It’s been my first post in quite a while! Got a juicy one for you, let us learn about cryptocurrencies and the blockchain technology that underpins them.
The idea is to make this into a 3-part series ‘BANG for your Bitcoin’, starting with the basics and ending with current affairs. The middle topic will be appealing for those hardcore blockchainers out there.
WELCOME to part 1: The cryptography behind the currency; an introduction.
CONCEPT OF CRYPTOCURRENCY
To understand what relationship exists between cryptocurrencies and cryptography we need to first discuss the nature of cryptocurrencies and what services they provide. Unlike transferring a payment via a trusted authority like a bank or a service like PayPal, cryptocurrencies provide a decentralised payment network where transactions are not linked to identities, are transparent and are based on a global system of trust. The key here is Bitcoin is decentralised and does not rely on any 3rd party to provide trust between two parties.
Let’s really quickly go through the process of making an international bank transfer:
You want to make a $100 payment to your friend Mick who lives in Australia. Your bank is USAbank and Mick’s bank is called AUSSYbank. USAbank does not have a direct trust relationship with AUSSYbank however they do trust intermediary banks iBank1 and iBank2 respectively and they trust each other. Like a trust chain. The basic steps are as follows:
- You have to have an account with USAbank that you registered with your ID and proof of address.
- You go to USAbank and make a payment using the following details: Mick’s name, bank account number and routing number/sort-code. You’ll also need information about the Mick’s bank, such as its name and address + a SWIFT or IBAN number.
- USAbank will debit your account by $100
- USAbank will credit iBank1’s account by $100
- iBank1 will credit iBank2’s account by $100
- iBank2 will credit AUSSYbank’s account by $100
- AUSSYbank will credit Mick’s account by $100
- Mick gives you a call to thank you for the money!
At every step of the transfer process using either SWIFT or IBAN there will be a small transaction fee which you, the account holder, will incur. Also, this process can take around 24 hours or sometimes up to a week. At steps 3-8 each banks have to reconcile their ledgers in order to record the money going in and out of the bank.
What if there was a global ledger that everybody agreed was correct? What if every time a transaction is made it’s recorded in this ledger for everybody to see and then secured so it can never be changed? Let’s say your wallet address is 123456 and Mick’s is 456789, the global ledger would read “123456 paid $100 to 456789” – this could happen much faster than the steps we listed above! This is the concept behind the Bitcoin network, and the global ledger is called the blockchain.
BITCOIN
“123456 pays $100 to 456789”
When we read the above there are many questions we find ourselves asking;
- How can we trust sending payment to the address 456789 will reach Mick?
- Can Mick argue I sent him $1000 instead of $100?
- How is the transaction validated?
- What about fraud?
Well, with a market capitalisation worth $300 billion worldwide, cryptocurrencies need key security requirements to be met to maintain validity in the market. The Bitcoin network needs trust/non-repudiation of transactions and integrity of the distributed ledger (blockchain). As a bonus it provides pseudonymity of transactions as you do not need to register with your legal identity to get a Bitcoin Address. Interestingly, confidentiality, that would usually be provided by encryption, is not needed because the system is transparent and does not link to identities, this also looks to eradicate fraud by keeping a clear, accurate and transparent ledger of transactions which cannot be changed.
The answer to all of this is Cryptography. The beauty of mathematical algorithms mean we can satisfy basic human instincts such as trust, integrity and ownership without ever having to meet one another in real life or going through a 3rd party who has met us.
Global Trust and Non-Repudiation
Answering our first and second questions, ‘How can we trust sending payment to the address 456789 will reach Mick?’ and ‘Can Mick argue I sent him $1000 instead of $100?’ = Digital Signatures
You’ve probably heard of Digital Signatures before and the term might scare you off, but hear me out! We’ll go through the basic concept of DigSigs with no mathematics involved.
Firstly, let us think of Public-Key encryption (PKE); this concept is better known and widely used on the internet; every HTTPS website uses PKE via the SSL/TLS protocol (apologies for the acronym overload…)
Public-key encryption works on the idea of public and private keys. This means that anything encrypted using the public key can only be decrypted by the person who owns the private key.
An example is you logging into your USAbank online account; you go to their webpage and just before you enter your password your computer encrypts all your data in transit using the USAbank public key. Then when the data arrives on the USAbank server only they can decrypt it using their private key = your personal data is safe when being transferred over the internet!
A Digital Signature is the same concept but ‘esrever ni’… or in reverse. Instead of a public and private key we now have a signature and verification key. For instance, you encrypt a piece of data with your private signature key and then send it out into the world! That means anybody with your public verification key can decrypt it and verify it was definitely you that sent that information. With DigSigs we know the message was:
- Created by a known sender (authentication)
- The sender cannot deny having sent the message (non-repudiation)
- The message was not altered in transit (integrity).[1]
In the case of Bitcoin, the sender is the Bitcoin Address and the message is a single line transaction. The transaction cannot be altered because the Digital Signature would not be valid if any part of the message changed in transit. The transaction will go to Mick because his Bitcoin address is tied to his public verification key which is unique to every wallet.
Your bitcoin address: 123456 Mick’s bitcoin address: 456789 $100 = .02 bitcoin
“123456 pays 0.02 bitcoin to 456789” + DigSig_123456
This transaction is verified using your public verification key, you have 0.02 bitcoin debited from your wallet and Mick is 0.02 bitcoin richer!
Integrity of the blockchain
Let’s answer our final two questions, ‘How is the transaction validated?’ and ‘What about fraud?’ = Hash Functions
Again, we’ll go through the basic concept of a cryptographic hash function with no mathematics involved!
A hashing algorithm takes a message input and scrambles it up so it’s unidentifiable; two main properties will help with our understanding.
- It condenses or lengthens the message into a fixed length
- Each message produces a unique hash output
- The same message always produces the same hash
Why are these properties so awesome?? Well, if we provide hash digest of a message alongside the message itself we can ensure it has not been changed – this provides the integrity of our message.
The next idea we will go onto is that of our globally distributed ledger. Taking out the technology side of things (bitcoin network and miners) we will focus on how the transactions are secured within the chain.
You can see from our Digests in the image above just how random hash digests are. What if I told you that you must run though an exhaustive search of all the cryptographic hashes in order to find a hash digest that started with 12 zero’s?
0000 0000 0000 A93E D1C6 F1AS D12E BB8F C8E9 H38C
I can say it’s incredibly hard and you would have to utilise a lot of computing power to find one… this is was Bitcoin Miners do. They take a list of bitcoin transactions and hash them all together in a tree with a random number (nonce) and the hash from the most recent block in the chain, until they find a hash with the right amount of zeros at the beginning.
When a Bitcoin Miner find the correct hash they alert the Bitcoin Network community so that all the other miners can verify their finding. When the majority of miners confirm this is indeed a valid hash, the block then gets added to the chain. No previous blocks can be changed without affecting every subsequent block in the chain as all the hash digests would immediately change from their 0000… start.
You see where we’re going with this…. it’s the blockchain!
Conclusion
Overall, without cryptographic schemes such as digital signatures and hashing algorithms there would be no non-repudiation or integrity within the electronic statements promising payments between two remote parties. In short, without cryptography there would be no digital decentralised payment networks as we know them.
If you got to the end of this article you are a champion! More fun cryptography to come so watch this space for my next post about blockchain and all things geeky.
Sources
Martin KM. Everyday cryptography. 1. publ. ed. Oxford [u.a.]: Oxford Univ. Press; 2017:569.
Wikipedia Authors. Merkle tree. wikipedia.org Web site. https://en.wikipedia.org/wiki/Merkle_tree. Updated 2018. Accessed Jan 7, 2018.
Blockchain. blockchain.com Web site. https://www.blockchain.com/. Updated 2018. Accessed Jan 7, 2018.
Lantz L. New kids on the blockchain. [Ted Talks]. https://youtu.be/KP_hGPQVLpA: YouTube; 2016.
https://blockgeeks.com/guides/cryptocurrencies-cryptography/
Zoe Mackenzie 