Blockchain QuickStart Guide: Explore Cryptography, Cryptocurrency, Distributed Ledger, Hyperledger Fabric, Ethereum, Smart Contracts and dApps
By Dr. Kalpesh Parikh and Amit Johri
()
About this ebook
First, you should have a working grasp of cryptography, cypher modes, digital signatures, and digital certificates, all of which are thoroughly covered in the first chapter of this book. By gradually introducing you to Distributed Ledger Technology, you can start understanding blockchain. After that, you'll become acquainted with fundamental blockchain concepts like consensus models, algorithms, and procedures. You'll learn about blockchain platforms such as Ethereum and Hyperledger Fabric that enable the development of DApps, DeFi applications, and systems driven by blockchains. Additionally, concepts such as smart contracts, the Ethereum virtual machine, accounts, wallets, GAS, and mining are explained briefly and simplified. The book analyses current blockchain developments, various blockchain as a Service (BaaS) platforms and helps you to gain a better grasp of the technology.
Throughout the book, you will understand multiple blockchain principles, procedures, tools, and platforms required to begin developing blockchain-based business networks.
Read more from Dr. Kalpesh Parikh
Combining DataOps, MLOps and DevOps: Outperform Analytics and Software Development with Expert Practices on Process Optimization and Automation Rating: 0 out of 5 stars0 ratingsRevolutionizing Metaverse: Delve into the building blocks of Metaverse Commerce (English Edition) Rating: 0 out of 5 stars0 ratings
Related to Blockchain QuickStart Guide
Related ebooks
Building Decentralized Blockchain Applications: Learn How to Use Blockchain as the Foundation for Next-Gen Apps (English Edition) Rating: 0 out of 5 stars0 ratingsBlockchain Simplified: A Comprehensive Beginner's Guide to Learn and Understand Blockchain Technology Rating: 0 out of 5 stars0 ratingsGrowing with Blockchain: From disruptive potential to operational reality Rating: 0 out of 5 stars0 ratingsBlockchain for Business with Hyperledger Fabric: A complete guide to enterprise blockchain implementation using Hyperledger Fabric Rating: 0 out of 5 stars0 ratingsSecure Chains: Cybersecurity and Blockchain-powered Automation Rating: 0 out of 5 stars0 ratingsThe AI Dilemma: A Leadership Guide to Assess Enterprise AI Maturity & Explore AI's Impact in Your Industry (English Edition) Rating: 0 out of 5 stars0 ratingsCommercializing Blockchain: Strategic Applications in the Real World Rating: 0 out of 5 stars0 ratingsBlockchain: The Untold Story: From birth of Internet to future of Blockchain Rating: 0 out of 5 stars0 ratingsBlockchain in e-Governance: Driving the next Frontier in G2C Services (English Edition) Rating: 0 out of 5 stars0 ratingsMetaverse and Web3: A Beginner’s Guide: A Digital Space Powered with Decentralized Technology (English Edition) Rating: 0 out of 5 stars0 ratingsArtificial Intelligence for Students: A comprehensive overview of AI's foundation, applicability, and innovation (English Edition) Rating: 0 out of 5 stars0 ratingsData Privacy Fintech A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsSoftware Design Pattern A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsBlockchain Consortium The Ultimate Step-By-Step Guide Rating: 0 out of 5 stars0 ratingsAPIs A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsSOA-Based Enterprise Integration: A Step-by-Step Guide to Services-based Application Rating: 0 out of 5 stars0 ratingsBlockchain And Supply Chain Management A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsAI And IoT A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsBlockchain In Supply Chain A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsAI And Machine Learning A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsBuilding Bots with Microsoft Bot Framework Rating: 0 out of 5 stars0 ratingsWeb Application Developer Second Edition Rating: 0 out of 5 stars0 ratingsBlockchain Adoption in Supply Chain Management and Logistics Rating: 0 out of 5 stars0 ratingsBlockchain Technology for Emerging Applications: A Comprehensive Approach Rating: 0 out of 5 stars0 ratingsEnd of Abundance in Tech: How IT Leaders Can Find Efficiencies to Drive Business Value Rating: 0 out of 5 stars0 ratings
Internet & Web For You
No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State Rating: 4 out of 5 stars4/5How to Disappear and Live Off the Grid: A CIA Insider's Guide Rating: 0 out of 5 stars0 ratingsSocial Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Coding For Dummies Rating: 5 out of 5 stars5/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Six Figure Blogging Blueprint Rating: 5 out of 5 stars5/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5The Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5The Gothic Novel Collection Rating: 5 out of 5 stars5/5Get Rich or Lie Trying: Ambition and Deceit in the New Influencer Economy Rating: 0 out of 5 stars0 ratingsCoding All-in-One For Dummies Rating: 4 out of 5 stars4/5200+ Ways to Protect Your Privacy: Simple Ways to Prevent Hacks and Protect Your Privacy--On and Offline Rating: 0 out of 5 stars0 ratingsPodcasting For Dummies Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Beginner's Guide To Starting An Etsy Print-On-Demand Shop Rating: 0 out of 5 stars0 ratingsMore Porn - Faster!: 50 Tips & Tools for Faster and More Efficient Porn Browsing Rating: 3 out of 5 stars3/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsThe Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5The Internet Is Not What You Think It Is: A History, a Philosophy, a Warning Rating: 4 out of 5 stars4/5How To Start A Podcast Rating: 4 out of 5 stars4/5How to Destroy Surveillance Capitalism Rating: 4 out of 5 stars4/5Introduction to Internet Scams and Fraud: Credit Card Theft, Work-At-Home Scams and Lottery Scams Rating: 4 out of 5 stars4/5
Reviews for Blockchain QuickStart Guide
0 ratings0 reviews
Book preview
Blockchain QuickStart Guide - Dr. Kalpesh Parikh
CHAPTER 1
Cryptography – The Basics
Introduction
When communicating, the confidentiality of messages needs to be ensured so that no one other than the intended recipient of the message can receive the message content. Cryptography introduces this security and secrecy in message communication as also in the information by concealing their contents.
Cryptography disguises the message/information and hides its contents. The annotation given to an encrypted message by encryption is ciphertext, and the process by which this ciphertext is converted back into plain text is decryption.
It is important to be an indispensable tool for protecting information in computer systems, used for encryption and decryption of data it is vital to communication today.
A specific set of skills are required to create layered algorithms and mathematical problems, including analytical skills, technical abilities, and effective communication.
Cryptography professionals need to have a strong understanding of mathematical principles, such as linear algebra, number theory, and combinatorics. Professionals apply these principles when they are designing and deciphering strong encryption systems. Basic knowledge of computer science and a secondary level of mathematics knowledge are the pre-requisites.
Structure
In this chapter, the following topics will be covered:
Introducing cryptography
Strength of cryptography
Requirement of cryptography
Cryptography techniques
Cipher modes
Symmetric
Asymmetric
BlockStream
Your identity—the digital signatureo
Working of digital signature
Creating a digital signature
Digital signature classes
Digital signature uses
Hash functions
Use of hash functions in blockchain
Hash function security for blockchain
Types of hash functions
Digital certificates
Obtaining a digital certificate—the process
Conclusion
Keywords
Questions
Objectives
The chapter’s objectives include introducing you to cryptography, explaining its strength, knowing its requirement, and providing an understanding of cryptography techniques. The various cipher modes—symmetric, asymmetric, block, and stream are described. The authentication of an electronic document is important, and the way to ensure it is through digital signature, explain the working of digital signature, learn to create a digital signature, and describe the three classes of digital signatures. An understanding of several use cases of digital signatures is provided. There are extremely useful functions that appear in many information security applications called the hash functions. We discuss the use of hash functions in blockchain, hash function security for blockchain, and types of hash functions. We explain that a credential of establishing whether a public key belongs to the intended owner is done by the digital certificate and know how to obtain a digital certificate.
After reading this chapter, you will be able to understand the basics of algorithms and how they are used in cryptography, identify the differences between asymmetric and symmetric algorithms, understand concepts of cryptography, and how they relate to network security.
Introducing cryptography
The method of securing messages/information and communication through wires by using codes so that only those for whom the message/information is intended can read and process it. The words "hidden or
vault stand for
crypt and the word
writing stands for
graphy".
The mathematical concepts, protocols, rule-based calculations called algorithms are used to transform messages that are hard to decipher and secure messages/information and communication by cryptography in computer science. For digital signing, protecting data privacy, Internet Web browsing, verification of cryptographic key generation, and confidential communications such as credit/debit card transactions and e-mail, these algorithms are used, which are deterministic in nature.
A cipher is a cryptographic algorithm, a mathematical function used by the encryption and decryption process.
A key which may be a word, a number, or a phrase, is used to encrypt the plaintext, and it works in combination with a cryptographic algorithm.
The same plaintext encrypts to different ciphertext with different keys.
The following figure shows cryptography at work:
Figure 1.1: Cryptography at work
The plaintext which is sent by the sender through the wire is encrypted into ciphertext, which then is decrypted into plaintext for the recipient to receive. To encrypt and decrypt the message, the same shared secret key is used.
Cryptography’s primary functions are as follows:
Privacy and confidentiality ensure that no one other than the intended receiver can read the message.
The process of authentication ensures proving one’s identity.
The message has not been altered in any way from the original is assured to the receiver receiving the message by integrity.
The sender really sent this message is proven by the mechanism of non-repudiation.
The method used by crypto keys that are shared between the sender and the receiver is key exchange.
Starting with the unencrypted data, referred to as plaintext in cryptography, the plain text is encrypted into ciphertext, which in turn will be decrypted back into plaintext. The encryption and decryption done are based on the type of cryptography scheme used and the form of the key.
The process is,
C = Ek(P)
P = Dk(C)
Where P = plaintext, C = ciphertext, E = the encryption method used, D = the decryption method used, and k = the key.
Strength of cryptography
The strength of cryptography is determined as follows:
Either strong or weak.
It is measured in terms of the time and resources required to recover the plaintext from the ciphertext.
Strong cryptography results in the ciphertext being difficult to decipher without the possession of appropriate decoding tools and high-end resources.
The cryptographic strength should not depend on the secrecy of the cryptosystem but on the secrecy of the decryption key, as the attacker knows the cryptosystem.
Requirement of cryptography
The requirements of cryptography are as follows:
Unauthorized individual(s) should not be able to gain access to sensitive information, i.e., confidentiality. Cryptography prevents criminals from stealing information online. The website with HTTPS protocol enabled or when you log onto a WIFI hotspot or encrypt a file, cryptography is at work.
Without the alteration being detected during storage or transit, i.e., integrity, the information between the sender and the recipient should not be altered.
At a later stage, the sender of information cannot deny his or her intentions in the transmission of the information ensured by non-repudiation.
The sender and the receiver can confirm each other’s identity together with the origin/destination of information enabled by authentication.
The criteria of confidentiality, integrity, non-repudiation, and authentication are met by the procedures and protocols of cryptosystems.
Further, cryptosystems include mathematical procedures, algorithms, computer programs, choosing hard-to-guess passwords, thereby regulating human behavior, together with logging off systems when not in use and not discussing the sensitive organizational procedures with people outside the organization or with anyone.
Cryptography techniques
The two disciplines of cryptography are cryptology and cryptanalysis. The techniques used in cryptography are microdots, merging words with images, as also some more ways for hiding information in transit or storage. Cryptography scrambles plaintext into ciphertext and then back to plaintext. Practitioners in this field are cryptographers.
The area of constructing cryptographic systems is cryptology. And the area of breaking cryptographic systems is cryptanalysis.
The technique focused on secure communication between one or more parties is cryptography.
It is based on encryption, decryption, signing, generation of pseudo-random numbers, and other methods.
The following figure describes the cryptography technique:
Figure 1.2: Cryptography technique
Anand using encryption sends a message to Bikram, who receives the message after its decryption. Eve/Mallory, an adversary, attacks/eavesdrops; however, the secure channel is used for the communication; hence, the plaintext sent by Anand is received as plaintext p by Bikram.
A cryptographic attack circumvents the security of a cryptographic system by the process of cryptanalysis, which can find a weakness in the code, the cipher cryptographic protocol, or key management scheme.
Decryption
The reason for implementing an encryption-decryption system for information is privacy. Decryption is the process of converting encrypted data into its original form. An authorized user can only decrypt the data, enabled by decryption decoding the encrypted information. A secret key or a password is required for the process of decryption. It is necessary to scrutinize the access from unauthorized organizations or individuals, as the information travels over the Internet. A prompt or window is received by the recipient of the decrypted data, who can access the encrypted data with a password. As a result of encryption, the decryption system extracts and converts the data, transforming it into words and images, which the reader and a system can understand. Decryption can be done either manually or automatically. It may also be performed with a set of keys or passwords.
Turning ciphertext back into plaintext is decryption. Algorithms, keys, and key management facilities are comprised in a cryptographic system for decryption.
Cipher modes
Let us define cipher modes.
Encryption algorithms can have different modes of operation. For confidentiality or authentication, a companion algorithm tailors the symmetric-key algorithm for different applications known as modes.
During encryption, you must specify which cipher and mode to use. The cipher and mode used are randomly selected from the ciphers, that is, common between the two servers taking part in communication. All servers and client computers that participate in encrypted communication should ensure that the ciphers and modes used are common. If you include more ciphers and modes between which the database server can switch, encryption becomes more secure.
A "cipher is the algorithm that encrypts and decrypts data, whereas the
cipher mode" defines how the cipher encrypts and decrypts it.
The cryptographic algorithms that you use to encrypt/decrypt data are the ciphers, whereas cipher modes define the "mode of operation" for applying the cipher. Both are complementary and can be chosen separately.
The Data Encryption Standard (DES) is a cryptographic algorithm designed to encrypt and decrypt data by using 8-byte blocks and a 64-bit key.
The triple-DES (DES3) is a variation of DES in which three 64-bit keys are used for a 192-bit key. DES3 works by first encrypting the plain text by using the first 64-bits of the key. Then the ciphertext is decrypted by using the next part of the key. In the final step, the resulting ciphertext is re-encrypted by using the last part of the key.
The Advanced Encryption Standard (AES) is a replacement algorithm that is used by the United States Government.
The cipher modes are symmetric, asymmetric, block, and stream.
Symmetric ciphers
For encryption of plaintext and decryption of ciphertext, the symmetric ciphers use the same cryptographic keys. These ciphers are fast and allow encrypting of large sets of data. Secret keys to both parties should be securely distributed, which requires sophisticated mechanisms.
This encryption involves only one secret key to cipher and deciphers information.
A number, a word, or a string of random letters are used as a secret key in symmetrical encryption. To change the content in a particular way, blending with the plaintext of a message is done. The secret key used to encrypt and decrypt all the messages should be known by the sender and the recipient. Examples of symmetric encryption are Blowfish, AES, RC4, DES, RC5, and RC6.
All parties involved have to exchange the key used to encrypt the data before they can decrypt it, which is a disadvantage of this encryption scheme.
Asymmetric ciphers
Also known as public-key cryptography, it uses two keys to encrypt a plaintext. Internet or a network is used to exchange secret keys, which ensures that malicious persons do not misuse the keys. Note that anyone with a secret key can decrypt the message, which is the reason why asymmetrical encryption uses two related keys to boost security. For anyone who might want to send you a message, a public key is made freely available. The second private key is kept a secret so that only you can know of it.
A message encrypted using a public key can only be decrypted using a private key, and a message encrypted using a private key can be decrypted using a public key communication is ensured by the asymmetric key.
Over the Internet, asymmetric encryption is used in day-to-day communication channels. ElGamal, RSA, DSA, Elliptic Curve Techniques, and PKCS are popular asymmetric key encryption algorithms.
Block ciphers
A block at one time encrypts a fixed size of n-bits of data by an encryption algorithm called a block cipher. The size of these blocks maybe 64, 128, or 256 bits. For example, a 64-bits of plaintext is taken by a 64-bits block cipher and encrypts into 64-bits of ciphertext. Padding schemes come into play when bits of plaintext is shorter than the block size.
The encryption algorithms used here are DES, Triple DES, AES, IDEA, and Blowfish.
Stream ciphers
This is an encryption algorithm that encrypts 1 bit or 1 byte of plaintext at a time. An infinite stream of pseudo-random bits is used as the key. Its pseudo-random generator should be unpredictable, and the key should never be reused for the stream cipher implementation to remain secure. To approximate an idealized cipher called One-Time Pad, the stream ciphers are designed.
"Perfect Secrecy" can be achieved by the one-time pad, which uses a purely random key. It is immune to brute force attacks. The key used should be as long or even larger than the plaintext, which is a problem with the one-time pad. So, if you have a 600 MB video file that you would like to encrypt, you need a key that is at least 4–5 GB long.
The use of a one-time pad would be impractical for day-to-day public use while very useful for top secret information or matters of national security. You can achieve a strong level of security.
Figure 1.3 displays the types of encryption.
Figure 1.3: Types of encryption
Figure 1.4 shows the process of encryption–decryption.
Figure 1.4: Encryption-–decryption process
Digital signature
To verify the contents of a document, as also the sender’s identity, a digital code is generated and authenticated by public key encryption attached to an electronically transmitted document is a digital signature, a major benefit of public-key cryptography.
To ensure that an electronic document authenticates a digital signature is a way. By authentic, we mean you know who created the document and that it has not been altered because that person created it.
To ensure authentication, digital signatures depend on certain types of encryption. Taking the data that one computer sends to another and encoding it into a form that only the other computer can decode is the process called encryption. The information coming from a trusted source is verified by the process of authentication. These two processes work hand in hand for digital signatures. Digital signatures enable the recipient of information to verify the authenticity of the information’s origin, as also verify that the information is intact.
Authentication, data integrity, and non-repudiation are provided by the public key digital signatures. The purpose served is the same as a handwritten signature.
Counterfeiting digital signatures is nearly impossible, although in the case of handwritten signatures, it may be possible. Attesting to the contents of the information and to the identity of the signer is made possible by the digital signature.
Figure 1.5 explains the process of digital signature.
Figure 1.5: Digital Signature
Working of digital signatures
Handwritten signatures are unique to each signer, and so are digital signatures. The protocol followed by digital signature solution provider DocuSign is PKI, which requires the provider to use an algorithm to generate two long numbers, called keys; one is public and the other is private.
The signature is created using the signer’s private key. The key is always kept securely by the signer when he/she electronically sign a document. A cipher creates data matching the signed document called a hash and encrypts that data using an algorithm. The digital signature is the result of encrypted data. The time that the document was signed is also marked with the signature. Any changes after signing the document make the digital signature invalidated.
The integrity of the signature needs to be protected and often requires the services of a certificate authority (CA). As per the requirement of PKI, the keys should be created, conducted, and saved in a secure manner.
The PKI requirement for safe digital signing is met by DocuSign, the digital signature provider.
Creating a digital signature
A signing software creates a one-way hash of the electronic data to be signed and is required to create a digital signature. The private key is used to encrypt the hash. The digital signature is the encrypted hash along with information such as the hashing algorithm.
An arbitrary input is converted into a fixed-length value, usually much shorter by a hash function, which is the reason why the hash is encrypted instead of the entire message or document. A lot of time is saved by hashing, which is much faster than signing.
The hash value is unique to the hashed data. A change in the data will result in a different value.
This characteristic allows the integrity of data which is enabled by others to validate the signer’s public key to decrypt the hash, which proves that the data has not changed because it was signed if the decrypted hash matches a second computed hash of the same data. A compromise to its integrity will happen if the two hashes do not match, meaning that the data in some way has been tampered. If the signature was created with a private key that does not correspond to the public key presented by the signer, an issue of authentication arises.
A digital signature used with any kind of message, whether it is encrypted or not, makes the receiver sure of the sender’s identity and that the message arrived intact.
For both the document and the signer, the digital signature is unique and binds both of them together. The property of non-repudiation makes it difficult for the signer to not accept that he has signed a message/document assuming that his/her private key has not been compromised.
The digital certificate, an electronic document that contains the digital signature of the issuing CA and binds it together with an identity and a public key, verifies that a public key belongs to a particular person or entity.
The digital signatures and digital certificates can be used to make it easy to sign all outgoing e-mails and validate digitally signed incoming messages. The communications and transactions conducted over the Internet are extensively provided by digital signatures in the form of proof of authenticity, data integrity, and non-repudiation.
Digital signature classes
Digital signature certificates can be divided into three different classes as follows:
Class 1 signatures are used in environments where there is a low risk of data compromise, which provides a basic level of security. It cannot be used for legal business documents as their validation is based only on an e-mail ID and username.
Class 2 signatures are used in environments where there are moderate risks and consequences of data compromise. A signee’s identity is authenticated against a pre-verified database and is used for the e-filing of tax documents, including IT and GST returns.
Class 3 signatures are used in environments where threats to data and the consequences of a security failure are high. Examples include e-auctions, e-tendering, e-ticketing, and court filings. It is termed as the highest level of digital signatures, which requires a person or an organization to be present before a certifying authority to prove their identity before signing.
Uses of digital signature
Digital signatures are used by the industry to streamline their processes and improve document integrity. Processing tax returns, verifying business to government transactions, ratifying laws, and managing contracts are the uses governments put digital signatures. Improving the efficiency of administrative processes and treatment and strengthening data security are the uses digital signature is put to in the healthcare industry. The uses the manufacturing sector puts digital signature to are speeding up the processes, including product design,