Cryptography – digital signature and hashing algorithm
Cryptographic hashing is a way to generate a fixed-length output against any given length of input string. The output is named hash or message digest, and is designed to protect the integrity of any kind of data, such as a file, media, or text. Only one message digest is assigned to protect a specific input or sensitive information. A small change made to the input data results in a drastic difference in the result, which makes it almost impossible to predict the data either in- motion or at rest. There are various ways to produce the hash or the message digest. In the world of cryptocurrency, and Bitcoin being a popular example, the SHA-265 algorithm is used to produce a fixed-length 256-bit hash or message digest against each block.
Let's understand how the SHA-256 algorithm works. There are several free web tools available to generate a SHA-256 hash. We are using the following website for demonstration purposes: https://passwordsgenerator.net/sha256-hash-generator/.
Let's start by generating a hash:
- The first input message is this:
"Hi" Hash =3639efcd08abb273b1619e82e78c29a7df02c1051b1820e99fc395dcaa3326b8
- The second input message is this:
"Welcome to the world of Blockchain"
Hash = d6d937bbd71b1184e588dffb50709e0fc4d8e7323df3acd98f2826a3601793ef
- Third, in the context of cryptocurrency, the input message is this:
"Mike is paying John $200 at Jan 23, 2017"
Hash = 5afef671f79cab507aba379a84477d637aac6ad72456ef3c35a39476e886b9d0
To ensure that the transferred file is not corrupted, the receiver can always compare the calculated hash with a given hash to know the author of the file or any of its content. In the world of blockchain, hashing is the backbone of its immutability characteristic. The hashing process ensures that none of the blocks in the ledger are altered or tampered with. Instead of keeping track of each transaction's details, such as Mike pays $20 to John on July 20, 2017, Kevin Legal document has been received dated September 21, 2017, and Tom has completed a trip from Houston to Dallas on November 22, 2017, blockchain and nodes just have to remember and keep a track of its respective hash.
Let's understand how the blockchain makes use of the hashing algorithm. In blockchain, a node arranges the entire ledger in the form of chronologically connected blocks. To ensure that the ledger remains tamper-proof, each block is made dependable on the previous block. In other words, a new block can't be produced without having the hash of a previous block. Before adding a new block in the ledger, this has to be approved and verified by every node in the blockchain. This allows anyone to tamper or alter with the ledger except in the case of a hacker, who is capable enough of infecting and compromising all of the millions of nodes in the blockchain at the same time. Only the first block called the genesis block is produced itself and points to itself. The following diagram shows the simplified Bitcoin blockchain:
Every block points to the hash of the previous hash block, and this becomes the backbone of the blockchain's immutable system. Now, even if a block in between is altered or disturbed by any means, a hacker can never achieve the same blockchain as a small change in the block can result in a drastic change in the resulting hash. With thousands upon thousands of transactions in every block, it becomes extremely difficult to find one transaction that won't be time consuming and process-sensitive. To avoid this complex work, a comprehensive hash tree has been developed named the Merkle tree. The following diagram shows the Merkle tree:
The purpose of the hash arrangement is to simplify the process of locating a single transaction hash out of thousands.
Digital signatures already work in the core of many organization's security controls by proving the authenticity of transmitted data and preventing forgery. Digital signatures ensure that transactions happen between two validated and authenticated parties. In the physical world, everyone is identified by their unique and permanent national identity number, such as a social security number (SSN) in the US, a National Registration Identity Card (NRIC) in Singapore, a National Insurance Number (NINO) in the UK, a Unique Identification Authority of India (UIDAI) in India, and many more. Government bodies keep track of every financial transaction, property transaction, and legal transaction among citizens and in the government itself, based on their unique identification numbers that carry information regarding their personal details and even biometric details, which are then verified when they complete a transaction. In the digital world, digital signatures play a critical role in guaranteeing transactions between two authenticated parties. Now, let's understand why blockchain needs a digital signature.
In blockchain technology, each node maintains a blockchain ledger with an administrative role. Anyone can add their transaction into the ledger with its own digital identity. The good and the bad news related to blockchain technology are as follows:
- Bad news: Digital identity is all about 1s and 0s, which makes for a higher probability of forgery. Any of the parties can attempt a fraudulent entry into the ledger by simply copying the digital identity of the victim node.
- Good news: The blockchain network makes use of private and public key pairs. Each node will have its own private and public key pair. Digital signatures and hashing work together with blockchain to understand how both fundamental technologies work hand-in-hand to keep blockchain working with high-grade security.
Let's say that party A wants to send transaction information to party B. To keep our focus on blockchain, Bitcoin mining has been removed, though performing a financial transaction needs to have a successful mining process. Party A has a transaction due, and is ready to announce it. The message is Party A sends $200 to Party B on July 23, 2017 at 03:00 EST.
To avoid any kind of forgery, party A has to use an asymmetric key pair, also known as a private/public key pair. The information is signed by the private key, and this remains private with party A. Let's assume that party A has a private key or a secret key of Blockchain#123, and the message is Party A sends $200 to Party B on July 23, 2017 at 03:00 EST. Signing the message with the SHA256 message digest algorithm would look as follows:
Readers can also perform the same operation with the tool mentioned in the link at https://www.freeformatter.com/hmac-generator.html. The following is the computed Hash-based Message Authentication Code (HMAC):
Now, each transaction consists of three important elements: the digital signature that resembles the source address, the public key that indicates the destination, and finally the transaction information.
This transaction reaches party B as well as the other participants who verified this transaction with a public key. After successful validation, the transaction is confirmed.