SlideShare a Scribd company logo

Block Chain - Merkel and Key exchange

Download as PPTX, PDF
Gaurav Mishra
Gaurav Mishra

What is Merkel root tree and how cryptography evolved with the public-private key exchange.

Education
1 of 9
Gaurav Mishra <gmishx@gmail.com> BlockChain Merkel Tree and Key exchange 27-05-2018 Unrestricted
Gaurav Mishra <gmishx@gmail.com> Merkel Tree • Merkel tree is a cryptographic tree where each leaf node is a hash of data blocks. • Every node contains the hash of its child node. • The root node of the tree contains the hash of every data element. • It helps in verification of data in a P2P network. • The Merkel root hash can be obtained from a trusted source and used to verify the data transmitted. 27-05-2018 2
Gaurav Mishra <gmishx@gmail.com> Symmetric cryptography • Transmitting information in a medium simply is extremely dangerous as anyone who can get access to the information can read it. • To overcome this, people use mathematical methods to change the original message in a way which can be simply reversed to get the original message. • In earlier days, people use same transformation to encrypt and decrypt the message. • The transformation requires a mathematical transformation and a secret key. • Since same secret key is required both ways, it is called as symmetric encryption. • It have its own shortcoming. The secret key is needed to be transmitted to both parties, which can be captured by an attacker. • Even without secret key, if the attacker captures the encrypted message and know the original message, the key can be obtained. 27-05-2018 3
Gaurav Mishra <gmishx@gmail.com> Asymmetric cryptography • To overcome all of the drawbacks of symmetric cryptography, came asymmetric cryptography. • Asymmetric cryptography uses mathematical operations to encrypt the information with one secret key can decrypt using another called as public and private key, respectively. It is computationally infeasible to determine the decryption key given only knowledge of the algorithm and the encryption key. • Each party in the communication need to generate this public and private key pair to participate in an encrypted communication. • First a private key is generated using a big primary number or some random data (based on algorithm). Using this private key, a public key is generated. • This public key can be distributed to other participants without the fear of any compromise. The private key is kept securely with the owner and is never shared with anyone. • The asymmetric keys are used in the form of X.509 certificated popularly which includes the encryption algorithm, validity, CA authority signature and the key. 27-05-2018 4
Gaurav Mishra <gmishx@gmail.com> RSA algorithm 27-05-2018 5
Gaurav Mishra <gmishx@gmail.com> Key exchange • When using asymmetric cryptography in a network, the problem arise how to share the public key with the authentication that a key belongs to the required client only. • The public key can be exchanged using following techniques: 1. Public-key Publication  Each participant can register their public-key in person through a secure channel with a common registrar which can be used by other participants to retrieve the public keys of a required participant through a secure channel. 2. Public-key Authority 1. A common authority is setup which stores public key of the participants and who’s public key is shared with every participant. 2. Client A request the authority for public key of Client B by sending the message with Client B’s ID and a timestamp encrypted with authority’s public key. 3. The authority responds back with Client B’s public key and the original timestamp encrypted with Client A’s public key. 4. Client A sends the message to Client B encrypted with Client B’s public key. 5. Client B gets the public key of Client A in the same manner. 27-05-2018 6
Gaurav Mishra <gmishx@gmail.com> Key exchange 3. Public-key Certificates 1. The X.509 have provision of signed certificates. A user can generate a certificate to be signed by a Certificate Authority (CA) called Certificate Signing Request (CSR). 2. This CSR is sent to the CA encrypted with CA’s public key. 3. CA validates the request and sign the certificate with it’s private key and send it back to the requester. 4. This signed certificate then can be sent to anyone who requires it which can then be verified by the CA’s public key to check if it is original or counterfeit. 4. Internet Key Exchange 1. The IKE uses Diffie-Hellman key exchange over a secure channel to create a symmetric key using asymmetric cryptography. 2. This key is used to encrypt further communication for negotiation on a shared key. 27-05-2018 7
Gaurav Mishra <gmishx@gmail.com> Message Signature • To authenticate the message that it was originated by sender and is never altered during the transmission, it need to be signed with the sender’s private key. • Creating a message signature 1. The original message is hashed to calculate a digest. 2. The digest is encrypted using the private key. 3. The encrypted digest and the hash algorithm is attached to the message. 4. The message is encrypted using the private/shared and transmitted. • Verifying the signature 1. Decrypt the message and get the encrypted digest. 2. Calculate a new hash using the attached algorithm and decrypt the attached digest. 3. Compare the calculated digest and the attached digest. • By signing the message, we can provide the message integrity (the message is not altered) and the message authentication (the message is originated from the real sender). 27-05-2018 8
Gaurav Mishra <gmishx@gmail.com> 27-05-2018 9

Recommended

Block Chain - Introduction
Block Chain - IntroductionBlock Chain - Introduction
Block Chain - Introduction
Gaurav Mishra
 
What problems can blockchain solve
What problems can blockchain solveWhat problems can blockchain solve
What problems can blockchain solve
OliviaJune1
 
MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...
MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...
MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...
MongoDB
 
A complete overview about the blockchain technology
A complete overview about the blockchain technology A complete overview about the blockchain technology
A complete overview about the blockchain technology
Octal IT Solution
 
Blockchain Meetup Vancouver
Blockchain Meetup VancouverBlockchain Meetup Vancouver
Blockchain Meetup Vancouver
Eric Maino
 
Blockchain On Azure
Blockchain On AzureBlockchain On Azure
Blockchain On Azure
Johan Zammit
 
Blockchain: some examples
Blockchain: some examples Blockchain: some examples
Blockchain: some examples
Gianluca De Maria
 
Azure Blockchain Workbench
Azure Blockchain WorkbenchAzure Blockchain Workbench
Azure Blockchain Workbench
Murughan Palaniachari
 

Recommended

Block Chain - Introduction
Block Chain - IntroductionBlock Chain - Introduction
Block Chain - Introduction
Gaurav Mishra
 
What problems can blockchain solve
What problems can blockchain solveWhat problems can blockchain solve
What problems can blockchain solve
OliviaJune1
 
MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...
MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...
MongoDB World 2018: Decentralized Identity Management with Blockchain and Mon...
MongoDB
 
A complete overview about the blockchain technology
A complete overview about the blockchain technology A complete overview about the blockchain technology
A complete overview about the blockchain technology
Octal IT Solution
 
Blockchain Meetup Vancouver
Blockchain Meetup VancouverBlockchain Meetup Vancouver
Blockchain Meetup Vancouver
Eric Maino
 
Blockchain On Azure
Blockchain On AzureBlockchain On Azure
Blockchain On Azure
Johan Zammit
 
Blockchain: some examples
Blockchain: some examples Blockchain: some examples
Blockchain: some examples
Gianluca De Maria
 
Azure Blockchain Workbench
Azure Blockchain WorkbenchAzure Blockchain Workbench
Azure Blockchain Workbench
Murughan Palaniachari
 
Blockchain on aws
Blockchain on awsBlockchain on aws
Blockchain on aws
Murughan Palaniachari
 
Multifactor Authentication on the Blockchain
Multifactor Authentication on the BlockchainMultifactor Authentication on the Blockchain
Multifactor Authentication on the Blockchain
Reza Ismail
 
Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...
Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...
Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...
Bernhard Haslhofer
 
O Bitcoin Where Art Thou? An Introduction to Cryptocurrency Analytics
O Bitcoin Where Art Thou? An Introduction to Cryptocurrency AnalyticsO Bitcoin Where Art Thou? An Introduction to Cryptocurrency Analytics
O Bitcoin Where Art Thou? An Introduction to Cryptocurrency Analytics
Bernhard Haslhofer
 
Blockchain Internals: From Theory to Python
Blockchain Internals: From Theory to PythonBlockchain Internals: From Theory to Python
Blockchain Internals: From Theory to Python
Nicola Costantino
 
Bitcoin: Confused About Bitcoin?
Bitcoin: Confused About Bitcoin?Bitcoin: Confused About Bitcoin?
Bitcoin: Confused About Bitcoin?
Wesley Yuhn
 
Blockchain Mini MBA Course by Tonex
Blockchain Mini MBA Course by TonexBlockchain Mini MBA Course by Tonex
Blockchain Mini MBA Course by Tonex
Tonex
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013
javagroup2006
 
Information and data security key management and distribution
Information and data security key management and distributionInformation and data security key management and distribution
Information and data security key management and distribution
Mazin Alwaaly
 
Key management.ppt
Key management.pptKey management.ppt
Key management.ppt
Sou Jana
 
Security
SecuritySecurity
Security
Sri Manakula Vinayagar Engineering College
 
Cloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorizationCloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorization
Pvrtechnologies Nellore
 
Digital signature
Digital signatureDigital signature
Digital signature
AJAL A J
 
Ch14
Ch14Ch14
Ch14
Francis Alamina
 
Is unit-4-part-1
Is unit-4-part-1Is unit-4-part-1
Is unit-4-part-1
vmuniraja
 
HP secure mail techincal brief and the ibe advantage
HP secure mail techincal brief and the ibe advantageHP secure mail techincal brief and the ibe advantage
HP secure mail techincal brief and the ibe advantage
at MicroFocus Italy ❖✔
 
Cyptography and network security unit 3-1
Cyptography and network security unit 3-1Cyptography and network security unit 3-1
Cyptography and network security unit 3-1
AsrithaKorupolu
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptx
DaveN31
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
Uttara University
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
limsh
 
Digital signaturepattern 10 30
Digital signaturepattern 10 30Digital signaturepattern 10 30
Digital signaturepattern 10 30
Joaquin Ojeda
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
Iaetsd Iaetsd
 

More Related Content

What's hot

Bitcoin: Confused About Bitcoin?
Bitcoin: Confused About Bitcoin?Bitcoin: Confused About Bitcoin?
Bitcoin: Confused About Bitcoin?
Wesley Yuhn
 
Blockchain Mini MBA Course by Tonex
Blockchain Mini MBA Course by TonexBlockchain Mini MBA Course by Tonex
Blockchain Mini MBA Course by Tonex
Tonex
 

What's hot (8)

Blockchain on aws
Blockchain on awsBlockchain on aws
Blockchain on aws
 
Multifactor Authentication on the Blockchain
Multifactor Authentication on the BlockchainMultifactor Authentication on the Blockchain
Multifactor Authentication on the Blockchain
 
Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...
Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...
Insight Into Cryptocurrencies - Methods and Tools for Analyzing Blockchain-ba...
 
O Bitcoin Where Art Thou? An Introduction to Cryptocurrency Analytics
O Bitcoin Where Art Thou? An Introduction to Cryptocurrency AnalyticsO Bitcoin Where Art Thou? An Introduction to Cryptocurrency Analytics
O Bitcoin Where Art Thou? An Introduction to Cryptocurrency Analytics
 
Blockchain Internals: From Theory to Python
Blockchain Internals: From Theory to PythonBlockchain Internals: From Theory to Python
Blockchain Internals: From Theory to Python
 
Bitcoin: Confused About Bitcoin?
Bitcoin: Confused About Bitcoin?Bitcoin: Confused About Bitcoin?
Bitcoin: Confused About Bitcoin?
 
Blockchain Mini MBA Course by Tonex
Blockchain Mini MBA Course by TonexBlockchain Mini MBA Course by Tonex
Blockchain Mini MBA Course by Tonex
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013
 

Similar to Block Chain - Merkel and Key exchange

Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
Uttara University
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
limsh
 
Digital signaturepattern 10 30
Digital signaturepattern 10 30Digital signaturepattern 10 30
Digital signaturepattern 10 30
Joaquin Ojeda
 

Similar to Block Chain - Merkel and Key exchange (20)

Information and data security key management and distribution
Information and data security key management and distributionInformation and data security key management and distribution
Information and data security key management and distribution
 
Key management.ppt
Key management.pptKey management.ppt
Key management.ppt
 
Security
SecuritySecurity
Security
 
Cloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorizationCloud keybank privacy and owner authorization
Cloud keybank privacy and owner authorization
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Ch14
Ch14Ch14
Ch14
 
Is unit-4-part-1
Is unit-4-part-1Is unit-4-part-1
Is unit-4-part-1
 
HP secure mail techincal brief and the ibe advantage
HP secure mail techincal brief and the ibe advantageHP secure mail techincal brief and the ibe advantage
HP secure mail techincal brief and the ibe advantage
 
Cyptography and network security unit 3-1
Cyptography and network security unit 3-1Cyptography and network security unit 3-1
Cyptography and network security unit 3-1
 
Digital signature.pptx
Digital signature.pptxDigital signature.pptx
Digital signature.pptx
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
 
Digital signaturepattern 10 30
Digital signaturepattern 10 30Digital signaturepattern 10 30
Digital signaturepattern 10 30
 
Iaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security withIaetsd a survey on cloud storage security with
Iaetsd a survey on cloud storage security with
 
Key Management, key management three tools ,
Key Management, key management three tools ,Key Management, key management three tools ,
Key Management, key management three tools ,
 
Seminar on ECommerce
Seminar on ECommerce Seminar on ECommerce
Seminar on ECommerce
 
Untitled presentation (5).pptx
Untitled presentation (5).pptxUntitled presentation (5).pptx
Untitled presentation (5).pptx
 
Untitled presentation (5).pptx
Untitled presentation (5).pptxUntitled presentation (5).pptx
Untitled presentation (5).pptx
 
Slidecast - Workshop
Slidecast - WorkshopSlidecast - Workshop
Slidecast - Workshop
 
information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...information security(Public key encryption its characteristics and weakness, ...
information security(Public key encryption its characteristics and weakness, ...
 

More from Gaurav Mishra

More from Gaurav Mishra (10)

FOSSology and OSS-Tools for License Compliance and Automation
FOSSology and OSS-Tools for License Compliance and AutomationFOSSology and OSS-Tools for License Compliance and Automation
FOSSology and OSS-Tools for License Compliance and Automation
 
FOSSology & GSOC Journey
FOSSology & GSOC JourneyFOSSology & GSOC Journey
FOSSology & GSOC Journey
 
Backup using rsync
Backup using rsyncBackup using rsync
Backup using rsync
 
Disk quota and sysd procd
Disk quota and sysd procdDisk quota and sysd procd
Disk quota and sysd procd
 
Linux User Management
Linux User ManagementLinux User Management
Linux User Management
 
Apache, cron and proxy
Apache, cron and proxyApache, cron and proxy
Apache, cron and proxy
 
Linux Run Level
Linux Run LevelLinux Run Level
Linux Run Level
 
Firewall and IPtables
Firewall and IPtablesFirewall and IPtables
Firewall and IPtables
 
Linux securities
Linux securitiesLinux securities
Linux securities
 
wget, curl and scp
wget, curl and scpwget, curl and scp
wget, curl and scp
 

Recently uploaded

SURVEY I created for uni project research
SURVEY I created for uni project researchSURVEY I created for uni project research
SURVEY I created for uni project research
CaitlinCummins3
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
中 央社
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
AnaAcapella
 
Including Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdfIncluding Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdf
Association for Project Management
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
EADTU
 

Recently uploaded (20)

diagnosting testing bsc 2nd sem.pptx....
diagnosting testing bsc 2nd sem.pptx....diagnosting testing bsc 2nd sem.pptx....
diagnosting testing bsc 2nd sem.pptx....
 
Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...
 
PSYPACT- Practicing Over State Lines May 2024.pptx
PSYPACT- Practicing Over State Lines May 2024.pptxPSYPACT- Practicing Over State Lines May 2024.pptx
PSYPACT- Practicing Over State Lines May 2024.pptx
 
How To Create Editable Tree View in Odoo 17
How To Create Editable Tree View in Odoo 17How To Create Editable Tree View in Odoo 17
How To Create Editable Tree View in Odoo 17
 
Improved Approval Flow in Odoo 17 Studio App
Improved Approval Flow in Odoo 17 Studio AppImproved Approval Flow in Odoo 17 Studio App
Improved Approval Flow in Odoo 17 Studio App
 
Trauma-Informed Leadership - Five Practical Principles
Trauma-Informed Leadership - Five Practical PrinciplesTrauma-Informed Leadership - Five Practical Principles
Trauma-Informed Leadership - Five Practical Principles
 
SURVEY I created for uni project research
SURVEY I created for uni project researchSURVEY I created for uni project research
SURVEY I created for uni project research
 
Graduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptxGraduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptx
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
Book Review of Run For Your Life Powerpoint
Book Review of Run For Your Life PowerpointBook Review of Run For Your Life Powerpoint
Book Review of Run For Your Life Powerpoint
 
DEMONSTRATION LESSON IN ENGLISH 4 MATATAG CURRICULUM
DEMONSTRATION LESSON IN ENGLISH 4 MATATAG CURRICULUMDEMONSTRATION LESSON IN ENGLISH 4 MATATAG CURRICULUM
DEMONSTRATION LESSON IN ENGLISH 4 MATATAG CURRICULUM
 
Including Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdfIncluding Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdf
 
Observing-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptxObserving-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptx
 
ESSENTIAL of (CS/IT/IS) class 07 (Networks)
ESSENTIAL of (CS/IT/IS) class 07 (Networks)ESSENTIAL of (CS/IT/IS) class 07 (Networks)
ESSENTIAL of (CS/IT/IS) class 07 (Networks)
 
Đề tieng anh thpt 2024 danh cho cac ban hoc sinh
Đề tieng anh thpt 2024 danh cho cac ban hoc sinhĐề tieng anh thpt 2024 danh cho cac ban hoc sinh
Đề tieng anh thpt 2024 danh cho cac ban hoc sinh
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
8 Tips for Effective Working Capital Management
8 Tips for Effective Working Capital Management8 Tips for Effective Working Capital Management
8 Tips for Effective Working Capital Management
 
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
 
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptxAnalyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
 

Block Chain - Merkel and Key exchange

  • 1. Gaurav Mishra <gmishx@gmail.com> BlockChain Merkel Tree and Key exchange 27-05-2018 Unrestricted
  • 2. Gaurav Mishra <gmishx@gmail.com> Merkel Tree • Merkel tree is a cryptographic tree where each leaf node is a hash of data blocks. • Every node contains the hash of its child node. • The root node of the tree contains the hash of every data element. • It helps in verification of data in a P2P network. • The Merkel root hash can be obtained from a trusted source and used to verify the data transmitted. 27-05-2018 2
  • 3. Gaurav Mishra <gmishx@gmail.com> Symmetric cryptography • Transmitting information in a medium simply is extremely dangerous as anyone who can get access to the information can read it. • To overcome this, people use mathematical methods to change the original message in a way which can be simply reversed to get the original message. • In earlier days, people use same transformation to encrypt and decrypt the message. • The transformation requires a mathematical transformation and a secret key. • Since same secret key is required both ways, it is called as symmetric encryption. • It have its own shortcoming. The secret key is needed to be transmitted to both parties, which can be captured by an attacker. • Even without secret key, if the attacker captures the encrypted message and know the original message, the key can be obtained. 27-05-2018 3
  • 4. Gaurav Mishra <gmishx@gmail.com> Asymmetric cryptography • To overcome all of the drawbacks of symmetric cryptography, came asymmetric cryptography. • Asymmetric cryptography uses mathematical operations to encrypt the information with one secret key can decrypt using another called as public and private key, respectively. It is computationally infeasible to determine the decryption key given only knowledge of the algorithm and the encryption key. • Each party in the communication need to generate this public and private key pair to participate in an encrypted communication. • First a private key is generated using a big primary number or some random data (based on algorithm). Using this private key, a public key is generated. • This public key can be distributed to other participants without the fear of any compromise. The private key is kept securely with the owner and is never shared with anyone. • The asymmetric keys are used in the form of X.509 certificated popularly which includes the encryption algorithm, validity, CA authority signature and the key. 27-05-2018 4
  • 5. Gaurav Mishra <gmishx@gmail.com> RSA algorithm 27-05-2018 5
  • 6. Gaurav Mishra <gmishx@gmail.com> Key exchange • When using asymmetric cryptography in a network, the problem arise how to share the public key with the authentication that a key belongs to the required client only. • The public key can be exchanged using following techniques: 1. Public-key Publication  Each participant can register their public-key in person through a secure channel with a common registrar which can be used by other participants to retrieve the public keys of a required participant through a secure channel. 2. Public-key Authority 1. A common authority is setup which stores public key of the participants and who’s public key is shared with every participant. 2. Client A request the authority for public key of Client B by sending the message with Client B’s ID and a timestamp encrypted with authority’s public key. 3. The authority responds back with Client B’s public key and the original timestamp encrypted with Client A’s public key. 4. Client A sends the message to Client B encrypted with Client B’s public key. 5. Client B gets the public key of Client A in the same manner. 27-05-2018 6
  • 7. Gaurav Mishra <gmishx@gmail.com> Key exchange 3. Public-key Certificates 1. The X.509 have provision of signed certificates. A user can generate a certificate to be signed by a Certificate Authority (CA) called Certificate Signing Request (CSR). 2. This CSR is sent to the CA encrypted with CA’s public key. 3. CA validates the request and sign the certificate with it’s private key and send it back to the requester. 4. This signed certificate then can be sent to anyone who requires it which can then be verified by the CA’s public key to check if it is original or counterfeit. 4. Internet Key Exchange 1. The IKE uses Diffie-Hellman key exchange over a secure channel to create a symmetric key using asymmetric cryptography. 2. This key is used to encrypt further communication for negotiation on a shared key. 27-05-2018 7
  • 8. Gaurav Mishra <gmishx@gmail.com> Message Signature • To authenticate the message that it was originated by sender and is never altered during the transmission, it need to be signed with the sender’s private key. • Creating a message signature 1. The original message is hashed to calculate a digest. 2. The digest is encrypted using the private key. 3. The encrypted digest and the hash algorithm is attached to the message. 4. The message is encrypted using the private/shared and transmitted. • Verifying the signature 1. Decrypt the message and get the encrypted digest. 2. Calculate a new hash using the attached algorithm and decrypt the attached digest. 3. Compare the calculated digest and the attached digest. • By signing the message, we can provide the message integrity (the message is not altered) and the message authentication (the message is originated from the real sender). 27-05-2018 8