How Cryptography is Used in Blockchain

Kenneth Anyamba
7 min readMay 1, 2024
a typewriter
Photo by Joe Dudeck on Unsplash

Studying cryptography today reminds me of my secondary school. We had a secret code known as the Jungle Language. Each vowel — ‘A’, ‘E’, ‘I’, ‘O’, ‘U’ — is represented by the numbers 1 to 5 and every consonant is suffixed with the letter ‘a’. ‘Come’ becomes ‘Ca4ma2’ /ka-four-ma-two/. Students supposedly use this language to communicate their pranks. Messages are meaningless to anyone outside the circle, especially teachers.

Cryptography is the process of encrypting messages. This is so that only authorized receivers can decipher their meaning. Encrypting a message could be as simple as shifting letters some positions forward or backward or representing letters with numbers. The intended receiver knows how to unscramble the text to get the message. Encrypted messages are known as ciphertext and its original form is the plaintext.

Modern cryptography advanced encryption from scrambled text to the use of secret keys. A secret key is used to encrypt and decrypt messages. It is only known to authorized parties. Plaintexts are passed to an encryption algorithm alongside a secret key to encrypt a message. The receiver decrypts the message by passing the ciphertext and the secret key to the algorithm. This cryptographic protocol is known as symmetric encryption and decryption.

Symmetric cryptography has one significant challenge. A secret key must have been sent between the authorized parties. This is a point of failure because the secret key can be intercepted. Whitefield Diffie and Martin Hellman discovered a way to send encrypted messages without prior communication by the parties. Instead of sharing a secret key, each party will have a private and public key. This is known as public key cryptography, also known as asymmetric encryption.

In asymmetric encryption, the private key, as the name implies, is kept private while the public key can be shared. The mathematical relationship between the private and public keys is such that the public key is generated from the private key. But the private key cannot be derived from the public key. Messages are encrypted with a receiver’s public key and can only be decrypted with the corresponding private key.

Symmetric and Asymmetric Encryption and Decryption

Encryption makes communication secure in a hostile environment. It is the process of converting plaintext messages into ciphertext. Data is converted to a ciphertext by passing it through a hash function. The encryption algorithm takes human-readable data and a public key as input and returns a ciphertext as output.

Decryption is the process of converting a ciphertext to its original form; a plaintext that can be understood by humans. It is the reverse of the encryption process. The decryption algorithm takes the correct private key and the ciphertext and returns the plaintext.

Symmetric Encryption

In symmetric encryption, a single key, known as a secret key, is used to encrypt and decrypt the message. The secret key is shared between authorized parties. A sender passes a plaintext message and a secret key to the encryption algorithm which transforms the data to a ciphertext. To decrypt the message, the recipient puts the correct secret key and the ciphertext in the algorithm which returns the original data.

Asymmetric Encryption

This method of encryption involves a key pair. The key generation algorithm computes a private key from which a corresponding public key can be generated. A sender passes in the data to be encrypted, and the recipient’s public key to the encryption algorithm. The recipient with the corresponding private key can decrypt the message.

Understanding the Cryptographic Hash Function

A hash function is a function that takes in an arbitrary amount of data and returns a fix-sized output. Consider a hash function that returns a 32-byte output. It will always return a 32-byte output whether the input is 8 bytes or 10,000 bytes.

Properties of a Cryptographic Hash Function

Deterministic: The function always returns the same output for a specific input.

Pseudorandom: Every little change in the input will result in an entirely different output. The output for ‘A’ and ‘a’ will be different.

One-way: The output cannot be reverse-engineered to get the input.

Fast-to-compute: The program is easily executed by any computer.

Collision-resistant: The probability of getting the same output for two different inputs is infinitely negligible.

Hash output for “A”
Hash output for “A” and “.”
Hash output for “a”

How Cryptography is used in Blockchain

The purpose of a blockchain is to make a network of computers agree on a common record. This is called consensus. Anyone should be able to participate in this consensus and no single person controlling it. Cryptography is a critical component of the blockchain. It secures many processes, from key generation to transaction.

Wallet

A crypto wallet is a software that stores users’ private keys. When a new wallet is created, a private key is randomly generated for the user. The user can sign agreements and authorize transactions with this private key.

A wallet address is derived from the user’s public key. This is not necessarily a security feature. Public key and wallet address may be used interchangeably.

The user’s public key is used to receive transactions from others. When a transaction is signed, the signer’s public key can be derived from the signature. It proves that only the owner of the private key associated with the recovered public key can sign the transaction.

On the other hand, when you send a cryptocurrency to a wallet address, it is guaranteed that only the owner of the associated private key can spend it.

Fun Fact: Your cryptocurrency is not in your wallet. It is on the blockchain, anyone with your public key can see it but only the handler of the private keys can spend it.

Secure Transaction

Cryptography is used to secure the transactions on the blockchain. The sender generates a digital signature with their private key. The transaction is broadcasted to the blockchain. Validators in the network verify the transaction’s authenticity before it is approved.

Each transaction in the network is unique and represented by a unique hash value. To further increase the uniqueness of every transaction, each wallet has a nonce value. It is the number of transactions broadcasted by that public key. Let’s assume Bob with two ethers in his wallet sends Alice one ether. The nonce value in Bob’s wallet is incremented by one. If an observer takes that signature and broadcasts it again to the network to replay the transaction, it will be rejected by the validators. The nonce value in the replay transaction will be wrong. To send another bitcoin, the nonce value will be higher by one which requires a new signature.

Data Storage

Blockchain data storage is optimized for efficiency and scalability. What is stored on the blockchain is the cryptographic hash equivalent of transactions. Here is what happens behind the scenes. The transaction details — from the sender to the recipient, timestamp, and nonce are hashed together and stored with a special data structure known as Merkle Tree. So each block in a blockchain contains a Merkle tree structure of transactions included in the block. These hashes represent the transactions on the blockchain. For efficiency, the actual transactions are stored in archival nodes. So to get the details of a transaction or proof that it exists on the blockchain, the transaction hash is sent to the blockchain and it returns the transaction details.

Data Integrity

The ability to permanently preserve every detail of its record, that is the transactions, is one of the fine features of blockchain. Now, all the transactions in a blockchain (the hash equivalents) are grouped in chunks known as blocks. When a block(Block_A) is filled, it is hashed and subsequent transactions enter the next block (Block_B). The hash of Block_A is recorded in Block_B and the hash of Block_B is recorded in Block_C and the chain continues. When any tiny detail in Block_A is tweaked, it automatically changes its resulting hash (recall the pseudorandom property of the cryptographic hash). And since this hash is recorded in Block_B, it means that Block_B has changed too, resulting in a different hash. This little change will cascade down to all the blocks, and render the entire record invalid.

Proof of Work

Proof-of-work is the consensus mechanism used by Bitcoin. In this consensus protocol, the network sets a target difficulty. The target difficulty is a certain number of leading zeros in a block hash. To add a new block to the chain, miners hash the current block header, transactions, and a nonce value starting from zero.

hash = hashFunction(prevBlockHeader, transactions, nonce);

if hash !< target_difficulty, nonce + 1;

repeat;

If the resulting hash is not less than the target difficulty, the miner repeats the process with the nonce incremented by one. This process is repeated until the condition is satisfied and a new block is added to the chain.

Conclusion

Cryptography is at the heart of blockchain. It secures every process in the network, from key generation to data storage. Public key cryptography is a convenient and secure way to perform transactions in a hostile environment. Every user on the blockchain is identified by their public address. Blockchain transactions are public and safe. Thanks to private keys.

--

--