- 1 Ⅰ How to ensure safe use of blockchains
- 2 Ⅱ How Blockchain Brings “Revolution” in Personal Data Protection
- 3 Ⅲ How the confidentiality of blockchain technology is realized
- 4 ⅣThe data in the blockchain is encrypted and how can other nodes access it.
- 5 IV What is the cryptographic algorithm of blockchain
- 6 Ⅵ Is the information on the blockchain encrypted?
- 7 VII Which companies do blockchain background encryption technology
- 8 VIII How to ensure the security of blockchain use?
Ⅰ How to ensure safe use of blockchains
A feature of blockchain projects (especially public chains) is open source. By opening the source code, it can improve the credibility of the project and allow more people to participate. But the open source code also makes it easier for attackers to attack the blockchain system. There have been many hacking incidents in the past two years. Recently, the anonymous coin Verge (XVG) has been attacked again. The attacker has locked a vulnerability in the XVG code that allows malicious miners to add fake time to blocks. Poke, and then quickly mined new blocks, earning nearly $1.75 million worth of digital currency in just a few hours. Although the subsequent attack was successfully stopped, there is no guarantee that the attackers will attack again in the future.
Of course, blockchain developers can also take some measures
One is to use professional code auditing services,
The other is to understand secure coding standards, Prevent problems before they happen.
Security of cryptographic algorithms
With the development of quantum computers, it will bring significant security threats to the cryptosystems currently used. The blockchain mainly relies on the elliptic curve public key encryption algorithm to generate digital signatures for secure transactions. At present, the most commonly used ECDSA, RSA, DSA, etc. cannot withstand quantum attacks in theory, and there will be greater risks, and more and more Researchers in the 1990s began to focus on cryptographic algorithms that were resistant to quantum attacks.
Of course, in addition to changing the algorithm, there is another way to improve security:
Refer to how Bitcoin handles public key addresses to reduce the risk of public key leakage. Potential risks. As a user, especially a Bitcoin user, the balance after each transaction is stored in a new address to ensure that the public key of the address where Bitcoin funds are stored is not leaked.
Security of consensus mechanism
Current consensus mechanisms include Proof of Work (PoW), Proof of Stake (PoS), and Delegated Proof of Stake (PoW). Proof of Stake, DPoS), Practical Byzantine Fault Tolerance (PBFT), etc.
PoW faces a 51% attack problem. Since PoW relies on computing power, when the attacker has the computing power advantage, the probability of finding a new block will be greater than that of other nodes, and then it has the ability to revoke transactions that have already occurred. It should be noted that, even in this case, the attacker can only modify his own transactions but not the transactions of other users (the attacker does not have the private keys of other users).
In PoS, the attacker can only attack successfully when he holds more than 51% of the Token amount, which is more difficult compared to the 51% computing power in PoW.
In PBFT, the system is safe when malicious nodes are less than 1/3 of the total nodes. In general, any consensus mechanism has its own conditions. As an attacker, you also need to consider that once the attack is successful, it will cause the value of the system to return to zero. Get other valuable rewards.
For designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to choose a suitable consensus mechanism or design a new consensus mechanism according to the needs of the scene.
Security of smart contracts
Smart contracts have the advantages of low operating cost and low risk of human intervention. loss. In June 2016, The DAO, the most popular project of Ethereum, was attacked, and the hackers obtained more than 3.5 million ETH, which later led to the fork of Ethereum into ETH and ETC.
There are two aspects to the proposed measures:
One is to conduct security audits on smart contracts, and the other is to follow the principles of smart contract security development.
The security development principles of smart contracts are: be prepared for possible errors and ensure that the code can correctly handle the bugs and loopholes that appear; release smart contracts cautiously, do functional testing and security testing, and fully consider Boundary; keep smart contracts concise; pay attention to blockchain threat intelligence, and check for updates in a timely manner; be clear about the characteristics of blockchain, such as cautiously calling external contracts, etc.
Security of digital wallets
Digital wallets have three main security risks: First, design flaws. At the end of 2014, a signer lost hundreds of digital assets due to a serious random number problem (repeated R value). Second, the digital wallet contains malicious code. Third, lost assets caused by lost or damaged computers and mobile phones.
There are four main countermeasures:
One is to ensure the randomness of the private key;
The other is to verify the hash value before the software is installed , to ensure that the digital wallet software has not been tampered with;
The third is to use a cold wallet;
The fourth is to back up the private key.
Ⅱ How Blockchain Brings “Revolution” in Personal Data Protection
BlockchainHow to bring about a “revolution” in personal data protection
The US media disclosed on the evening of the 17th local time that the British “Cambridge Analytica” company, which was deeply involved in the scandal of misusing personal privacy data, originally planned to launch a personal privacy data storage service and use block Chain technology is sold in the form of cryptocurrencies. The concept of personal information encryption is not new. The key to this idea is everyone’s autonomy over personal information. Some industry insiders believe that blockchain technology could bring about a “revolution” in personal data protection.
In the era of big data, personal data is considered as precious as gold. Personal data leakage is worrying, but it is impossible for most people to cut off the connection with the Internet because they are afraid of data collection. At this stage, companies, schools, hotels, social networking sites, etc. that are responsible for keeping personal information are often not responsible. Experts believe that blockchain technology, as a kind of “middleware” with the characteristics of encryption, trust, point-to-point, and difficult to tamper, is expected to solve this problem.
The emergence of blockchain technology has transferred the control of personal data from Internet companies to users themselves, making it possible for everyone to control their personal data. Through it, users’ personal data can be associated with personal digital ID cards, users can choose whether the digital ID card is anonymous, pseudonymous or public, and can also access the blockchain application platform from any device anytime, anywhere, and control their Internet personal data.
For example, the information of someone’s ID number on the blockchain may be converted into a string of ciphertext, and the face image information is also encrypted. When he checks in at the hotel, he only needs to send the ciphertext of his ID card number to the hotel through the application, and the hotel compares the information with the encrypted data on the blockchain application. He does not need to know any of his real information, but as long as the encrypted data is compared Check-in is guaranteed if the results match.
At the same time, the development of big data and artificial intelligence requires a large amount of user data resources. Users can selectively sell their personal data as encrypted currency and receive a certain return at the same time. For example, if an e-commerce company needs user data to develop a new application, users can choose to sell their shopping history data, but their information such as their address and account number can still be kept secret.
In the field of gene sequencing, blockchain applications have begun to challenge the “money-making” of traditional gene sequencing companies selling personal data.
Gene sequencing services for ordinary people have become very popular in recent years. Take the American “23 and I” chromosome biotechnology company as an example, consumers can get family genetic information for less than $100 and a few mouthfuls of saliva, and if they pay another $80, they can get the genetic health risk based on the original data. In-depth analysis, etc. However, this company is not satisfied with the revenue of sequencing services, and has also packaged and sold the millions of customer genetic data it holds to pharmaceutical companies. The Parkinson’s disease data sold in early 2015 alone was as high as 60 million US dollars. Many similar biotech companies “earn double the money” by reselling consumers’ data while receiving service revenue from consumers.
In February of this year, Harvard geneticist George Church founded the “Nebula Gene” company, hoping to break this pattern through blockchain technology. The company plans to complete whole-genome sequencing for less than $1,000, which is borne by the client. In return, the client has the autonomy of the sequencing data while intuitively understanding the disease risk associated with their genetic information. The genetic information will be secured through blockchain technology, and at the same time, it will be encrypted and stored and sold according to the wishes of customers.
The company plans to launch a “Nebulas Coin” as a medium of exchange, where customers can exchange their genetic information for “Nebulas Coins”, and can also use “Nebulas Coins” to pay for their own sequencing, pharmaceutical companies can use The traditional currency purchases “Nebulas Coin” to obtain the genetic information data of ordinary people. The entire transaction process is completed through the blockchain platform, which is encrypted, transparent and secure.
Church said that after a combination of factors such as sequencing costs, genetic information protection, data management, and genomic big data processing, blockchain technology allows more people to truly “own” their genetic information.
Ⅲ How the confidentiality of blockchain technology is realized
Because blockchain technology has natural advantages for realizing smart contracts.
Bitcoin, Ruitecoin, Litecoin, Ethereum and other digital cryptocurrencies all use blockchain technology.
Blockchain is an important concept of Bitcoin. It is essentially a decentralized database and serves as the underlying technology of Bitcoin. A blockchain is a series of data blocks that are associated using cryptographic methods. Each data block contains the information of a Bitcoin network transaction, which is used to verify the validity of its information (anti-counterfeiting) and generate the next block.
ⅣThe data in the blockchain is encrypted and how can other nodes access it.
“Dragon Wheel Network” is happy to answer your questions.
First of all, the encryption in the blockchain technology refers to that the data is compiled with an encryption technology during transmission, not to encrypt the displayed data, because the blockchain also One feature is that information is open and transparent. All transaction records, asset quantities and other information stored on the blockchain can be traced and queried. When a transaction is completed in the blockchain, the initiator will be notified of the transaction. For the origin to broadcast to the surrounding, synchronize the information to the surrounding nodes, these nodes that receive the information will continue to broadcast to the surrounding and continue to send the information to the surrounding nodes. In the end, the transaction information will be spread to the whole network, realizing the common accounting of the whole network.
Therefore, this data is visible to everyone, but cannot be modified, which is equivalent to a “read-only” state, which is another major feature of the blockchain, “tamper-proof”.
What is used in the blockchain is “asymmetric encryption technology”, that is, encryption and decryption are not using the same key, usually there are two keys, called “public key” and “public key”. Private key”, the two of them must be used in pairs, otherwise the encrypted file cannot be opened. The “public key” here means that it can be published to the outside world, while the “private key” cannot, and can only be known by the holder. Its advantage is here, because if the symmetric encryption method is to transmit encrypted files on the network, it is difficult not to tell the other party the key, and no matter what method is used, it may be eavesdropped. The asymmetric encryption method has two keys, and the “public key” among them can be made public, so there is no fear of others knowing. The recipient only needs to use his own private key when decrypting, which is very good. The security problem of the transmission of the key is avoided.
The private key is usually only needed when you need to use the digital currency in your encrypted wallet. When you want to initiate a transfer transaction, you must use your own private key pair The abstract is encrypted asymmetrically. The public key and the private key are the only correspondences. If the data is encrypted with the public key, the decryption can only be achieved with the corresponding private key.
I hope the answer from “Longlu Network” can help you.
IV What is the cryptographic algorithm of blockchain
As an emerging technology, blockchain has attracted more and more attention, and it is a new application of traditional technology in the Internet era , which includes distributed data storage technology, consensus mechanism and cryptography. With the creation of various blockchain research consortia, related research has received more and more funding and personnel support. Hash algorithm, zero-knowledge proof, ring signature and other cryptographic algorithms used in blockchain:
As the basic technology of blockchain, the essence of Hash function is to A (finite) set of data of arbitrary length is mapped into a set of data streams of defined length. If this function satisfies both:
(1) The calculation of the Hash value of any input set of data is very simple;
(2) It is computationally difficult to find 2 different data with the same hash value.
A Hash function that satisfies the above two properties is also called an encrypted Hash function. If there is no contradiction, the Hash function usually refers to the encrypted Hash function. For the Hash function, finding such that it is called a collision. Currently popular Hash functions are MD5, SHA1, SHA2, SHA3.
Bitcoin uses SHA256, and most blockchain systems use the SHA256 algorithm. So let’s introduce SHA256 first.
1, SHA256 algorithm steps
STEP1: Additional padding bits. Pad the message so that the message length is congruent with 448 modulo 512 (length = 448 mod 512), the number of padding bits ranges from 1 to 512, the highest bit of the padding bit string is 1, and the remaining bits are 0.
STEP2: Additional length value. Append the bit length of the initial message (before padding) in 64-bit to the result of step 1 (low-order byte first).
STEP3: Initialize the cache. A 256-bit cache is used to store the intermediate and final results of the hash function.
STEP4: Process 512-bit (16 words) packet sequence. The algorithm uses six basic logic functions and consists of 64 iterative operations. Each step takes a 256-bit cached value as input, and then updates the cached content. Each step uses a 32-bit constant value Kt and a 32-bit Wt. Where Wt is the packet after grouping, t=1,2,…,16.
STEP5: After all 512-bit packets are processed, the output of the last packet of the SHA256 algorithm is a 256-bit message.
2. Ring signatures
In 2001, three cryptographers, Rivest, shamir and Tauman, first proposed ring signatures. is a simplified group signature, with only ring members and no managers, no�Cooperation among ring members is required. In the ring signature scheme, the signer first selects a temporary set of signers, which includes signers. Then the signer can generate the signature independently by using his own private key and the public key of others in the signature set without the help of others. Members of the signer set may not be aware that they are included.
The ring signature scheme consists of the following parts:
(1) Key generation. A key pair (public key PKi, private key SKi) is generated for each member in the ring.
(2) Signature. The signer uses his private key and the public keys of any n ring members (including himself) to generate a signature a for message m.
(3) Signature verification. According to the ring signature and the message m, the verifier verifies whether the signature is signed by the members in the ring, if it is valid, it will be received, otherwise it will be discarded.
The properties satisfied by ring signatures:
(1) Unconditional anonymity: an attacker cannot determine which member of the ring the signature is generated by, even after obtaining the private In the case of the key, the probability does not exceed 1/n.
(2) Correctness: The signature must be verifiable by all others.
(3) Unforgeability: other members in the ring cannot forge the signature of the real signer, and an external attacker cannot forge a signature for message m even if he obtains a valid ring signature.
3. Comparison of ring signature and group signature
(1) Anonymity. It is a system in which individuals sign on behalf of the group. The verifier can verify that the signature is signed by a member of the group, but cannot know which member it is, so as to achieve the function of the signer’s anonymity.
(2) Traceability. In the group signature, the existence of the group administrator ensures the traceability of the signature. Group admins can revoke signatures, revealing the real signers. Ring signatures by themselves cannot reveal the signer unless the signer wants to reveal or add additional information to the signature. A verifiable ring signature scheme is proposed. In the scheme, the real signer wants the verifier to know his identity. At this time, the real signer can prove his identity by revealing his secret information.
(3) Management system. The group signature is managed by the group administrator, and the ring signature does not need to be managed. The signer only has to select a possible set of signers, obtain its public key, and then publish the set. All members are equal.
The Xueshuo Innovative Blockchain Technology Workstation under Lianqiao Education Online is the only approved “Smart Learning Workshop 2020 – Xueshuo Innovation Workstation” carried out by the School Planning and Construction Development Center of the Ministry of Education of China. “Blockchain Technology Professional” pilot workstation. The professional station is based on providing students with diversified growth paths, promotes the reform of the combination of professional degree research, production, study and research, and builds an applied and compound talent training system.
Ⅵ Is the information on the blockchain encrypted?
The encryption of the Jinwowo blockchain can ensure that the data source is better protected while calling big data privacy, so as to prevent the bad phenomenon of reselling data.
VII Which companies do blockchain background encryption technology
The application of blockchain technology is mainly based on several characteristics of blockchain technology. A big feature of blockchain technology is that information cannot be tampered with. Once the information is verified and added to the blockchain, it will be permanently stored. Unless more than 51% of the nodes in the system can be controlled at the same time, a single node will Modifications to the database on the Internet are invalid, so the data stability and reliability of the blockchain are extremely high. For example, Yingtang Zhongchuang can provide background encryption services with blockchain as the underlying technology, and its encryption technology can fundamentally ensure the security and storage of data.
VIII How to ensure the security of blockchain use?
Blockchain itself solves the problem of large-scale collaboration between strangers, that is, strangers do not need to trust each other can cooperate with each other. So how to ensure the trust between strangers to achieve mutual consensus mechanism? The centralized system uses a trusted third-party endorsement, such as a bank, which is a reliable and trustworthy institution in the eyes of the common people. The common people can trust the bank, and the bank will solve the real disputes. But how does a decentralized blockchain guarantee trust?
In fact, the blockchain uses the basic principles of modern cryptography to ensure its security mechanism. The knowledge system involved in the field of cryptography and security is very complicated. Here I will only introduce the basic knowledge of cryptography related to blockchain, including Hash algorithm, encryption algorithm, information digest and digital signature, zero-knowledge proof, quantum cryptography, etc. You can use this lesson to learn how the blockchain under cryptography guarantees its confidentiality, integrity, authentication and non-repudiation.
Basic Course Lesson 7 Blockchain Security Basics
1. Hash Algorithm (Hash Algorithm)
Hash function (Hash), also known as hash function. Hash function: Hash (original information) = digest information, a hash function can map a binary plaintext string of any length into a shorter (usually fixed-length) binary string (Hash value).
A good hash algorithm has the following four characteristics:
1. One-to-one correspondence: the same plaintext input and hash algorithm can always get the same output of the abstract information.
2. Input sensitivity: Even if the plaintext input has any slightest change, the newly generated summary information will change greatly, which is hugely different from the original output.
3. Easy to verify: both the plaintext input and the hash algorithm are public, and anyone can calculate whether the output hash value is correct.
4. Irreversible: If there is only the output hash value, it is absolutely impossible to deduce the plaintext by the hash algorithm.
5. Collision avoidance: It is difficult to find two pieces of plaintext with different contents, but their Hash values are the same (collision).
Hash (Zhang San lent Li Si 100,000 for a loan period of 6 months) = 123456789012
A record of 123456789012 is recorded in the ledger.
It can be seen that the hash function has 4 functions:
It is well understood, the information after hashing becomes shorter.
123456789012 can be used to identify the original information, and the summary information is also called the id of the original information.
The ledger is a record of 123456789012, and the original information is hidden.
If Li Si deceived during repayment that Zhang San only lent Li Si 50,000, both parties can use the hash value and the previously recorded hash value of 123456789012 to verify the original information
Hash (Zhang San lent Li Si 50,000 yuan for a loan period of 6 months)=987654321098
987654321098 is completely different from 123456789012, which proves that Li Si lied, and successfully guarantees that the information cannot be tampered with .
Common Hash algorithms include MD4, MD5, and SHA series algorithms. Now, the SHA series algorithms are basically used in mainstream fields. SHA (Secure Hash Algorithm) is not an algorithm, but a set of hash algorithms. It was originally the SHA-1 series, and now the mainstream applications are SHA-224, SHA-256, SHA-384, SHA-512 algorithms (commonly known as SHA-2), and recently SHA-3 related algorithms have also been proposed, such as those used by Ethereum The KECCAK-256 belongs to this algorithm.
MD5 is a very classic Hash algorithm, but unfortunately both it and the SHA-1 algorithm have been cracked. It is considered by the industry that its security is not enough to be used in commercial scenarios. Generally, at least SHA2-256 or more is recommended. Safe algorithm.
Hash algorithms are widely used in blockchains. For example, in a block, the next block will contain the hash value of the previous block, and the content of the next block + the value of the previous block. The hash value jointly calculates the hash value of the next block, which ensures the continuity and immutability of the chain.
Second, Encryption and Decryption Algorithms
Encryption and decryption algorithms are the core technologies of cryptography, and can be divided into two basic types in terms of design concepts: symmetric encryption algorithms and asymmetric encryption algorithms. According to whether the keys used in the encryption and decryption process are the same, the two modes are suitable for different needs and just form a complementary relationship. Sometimes they can also be used in combination to form a hybrid encryption mechanism.
Symmetric cryptography (also known as public key encryption, common-key cryptography), the encryption and decryption keys are the same, its advantages are high computational efficiency and high encryption strength; its disadvantage is that it needs to be advanced in advance Shared keys are easy to leak and lose keys. Common algorithms are DES, 3DES, AES, etc.
Asymmetric cryptography (also known as public key encryption, public-key cryptography), which is different from the encryption and decryption keys, has the advantage that it does not need to share keys in advance; Only short content can be encrypted. Common algorithms include RSA, SM2, ElGamal and elliptic curve series algorithms. Symmetric encryption algorithm, suitable for the encryption and decryption process of a large amount of data; cannot be used for signature scenarios: and it is often necessary to distribute keys in advance. Asymmetric encryption algorithms are generally suitable for signature scenarios or key agreement, but are not suitable for encryption and decryption of large amounts of data.
Third, information digest and digital signature
As the name implies, information digest is to perform Hash operation on the information content to obtain a unique digest value to replace the original complete information content. Information digest is one of the most important uses of the Hash algorithm. Using the anti-collision feature of the Hash function, the information digest can solve the problem that the content has not been tampered with.
Digital signature is similar to signing a paper contract to confirm contract content and prove identity. Digital signature is based on asymmetric encryption, which can be used to prove the integrity of a digital content and at the same time confirm the source (or non-repudiation) .
We have two feature requirements for digital signatures that match our expectations for handwritten signaturesConsistent. First, only you can make your own signature, but anyone who sees it can verify its validity; second, we want the signature to only be related to a specific document and not support other documents. All of these can be digitally signed through our asymmetric encryption algorithm above.
In practice, we generally sign the hash value of the information, rather than the information itself, which is determined by the efficiency of the asymmetric encryption algorithm. Corresponding to the blockchain, the hash pointer is signed. In this way, the entire structure is in front, not just the hash pointer itself.
Fourth, zero knowledge proof (Zero Knowledge proof)
Zero knowledge proof means that the prover makes the verifier believe that a certain assertion is correct without providing any additional information to the verifier.
Zero-knowledge proof generally meets three conditions:
1. Completeness: a true proof can allow the verifier to successfully verify;
2. Soundness: a false proof The verifier cannot be verified;
3. Zero-Knowledge: If it is proved, no information other than the proof information can be obtained from the proof process.
5. Quantum cryptography
As the research on quantum computing and quantum communication attracts more and more attention, quantum cryptography will have a huge impact on the security of cryptographic information in the future.
The core principle of quantum computing is that qubits can be in multiple coherent superposition states at the same time. In theory, a large amount of information can be expressed through a small number of qubits and processed at the same time, which greatly improves the computing speed.
In this case, a large number of current encryption algorithms are theoretically unreliable and can be cracked, so the encryption algorithm has to be upgraded, otherwise it will be broken by quantum computing.
As we all know, quantum computing is still only in the theoretical stage, and there is still a long way to go before large-scale commercial use. However, the new generation of encryption algorithms must take into account the possibility of this situation.