Blockfuse Labs Week-4 Study Task

**What is Cryptography** Cryptography is the science and practice that deals with the securing and protection of information resourse by converting it into unreadable format called ciphertext. This ciphertext can then be reversed engineered to obtain the actual information. This happens through the process of encrypting and decrypting pieces of information. Cryptograpy is divided into three major types which are: Symmetric cryptography which is where one key is used by both the sender and receiver of information to encrypt and decrypt the information being communicated. Asymmetric cryptography which is where one key known as a public key is used to encrypt information which is sent to the reciever and another key known as the private key which is used by the reciever to decrypt the information that is bring sent. Hashing which involves the use of complex and advanced mathematical algorithms to map data of arbitrary size to a bit string of fixed size (hash), often for data integrity. **What is Encryption?** Encryption is simply the processs of protecting data by converting it into an unrecognizable format. Encryption involves converting human readable data to a scrambled unreadable format by using algorithms and keys to ensure data integrity. **What is not wht difference between Encryption and Cryptography?** Cryptography is the umbrella term used for describing the science and art of hiding or securing data by rendering it unreadable to any party outside the communicating participants. Encryption on the other hand is branch under cryptography that deals with the actual process and finality of rendering the said data to an unreadable format for data protection and integrity **What makes a Hash function cryptographically secure?** If it is a deterministic, one-way function that turns input data of any size into a fixed-length string (digest), characterized by being computationally infeasible to reverse or manipulate. **Pre-image Resistance (One-way Function)**: Given a hash value, it should be computationally infeasible to reverse it and find the original input. It acts as a one-way street. Second Pre-image Resistance: Given an input and its hash, it is impossible to find a different input that produces the same hash. **Collision Resistance**: It is extremely difficult to find any two different inputs that result in the same hash output (a collision). **The Avalanche Effect**: A tiny change in the input (e.g., changing a single bit) produces a drastically different, seemingly random hash output. **Deterministic**: The same input must always produce the exact same output hash. Fixed Output Size: Regardless of the input size (a single letter or a huge file), the resulting hash is always the same length. **How SHA-256 is used in Bitcoin's proof-of-work?** In Bitcoin, SHA-256 is used for mining process (creation of bitcoins) Proof of work is simply the search for a value that, once passed into a random mathematical function, gives a result that is less than a target number. The random mathematical function (hash function) used for bitcoin mining is the SHA256 double (SEcure HAsh Algorithm), also called SHA256d or HASH256. It is also used in the process of generating bitcoin addresses, guarding against Sybil attacks, This type of attack is characterized by the creation of multiple false identities in order to corrupt the peer-to-peer network. This is so because of the high level of security it offers. **How does Ethereum uses Keccak-256 (SHA-3)?** 1. **Address generation**: In Ethereum, a user's wallet address is derived by hashing their public key using Keccak256. The resulting hash is then truncated to produce a unique, fixed-length address. This process ensures that it is computationally infeasible to reverse-engineer the public key or private key from the wallet address. 2. **Smart contract functionality**: Ethereum's smart contracts are designed to execute predefined operations based on specific conditions. Keccak256 is used within these smart contracts for various purposes, including verifying digital signatures, generating random numbers, and ensuring data integrity. 3. **Mining and consensus**: Keccak256 is employed in Ethereum's previous Proof of Work (PoW) mining algorithm, called Ethash. Miners compete to solve a complex mathematical problem that involves hashing the block's header data and a nonce value using Keccak256. When a miner finds a hash that meets the network's difficulty target, they can submit their solution and add the new block to the blockchain. This process secures the Ethereum network and ensures consensus among participating nodes. 4. **Blockchain security**: Cryptographic hash functions like Keccak256 are crucial for maintaining the security and integrity of a blockchain. Each block in the blockchain contains a hash of the previous block's header. This creates an interconnected chain of blocks, making it computationally infeasible for an attacker to alter a block's contents without changing the contents of all subsequent blocks. 5. **Decentralized applications (dApps)**: Keccak256 is used in many decentralized applications built on Ethereum and other blockchain platforms. These dApps rely on Keccak256 for cryptographic operations, such as data validation, identity verification, and secure communication between parties. **Difference between symmetric and asymmetric encryption?** Symmetric encryption involves using a single secret key to encrypt and decrypt data, while asymmetric encryption uses a pair of keys – a public key and a private key – to encrypt and decrypt data. Symmetric encryption uses the same key to both encrypt and decrypt data, while asymmetric encryption, also known as public key cryptography, uses two different keys for the same purpose. The encryption process for symmetric encryption involves a single key, whereas asymmetric encryption utilizes a pair of keys, enhancing data protection through the use of both a public and a private key. Symmetric encryption is faster and easier to use than asymmetric encryption, but it is less secure. If the key is compromised, the data can be easily decrypted. Asymmetric encryption, on the other hand, is more secure because even if one key is compromised, the data remains safe. Asymmetric encryption is slower and more complex to implement than symmetric encryption. Symmetric encryption is commonly used for encrypting large amounts of data, while asymmetric encryption is used for smaller amounts of data like email messages and digital signatures **How public/private key pairs work (focus on ECDSA used in Ethereum and Bitcoin)** What is ECDSA(Elliptical Curve Digital Signature Algorithm)? ECDSA provides secure and efficient signing and verification processes, ensuring data integrity and authentication. An elliptic curve is defined by a mathematical equation of the form y^2 = x^3 + ax + b, where a and b are constants. The set of points (x, y) that satisfy this equation, along with a special point called the point at infinity, form an elliptic curve group In ECDSA, each user generates a public-private key pair, which is used for signing and verifying digital signatures. The key generation process involves the following steps: * Choose a suitable elliptic curve and a base point G on the curve. The base point G is a predefined point with a known order n, a large prime number. The curve parameters, G and n, are public and shared among all users. * Select a random integer d from the range [1, n-1]. The integer d serves as the private key. * Calculate the public key Q = dG, where Q is a point on the curve. This calculation involves scalar multiplication, a fundamental operation in ECC that repeats the addition of a point to itself d times. ECDSA Signing and Verification Process ECDSA enables users to generate a digital signature for a given message, which can be verified by other users who possess the signer's public key. The signing and verification processes involve the following steps: Signing: * Hash the message using a cryptographic hash function, such as SHA256, to obtain a message digest, m. * Select a random integer k from the range [1, n-1]. * Calculate the point R = kG, and determine the x-coordinate of R, denoted as r. If r is equal to 0, choose a different value for k and repeat the process. * Compute the value s = k^(-1)(m + rd) mod n, where k^(-1) is the multiplicative inverse of k modulo n. If s is equal to 0, choose a different value for k and repeat the process. * The digital signature for the message consists of the pair (r, s). Verification: * Hash the received message using the same cryptographic hash function to obtain the message digest, m. * Check if the signature values r and s are in the range [1, n-1]. If not, the signature is invalid. * Calculate the values u1 = m * s^(-1) mod n and u2 = r * s^(-1) mod n, where s^(-1) is the multiplicative inverse of s modulo n. * Compute the point P = u1 * G + u2 * Q. If P is equal to the point at infinity, the signature is invalid. * Determine the x-coordinate of P, denoted as x_P. The signature is valid if x_P is equal to r, and invalid otherwise. What is a Private Key? A private key is a secret cryptographic code that proves ownership of a cryptocurrency wallet. It allows the holder to sign transactions and access the funds stored in the wallet. What is a Public Key? A public key is a cryptographic code derived from your private key. It acts as a receiving address where others can send you crypto. While it’s mathematically linked to your private key, it cannot be used to access or move your funds **How digital signatures verify transaction authenticity?** A digital signature in blockchain technology is a cryptographic seal that confirms the authenticity and integrity of digital data, much like a handwritten signature validates a document. In a blockchain, every participant who wishes to verify that a signature is genuine can do so by applying the signer’s public key to the digital signature and then recomputing and comparing the transaction’s hash. If the hash matches, it means two crucial things: first, that the signer’s private key was indeed used, proving their authorization; second, that the transaction data itself remains unaltered, as even a small change would result in a completely different hash and an invalid signature **What Merkle trees are and their structure?** A Merkle tree (or hash tree) is a binary tree where each leaf node contains the cryptographic hash of a data block, and each non-leaf node stores the hash of its child nodes. The root of the tree, known as the Merkle root, represents the integrity of all the underlying data. ![image](https://hackmd.io/_uploads/HJgBfYcvZg.png) **How Merkle roots provide data integrity in blocks?** Merkle roots provide data integrity by summarizing large datasets into a single, compact cryptographic hash (the root), which changes completely if any part of the underlying data is altered. **Why they're efficient for verifying transactions (Merkle proofs)?** A Merkle proof confirms specific transactions represented by a leaf or branch hash within a Merkle hash root. With a Merkle tree, verifying a transaction requires calculating only Log2(n) hashes, making it extremely fast even with thousands of transactions in a block.There also is Minimal Data Transfer since Only the relevant branch of the tree (sibling hashes) is needed to prove a transaction exists, avoiding the need to download the entire blockchain data. They allow light nodes (like mobile wallets) to verify transactions without storing the full history, supporting Simplified Payment Verification (SPV). Tamper Detection also comes as a gain because each leaf is a hash, any alteration to a transaction changes the root, making tampering easy to detect immediately. **How does the Merkle Tree use hashing to secure the blockchain?** Merlke trees use a bottom-up binary hashing structure to summarize all transactions in a block into a single, compact "**Merkle Root**" in the block header. Hashing is used in hashing transaction IDs which are the Leaf Node Hashes, Iterative Pairing which involves the concatenation of two Leaf Node Hashes and hashing the result to create a parent node, and Root hashing which involves the continuous hashing of all successive parent nodes to give a unique root hash at the top. **If I have your public key, can I find your private key? Why or why not?** No, you cannot derive my private key from a public key. Public keys are generated from private keys using one-way, trapdoor cryptographic functions that make reversing the process computationally infeasible. They may be linked mathematically but it isn't possible to derive a private key from a public key. **Research the difference between zk-SNARKs and zk-STARKs** Zero-knowledge protocol, a method that uses ZK-proofs, allows one party to quickly prove that a computation has a particular output without revealing specific inputs to that computation. The secret information to be proved and validated is called a witness. **zk-SNARKs** zk-SNARKs, or "Zero Knowledge Succinct Non-Interactive Argument of Knowledge," are cryptographic proofs that allow one to validate the claim without repeating lengthy computations and keeping some inputs private. Inner Workings & Principles The Succinct part ensures that the verification process doesn’t take as much time as the computation. Otherwise, the verifiers would compute the output themselves. You can achieve this with random sampling, but the process will be fragile: a random check would never spot a deliberately inserted error. The answer to the problem is polynomial commitments, and the three main ways they’re implemented are FRI, bulletproofs, and Kate. We won’t go into details because it’s really heavy in the math department, but you can read Buterin’s article. An important feature of SNARKs is the Non-Interactive part, where there’s no need for constant interaction between the prover and verifier. Interactive proving requires both parties, which limits its power. Any generated proof couldn't be independently verified without initiating a new conversation between the prover and verifier, which is not cost-effective. With a shared key (a.k.a public parameters) between the prover and verifier, these proofs allowed the prover to establish knowledge of certain data without actually revealing it. Non-interactive proofs streamlined the process, necessitating just one round of communication. The prover inputs the secret data into an algorithm to generate a zero-knowledge proof, which the verifier then checks using another algorithm. Once established, this proof can be verified by anyone with a shared key. Importance Of A Trusted Setup In ZK-SNARKs Key Features Of ZK-SNARKs: * High data a vailability but linear scalability. * Possibility of a non-interactive computation. * The security of zk-SNARKs hinges on the CRS setup. An error here would affect all cir* cuits and allow false proof generation. * ZK-SNARKs are preferred for their compact proof sizes and consistent verification time, making them cost-effective for L1 verification in ZK-rollups. The zk-SNARK protocol's integrity relies heavily on this trusted setup phase. Any missteps can threaten the security of all circuits of the ZK-EVM. Given its importance, we recommend undergoing a blockchain protocol audit to ensure the setup is executed correctly. ZK-STARKs ZK-STARKs, or “Zero Knowledge Scalable Transparent Argument of Knowledge,” are a specific type of zk-SNARKs. STARK protocols are ideal when working with witnesses of large size. They also provide higher transparency. Inner Workings & Principles ZK-STARKs have higher verification overhead than zk-SNARK, but they are way more cost-effective when working with big witnesses. In other words, STARK is a great solution when you need scale. Another important feature of the STARK protocol is no need for a trusted setup because it uses publicly verifiable randomness to generate public parameters. Hence, it’s considered more transparent for situations where the credibility of the CRS process is unknown. Key Features Of ZK-STARKs: * No need for the initial trusted setup. * Very salable. Especially when handling extensive data, as their proving and verification times increase slower than zk-SNARKs. * Larger proof sizes result in higher verification costs. * ZK-STARKs are resistant to quantum computing threats.