How does blockchain generate public key
bitcoin, Ruitai coin, Laite coin, Ethereum and other digital cryptocurrencies all use blockchain technology
blockchain is an important concept of bitcoin, which is essentially a decentralized database and the underlying technology of bitcoin. Blockchain is a series of data blocks generated by cryptography. Each data block contains the information of a bitcoin network transaction, which is used to verify the validity of the information (anti-counterfeiting) and generate the next block.
One of the characteristics of blockchain projects (especially public chains) is open source. Through open source code, to improve the credibility of the project, so that more people can participate. But the open source code also makes it easier for attackers to attack blockchain system. In the past two years, there have been a number of hacker attacks. Recently, the anonymous currency verge (xvg) was attacked again. The attacker locked a vulnerability in the xvg code, which allowed malicious miners to add false timestamps on the block, and then quickly dig out new blocks. In a few hours, the attacker obtained nearly $1.75 million worth of digital currency. Although the subsequent attack was successfully stopped, no one can guarantee whether the attacker will attack again in the future
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring a major security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can attack successfully only when they hold more than 51% token, which is more difficult than 51% computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring greater losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contract, and the other is to follow the principle of smart contract security development
the security development principles of smart contract are: to be prepared for possible errors, to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
The second is to check the hash value before installing the software to ensure that the digital wallet software has not been tampered with The third is to use cold wallet The fourth is to back up the private keyMany small white just admission, was the private key, public key, address, and other relations confused. Some of them even lost their private key. They had money on the address, but they just couldn't get it out. Today, Xiao will try to figure out the relationship between the private key, the public key and the address
The relationship among < H2 > private key, public key and address is as follows:the private key is converted into (generated) public key, and then converted into address. If there is bitcoin or integrity coin on an address, the private key converted into the address can be used to spend the above integrity coin. The generation of public key and address depends on private key, so private key is the most important
mobile wallet is the same, but the file management method of mobile phone is not as convenient as computer. Therefore, the general mobile wallet will provide a function called or similar to "export private key". Through this function, the private key can be exported in various forms
for example, bitcoin mobile wallet can be exported as a two-dimensional code, which can be printed or scanned on paper. When replacing a mobile phone, install a bitcoin wallet and scan the QR code to migrate bitcoin. Bitcoin mobile wallet and trustcoin mobile wallet can be exported as a clear text string and printed on paper - this is paper wallet
paper wallet allows users to spend your bitcoin or trustcoin at any terminal with bitcoin or trustcoin wallet
because the wallet is lost or damaged, the private key will be lost, and the transfer right of the digital currency will be lost completely. To prevent such tragedies, you should always back up the data in your wallet. In addition to the address, all the private keys are saved ring the backup
< H2 > summary-
the private key should be protected to prevent loss and forgetting. When the mobile phone clears the information, it is best to it by hand, but do not disclose it
-
you should prevent your wallet from being lost or damaged, resulting in the loss of your private key and the loss of the transfer right of digital currency. Otherwise, you will not be able to withdraw more money, which is not useless
of course, blockchain developers can also take some measures
one is to use professional code audit services,
the other is to understand the security coding specifications and take preventive measures
the security of cryptographic algorithm
with the development of quantum computer, it will bring great security threat to the current cryptosystem. Blockchain mainly relies on elliptic curve public key encryption algorithm to generate digital signature for secure transactions. Currently, the most commonly used ECDSA, RSA, DSA, etc. can not withstand quantum attacks in theory, and there will be greater risks. More and more researchers begin to pay attention to cryptographic algorithms that can resist quantum attacks
of course, in addition to changing the algorithm, there is another way to improve the security:
refer to bitcoin's treatment of public key address to rece the potential risk of public key disclosure. As users, especially bitcoin users, the balance after each transaction is stored in a new address to ensure that the public key of the address where bitcoin funds are stored is not leaked
security of consensus mechanism
the current consensus mechanisms include proof of work (POW), proof of stake (POS), delegated proof of stake (dpos), practical Byzantine fault tolerance (pbft), etc
POW faces 51% attack. Because POW depends on computing power, when the attacker has the advantage of computing power, the probability of finding a new block will be greater than that of other nodes. At this time, the attacker has the ability to cancel the existing transaction. It should be noted that even in this case, the attacker can only modify his own transaction, but not the transaction of other users (the attacker does not have the private key of other users)
in POS, attackers can only attack successfully when they hold more than 51% of the token, which is more difficult than 51% of the computing power in pow
in pbft, when the malicious nodes are less than 1 / 3 of the total nodes, the system is secure. Generally speaking, any consensus mechanism has its own conditions. As an attacker, we also need to consider that once the attack is successful, the value of the system will return to zero. At this time, the attacker does not get any other valuable return except destruction
for the designers of blockchain projects, they should understand the advantages and disadvantages of each consensus mechanism, so as to select an appropriate consensus mechanism or design a new consensus mechanism according to the needs of the scene
security of smart contract
smart contract has the advantages of low operation cost and low risk of human intervention, but if there are problems in the design of smart contract, it may bring great losses. In June 2016, the Dao, the most popular funding project of Ethereum, was attacked. The hacker obtained more than 3.5 million Ethereum coins, which later led to the bifurcation of Ethereum into Eth and etc
there are two aspects of the proposed measures:
one is to audit the security of smart contracts, and the other is to follow the principles of smart contract security development
the security development principles of smart contract are: be prepared for possible errors to ensure that the code can correctly handle the bugs and vulnerabilities; Release smart contracts carefully, do well in function test and security test, and fully consider the boundary; Keep smart contracts simple; Pay attention to the threat intelligence of blockchain and check and update in time; Be clear about the characteristics of blockchain, such as calling external contracts carefully
security of digital wallet
there are three main security risks in digital wallet: first, design defects. At the end of 2014, a user lost hundreds of digital assets e to a serious random number problem (repeated r value). Second, the digital wallet contains malicious code. Third, the loss of assets caused by the loss or damage of computers and mobile phones
there are four main countermeasures:
one is to ensure the randomness of the private key
the second is to verify the hash value before software installation to ensure that the digital wallet software has not been tampered with
the third is to use cold wallets
the fourth is to back up the private key.
When did you buy 500? Now you make a lot of money
As an emerging technology, blockchain has attracted more and more attention. It is a new application of traditional technology in the Internet era, including distributed data storage technology, consensus mechanism and cryptography. With the establishment of various blockchain research alliances, more and more funds and personnel support related research. Hash algorithm, zero knowledge proof, ring signature and other cryptographic algorithms used in blockchain:
hash algorithm
as the basic technology of blockchain, the essence of hash function is to map a set of data of any length (limited) to a set of defined length data stream. If this function satisfies the following conditions:
(1) the calculation of hash value for any group of data is very simple
(2) it is difficult to find two different data with the same hash value
hash functions satisfying the above two properties are also called encrypted hash functions. In case of no contradiction, hash functions usually refer to encrypted hash functions. For the hash function, finding such that is called a collision. The current popular hash functions are MD5, SHA1, Sha2, Sha3
bitcoin uses sha256, and most blockchain systems use sha256 algorithm. So here's sha256< Step 1: additional filling bits. The length of the message is congruent with that of 448 mod512 (length = 448 mod512). The number of bits to be filled ranges from 1 to 512. The highest bit of the filled bit string is 1, and the rest bits are 0
Step2: additional length value. The bit length of the initial message (before filling) represented by 64 bit is appended to the result of step 1 (the low byte takes precedence)
Step3: initialize cache. A 256 bit cache is used to store the intermediate and final results of the hash function
Step 4: process 512 bit (16 word) packet sequence. The algorithm uses six basic logic functions and consists of 64 steps of iterative operation. Each step takes the 256 bit cache value as the input, and then updates the cache content. Each step uses a 32-bit constant KT and a 32-bit wt. Where WT is the packet after the packet, t = 1,2,..., 16
step5: after all 512 bit packets are processed, the output of the last packet of sha256 algorithm is 256 bit packet< In 2001, Rivest, Shamir and TauMan proposed ring signature for the first time. It is a simplified group signature, only ring members have no manager, and it does not need the cooperation between ring members. In the ring signature scheme, the signer first selects a temporary signer set, which includes signers. Then the signer can generate the signature independently by using his private key and the public key of others in the signature set without the help of others. Members of the signer collection may not know that they are included in it
ring signature scheme consists of the following parts:
(1) key generation. A key pair (public key PKI, private key ski) is generated for each member of the ring
(2) signature. The signer uses his private key and the public keys of any n ring members (including himself) to generate the signature a for the message M
(3) signature verification. According to the ring signature and message M, the verifier verifies whether the signature is signed by the member in the ring. If it is valid, it will be received, otherwise it will be discarded
ring signature satisfies the following properties:
(1) unconditional anonymity: the attacker can not determine which member of the ring generated the signature, even if the private key of the ring member is obtained, the probability is not more than 1 / n
(2) Correctness: the signature must be verifiable by all others
(3) unforgeability: other members of the ring can't forge the real signer's signature, and even if an external attacker obtains a valid ring signature, he can't forge a signature for message M
(1) anonymity. The verifier can verify that the signature is signed by a member of the group, but can't know which member it is, so that the signer can be anonymous< (2) traceability. In group signature, the existence of group administrator ensures the traceability of signature. The group administrator can revoke the signature and expose the real signer. The ring signature itself cannot reveal the signer unless the signer wants to expose or add additional information to the signature. A verifiable ring signature scheme is proposed. In this scheme, the real signer wants the verifier to know his identity. At this time, the real signer can confirm his identity by disclosing his secret information< (3) management system. Group signature is managed by group administrator, ring signature does not need to be managed, signer can only select a set of possible signers, obtain its public key, and then publish the set, all members are equalthe Xueshuo innovation blockchain Technology Workstation of Lianqiao ecation online is the only approved "blockchain Technology Specialty" pilot workstation of "smart learning workshop 2020 Xueshuo innovation workstation" launched by the school planning, construction and development center of the Ministry of ecation of China. Based on providing diversified growth paths for students, the professional station promotes the reform of the training mode of the combination of professional degree research, proction, learning and research, and constructs the applied and compound talent training system< br />
in order to ensure the data security of users, the blockchain system is implemented through a cryptographic algorithm. Specifically, it is implemented through a public cryptographic algorithm mechanism. We all know how a cryptographic algorithm can have a secret key, and the public secret key algorithm is a pair of (that is, two) secret keys, just like tiger amulet, which are used together. One is called public key, which can be disclosed to others. The private key should be kept by itself. In the blockchain system, the public key is used to identify the identity, and the private key is equivalent to the key to decrypt. But the difference is that a public key is only for a unique private key, that is to say, if you forget the private key, it will not be retrieved for you, In the blockchain system, it will not help you retrieve the private key, so you should keep the private key properly
in the blockchain system structure, the data encrypted with public key must be decrypted with the corresponding private key, while the data encrypted with private key
must be decrypted with the corresponding public key, so the data encrypted with private key (usually called "signature") must be decrypted with the corresponding public key, which can play a great role
for a simple example, if Zhang San wants to send a check to Li Si, how can it be sent? In the past, it would be taken by the bookkeeper, so Zhang San thought of a way. He encrypted the check with Li Si's public key, and then signed his name (signed with his private key). At this time, other people would not use it even if they got the check, because only Li Si had his private key, That is, only Li Si can use this check. This function design is called "script system" in the blockchain system
therefore, the private key encrypted by the blockchain digital signature cannot be decrypted by the original encrypted private key, but must be decrypted by the corresponding public key.