SlideShare a Scribd company logo

Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)

Download as PPTX, PDF
Svetlin Nakov
Svetlin Nakov

Elliptic Curve Cryptography (ECC) ECC Concepts, Elliptic Curves, the secp256k1 Curve Private Key -> Public Key -> Blockchain Address Sign / Verify Transactions in Ethereum Cryptographic Hash Functions: SHA256, SHA3, RIPEMD160, … HMAC and Key Derivation: HMAC, PBKDF2, SCrypt Blockchain Cryptography and Wallets: JSON / UTC, BIP39, BIP44 Wallet Encryption: AES + Padding + CBC/CTR, SCrypt, HMAC

Software
1 of 44
Blockchain Cryptography for Devs Elliptic Curves, ECC, ECDSA, secp256k1, Hash Functions, Wallets, AES, SCrypt, HMAC, BIP39, BIP44 Svetlin Nakov Inspiration Manager Software University http://softuni.bg
2  Software engineer, trainer, entrepreneur, PhD, author of 10 books, blockchain expert  3 successful tech educational initiatives: About Svetlin Nakov
3  Elliptic Curve Cryptography (ECC)  ECC Concepts, Elliptic Curves, the secp256k1 Curve  Private Key  Public Key  Blockchain Address  Sign / Verify Transactions in Ethereum  Cryptographic Hash Functions: SHA256, SHA3, RIPEMD160, …  HMAC and Key Derivation: HMAC, PBKDF2, SCrypt  Blockchain Cryptography and Wallets: JSON / UTC, BIP39, BIP44  Wallet Encryption: AES + Padding + CBC/CTR, SCrypt, HMAC Table of Contents
Elliptic Curve Cryptography (ECC) Elliptic Curves, ECC and ECDSA, Sign, Verify
5  Uses a pair of keys: public key + private key  Encrypt / sign by private key  Decrypt / verify by public key Public Key Cryptography
6  Well-known public-key crypto-systems  RSA – based on discrete logarithms  ECC – based on elliptic curves  ECC cryptography is considered more secure  3072-bit RSA key ≈≈ 256-bit ECC key  Most blockchains (like Bitcoin and Ethereum) use ECC  But be warned: ECC is not quantum-safe! Public Key Crypto Systems
7  Public / private key cryptography based on the algebraic structure of elliptic curves over finite fields  Requires smaller key-size than RSA for the same security strength  Elliptic curves == set of points {x, y} such that:  y2 = x3 + ax + b  Example – the Bitcoin elliptic curve:  y2 = x3 + 7 (a = 0; b = 7) Elliptic Curve Cryptography (ECC)
8  Elliptic curves cryptography (ECC)  Uses ecliptic curves over the finite field Fp (p is prime, p > 3)  A set of integer coordinates {x, y}, such that 0 ≤ x, y < p  Staying on the elliptic curve: y2 ≡ x3 + ax + b (mod p)  Example of elliptic curve over F17:  y2 ≡ x3 + 7 (mod 17) Elliptic Curves over a Finite Fields y2 ≡ x3 + 7 (mod 17)
9  A point G over the curve can be multiplied by an integer k  P = k * G  The result is another point P staying on the same curve  k == private key (integer)  P == public key (point {x, y})  Very fast to calculate P = k * G  Extremely slow (considered infeasible) to calculate k = P / G Multiply a Point Over an Elliptic Curve y2 ≡ x3 + 7 (mod 17) G P
10 Elliptic Curves Multiplication in Python from pycoin.ecdsa import Point from pycoin.ecdsa import CurveFp curve = CurveFp(17, 0, 7) print("Curve = " + str(curve)) G = Point(curve, 15, 13) print("G = " + str(G)) for k in range(0, 6) : print(str(k) + " * G = " + str(k * G)) pip install pycoin
11  The elliptic curves over Fp  Have at most 2 points per y coordinate (odd x and even x)  A public key P(x, y) can be compressed as C(x, odd/even)  At the curve y2 ≡ x3 + 7 (mod 17) P(10, 15) == C(10, odd)  mod_sqrt(x3 + 7, 17) == y || 17 - y Compressing the Public Key y2 ≡ x3 + 7 (mod 17)
12  ECC operates with a set of EC domain parameters:  T = (p, a, b, G, n, h)  Prime field (prime p), elliptic equation (a, b), base point G(xG, yG), order of G (prime n), cofactor (h)  The secp256k1 standard (used in Bitcoin) defines 256-bit elliptic-curves cryptosystem:  Prime field (p) = 2256 - 232 - 977; Equation: y2 = x3 + 7 (a = 0, b = 7)  G = 0x79BE667E …; n = 0xFFF…D0364141; h = 1 ECC Parameters and secp256k1 Learn more at: http://www.secg.org/sec2-v2.pdf, https://en.bitcoin.it/wiki/Secp256k1
13  The private key in secp256k1 is 256-bit integer (32 bytes)  Example of Ethereum private key (encoded as 64 hex digits)  The respective public key is a EC point (2 * 256 bits == 64 bytes)  Can be compressed to 257 bits (Ethereum uses prefix 02 or 03)  Example of compressed public key (33 bytes / 66 hex digits): Ethereum Addresses and secp256k1 97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a 027b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 7b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 177316ca82b0bdf70cd9dee145c3002c0da1d92626449875972a27807b73b42e
14  The blockchain address in Ethereum is 20 bytes  Calculated as: last20bytes(keccak256(publicKeyFull))  Example of Ethereum address (encoded as 40 hex digits):  Note: some letters are capital to incorporate a checksum (EIP55)  Digital signatures in secp256k1 are 64 bytes (2 * 32 bytes)  A pair of two 256-bit numbers: [r, s]  Calculated by the well-known ECDSA formulas (see RFC6979) ECDSA, secp256k1 and Ethereum (2) 0xa44f70834a711F0DF388ab016465f2eEb255dEd0
15 Ethereum Key to Addresses – Example pip install eth_keys import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) pubKey = privKey.public_key print('Public key (plain, 128 hex digits):', pubKey) pubKeyCompr = '0' + str(2 + int(pubKey) % 2) + str(pubKey)[2:66] print('Public key (compressed, 66 hex digits):', pubKeyCompr) address = pubKey.to_checksum_address() print('Ethereum address:', address)
16  Ethereum uses secp256k1-based ECDSA signatures  ECDSA generates deterministically a random point R (see RFC6979)  Ethereum signatures consists of 3 numbers: [v, r, s]  v – the compressed Y coordinate of the point R (1 byte: 00 or 01)  r – the X coordinate of the point R (256-bit integer, 32 bytes)  s – 256-bit integer (32 bytes), calculated from the signer's private key + message hash (Ethereum uses keccak256)  Typically encoded as 130 hex digits (65 bytes), e.g. 0x…465c5cf4be401  Given an Ethereum signature [v, r, s], the public key can be recovered from [R, s, msgHash]  also the signer's Ethereum address Verifying an Ethereum Signature
17 Sign Message in Ethereum – Example import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) signature = privKey.sign_msg(b'Message for signing') print('Signature: [v = {0}, r = {1}, s = {2}]'.format( hex(signature.v), hex(signature.r), hex(signature.s))) print('Signature (130 hex digits):', signature)
18 Verify Message Signature in Etherscan  Verify message signature at https://etherscan.io/verifySig by:  signer address (40 hex digits)  signature (130 hex digits)  original message text  The result is: valid / invalid
19 Verify Ethereum Signature – Example import eth_keys, binascii msg = b'Message for signing' msgSigner = '0xa44f70834a711F0DF388ab016465f2eEb255dEd0' signature = eth_keys.keys.Signature(binascii.unhexlify( '6f0156091cbe912f2d5d1215cc3cd81c0963c8839b93af60e0921b61a1 9c54300c71006dd93f3508c432daca21db0095f4b16542782b7986f48a5 d0ae3c583d401')) signerPubKey = signature.recover_public_key_from_msg(msg) print('Signer public key (recovered):', signerPubKey) signerAddress = signerPubKey.to_checksum_address() print('Signer address:', signerAddress) print('Signature valid?:', signerAddress == msgSigner)
Hashing and Hash Functions Cryptographic Hash Functions
21 What is Cryptographic Hash Function? Some text Some text Some text Some text Some text Some text Some text 20c9ad97c081d63397d 7b685a412227a40e23c 8bdc6688c6f37e97cfbc2 2d2b4d1db1510d8f61e 6a8866ad7f0e17c02b14 182d37ea7c3c8b9c2683 aeb6b733a1 Text Hashed text Cryptographic hash function (almost no collisions)
22 Cryptographic Hash Function  One-way hash function  Infeasible to invert  Extremely little chance to find a collision
23  Old hash algorithms: MD5, SHA-0, SHA-1  Withdrawn due to cryptographic weaknesses (collisions found)  SHA-2  Family of functions: SHA-256 (256 bits hash), SHA-512 (512 bits), …  SHA-3  More secure, same hash length (256 bits), known as "Keccak"  RIPEMD-160  Secure hash function, widely used in cryptography, e.g. PGP, Bitcoin  Less secure variations: RIPEMD-128, RIPEMD-256, RIPEMD-320 Secure Hash Functions
24  BLAKE / BLAKE2 / BLAKE2s / BLAKE2b  Fast, secure cryptographic hash function  256-bit (BLAKE-256, BLAKE2s) and 512-bit (BLAKE-512, BLAKE2b)  As of April 2018, no collisions are known for:  SHA256, SHA3-256, Keccak-256, BLAKE2s, RIPEMD160  Brute forcing to find a collision costs: 2128 for SHA256/SHA3-256 and 280 for RIPEMD160 (285 / 285 on quantum computer)  512-bit hashes (SHA-512 / SHA3-512) are Quantum-resistant Secure Hash Algorithms (2)
25 Calculating Hash Functions in Python import hashlib, binascii text = 'hello' data = text.encode("utf8") sha256hash = hashlib.sha256(data).digest() print("SHA256: ", binascii.hexlify(sha256hash)) sha3_256 = hashlib.sha3_256(data).digest() print("SHA3-256: ", binascii.hexlify(sha3_256)) ripemd160 = hashlib.new('ripemd160', data).digest() print("RIPEMD-160:", binascii.hexlify(ripemd160))
HMAC and Key Derivation MAC, HMAC, PBKDF2 and SCrypt
27  HMAC = Hash-based Message Authentication Code  HMAC(key, msg, hash_func)  hash  Message hash mixed with a secret shared key  Used for message integrity / authenticity / key derivation  Key derivation function (KDF) == function(password)  key  Use HKDF (HMAC-based key derivation), PBKDF2 or SCrypt  PBKDF2, BCrypt and SCrypt are modern key-derivation functions  Use a lot of iterations + a lot of memory  to make it slow HMAC and Key Derivation
28 HMAC Calculation in Python – Example import hashlib, hmac, binascii def hmac_sha256(key, msg): return hmac.new(key, msg, hashlib.sha256).digest() key = binascii.unhexlify("fa63f2b4c85af6bed3") msg = "some message".encode("utf8") print(binascii.hexlify(hmac_sha256(key, msg)))
29  SCrypt (RFC 7914) is a strong cryptographic key-derivation function  Memory intensive, designed to prevent ASIC and FPGA attacks  key = Scrypt(password, salt, N, r, p, derived-key-len)  N – iterations count (affects memory and CPU usage), e.g. 16384  r – block size (affects memory and CPU usage), e.g. 8  p – parallelism factor (threads to run in parallel), usually 1  Memory used = 128 * N * r * p bytes, e.g. 128 * 16384 * 8 = 16 MB  Parameters for interactive login: N=16384, r=8, p=1 (RAM=16MB)  Parameters for file encryption: N=1048576, r=8, p=1 (RAM=1GB) Key Derivation Functions: Scrypt
30 SCrypt Key Derivation in Python – Example import scrypt, os, binascii passwd = "p@$$w0rD~3" salt = os.urandom(32) print("Salt: ", binascii.hexlify(salt)) key = scrypt.hash(passwd, salt, 16384, 8, 1, 32) print("Derived key:", binascii.hexlify(key)) pip install scrypt
Blockchain Cryptography and Wallets Keys, Addresses, Signatures, Wallets
32 Public / Private Keys, Wallets & Blockchain private key public key address transaction sign by private key signed transaction valid / invalid verify by address wallet master key (seed) signed transaction transaction data public key: (x, y) signature: (v, r, s)
33  In blockchain wallets keep private keys, highly encrypted  Simple wallet (keystore) keeps a single private key  Example: https://gist.github.com/nakov/53f869e01c9b573844c48e5966e33a3f  HD wallet (hierarchical wallet) keeps multiple private keys  Hierarchically derived by a master key (seed) by derivation path  The seed is encoded as mnemonic phrase (12 / 24 words)  Example: https://iancoleman.io/bip39/ HD Wallets, BIP39, BIP32 / BIP44 hill brave science fox crime quit owner chapter myth vocal chat custom
34  The BIP-32 standard defines how a crypto-wallet can generate multiple keys + addresses  The wallet is initialized by a 512-bit master key (seed)  HMAC + ECC math used to generate multiple accounts  Through a derivation path  E.g. m/44'/60'/1'/12  Each account holds private key  public key  address ECC and Wallets: BIP32
35  Most modern crypto wallets start from a 512-bit securely generated random seed (see the BIP-39 standard)  The seed (root key) can be represented by 12 or 24 words, e.g.  Each word comes from a wordlist of 2048 words  See https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt  1 word == 11 bits of entropy  12 words == 132 bits == 128-bit entropy + checksum (in the last word)  24 words == 264 bits == 256-bit entropy + checksum (in the last word) Internal Seed in Crypto Wallets hill brave science fox crime quit owner chapter myth vocal chat custom
BIP-39 Mnemonic Seed Generator Live Demo https://iancoleman.io/bip39
Wallet Encryption and AES AES, CBC/CTR, Padding, SCrypt, HMAC
38  A single secret key to encrypt / decrypt  The secret key is usually derived by a password  Both the sender and the recipient should know the secret key  Widely used symmetric algorithms: AES-128, AES-256, Twofish, IDEA Symmetric Encryption  Wallets are typically encrypted using symmetric ciphers like AES
39  AES is a "block cipher" – encrypts block by block (e.g. 128 bits)  It has several modes of operation (CBC, ECB, CTR, …)  Some modes of operation require initial vector (IV)  Non-secret random salt  used to get different result each time  Recommended modes: CBC (Cipher Block Chaining) or CTR (Counter)  It may use a padding algorithm (typically PKCS7) to split the input data into blocks of fixed block-size (e.g. 128 bits)  It may use password to key derivation: key = SCrypt(pass, salt, …)  It may use MAC to check the password validity: HMAC(text, key) AES Cipher Settings
40 Example: AES Encrypt / Decrypt in Python import pyaes, pbkdf2, binascii, os, secrets plaintext = "Sample text for encryption" password = "s0m3p@$$w0rd" key = pbkdf2.PBKDF2(password, 'some salt').read(16) print('AES encryption key:', binascii.hexlify(key)) iv = secrets.randbelow(2 << 128) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) ciphertext = aes.encrypt(plaintext) print('encrypted:', binascii.hexlify(ciphertext)) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) decrypted = aes.decrypt(ciphertext) print('decrypted:', decrypted) pip install pyaes pip install pbkdf2
41 Ethereum UTC / JSON Wallet Encryption { "version": 3, "id": "…", "address": "b97e993872a9050c07f…ef195", "Crypto": { "ciphertext": "bc9215b2cd1571df…e3a1", // the encrypted private key "cipher": "aes-128-ctr", // AES, 128-bit encryption, CTR mode "cipherparams": { "iv": "2bac08cafc…8e" }, // random initial vector "kdf": "scrypt", "kdfparams": { "dklen": 32, // key length (256-bit key for AES encryption) "salt": "7d48230c94b90c0301bf9f4…eba1", // random-generated salt "n": 1024, // iterations count (CPU + memory cost factor) "r": 8, // block size (affects CPU + memory) "p": 1 // parallelization factor (threads count) }, "mac": "e3cd7ea4e3ceb0e9a…0564" // msg integrity key (password check) } } Learn more at: https://github.com/ethers-io/ethers.js/blob/master/wallet/secret-storage.js#L288
? Blockchain Cryptography for Devs
License  This course (slides, examples, demos, videos, homework, etc.) is licensed under the "Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International" license 43
Trainings @ Software University (SoftUni)  Software University – High-Quality Education, Profession and Job for Software Developers  softuni.bg  Software University Foundation  http://softuni.foundation/  Software University @ Facebook  facebook.com/SoftwareUniversity  Software University Forums  forum.softuni.bg

Recommended

Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 
Ch07
Ch07Ch07
Ch07Joe Christensen
 
Secure electronic transaction
Secure electronic transactionSecure electronic transaction
Secure electronic transaction
Nishant Pahad
 
Pki Training V1.5
Pki Training V1.5Pki Training V1.5
Pki Training V1.5
Sylvain Maret
 
Ipsec
IpsecIpsec
Ipsec
Rupesh Mishra
 
Blockchain ecosystem and evolution
Blockchain ecosystem and evolutionBlockchain ecosystem and evolution
Blockchain ecosystem and evolution
Chandra Sekhar AKNR
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
Vidulatiwari
 
SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS Protocol
Devang Badrakiya
 

Recommended

Hash crypto
Hash cryptoHash crypto
Hash crypto
Harry Potter
 
Ch07
Ch07Ch07
Ch07Joe Christensen
 
Secure electronic transaction
Secure electronic transactionSecure electronic transaction
Secure electronic transaction
Nishant Pahad
 
Pki Training V1.5
Pki Training V1.5Pki Training V1.5
Pki Training V1.5
Sylvain Maret
 
Ipsec
IpsecIpsec
Ipsec
Rupesh Mishra
 
Blockchain ecosystem and evolution
Blockchain ecosystem and evolutionBlockchain ecosystem and evolution
Blockchain ecosystem and evolution
Chandra Sekhar AKNR
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
Vidulatiwari
 
SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS Protocol
Devang Badrakiya
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Pina Parmar
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
Prateek Singh Bapna
 
CNIT 141: 8. Authenticated Encryption
CNIT 141: 8. Authenticated EncryptionCNIT 141: 8. Authenticated Encryption
CNIT 141: 8. Authenticated Encryption
Sam Bowne
 
Scaling Ethereum using Zero-Knowledge Proofs
Scaling Ethereum using Zero-Knowledge ProofsScaling Ethereum using Zero-Knowledge Proofs
Scaling Ethereum using Zero-Knowledge Proofs
Hyojun Kim
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standard
Vasuki Ramasamy
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
 
Ssl https
Ssl httpsSsl https
Ssl https
Andrada Boldis
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
Peter R. Egli
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
Sou Jana
 
Solidity
SoliditySolidity
Solidity
gavofyork
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Svetlin Nakov
 
2021. Chương 2 3. Cơ sở toán học của blockchain
2021. Chương 2 3. Cơ sở toán học của blockchain2021. Chương 2 3. Cơ sở toán học của blockchain
2021. Chương 2 3. Cơ sở toán học của blockchain
Nhường Lê Đắc
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
Abdullaziz Tagawy
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
Krithika Nagarajan
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
Mehedi Farazi
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Pgp
PgpPgp
Pgp
Reham Maher El-Safarini
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
NetProtocol Xpert
 
Ip security
Ip security Ip security
Ip security
Dr.K.Sreenivas Rao
 
Tmc mastering bitcoins ppt
Tmc mastering bitcoins pptTmc mastering bitcoins ppt
Tmc mastering bitcoins ppt
Urvashi Choudhary
 
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Svetlin Nakov
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
Martin Kobetic
 

More Related Content

What's hot

Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Pina Parmar
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
Prateek Singh Bapna
 
CNIT 141: 8. Authenticated Encryption
CNIT 141: 8. Authenticated EncryptionCNIT 141: 8. Authenticated Encryption
CNIT 141: 8. Authenticated Encryption
Sam Bowne
 
Scaling Ethereum using Zero-Knowledge Proofs
Scaling Ethereum using Zero-Knowledge ProofsScaling Ethereum using Zero-Knowledge Proofs
Scaling Ethereum using Zero-Knowledge Proofs
Hyojun Kim
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standard
Vasuki Ramasamy
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
 
Ssl https
Ssl httpsSsl https
Ssl https
Andrada Boldis
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
Peter R. Egli
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
Sou Jana
 
Solidity
SoliditySolidity
Solidity
gavofyork
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Svetlin Nakov
 
2021. Chương 2 3. Cơ sở toán học của blockchain
2021. Chương 2 3. Cơ sở toán học của blockchain2021. Chương 2 3. Cơ sở toán học của blockchain
2021. Chương 2 3. Cơ sở toán học của blockchain
Nhường Lê Đắc
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
Abdullaziz Tagawy
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
Krithika Nagarajan
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
Mehedi Farazi
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Pgp
PgpPgp
Pgp
Reham Maher El-Safarini
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
NetProtocol Xpert
 
Ip security
Ip security Ip security
Ip security
Dr.K.Sreenivas Rao
 
Tmc mastering bitcoins ppt
Tmc mastering bitcoins pptTmc mastering bitcoins ppt
Tmc mastering bitcoins ppt
Urvashi Choudhary
 

What's hot (20)

Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
 
CNIT 141: 8. Authenticated Encryption
CNIT 141: 8. Authenticated EncryptionCNIT 141: 8. Authenticated Encryption
CNIT 141: 8. Authenticated Encryption
 
Scaling Ethereum using Zero-Knowledge Proofs
Scaling Ethereum using Zero-Knowledge ProofsScaling Ethereum using Zero-Knowledge Proofs
Scaling Ethereum using Zero-Knowledge Proofs
 
Data encryption standard
Data encryption standardData encryption standard
Data encryption standard
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
 
Ssl https
Ssl httpsSsl https
Ssl https
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
 
Solidity
SoliditySolidity
Solidity
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
 
2021. Chương 2 3. Cơ sở toán học của blockchain
2021. Chương 2 3. Cơ sở toán học của blockchain2021. Chương 2 3. Cơ sở toán học của blockchain
2021. Chương 2 3. Cơ sở toán học của blockchain
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Pgp
PgpPgp
Pgp
 
IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols IPSec VPN & IPSec Protocols
IPSec VPN & IPSec Protocols
 
Ip security
Ip security Ip security
Ip security
 
Tmc mastering bitcoins ppt
Tmc mastering bitcoins pptTmc mastering bitcoins ppt
Tmc mastering bitcoins ppt
 

Similar to Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)

Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Svetlin Nakov
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
Martin Kobetic
 
Hashfunction
HashfunctionHashfunction
Hashfunction
Tony Nguyen
 
Hashfunction
HashfunctionHashfunction
Hashfunction
Fraboni Ec
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
Hashfunction
HashfunctionHashfunction
Hashfunction
David Hoen
 
Hashfunction
HashfunctionHashfunction
Hashfunction
James Wong
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2
ESUG
 
Bitcoin developer guide
Bitcoin developer guideBitcoin developer guide
Bitcoin developer guide
承翰 蔡
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
A Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts BytecodeA Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts Bytecode
Shakacon
 
Bitcoin Script
Bitcoin ScriptBitcoin Script
Bitcoin Script
David Evans
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
Dace Barone
 
Hitcon badge 2018
Hitcon badge 2018 Hitcon badge 2018
Hitcon badge 2018
Alan Lee
 
J.burke HackMiami6
J.burke HackMiami6J.burke HackMiami6
J.burke HackMiami6
Jesse Burke
 
Block Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptxBlock Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptx
HodaAhmedBekhitAhmed
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
Codemotion
 
Cryptography for Smalltalkers
Cryptography for SmalltalkersCryptography for Smalltalkers
Cryptography for Smalltalkers
ESUG
 

Similar to Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018) (20)

Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hash function
Hash functionHash function
Hash function
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2
 
Bitcoin developer guide
Bitcoin developer guideBitcoin developer guide
Bitcoin developer guide
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
 
A Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts BytecodeA Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts Bytecode
 
Bitcoin Script
Bitcoin ScriptBitcoin Script
Bitcoin Script
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
 
Hitcon badge 2018
Hitcon badge 2018 Hitcon badge 2018
Hitcon badge 2018
 
J.burke HackMiami6
J.burke HackMiami6J.burke HackMiami6
J.burke HackMiami6
 
Block Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptxBlock Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptx
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
 
Cryptography for Smalltalkers
Cryptography for SmalltalkersCryptography for Smalltalkers
Cryptography for Smalltalkers
 

More from Svetlin Nakov

Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024
Svetlin Nakov
 
BG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учителиBG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учители
Svetlin Nakov
 
Programming World in 2024
Programming World in 2024Programming World in 2024
Programming World in 2024
Svetlin Nakov
 
AI Tools for Business and Startups
AI Tools for Business and StartupsAI Tools for Business and Startups
AI Tools for Business and Startups
Svetlin Nakov
 
AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)
Svetlin Nakov
 
AI Tools for Entrepreneurs
AI Tools for EntrepreneursAI Tools for Entrepreneurs
AI Tools for Entrepreneurs
Svetlin Nakov
 
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Svetlin Nakov
 
AI Tools for Business and Personal Life
AI Tools for Business and Personal LifeAI Tools for Business and Personal Life
AI Tools for Business and Personal Life
Svetlin Nakov
 
Дипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин НаковДипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин Наков
Svetlin Nakov
 
Дипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООПДипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООП
Svetlin Nakov
 
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТСвободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
Svetlin Nakov
 
AI and the Professions of the Future
AI and the Professions of the FutureAI and the Professions of the Future
AI and the Professions of the Future
Svetlin Nakov
 
Programming Languages Trends for 2023
Programming Languages Trends for 2023Programming Languages Trends for 2023
Programming Languages Trends for 2023
Svetlin Nakov
 
IT Professions and How to Become a Developer
IT Professions and How to Become a DeveloperIT Professions and How to Become a Developer
IT Professions and How to Become a Developer
Svetlin Nakov
 
GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)
Svetlin Nakov
 
IT Professions and Their Future
IT Professions and Their FutureIT Professions and Their Future
IT Professions and Their Future
Svetlin Nakov
 
How to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a JobHow to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a Job
Svetlin Nakov
 
Призвание и цели: моята рецепта
Призвание и цели: моята рецептаПризвание и цели: моята рецепта
Призвание и цели: моята рецепта
Svetlin Nakov
 
What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?
Svetlin Nakov
 
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
Svetlin Nakov
 

More from Svetlin Nakov (20)

Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024
 
BG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учителиBG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учители
 
Programming World in 2024
Programming World in 2024Programming World in 2024
Programming World in 2024
 
AI Tools for Business and Startups
AI Tools for Business and StartupsAI Tools for Business and Startups
AI Tools for Business and Startups
 
AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)
 
AI Tools for Entrepreneurs
AI Tools for EntrepreneursAI Tools for Entrepreneurs
AI Tools for Entrepreneurs
 
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
 
AI Tools for Business and Personal Life
AI Tools for Business and Personal LifeAI Tools for Business and Personal Life
AI Tools for Business and Personal Life
 
Дипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин НаковДипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин Наков
 
Дипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООПДипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООП
 
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТСвободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
 
AI and the Professions of the Future
AI and the Professions of the FutureAI and the Professions of the Future
AI and the Professions of the Future
 
Programming Languages Trends for 2023
Programming Languages Trends for 2023Programming Languages Trends for 2023
Programming Languages Trends for 2023
 
IT Professions and How to Become a Developer
IT Professions and How to Become a DeveloperIT Professions and How to Become a Developer
IT Professions and How to Become a Developer
 
GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)
 
IT Professions and Their Future
IT Professions and Their FutureIT Professions and Their Future
IT Professions and Their Future
 
How to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a JobHow to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a Job
 
Призвание и цели: моята рецепта
Призвание и цели: моята рецептаПризвание и цели: моята рецепта
Призвание и цели: моята рецепта
 
What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?
 
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
 

Recently uploaded

Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Natan Silnitsky
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
kalichargn70th171
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
Paco van Beckhoven
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Strategies for Successful Data Migration Tools.pptx
Strategies for Successful Data Migration Tools.pptxStrategies for Successful Data Migration Tools.pptx
Strategies for Successful Data Migration Tools.pptx
varshanayak241
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Hivelance Technology
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
IES VE
 
De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
Jelle | Nordend
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 

Recently uploaded (20)

Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Strategies for Successful Data Migration Tools.pptx
Strategies for Successful Data Migration Tools.pptxStrategies for Successful Data Migration Tools.pptx
Strategies for Successful Data Migration Tools.pptx
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 

Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)

  • 1. Blockchain Cryptography for Devs Elliptic Curves, ECC, ECDSA, secp256k1, Hash Functions, Wallets, AES, SCrypt, HMAC, BIP39, BIP44 Svetlin Nakov Inspiration Manager Software University http://softuni.bg
  • 2. 2  Software engineer, trainer, entrepreneur, PhD, author of 10 books, blockchain expert  3 successful tech educational initiatives: About Svetlin Nakov
  • 3. 3  Elliptic Curve Cryptography (ECC)  ECC Concepts, Elliptic Curves, the secp256k1 Curve  Private Key  Public Key  Blockchain Address  Sign / Verify Transactions in Ethereum  Cryptographic Hash Functions: SHA256, SHA3, RIPEMD160, …  HMAC and Key Derivation: HMAC, PBKDF2, SCrypt  Blockchain Cryptography and Wallets: JSON / UTC, BIP39, BIP44  Wallet Encryption: AES + Padding + CBC/CTR, SCrypt, HMAC Table of Contents
  • 4. Elliptic Curve Cryptography (ECC) Elliptic Curves, ECC and ECDSA, Sign, Verify
  • 5. 5  Uses a pair of keys: public key + private key  Encrypt / sign by private key  Decrypt / verify by public key Public Key Cryptography
  • 6. 6  Well-known public-key crypto-systems  RSA – based on discrete logarithms  ECC – based on elliptic curves  ECC cryptography is considered more secure  3072-bit RSA key ≈≈ 256-bit ECC key  Most blockchains (like Bitcoin and Ethereum) use ECC  But be warned: ECC is not quantum-safe! Public Key Crypto Systems
  • 7. 7  Public / private key cryptography based on the algebraic structure of elliptic curves over finite fields  Requires smaller key-size than RSA for the same security strength  Elliptic curves == set of points {x, y} such that:  y2 = x3 + ax + b  Example – the Bitcoin elliptic curve:  y2 = x3 + 7 (a = 0; b = 7) Elliptic Curve Cryptography (ECC)
  • 8. 8  Elliptic curves cryptography (ECC)  Uses ecliptic curves over the finite field Fp (p is prime, p > 3)  A set of integer coordinates {x, y}, such that 0 ≤ x, y < p  Staying on the elliptic curve: y2 ≡ x3 + ax + b (mod p)  Example of elliptic curve over F17:  y2 ≡ x3 + 7 (mod 17) Elliptic Curves over a Finite Fields y2 ≡ x3 + 7 (mod 17)
  • 9. 9  A point G over the curve can be multiplied by an integer k  P = k * G  The result is another point P staying on the same curve  k == private key (integer)  P == public key (point {x, y})  Very fast to calculate P = k * G  Extremely slow (considered infeasible) to calculate k = P / G Multiply a Point Over an Elliptic Curve y2 ≡ x3 + 7 (mod 17) G P
  • 10. 10 Elliptic Curves Multiplication in Python from pycoin.ecdsa import Point from pycoin.ecdsa import CurveFp curve = CurveFp(17, 0, 7) print("Curve = " + str(curve)) G = Point(curve, 15, 13) print("G = " + str(G)) for k in range(0, 6) : print(str(k) + " * G = " + str(k * G)) pip install pycoin
  • 11. 11  The elliptic curves over Fp  Have at most 2 points per y coordinate (odd x and even x)  A public key P(x, y) can be compressed as C(x, odd/even)  At the curve y2 ≡ x3 + 7 (mod 17) P(10, 15) == C(10, odd)  mod_sqrt(x3 + 7, 17) == y || 17 - y Compressing the Public Key y2 ≡ x3 + 7 (mod 17)
  • 12. 12  ECC operates with a set of EC domain parameters:  T = (p, a, b, G, n, h)  Prime field (prime p), elliptic equation (a, b), base point G(xG, yG), order of G (prime n), cofactor (h)  The secp256k1 standard (used in Bitcoin) defines 256-bit elliptic-curves cryptosystem:  Prime field (p) = 2256 - 232 - 977; Equation: y2 = x3 + 7 (a = 0, b = 7)  G = 0x79BE667E …; n = 0xFFF…D0364141; h = 1 ECC Parameters and secp256k1 Learn more at: http://www.secg.org/sec2-v2.pdf, https://en.bitcoin.it/wiki/Secp256k1
  • 13. 13  The private key in secp256k1 is 256-bit integer (32 bytes)  Example of Ethereum private key (encoded as 64 hex digits)  The respective public key is a EC point (2 * 256 bits == 64 bytes)  Can be compressed to 257 bits (Ethereum uses prefix 02 or 03)  Example of compressed public key (33 bytes / 66 hex digits): Ethereum Addresses and secp256k1 97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a 027b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 7b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 177316ca82b0bdf70cd9dee145c3002c0da1d92626449875972a27807b73b42e
  • 14. 14  The blockchain address in Ethereum is 20 bytes  Calculated as: last20bytes(keccak256(publicKeyFull))  Example of Ethereum address (encoded as 40 hex digits):  Note: some letters are capital to incorporate a checksum (EIP55)  Digital signatures in secp256k1 are 64 bytes (2 * 32 bytes)  A pair of two 256-bit numbers: [r, s]  Calculated by the well-known ECDSA formulas (see RFC6979) ECDSA, secp256k1 and Ethereum (2) 0xa44f70834a711F0DF388ab016465f2eEb255dEd0
  • 15. 15 Ethereum Key to Addresses – Example pip install eth_keys import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) pubKey = privKey.public_key print('Public key (plain, 128 hex digits):', pubKey) pubKeyCompr = '0' + str(2 + int(pubKey) % 2) + str(pubKey)[2:66] print('Public key (compressed, 66 hex digits):', pubKeyCompr) address = pubKey.to_checksum_address() print('Ethereum address:', address)
  • 16. 16  Ethereum uses secp256k1-based ECDSA signatures  ECDSA generates deterministically a random point R (see RFC6979)  Ethereum signatures consists of 3 numbers: [v, r, s]  v – the compressed Y coordinate of the point R (1 byte: 00 or 01)  r – the X coordinate of the point R (256-bit integer, 32 bytes)  s – 256-bit integer (32 bytes), calculated from the signer's private key + message hash (Ethereum uses keccak256)  Typically encoded as 130 hex digits (65 bytes), e.g. 0x…465c5cf4be401  Given an Ethereum signature [v, r, s], the public key can be recovered from [R, s, msgHash]  also the signer's Ethereum address Verifying an Ethereum Signature
  • 17. 17 Sign Message in Ethereum – Example import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) signature = privKey.sign_msg(b'Message for signing') print('Signature: [v = {0}, r = {1}, s = {2}]'.format( hex(signature.v), hex(signature.r), hex(signature.s))) print('Signature (130 hex digits):', signature)
  • 18. 18 Verify Message Signature in Etherscan  Verify message signature at https://etherscan.io/verifySig by:  signer address (40 hex digits)  signature (130 hex digits)  original message text  The result is: valid / invalid
  • 19. 19 Verify Ethereum Signature – Example import eth_keys, binascii msg = b'Message for signing' msgSigner = '0xa44f70834a711F0DF388ab016465f2eEb255dEd0' signature = eth_keys.keys.Signature(binascii.unhexlify( '6f0156091cbe912f2d5d1215cc3cd81c0963c8839b93af60e0921b61a1 9c54300c71006dd93f3508c432daca21db0095f4b16542782b7986f48a5 d0ae3c583d401')) signerPubKey = signature.recover_public_key_from_msg(msg) print('Signer public key (recovered):', signerPubKey) signerAddress = signerPubKey.to_checksum_address() print('Signer address:', signerAddress) print('Signature valid?:', signerAddress == msgSigner)
  • 20. Hashing and Hash Functions Cryptographic Hash Functions
  • 21. 21 What is Cryptographic Hash Function? Some text Some text Some text Some text Some text Some text Some text 20c9ad97c081d63397d 7b685a412227a40e23c 8bdc6688c6f37e97cfbc2 2d2b4d1db1510d8f61e 6a8866ad7f0e17c02b14 182d37ea7c3c8b9c2683 aeb6b733a1 Text Hashed text Cryptographic hash function (almost no collisions)
  • 22. 22 Cryptographic Hash Function  One-way hash function  Infeasible to invert  Extremely little chance to find a collision
  • 23. 23  Old hash algorithms: MD5, SHA-0, SHA-1  Withdrawn due to cryptographic weaknesses (collisions found)  SHA-2  Family of functions: SHA-256 (256 bits hash), SHA-512 (512 bits), …  SHA-3  More secure, same hash length (256 bits), known as "Keccak"  RIPEMD-160  Secure hash function, widely used in cryptography, e.g. PGP, Bitcoin  Less secure variations: RIPEMD-128, RIPEMD-256, RIPEMD-320 Secure Hash Functions
  • 24. 24  BLAKE / BLAKE2 / BLAKE2s / BLAKE2b  Fast, secure cryptographic hash function  256-bit (BLAKE-256, BLAKE2s) and 512-bit (BLAKE-512, BLAKE2b)  As of April 2018, no collisions are known for:  SHA256, SHA3-256, Keccak-256, BLAKE2s, RIPEMD160  Brute forcing to find a collision costs: 2128 for SHA256/SHA3-256 and 280 for RIPEMD160 (285 / 285 on quantum computer)  512-bit hashes (SHA-512 / SHA3-512) are Quantum-resistant Secure Hash Algorithms (2)
  • 25. 25 Calculating Hash Functions in Python import hashlib, binascii text = 'hello' data = text.encode("utf8") sha256hash = hashlib.sha256(data).digest() print("SHA256: ", binascii.hexlify(sha256hash)) sha3_256 = hashlib.sha3_256(data).digest() print("SHA3-256: ", binascii.hexlify(sha3_256)) ripemd160 = hashlib.new('ripemd160', data).digest() print("RIPEMD-160:", binascii.hexlify(ripemd160))
  • 26. HMAC and Key Derivation MAC, HMAC, PBKDF2 and SCrypt
  • 27. 27  HMAC = Hash-based Message Authentication Code  HMAC(key, msg, hash_func)  hash  Message hash mixed with a secret shared key  Used for message integrity / authenticity / key derivation  Key derivation function (KDF) == function(password)  key  Use HKDF (HMAC-based key derivation), PBKDF2 or SCrypt  PBKDF2, BCrypt and SCrypt are modern key-derivation functions  Use a lot of iterations + a lot of memory  to make it slow HMAC and Key Derivation
  • 28. 28 HMAC Calculation in Python – Example import hashlib, hmac, binascii def hmac_sha256(key, msg): return hmac.new(key, msg, hashlib.sha256).digest() key = binascii.unhexlify("fa63f2b4c85af6bed3") msg = "some message".encode("utf8") print(binascii.hexlify(hmac_sha256(key, msg)))
  • 29. 29  SCrypt (RFC 7914) is a strong cryptographic key-derivation function  Memory intensive, designed to prevent ASIC and FPGA attacks  key = Scrypt(password, salt, N, r, p, derived-key-len)  N – iterations count (affects memory and CPU usage), e.g. 16384  r – block size (affects memory and CPU usage), e.g. 8  p – parallelism factor (threads to run in parallel), usually 1  Memory used = 128 * N * r * p bytes, e.g. 128 * 16384 * 8 = 16 MB  Parameters for interactive login: N=16384, r=8, p=1 (RAM=16MB)  Parameters for file encryption: N=1048576, r=8, p=1 (RAM=1GB) Key Derivation Functions: Scrypt
  • 30. 30 SCrypt Key Derivation in Python – Example import scrypt, os, binascii passwd = "p@$$w0rD~3" salt = os.urandom(32) print("Salt: ", binascii.hexlify(salt)) key = scrypt.hash(passwd, salt, 16384, 8, 1, 32) print("Derived key:", binascii.hexlify(key)) pip install scrypt
  • 31. Blockchain Cryptography and Wallets Keys, Addresses, Signatures, Wallets
  • 32. 32 Public / Private Keys, Wallets & Blockchain private key public key address transaction sign by private key signed transaction valid / invalid verify by address wallet master key (seed) signed transaction transaction data public key: (x, y) signature: (v, r, s)
  • 33. 33  In blockchain wallets keep private keys, highly encrypted  Simple wallet (keystore) keeps a single private key  Example: https://gist.github.com/nakov/53f869e01c9b573844c48e5966e33a3f  HD wallet (hierarchical wallet) keeps multiple private keys  Hierarchically derived by a master key (seed) by derivation path  The seed is encoded as mnemonic phrase (12 / 24 words)  Example: https://iancoleman.io/bip39/ HD Wallets, BIP39, BIP32 / BIP44 hill brave science fox crime quit owner chapter myth vocal chat custom
  • 34. 34  The BIP-32 standard defines how a crypto-wallet can generate multiple keys + addresses  The wallet is initialized by a 512-bit master key (seed)  HMAC + ECC math used to generate multiple accounts  Through a derivation path  E.g. m/44'/60'/1'/12  Each account holds private key  public key  address ECC and Wallets: BIP32
  • 35. 35  Most modern crypto wallets start from a 512-bit securely generated random seed (see the BIP-39 standard)  The seed (root key) can be represented by 12 or 24 words, e.g.  Each word comes from a wordlist of 2048 words  See https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt  1 word == 11 bits of entropy  12 words == 132 bits == 128-bit entropy + checksum (in the last word)  24 words == 264 bits == 256-bit entropy + checksum (in the last word) Internal Seed in Crypto Wallets hill brave science fox crime quit owner chapter myth vocal chat custom
  • 36. BIP-39 Mnemonic Seed Generator Live Demo https://iancoleman.io/bip39
  • 37. Wallet Encryption and AES AES, CBC/CTR, Padding, SCrypt, HMAC
  • 38. 38  A single secret key to encrypt / decrypt  The secret key is usually derived by a password  Both the sender and the recipient should know the secret key  Widely used symmetric algorithms: AES-128, AES-256, Twofish, IDEA Symmetric Encryption  Wallets are typically encrypted using symmetric ciphers like AES
  • 39. 39  AES is a "block cipher" – encrypts block by block (e.g. 128 bits)  It has several modes of operation (CBC, ECB, CTR, …)  Some modes of operation require initial vector (IV)  Non-secret random salt  used to get different result each time  Recommended modes: CBC (Cipher Block Chaining) or CTR (Counter)  It may use a padding algorithm (typically PKCS7) to split the input data into blocks of fixed block-size (e.g. 128 bits)  It may use password to key derivation: key = SCrypt(pass, salt, …)  It may use MAC to check the password validity: HMAC(text, key) AES Cipher Settings
  • 40. 40 Example: AES Encrypt / Decrypt in Python import pyaes, pbkdf2, binascii, os, secrets plaintext = "Sample text for encryption" password = "s0m3p@$$w0rd" key = pbkdf2.PBKDF2(password, 'some salt').read(16) print('AES encryption key:', binascii.hexlify(key)) iv = secrets.randbelow(2 << 128) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) ciphertext = aes.encrypt(plaintext) print('encrypted:', binascii.hexlify(ciphertext)) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) decrypted = aes.decrypt(ciphertext) print('decrypted:', decrypted) pip install pyaes pip install pbkdf2
  • 41. 41 Ethereum UTC / JSON Wallet Encryption { "version": 3, "id": "…", "address": "b97e993872a9050c07f…ef195", "Crypto": { "ciphertext": "bc9215b2cd1571df…e3a1", // the encrypted private key "cipher": "aes-128-ctr", // AES, 128-bit encryption, CTR mode "cipherparams": { "iv": "2bac08cafc…8e" }, // random initial vector "kdf": "scrypt", "kdfparams": { "dklen": 32, // key length (256-bit key for AES encryption) "salt": "7d48230c94b90c0301bf9f4…eba1", // random-generated salt "n": 1024, // iterations count (CPU + memory cost factor) "r": 8, // block size (affects CPU + memory) "p": 1 // parallelization factor (threads count) }, "mac": "e3cd7ea4e3ceb0e9a…0564" // msg integrity key (password check) } } Learn more at: https://github.com/ethers-io/ethers.js/blob/master/wallet/secret-storage.js#L288
  • 43. License  This course (slides, examples, demos, videos, homework, etc.) is licensed under the "Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International" license 43
  • 44. Trainings @ Software University (SoftUni)  Software University – High-Quality Education, Profession and Job for Software Developers  softuni.bg  Software University Foundation  http://softuni.foundation/  Software University @ Facebook  facebook.com/SoftwareUniversity  Software University Forums  forum.softuni.bg