primitives and fundamental data structures. Discuss the process of achieving distributed consensus, proof-of-work and potential attacks on network.
8. Cryptographic primitives: cryptographic hash function
A hash function H is collision resistant
if it is infeasible to find two values, x and y,
such that x ≠ y, yet H(x) = H(y).
9. Cryptographic primitives: cryptographic hash function
Example of not collision resistant hash function:
H(x) = x mod 2256
It’s easy to find that:
H(x) = H(x + 2256)
10. Cryptographic primitives: cryptographic hash function
A hash function H is hiding if:
when a secret value r is chosen from
a probability distribution that has high min-entropy,
then given H(r || x) it is infeasible to find x.
13. Cryptographic primitives: cryptographic hash function
A hash function H is said to be puzzle-friendly if for every possible
n-bit output y, if k is chosen from a distribution with high min-entropy,
then it is infeasible to find x such that H(k || x) = y in time significantly
less then 2n.
14. Cryptographic primitives: cryptographic hash function
Application: search puzzle
Given:
• a hash function H
• a value v, chosen from high min-entropy distribution
• a target set Y
Find value x — solution to this puzzle — such that
H(v || x) ∈ Y
15. Cryptographic primitives: digital signature
Analogy to handwritten signature
• only you can make your signature
• anyone who sees it can verify it’s valid
• it’s tied to a particular document
17. Cryptographic primitives: digital signature
We require that digital signature scheme holds following two properties:
• valid signature must verify
• signatures are unforgeable
18. Cryptographic primitives: digital signature
Unforgeability of digital signature
• it’s computationally infeasible to forge signature
• an adversary, who knows your public key and gets to see your
signatures on some other messages can’t forge your signatures on
some message for which he has not seen your signature
19. Cryptographic primitives: digital signature
Practical concerns:
• many signature algorithms are randomized and therefore we need
good source randomness
• there's a limit on the message size that you’re able to sign, in
practice you can sign the hash of the message
20. Cryptographic primitives: digital signature
Public key as an identity
• if we see message that verifies correctly under public key pubKey, then
we can think of this as pubKey is saying the message
• in order for someone to speak for the identity pubKey, they must know
the corresponding secret key
• these identities are called addresses — commonly represented with the
hash of pubKey
• you can have as many identities as you want
24. Building blocks: hash pointer
A hash pointer is
• a pointer to where data is stored
• together with cryptographic hash of the value of that data at some
fixed point in time
25. Building blocks: hash pointer
We can use hash pointers to build almost all data structures that we
could build using regular pointers.
The exceptions are data structures containing cycles.
35. Building blocks: Merkle tree
• Sorted Merkle tree — data blocks are ordered
• Proof of non-membership — it is possible to verify non-membership
in a logarithmic time and space
41. Making cryptocurrency: central authority
• Let Alice be a central authority that accepts transactions and
appends them to the block chain.
• Alice will create new block with transaction when decide that
transaction is valid.
45. Making cryptocurrency: decentralized network
• When central authority is compromised or is not operant, the whole
system is affected. It’s single point of failure.
• Central authority may not treat all users equally. Some transactions
may be significantly delayed or rejected at all.
47. Making cryptocurrency: decentralized network
In such network we have to remember that:
• network is imperfect,
• some nodes may act maliciously.
48. Making cryptocurrency: reaching consensus
Nodes must agree on:
• exactly which transactions were broadcasted,
• the order in which these transactions happened.
49. Making cryptocurrency: reaching consensus
The result is a single, global ledger consisting of a sequence of blocks,
each block containing a list of transactions, that the’ve reached
consensus on.
50. Making cryptocurrency: reaching consensus
• New transactions are broadcasted to all nodes.
• Each node verifies and collects new transactions into a block.
• In each round a random node gets to broadcast its block.
• Other nodes accept the block only if all transactions in it are valid.
• Nodes express their acceptance of the block by including its hash in
the next block they create.
62. Making cryptocurrency: reaching consensus
The key idea behind proof of work is that we approximate the
selection of random node by instead selecting nodes in proportion to a
resource that we hope that nobody can monopolize.
63. Making cryptocurrency: reaching consensus
H ( nonce | block data ) < target
• Difficult to compute.
• Parametrizable cost.
• Trivial to verify.
67. Making cryptocurrency: economy
• We can assume that we have viable cryptocurrency when we trust in
security of blockchain protocol.
• It is secure when the nodes ecosystem is healthy — majority of the
hash power is in hand of following the protocol nodes.
• The nodes are going to act honestly only when the value of the
reward for solving puzzle is high.
• And the value is high and stable only when there is a trust in the
security of the blockchain.
79. Under the hood
• The script says: that coins can be redeemed by person owns a public
identity and proves it.
• Script is a stack based language.
• Escrow transaction using multisig.
80. Under the hood
• Smart contracts.
• Solidity — Turing complete language working on EVM (Ethereum).