Cryptography is the practice of using mathematical and computational techniques to secure information and communication. Cryptography ensures:
Confidentiality: Keeps information secret from unauthorized parties.
Authentication: Verifies the origin of data, ensuring it came from a specific sender or source.
Integrity: Confirms that the message or data has not been altered.
Non-repudiation: Prevents a sender or creator from denying involvement in sending encrypted data.
How does cryptography work?
Cryptography transforms original data into secure formats using cryptographic functions. These functions generally fall into two categories:
Two-way: Encryption is a reversible process that uses an algorithm called a cipher to convert readable data (plaintext) into an unintelligible format (ciphertext). Only the intended recipient, equipped with the appropriate decryption key, can transform the ciphertext back into plaintext.
Ciphers utilize different techniques to transform plaintext into ciphertext. The two primary methods include:
Substitution ciphers: These ciphers replace components of the plaintext (such as letters, numbers, or symbols) with other elements to obscure the original message. For example, a substitution cipher might replace every "A" with "X."
Permutation (transportation) ciphers: Permutation ciphers rearrange the order of the original characters to create ciphertext. For instance, the letters of a message might be shuffled according to a specific pattern.
One-way: These functions do not make the original data retrievable. Instead, they seek to prove certain properties or verify knowledge about the data. Examples include cryptographic hash functions, which generate fixed-length outputs uniquely representing the input data.
Types of cryptography
Cryptography is categorized into three main types: symmetric cryptography, asymmetric cryptography, and one-way hash functions. Each type serves unique purposes and employs distinct methods for securing data.
Symmetric cryptography
Symmetric cryptography uses a single key for both encryption and decryption. Both the sender and the recipient must share and securely maintain this secret key. Symmetric encryption is known for its speed and efficiency, making it suitable for encrypting large amounts of data.
Types of symmetric algorithms:
Block ciphers: Encrypt data in fixed-size blocks.
Stream ciphers: Encrypt data one bit or byte at a time.
Asymmetric cryptography
Asymmetric cryptography, also known as public-key cryptography, uses a pair of keys: a public key for encryption and a private key for decryption. This approach eliminates the need for sharing secret keys, enhancing security in environments where key distribution is challenging.
Types of asymmetric algorithms:
Rivest-Shamir-Adleman (RSA): Widely used for secure data transmission between web browsers and servers, such as Secure Socket Layers (SSL).
Elliptic Curve Cryptography (ECC): Provides strong security with smaller key sizes, often used in blockchain protocols.
Hash functions
One-way hash functions transform input data into a fixed-length hash value that cannot be reversed to retrieve the original data. These functions are primarily used for data integrity verification and digital signatures.
They are preimage resistant - given an output, it would take an impractical amount of time and computing power to find the preimage (original input). Original messages can only realistically be obtainable by brute force - trying to guess all possible outcomes.
Collision resistant - computationally infeasible for two inputs to produce the same hash. It’s like picking out a specific atom in the universe, and someone else picks the exact same one.
Types of hash functions:
SHA (Secure Hash Algorithm): Includes SHA-2 and SHA-3 families, widely used in Bitcoin’s Proof of Work (PoW) mechanism.
Keccak: Blockchain platforms like Ethereum use the Keccak256 hash function throughout their protocols for generating addresses, transaction hashes, and block hashes.
Cryptography in blockchains
Blockchains generally use asymmetrical (public-key) cryptography and hash functions to ensure security and integrity. Here are some ways that cryptography is used in blockchains:
Digital signatures: Blockchain networks use digital signature algorithms like the Elliptic Curve Digital Signature Algorithm (ECDSA). Transaction data is hashed and signed with the sender's private key, creating a unique signature that verifies the transaction’s authenticity.
Verification process: The recipient or network nodes use the sender’s public key to validate the signature, ensuring the transaction has not been tampered with and originated from the claimed sender.
Merkle trees: Hash functions construct Merkle trees by continually hashing transactions together, allowing efficient and secure verification of transactions within a block.
Sybil resistance mechanisms:Proof-of-work (PoW) and proof-of-stake (PoS) require significant resources (computation or stake), making it infeasible for attackers to pretend to be multiple users. For example, validators in Ethereum must stake 32 ETH to participate in block validation.
Block integrity: Each block contains a cryptographic hash of the previous block, creating an unbroken chain of cryptographic proofs. Any attempt to modify a block's data would invalidate its hash and break the cryptographic chain from the modified block onward.
Cryptocurrencies: Digital assets use cryptographic techniques to secure and verify peer-to-peer transactions, reducing reliance on traditional intermediaries like banks, credit card companies, or governments.
Zero-Knowledge Proofs(ZKP): Some blockchain systems employ zero-knowledge proofs to verify identity or transaction validity without revealing sensitive information. For example, ZKsync uses ZKPs to cryptographically prove the validity of off-chain batches in zero-knowledge (ZK) rollups. The ZK rollup operator generates a proof of validity and submits it to Ethereum for finalization.
