SlideShare a Scribd company logo

Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)

Download as PPTX, PDF
Svetlin Nakov
Svetlin Nakov

Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose, CA, USA) Elliptic Curve Cryptography (ECC) ECC Concepts, Elliptic Curves, the secp256k1 Curve Private Key -> Public Key -> Blockchain Address Sign / Verify Transactions in Ethereum Cryptographic Hash Functions: SHA256, SHA3, RIPEMD160, … HMAC and Key Derivation: HMAC, PBKDF2, SCrypt Blockchain Cryptography and Wallets: JSON / UTC, BIP39, BIP44 Wallet Encryption: AES + Padding + CBC/CTR, Scrypt, HMAC Learn more at: http://nakov.com/blog/2018/04/15/blockchain-cryptography-for-developers-ecc-secp256k1-scrypt-aes-wallets/

Education
1 of 45
Blockchain Cryptography for Devs Elliptic Curves, ECC, ECDSA, secp256k1, Hashes, Wallets, AES, SCrypt, HMAC, BIP39, BIP44 Software University (SoftUni) https://softuni.org Svetlin Nakov Blockchain Engineer and Technical Trainer
2  Software engineer, trainer, entrepreneur, PhD, author of 12 books, blockchain expert  3 successful tech educational initiatives (100,000+ students): About Svetlin Nakov
3  Technical advisor @ LockChain / LockTrip: https://locktrip.com  Raised ~ 10.000 ETH in token sale (Sep-Nov 2017)  Currently LOC token holders book hotels @ 20-30% better price  Head of blockchain education (Jan-June 2018) @ Academy School of Blockchain: https://academytoken.com  Raised ~ 48M USD in token sale (Jan-Apr 2018)  Tech advisor for blockchain crypto startups:  Tokenize Exchange, Bountie, Weidex, IRIS Payments Solutions, Aeternity Ventures Nakov – Blockchain & Crypto Projects
4  Elliptic Curve Cryptography (ECC)  ECC Concepts, Elliptic Curves, the secp256k1 Curve  Private Key  Public Key  Blockchain Address  Sign / Verify Transactions in Ethereum  Cryptographic Hash Functions: SHA256, SHA3, RIPEMD160, …  HMAC and Key Derivation: HMAC, PBKDF2, SCrypt  Blockchain Cryptography and Wallets: JSON / UTC, BIP39, BIP44  Wallet Encryption: AES + Padding + CBC/CTR, SCrypt, HMAC Table of Contents
Elliptic Curve Cryptography (ECC) Elliptic Curves, ECC and ECDSA, Sign, Verify
6  Uses a pair of keys: public key + private key  Sign / decrypt by private key  Verify / encrypt by public key Public Key Cryptography
7  Well-known public-key crypto-systems  RSA – based on discrete logarithms  ECC – based on elliptic curves  ECC cryptography is considered more secure  3072-bit RSA key ≈≈ 256-bit ECC key  Most blockchains (like Bitcoin, Ethereum and EOS) use ECC  But be warned: ECC is not quantum-safe! Public Key Crypto Systems
8  Public / private key cryptography based on the algebraic structure of elliptic curves over finite fields  Requires smaller key-size than RSA for the same security strength  Elliptic curves == set of points {x, y} such that:  y2 = x3 + ax + b  Example – the Bitcoin elliptic curve:  y2 = x3 + 7 (a = 0; b = 7) Elliptic Curve Cryptography (ECC)
9  Elliptic curves cryptography (ECC)  Uses ecliptic curves over the finite field Fp (p is prime, p > 3)  A set of integer coordinates {x, y}, such that 0 ≤ x, y < p  Staying on the elliptic curve: y2 ≡ x3 + ax + b (mod p)  Example of elliptic curve over F17:  y2 ≡ x3 + 7 (mod 17) Elliptic Curves over a Finite Fields y2 ≡ x3 + 7 (mod 17)
10  A point G over the curve can be multiplied by an integer k  P = k * G  The result is another point P staying on the same curve  k == private key (integer)  P == public key (point {x, y})  Very fast to calculate P = k * G  Extremely slow (considered infeasible) to calculate k = P / G Multiply a Point Over an Elliptic Curve y2 ≡ x3 + 7 (mod 17) G P
11 Elliptic Curves Multiplication in Python from pycoin.ecdsa import Point from pycoin.ecdsa import CurveFp curve = CurveFp(17, 0, 7) print("Curve = " + str(curve)) G = Point(curve, 15, 13) print("G = " + str(G)) for k in range(0, 6) : print(str(k) + " * G = " + str(k * G)) pip install pycoin
12  The elliptic curves over Fp  Have at most 2 points per y coordinate (odd x and even x)  A public key P(x, y) can be compressed as C(x, odd/even)  At the curve y2 ≡ x3 + 7 (mod 17) P(10, 15) == C(10, odd)  mod_sqrt(x3 + 7, 17) == y || 17 - y Compressing the Public Key y2 ≡ x3 + 7 (mod 17)
13  ECC operates with a set of EC domain parameters:  T = (p, a, b, G, n, h)  Prime field (prime p), elliptic equation (a, b), base point G(xG, yG), order of G (prime n), cofactor (h)  The secp256k1 standard (used in Bitcoin) defines 256-bit elliptic-curve cryptosystem:  Prime field (p) = 2256 - 232 - 977; Equation: y2 = x3 + 7 (a = 0, b = 7)  G = 0x79BE667E …; n = 0xFFF…D0364141; h = 1 ECC Parameters and secp256k1 Learn more at: http://www.secg.org/sec2-v2.pdf, https://en.bitcoin.it/wiki/Secp256k1
14  The private key in secp256k1 is 256-bit integer (32 bytes)  Example of Ethereum private key (encoded as 64 hex digits)  The respective public key is a EC point (2 * 256 bits == 64 bytes)  Can be compressed to 257 bits (Ethereum uses prefix 02 or 03)  Example of compressed public key (33 bytes / 66 hex digits): Ethereum Addresses and secp256k1 97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a 027b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 7b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 177316ca82b0bdf70cd9dee145c3002c0da1d92626449875972a27807b73b42e
15  The blockchain address in Ethereum is 20 bytes  Calculated as: last20bytes(keccak256(publicKeyFull))  Example of Ethereum address (encoded as 40 hex digits):  Note: some letters are capital to incorporate a checksum (EIP55)  Digital signatures in secp256k1 are 64 bytes (2 * 32 bytes)  A pair of two 256-bit numbers: [r, s]  Calculated by the well-known ECDSA formulas (see RFC6979) ECDSA, secp256k1 and Ethereum (2) 0xa44f70834a711F0DF388ab016465f2eEb255dEd0
16 Ethereum Key to Addresses – Example pip install eth_keys import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) pubKey = privKey.public_key print('Public key (plain, 128 hex digits):', pubKey) pubKeyCompr = '0' + str(2 + int(pubKey) % 2) + str(pubKey)[2:66] print('Public key (compressed, 66 hex digits):', pubKeyCompr) address = pubKey.to_checksum_address() print('Ethereum address:', address)
17  Ethereum uses secp256k1-based ECDSA signatures  ECDSA generates deterministically a random point R (see RFC6979)  Ethereum signatures consists of 3 numbers: [v, r, s]  v – the compressed Y coordinate of the point R (1 byte: 00 or 01)  r – the X coordinate of the point R (256-bit integer, 32 bytes)  s – 256-bit integer (32 bytes), calculated from the signer's private key + message hash (Ethereum uses keccak256)  Typically encoded as 130 hex digits (65 bytes), e.g. 0x…465c5cf4be401  Given an Ethereum signature [v, r, s], the public key can be recovered from [R, s, msgHash]  also the signer's Ethereum address Ethereum Signatures
18 Sign Message in Ethereum – Example import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) signature = privKey.sign_msg(b'Message for signing') print('Signature: [v = {0}, r = {1}, s = {2}]'.format( hex(signature.v), hex(signature.r), hex(signature.s))) print('Signature (130 hex digits):', signature)
19 Verify Message Signature in Etherscan  Verify message signature at https://etherscan.io/verifySig by:  signer address (40 hex digits)  signature (130 hex digits)  original message text  The result is: valid / invalid
20 Verify Ethereum Signature – Example import eth_keys, binascii msg = b'Message for signing' msgSigner = '0xa44f70834a711F0DF388ab016465f2eEb255dEd0' signature = eth_keys.keys.Signature(binascii.unhexlify( '6f0156091cbe912f2d5d1215cc3cd81c0963c8839b93af60e0921b61a1 9c54300c71006dd93f3508c432daca21db0095f4b16542782b7986f48a5 d0ae3c583d401')) signerPubKey = signature.recover_public_key_from_msg(msg) print('Signer public key (recovered):', signerPubKey) signerAddress = signerPubKey.to_checksum_address() print('Signer address:', signerAddress) print('Signature valid?:', signerAddress == msgSigner)
Hashing and Hash Functions Cryptographic Hash Functions
22 What is Cryptographic Hash Function? Some text Some text Some text Some text Some text Some text Some text 20c9ad97c081d63397d 7b685a412227a40e23c 8bdc6688c6f37e97cfbc2 2d2b4d1db1510d8f61e 6a8866ad7f0e17c02b14 182d37ea7c3c8b9c2683 aeb6b733a1 Text Hashed text Cryptographic hash function (almost no collisions)
23 Cryptographic Hash Function  One-way hash function  Infeasible to invert  Extremely little chance to find a collision
24  Old hash algorithms: MD5, SHA-0, SHA-1  Withdrawn due to cryptographic weaknesses (collisions found)  SHA-2  Family of functions: SHA-256 (256 bits hash), SHA-512 (512 bits), …  SHA-3  More secure, same hash length (256 bits), known as "Keccak"  RIPEMD-160  Secure hash function, widely used in cryptography, e.g. PGP, Bitcoin  Less secure variations: RIPEMD-128, RIPEMD-256, RIPEMD-320 Secure Hash Functions
25  BLAKE / BLAKE2 / BLAKE2s / BLAKE2b  Fast, secure cryptographic hash function  256-bit (BLAKE-256, BLAKE2s) and 512-bit (BLAKE-512, BLAKE2b)  As of September 2018, no collisions are known for:  SHA256, SHA3-256, Keccak-256, BLAKE2s, RIPEMD160  Brute forcing to find a collision costs: 2128 for SHA256/SHA3-256 and 280 for RIPEMD160 (285 / 253 on quantum computer)  512-bit hashes (SHA-512 / SHA3-512) are Quantum-resistant Secure Hash Algorithms (2)
26 Calculating Hash Functions in Python import hashlib, binascii text = 'hello' data = text.encode("utf8") sha256hash = hashlib.sha256(data).digest() print("SHA256: ", binascii.hexlify(sha256hash)) sha3_256 = hashlib.sha3_256(data).digest() print("SHA3-256: ", binascii.hexlify(sha3_256)) ripemd160 = hashlib.new('ripemd160', data).digest() print("RIPEMD-160:", binascii.hexlify(ripemd160))
HMAC and Key Derivation MAC, HMAC, PBKDF2 and SCrypt
28  HMAC = Hash-based Message Authentication Code  HMAC(key, msg, hash_func)  hash  Message hash mixed with a secret shared key  Used for message integrity / authenticity / key derivation  Key derivation function (KDF) == function(password)  key  Use HKDF (HMAC-based key derivation), PBKDF2 or SCrypt  PBKDF2, Bcrypt, Scrypt and Argon2 are modern KDFs  Use a lot of iterations + a lot of memory  to make it slow HMAC and Key Derivation
29 HMAC Calculation in Python – Example import hashlib, hmac, binascii def hmac_sha256(key, msg): return hmac.new(key, msg, hashlib.sha256).digest() key = binascii.unhexlify("fa63f2b4c85af6bed3") msg = "some message".encode("utf8") print(binascii.hexlify(hmac_sha256(key, msg)))
30  Scrypt (RFC 7914) is a strong cryptographic key-derivation function  Memory intensive, designed to prevent ASIC and FPGA attacks  key = Scrypt(password, salt, N, r, p, derived-key-len)  N – iterations count (affects memory and CPU usage), e.g. 16384  r – block size (affects memory and CPU usage), e.g. 8  p – parallelism factor (threads to run in parallel), usually 1  Memory used = 128 * N * r * p bytes, e.g. 128 * 16384 * 8 = 16 MB  Parameters for interactive login: N=16384, r=8, p=1 (RAM=16MB)  Parameters for file encryption: N=1048576, r=8, p=1 (RAM=1GB) Key Derivation Functions: Scrypt
31 Scrypt Key Derivation in Python – Example import scrypt, os, binascii passwd = "p@$$w0rD~3" salt = os.urandom(32) print("Salt: ", binascii.hexlify(salt)) key = scrypt.hash(passwd, salt, 16384, 8, 1, 32) print("Derived key:", binascii.hexlify(key)) pip install scrypt
Blockchain Cryptography and Wallets Keys, Addresses, Signatures, Wallets
33 Public / Private Keys, Wallets & Blockchain private key public key address transaction sign by private key signed transaction valid / invalid verify by address wallet master key (seed) signed transaction transaction data public key: (x, y) signature: (v, r, s)
34  In blockchain wallets keep private keys, highly encrypted  Simple wallet (keystore) keeps a single private key  Example: https://gist.github.com/nakov/53f869e01c9b573844c48e5966e33a3f  HD wallet (hierarchical wallet) keeps multiple private keys  Hierarchically derived by a master key (seed) by derivation path  The seed is encoded as mnemonic phrase (12 / 24 words)  Example: https://iancoleman.io/bip39 HD Wallets, BIP39, BIP32 / BIP44 hill brave science fox crime quit owner chapter myth vocal chat custom
35  The BIP-32 standard defines how a crypto-wallet can generate multiple keys + addresses  The wallet is initialized by a 512-bit master key (seed)  HMAC + ECC math used to generate multiple accounts  Through a derivation path  E.g. m/44'/60'/1'/12  Each account holds private key  public key  address ECC and Wallets: BIP32
36  Most modern crypto wallets start from a 512-bit securely generated random seed (see the BIP-39 standard)  The seed (root key) can be represented by 12 or 24 words, e.g.  Each word comes from a wordlist of 2048 words  See https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt  1 word == 11 bits of entropy  12 words == 132 bits == 128-bit entropy + checksum (in the last word)  24 words == 264 bits == 256-bit entropy + checksum (in the last word) Internal Seed in Crypto Wallets hill brave science fox crime quit owner chapter myth vocal chat custom
BIP-39 Mnemonic Seed Generator Live Demo https://iancoleman.io/bip39
Wallet Encryption and AES AES, CBC/CTR, Padding, Scrypt, HMAC
39  A single secret key to encrypt / decrypt  The secret key is usually derived by a password  Both the sender and the recipient should know the secret key  Widely used symmetric algorithms: AES-128, AES-256, Twofish, IDEA Symmetric Encryption  Wallets are typically encrypted using symmetric ciphers like AES
40  AES is a "block cipher" – encrypts block by block (e.g. 128 bits)  It has several modes of operation (CBC, ECB, CTR, …)  Some modes of operation require initial vector (IV)  Non-secret random salt  used to get different result each time  Recommended modes: CBC (Cipher Block Chaining) or CTR (Counter)  It may use a padding algorithm (typically PKCS7) to split the input data into blocks of fixed block-size (e.g. 128 bits)  It may use password to key derivation: key = Scrypt(pass, salt, …)  It may use MAC to check the password validity: HMAC(text, key) AES Cipher Settings
41 Example: AES Encrypt / Decrypt in Python import pyaes, pbkdf2, binascii, os, secrets plaintext = "Sample text for encryption" password = "s0m3p@$$w0rd" key = pbkdf2.PBKDF2(password, 'some salt').read(16) print('AES encryption key:', binascii.hexlify(key)) iv = secrets.randbelow(2 << 128) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) ciphertext = aes.encrypt(plaintext) print('encrypted:', binascii.hexlify(ciphertext)) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) decrypted = aes.decrypt(ciphertext) print('decrypted:', decrypted) pip install pyaes pip install pbkdf2
42 Ethereum UTC / JSON Wallet Encryption { "version": 3, "id": "…", "address": "b97e993872a9050c07f…ef195", "Crypto": { "ciphertext": "bc9215b2cd1571df…e3a1", // the encrypted private key "cipher": "aes-128-ctr", // AES, 128-bit encryption, CTR mode "cipherparams": { "iv": "2bac08cafc…8e" }, // random initial vector "kdf": "scrypt", "kdfparams": { "dklen": 32, // key length (256-bit key for AES encryption) "salt": "7d48230c94b90c0301bf9f4…eba1", // random-generated salt "n": 1024, // iterations count (CPU + memory cost factor) "r": 8, // block size (affects CPU + memory) "p": 1 // parallelization factor (threads count) }, "mac": "e3cd7ea4e3ceb0e9a…0564" // msg integrity key (password check) } } Learn more at: https://github.com/ethers-io/ethers.js/blob/master/wallet/secret-storage.js#L288
? Blockchain Cryptography for Devs
License  This course (slides, examples, demos, videos, homework, etc.) is licensed under the "Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International" license 44
Trainings @ Software University (SoftUni)  Software University – High-Quality Education, Profession and Job for Software Developers  softuni.bg  Software University Foundation  http://softuni.foundation/  Software University @ Facebook  facebook.com/SoftwareUniversity  Software University Forums  forum.softuni.bg

Recommended

Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Svetlin Nakov
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Svetlin Nakov
 
9 password security
9 password security9 password security
9 password securitydrewz lin
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
Enrico Zimuel
 
Geth important commands
Geth important commandsGeth important commands
Geth important commands
NexThoughts Technologies
 
Reutov, yunusov, nagibin random numbers take ii
Reutov, yunusov, nagibin random numbers take iiReutov, yunusov, nagibin random numbers take ii
Reutov, yunusov, nagibin random numbers take iiDefconRussia
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHP
Anthony Ferrara
 

Recommended

Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Svetlin Nakov
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Blockchain Cryptography for Developers (Nakov @ BGWebSummit 2018)
Svetlin Nakov
 
9 password security
9 password security9 password security
9 password securitydrewz lin
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
Enrico Zimuel
 
Geth important commands
Geth important commandsGeth important commands
Geth important commands
NexThoughts Technologies
 
Reutov, yunusov, nagibin random numbers take ii
Reutov, yunusov, nagibin random numbers take iiReutov, yunusov, nagibin random numbers take ii
Reutov, yunusov, nagibin random numbers take iiDefconRussia
 
Cryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHPCryptography For The Average Developer - Sunshine PHP
Cryptography For The Average Developer - Sunshine PHP
Anthony Ferrara
 
Python Cryptography & Security
Python Cryptography & SecurityPython Cryptography & Security
Python Cryptography & Security
Jose Manuel Ortega Candel
 
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Svetlin Nakov
 
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Positive Hack Days
 
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call FlowOpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
William Lee
 
Da APK al Golden Ticket
Da APK al Golden TicketDa APK al Golden Ticket
Da APK al Golden Ticket
Giuseppe Trotta
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012
Martin Kobetic
 
IDSECCONF2013 CTF online Write Up
IDSECCONF2013 CTF online Write Up IDSECCONF2013 CTF online Write Up
IDSECCONF2013 CTF online Write Up
idsecconf
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSLZhi Guan
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
Martin Kobetic
 
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Semihalf
 
Opentalk at Large - StS 2005
Opentalk at Large - StS 2005Opentalk at Large - StS 2005
Opentalk at Large - StS 2005
Martin Kobetic
 
OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)
Shteryana Shopova
 
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
 
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ..."Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
PROIDEA
 
System Calls
System CallsSystem Calls
System Calls
David Evans
 
Chatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopChatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopyayaria
 
分散式系統
分散式系統分散式系統
分散式系統acksinkwung
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
Ajay Ohri
 
Ac2
Ac2Ac2
Ac2
Muhammad Islahuddin
 
Aoevideo
AoevideoAoevideo
AoevideoPptblog Pptblogcom
 
Hashfunction
HashfunctionHashfunction
Hashfunction
Tony Nguyen
 
Hashfunction
HashfunctionHashfunction
Hashfunction
Fraboni Ec
 

More Related Content

What's hot

Python Cryptography & Security
Python Cryptography & SecurityPython Cryptography & Security
Python Cryptography & Security
Jose Manuel Ortega Candel
 
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Svetlin Nakov
 
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Positive Hack Days
 
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call FlowOpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
William Lee
 
Da APK al Golden Ticket
Da APK al Golden TicketDa APK al Golden Ticket
Da APK al Golden Ticket
Giuseppe Trotta
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012
Martin Kobetic
 
IDSECCONF2013 CTF online Write Up
IDSECCONF2013 CTF online Write Up IDSECCONF2013 CTF online Write Up
IDSECCONF2013 CTF online Write Up
idsecconf
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSLZhi Guan
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
Martin Kobetic
 
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Semihalf
 
Opentalk at Large - StS 2005
Opentalk at Large - StS 2005Opentalk at Large - StS 2005
Opentalk at Large - StS 2005
Martin Kobetic
 
OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)
Shteryana Shopova
 
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
RootedCON
 
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ..."Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
PROIDEA
 
System Calls
System CallsSystem Calls
System Calls
David Evans
 
Chatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopChatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopyayaria
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
Ajay Ohri
 

What's hot (20)

Python Cryptography & Security
Python Cryptography & SecurityPython Cryptography & Security
Python Cryptography & Security
 
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
Crypto Wallets: A Technical Perspective (Nakov at OpenFest 2018)
 
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» у...
 
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call FlowOpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
 
Da APK al Golden Ticket
Da APK al Golden TicketDa APK al Golden Ticket
Da APK al Golden Ticket
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012
 
IDSECCONF2013 CTF online Write Up
IDSECCONF2013 CTF online Write Up IDSECCONF2013 CTF online Write Up
IDSECCONF2013 CTF online Write Up
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSL
 
Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003Cryptography and SSL in Smalltalk - StS 2003
Cryptography and SSL in Smalltalk - StS 2003
 
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018
 
Opentalk at Large - StS 2005
Opentalk at Large - StS 2005Opentalk at Large - StS 2005
Opentalk at Large - StS 2005
 
OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)
 
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
 
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ..."Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...
 
System Calls
System CallsSystem Calls
System Calls
 
Chatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptopChatting dengan beberapa pc laptop
Chatting dengan beberapa pc laptop
 
分散式系統
分散式系統分散式系統
分散式系統
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
 
Ac2
Ac2Ac2
Ac2
 
Aoevideo
AoevideoAoevideo
Aoevideo
 

Similar to Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)

Hashfunction
HashfunctionHashfunction
Hashfunction
Tony Nguyen
 
Hashfunction
HashfunctionHashfunction
Hashfunction
Fraboni Ec
 
Hash function
Hash functionHash function
Hash function
Harry Potter
 
Hashfunction
HashfunctionHashfunction
Hashfunction
David Hoen
 
Hashfunction
HashfunctionHashfunction
Hashfunction
James Wong
 
Bitcoin developer guide
Bitcoin developer guideBitcoin developer guide
Bitcoin developer guide
承翰 蔡
 
Cryptography and secure systems
Cryptography and secure systemsCryptography and secure systems
Cryptography and secure systems
Vsevolod Stakhov
 
Blockchain Technology - Week 6 - Role of Cryptography in Blockchain
Blockchain Technology - Week 6 - Role of Cryptography in BlockchainBlockchain Technology - Week 6 - Role of Cryptography in Blockchain
Blockchain Technology - Week 6 - Role of Cryptography in Blockchain
Ferdin Joe John Joseph PhD
 
Renas Rajab Asaad
Renas Rajab AsaadRenas Rajab Asaad
Renas Rajab Asaad
Renas Rekany
 
ImplementingCryptoSecurityARMCortex_Doin
ImplementingCryptoSecurityARMCortex_DoinImplementingCryptoSecurityARMCortex_Doin
ImplementingCryptoSecurityARMCortex_DoinJonny Doin
 
Presentation topalidis giorgos
Presentation topalidis giorgosPresentation topalidis giorgos
Presentation topalidis giorgos
Giorgos Topalidis
 
Presentation_Topalidis_Giorgos
Presentation_Topalidis_GiorgosPresentation_Topalidis_Giorgos
Presentation_Topalidis_GiorgosGiorgos Topalidis
 
Block Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptxBlock Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptx
HodaAhmedBekhitAhmed
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
Codemotion
 
Georgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software securityGeorgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software securityDefconRussia
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryption
Dan Cvrcek
 
A Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts BytecodeA Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts Bytecode
Shakacon
 
Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...
Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...
Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...
Mozaic Works
 

Similar to Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose) (20)

Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hash function
Hash functionHash function
Hash function
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Hashfunction
HashfunctionHashfunction
Hashfunction
 
Bitcoin developer guide
Bitcoin developer guideBitcoin developer guide
Bitcoin developer guide
 
Cryptography and secure systems
Cryptography and secure systemsCryptography and secure systems
Cryptography and secure systems
 
Blockchain Technology - Week 6 - Role of Cryptography in Blockchain
Blockchain Technology - Week 6 - Role of Cryptography in BlockchainBlockchain Technology - Week 6 - Role of Cryptography in Blockchain
Blockchain Technology - Week 6 - Role of Cryptography in Blockchain
 
Renas Rajab Asaad
Renas Rajab AsaadRenas Rajab Asaad
Renas Rajab Asaad
 
ImplementingCryptoSecurityARMCortex_Doin
ImplementingCryptoSecurityARMCortex_DoinImplementingCryptoSecurityARMCortex_Doin
ImplementingCryptoSecurityARMCortex_Doin
 
Presentation topalidis giorgos
Presentation topalidis giorgosPresentation topalidis giorgos
Presentation topalidis giorgos
 
Presentation_Topalidis_Giorgos
Presentation_Topalidis_GiorgosPresentation_Topalidis_Giorgos
Presentation_Topalidis_Giorgos
 
Block Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptxBlock Cipher.cryptography_miu_year5.pptx
Block Cipher.cryptography_miu_year5.pptx
 
Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...Everything I always wanted to know about crypto, but never thought I'd unders...
Everything I always wanted to know about crypto, but never thought I'd unders...
 
Georgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software securityGeorgy Nosenko - An introduction to the use SMT solvers for software security
Georgy Nosenko - An introduction to the use SMT solvers for software security
 
One library for all Java encryption
One library for all Java encryptionOne library for all Java encryption
One library for all Java encryption
 
A Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts BytecodeA Decompiler for Blackhain-Based Smart Contracts Bytecode
A Decompiler for Blackhain-Based Smart Contracts Bytecode
 
Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...
Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...
Stefan Kanev: Clojure, ClojureScript and Why They're Awesome at I T.A.K.E. Un...
 

More from Svetlin Nakov

Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024
Svetlin Nakov
 
BG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учителиBG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учители
Svetlin Nakov
 
Programming World in 2024
Programming World in 2024Programming World in 2024
Programming World in 2024
Svetlin Nakov
 
AI Tools for Business and Startups
AI Tools for Business and StartupsAI Tools for Business and Startups
AI Tools for Business and Startups
Svetlin Nakov
 
AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)
Svetlin Nakov
 
AI Tools for Entrepreneurs
AI Tools for EntrepreneursAI Tools for Entrepreneurs
AI Tools for Entrepreneurs
Svetlin Nakov
 
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Svetlin Nakov
 
AI Tools for Business and Personal Life
AI Tools for Business and Personal LifeAI Tools for Business and Personal Life
AI Tools for Business and Personal Life
Svetlin Nakov
 
Дипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин НаковДипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин Наков
Svetlin Nakov
 
Дипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООПДипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООП
Svetlin Nakov
 
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТСвободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
Svetlin Nakov
 
AI and the Professions of the Future
AI and the Professions of the FutureAI and the Professions of the Future
AI and the Professions of the Future
Svetlin Nakov
 
Programming Languages Trends for 2023
Programming Languages Trends for 2023Programming Languages Trends for 2023
Programming Languages Trends for 2023
Svetlin Nakov
 
IT Professions and How to Become a Developer
IT Professions and How to Become a DeveloperIT Professions and How to Become a Developer
IT Professions and How to Become a Developer
Svetlin Nakov
 
GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)
Svetlin Nakov
 
IT Professions and Their Future
IT Professions and Their FutureIT Professions and Their Future
IT Professions and Their Future
Svetlin Nakov
 
How to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a JobHow to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a Job
Svetlin Nakov
 
Призвание и цели: моята рецепта
Призвание и цели: моята рецептаПризвание и цели: моята рецепта
Призвание и цели: моята рецепта
Svetlin Nakov
 
What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?
Svetlin Nakov
 
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
Svetlin Nakov
 

More from Svetlin Nakov (20)

Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024Най-търсените направления в ИТ сферата за 2024
Най-търсените направления в ИТ сферата за 2024
 
BG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учителиBG-IT-Edu: отворено учебно съдържание за ИТ учители
BG-IT-Edu: отворено учебно съдържание за ИТ учители
 
Programming World in 2024
Programming World in 2024Programming World in 2024
Programming World in 2024
 
AI Tools for Business and Startups
AI Tools for Business and StartupsAI Tools for Business and Startups
AI Tools for Business and Startups
 
AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)AI Tools for Scientists - Nakov (Oct 2023)
AI Tools for Scientists - Nakov (Oct 2023)
 
AI Tools for Entrepreneurs
AI Tools for EntrepreneursAI Tools for Entrepreneurs
AI Tools for Entrepreneurs
 
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023
 
AI Tools for Business and Personal Life
AI Tools for Business and Personal LifeAI Tools for Business and Personal Life
AI Tools for Business and Personal Life
 
Дипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин НаковДипломна работа: учебно съдържание по ООП - Светлин Наков
Дипломна работа: учебно съдържание по ООП - Светлин Наков
 
Дипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООПДипломна работа: учебно съдържание по ООП
Дипломна работа: учебно съдържание по ООП
 
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТСвободно ИТ учебно съдържание за учители по програмиране и ИТ
Свободно ИТ учебно съдържание за учители по програмиране и ИТ
 
AI and the Professions of the Future
AI and the Professions of the FutureAI and the Professions of the Future
AI and the Professions of the Future
 
Programming Languages Trends for 2023
Programming Languages Trends for 2023Programming Languages Trends for 2023
Programming Languages Trends for 2023
 
IT Professions and How to Become a Developer
IT Professions and How to Become a DeveloperIT Professions and How to Become a Developer
IT Professions and How to Become a Developer
 
GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)GitHub Actions (Nakov at RuseConf, Sept 2022)
GitHub Actions (Nakov at RuseConf, Sept 2022)
 
IT Professions and Their Future
IT Professions and Their FutureIT Professions and Their Future
IT Professions and Their Future
 
How to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a JobHow to Become a QA Engineer and Start a Job
How to Become a QA Engineer and Start a Job
 
Призвание и цели: моята рецепта
Призвание и цели: моята рецептаПризвание и цели: моята рецепта
Призвание и цели: моята рецепта
 
What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?What Mongolian IT Industry Can Learn from Bulgaria?
What Mongolian IT Industry Can Learn from Bulgaria?
 
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)
 

Recently uploaded

Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Po-Chuan Chen
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
beazzy04
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 

Recently uploaded (20)

Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345Sha'Carri Richardson Presentation 202345
Sha'Carri Richardson Presentation 202345
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 

Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)

  • 1. Blockchain Cryptography for Devs Elliptic Curves, ECC, ECDSA, secp256k1, Hashes, Wallets, AES, SCrypt, HMAC, BIP39, BIP44 Software University (SoftUni) https://softuni.org Svetlin Nakov Blockchain Engineer and Technical Trainer
  • 2. 2  Software engineer, trainer, entrepreneur, PhD, author of 12 books, blockchain expert  3 successful tech educational initiatives (100,000+ students): About Svetlin Nakov
  • 3. 3  Technical advisor @ LockChain / LockTrip: https://locktrip.com  Raised ~ 10.000 ETH in token sale (Sep-Nov 2017)  Currently LOC token holders book hotels @ 20-30% better price  Head of blockchain education (Jan-June 2018) @ Academy School of Blockchain: https://academytoken.com  Raised ~ 48M USD in token sale (Jan-Apr 2018)  Tech advisor for blockchain crypto startups:  Tokenize Exchange, Bountie, Weidex, IRIS Payments Solutions, Aeternity Ventures Nakov – Blockchain & Crypto Projects
  • 4. 4  Elliptic Curve Cryptography (ECC)  ECC Concepts, Elliptic Curves, the secp256k1 Curve  Private Key  Public Key  Blockchain Address  Sign / Verify Transactions in Ethereum  Cryptographic Hash Functions: SHA256, SHA3, RIPEMD160, …  HMAC and Key Derivation: HMAC, PBKDF2, SCrypt  Blockchain Cryptography and Wallets: JSON / UTC, BIP39, BIP44  Wallet Encryption: AES + Padding + CBC/CTR, SCrypt, HMAC Table of Contents
  • 5. Elliptic Curve Cryptography (ECC) Elliptic Curves, ECC and ECDSA, Sign, Verify
  • 6. 6  Uses a pair of keys: public key + private key  Sign / decrypt by private key  Verify / encrypt by public key Public Key Cryptography
  • 7. 7  Well-known public-key crypto-systems  RSA – based on discrete logarithms  ECC – based on elliptic curves  ECC cryptography is considered more secure  3072-bit RSA key ≈≈ 256-bit ECC key  Most blockchains (like Bitcoin, Ethereum and EOS) use ECC  But be warned: ECC is not quantum-safe! Public Key Crypto Systems
  • 8. 8  Public / private key cryptography based on the algebraic structure of elliptic curves over finite fields  Requires smaller key-size than RSA for the same security strength  Elliptic curves == set of points {x, y} such that:  y2 = x3 + ax + b  Example – the Bitcoin elliptic curve:  y2 = x3 + 7 (a = 0; b = 7) Elliptic Curve Cryptography (ECC)
  • 9. 9  Elliptic curves cryptography (ECC)  Uses ecliptic curves over the finite field Fp (p is prime, p > 3)  A set of integer coordinates {x, y}, such that 0 ≤ x, y < p  Staying on the elliptic curve: y2 ≡ x3 + ax + b (mod p)  Example of elliptic curve over F17:  y2 ≡ x3 + 7 (mod 17) Elliptic Curves over a Finite Fields y2 ≡ x3 + 7 (mod 17)
  • 10. 10  A point G over the curve can be multiplied by an integer k  P = k * G  The result is another point P staying on the same curve  k == private key (integer)  P == public key (point {x, y})  Very fast to calculate P = k * G  Extremely slow (considered infeasible) to calculate k = P / G Multiply a Point Over an Elliptic Curve y2 ≡ x3 + 7 (mod 17) G P
  • 11. 11 Elliptic Curves Multiplication in Python from pycoin.ecdsa import Point from pycoin.ecdsa import CurveFp curve = CurveFp(17, 0, 7) print("Curve = " + str(curve)) G = Point(curve, 15, 13) print("G = " + str(G)) for k in range(0, 6) : print(str(k) + " * G = " + str(k * G)) pip install pycoin
  • 12. 12  The elliptic curves over Fp  Have at most 2 points per y coordinate (odd x and even x)  A public key P(x, y) can be compressed as C(x, odd/even)  At the curve y2 ≡ x3 + 7 (mod 17) P(10, 15) == C(10, odd)  mod_sqrt(x3 + 7, 17) == y || 17 - y Compressing the Public Key y2 ≡ x3 + 7 (mod 17)
  • 13. 13  ECC operates with a set of EC domain parameters:  T = (p, a, b, G, n, h)  Prime field (prime p), elliptic equation (a, b), base point G(xG, yG), order of G (prime n), cofactor (h)  The secp256k1 standard (used in Bitcoin) defines 256-bit elliptic-curve cryptosystem:  Prime field (p) = 2256 - 232 - 977; Equation: y2 = x3 + 7 (a = 0, b = 7)  G = 0x79BE667E …; n = 0xFFF…D0364141; h = 1 ECC Parameters and secp256k1 Learn more at: http://www.secg.org/sec2-v2.pdf, https://en.bitcoin.it/wiki/Secp256k1
  • 14. 14  The private key in secp256k1 is 256-bit integer (32 bytes)  Example of Ethereum private key (encoded as 64 hex digits)  The respective public key is a EC point (2 * 256 bits == 64 bytes)  Can be compressed to 257 bits (Ethereum uses prefix 02 or 03)  Example of compressed public key (33 bytes / 66 hex digits): Ethereum Addresses and secp256k1 97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a 027b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 7b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090 177316ca82b0bdf70cd9dee145c3002c0da1d92626449875972a27807b73b42e
  • 15. 15  The blockchain address in Ethereum is 20 bytes  Calculated as: last20bytes(keccak256(publicKeyFull))  Example of Ethereum address (encoded as 40 hex digits):  Note: some letters are capital to incorporate a checksum (EIP55)  Digital signatures in secp256k1 are 64 bytes (2 * 32 bytes)  A pair of two 256-bit numbers: [r, s]  Calculated by the well-known ECDSA formulas (see RFC6979) ECDSA, secp256k1 and Ethereum (2) 0xa44f70834a711F0DF388ab016465f2eEb255dEd0
  • 16. 16 Ethereum Key to Addresses – Example pip install eth_keys import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) pubKey = privKey.public_key print('Public key (plain, 128 hex digits):', pubKey) pubKeyCompr = '0' + str(2 + int(pubKey) % 2) + str(pubKey)[2:66] print('Public key (compressed, 66 hex digits):', pubKeyCompr) address = pubKey.to_checksum_address() print('Ethereum address:', address)
  • 17. 17  Ethereum uses secp256k1-based ECDSA signatures  ECDSA generates deterministically a random point R (see RFC6979)  Ethereum signatures consists of 3 numbers: [v, r, s]  v – the compressed Y coordinate of the point R (1 byte: 00 or 01)  r – the X coordinate of the point R (256-bit integer, 32 bytes)  s – 256-bit integer (32 bytes), calculated from the signer's private key + message hash (Ethereum uses keccak256)  Typically encoded as 130 hex digits (65 bytes), e.g. 0x…465c5cf4be401  Given an Ethereum signature [v, r, s], the public key can be recovered from [R, s, msgHash]  also the signer's Ethereum address Ethereum Signatures
  • 18. 18 Sign Message in Ethereum – Example import eth_keys, binascii privKey = eth_keys.keys.PrivateKey(binascii.unhexlify( '97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a')) print('Private key (64 hex digits):', privKey) signature = privKey.sign_msg(b'Message for signing') print('Signature: [v = {0}, r = {1}, s = {2}]'.format( hex(signature.v), hex(signature.r), hex(signature.s))) print('Signature (130 hex digits):', signature)
  • 19. 19 Verify Message Signature in Etherscan  Verify message signature at https://etherscan.io/verifySig by:  signer address (40 hex digits)  signature (130 hex digits)  original message text  The result is: valid / invalid
  • 20. 20 Verify Ethereum Signature – Example import eth_keys, binascii msg = b'Message for signing' msgSigner = '0xa44f70834a711F0DF388ab016465f2eEb255dEd0' signature = eth_keys.keys.Signature(binascii.unhexlify( '6f0156091cbe912f2d5d1215cc3cd81c0963c8839b93af60e0921b61a1 9c54300c71006dd93f3508c432daca21db0095f4b16542782b7986f48a5 d0ae3c583d401')) signerPubKey = signature.recover_public_key_from_msg(msg) print('Signer public key (recovered):', signerPubKey) signerAddress = signerPubKey.to_checksum_address() print('Signer address:', signerAddress) print('Signature valid?:', signerAddress == msgSigner)
  • 21. Hashing and Hash Functions Cryptographic Hash Functions
  • 22. 22 What is Cryptographic Hash Function? Some text Some text Some text Some text Some text Some text Some text 20c9ad97c081d63397d 7b685a412227a40e23c 8bdc6688c6f37e97cfbc2 2d2b4d1db1510d8f61e 6a8866ad7f0e17c02b14 182d37ea7c3c8b9c2683 aeb6b733a1 Text Hashed text Cryptographic hash function (almost no collisions)
  • 23. 23 Cryptographic Hash Function  One-way hash function  Infeasible to invert  Extremely little chance to find a collision
  • 24. 24  Old hash algorithms: MD5, SHA-0, SHA-1  Withdrawn due to cryptographic weaknesses (collisions found)  SHA-2  Family of functions: SHA-256 (256 bits hash), SHA-512 (512 bits), …  SHA-3  More secure, same hash length (256 bits), known as "Keccak"  RIPEMD-160  Secure hash function, widely used in cryptography, e.g. PGP, Bitcoin  Less secure variations: RIPEMD-128, RIPEMD-256, RIPEMD-320 Secure Hash Functions
  • 25. 25  BLAKE / BLAKE2 / BLAKE2s / BLAKE2b  Fast, secure cryptographic hash function  256-bit (BLAKE-256, BLAKE2s) and 512-bit (BLAKE-512, BLAKE2b)  As of September 2018, no collisions are known for:  SHA256, SHA3-256, Keccak-256, BLAKE2s, RIPEMD160  Brute forcing to find a collision costs: 2128 for SHA256/SHA3-256 and 280 for RIPEMD160 (285 / 253 on quantum computer)  512-bit hashes (SHA-512 / SHA3-512) are Quantum-resistant Secure Hash Algorithms (2)
  • 26. 26 Calculating Hash Functions in Python import hashlib, binascii text = 'hello' data = text.encode("utf8") sha256hash = hashlib.sha256(data).digest() print("SHA256: ", binascii.hexlify(sha256hash)) sha3_256 = hashlib.sha3_256(data).digest() print("SHA3-256: ", binascii.hexlify(sha3_256)) ripemd160 = hashlib.new('ripemd160', data).digest() print("RIPEMD-160:", binascii.hexlify(ripemd160))
  • 27. HMAC and Key Derivation MAC, HMAC, PBKDF2 and SCrypt
  • 28. 28  HMAC = Hash-based Message Authentication Code  HMAC(key, msg, hash_func)  hash  Message hash mixed with a secret shared key  Used for message integrity / authenticity / key derivation  Key derivation function (KDF) == function(password)  key  Use HKDF (HMAC-based key derivation), PBKDF2 or SCrypt  PBKDF2, Bcrypt, Scrypt and Argon2 are modern KDFs  Use a lot of iterations + a lot of memory  to make it slow HMAC and Key Derivation
  • 29. 29 HMAC Calculation in Python – Example import hashlib, hmac, binascii def hmac_sha256(key, msg): return hmac.new(key, msg, hashlib.sha256).digest() key = binascii.unhexlify("fa63f2b4c85af6bed3") msg = "some message".encode("utf8") print(binascii.hexlify(hmac_sha256(key, msg)))
  • 30. 30  Scrypt (RFC 7914) is a strong cryptographic key-derivation function  Memory intensive, designed to prevent ASIC and FPGA attacks  key = Scrypt(password, salt, N, r, p, derived-key-len)  N – iterations count (affects memory and CPU usage), e.g. 16384  r – block size (affects memory and CPU usage), e.g. 8  p – parallelism factor (threads to run in parallel), usually 1  Memory used = 128 * N * r * p bytes, e.g. 128 * 16384 * 8 = 16 MB  Parameters for interactive login: N=16384, r=8, p=1 (RAM=16MB)  Parameters for file encryption: N=1048576, r=8, p=1 (RAM=1GB) Key Derivation Functions: Scrypt
  • 31. 31 Scrypt Key Derivation in Python – Example import scrypt, os, binascii passwd = "p@$$w0rD~3" salt = os.urandom(32) print("Salt: ", binascii.hexlify(salt)) key = scrypt.hash(passwd, salt, 16384, 8, 1, 32) print("Derived key:", binascii.hexlify(key)) pip install scrypt
  • 32. Blockchain Cryptography and Wallets Keys, Addresses, Signatures, Wallets
  • 33. 33 Public / Private Keys, Wallets & Blockchain private key public key address transaction sign by private key signed transaction valid / invalid verify by address wallet master key (seed) signed transaction transaction data public key: (x, y) signature: (v, r, s)
  • 34. 34  In blockchain wallets keep private keys, highly encrypted  Simple wallet (keystore) keeps a single private key  Example: https://gist.github.com/nakov/53f869e01c9b573844c48e5966e33a3f  HD wallet (hierarchical wallet) keeps multiple private keys  Hierarchically derived by a master key (seed) by derivation path  The seed is encoded as mnemonic phrase (12 / 24 words)  Example: https://iancoleman.io/bip39 HD Wallets, BIP39, BIP32 / BIP44 hill brave science fox crime quit owner chapter myth vocal chat custom
  • 35. 35  The BIP-32 standard defines how a crypto-wallet can generate multiple keys + addresses  The wallet is initialized by a 512-bit master key (seed)  HMAC + ECC math used to generate multiple accounts  Through a derivation path  E.g. m/44'/60'/1'/12  Each account holds private key  public key  address ECC and Wallets: BIP32
  • 36. 36  Most modern crypto wallets start from a 512-bit securely generated random seed (see the BIP-39 standard)  The seed (root key) can be represented by 12 or 24 words, e.g.  Each word comes from a wordlist of 2048 words  See https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt  1 word == 11 bits of entropy  12 words == 132 bits == 128-bit entropy + checksum (in the last word)  24 words == 264 bits == 256-bit entropy + checksum (in the last word) Internal Seed in Crypto Wallets hill brave science fox crime quit owner chapter myth vocal chat custom
  • 37. BIP-39 Mnemonic Seed Generator Live Demo https://iancoleman.io/bip39
  • 38. Wallet Encryption and AES AES, CBC/CTR, Padding, Scrypt, HMAC
  • 39. 39  A single secret key to encrypt / decrypt  The secret key is usually derived by a password  Both the sender and the recipient should know the secret key  Widely used symmetric algorithms: AES-128, AES-256, Twofish, IDEA Symmetric Encryption  Wallets are typically encrypted using symmetric ciphers like AES
  • 40. 40  AES is a "block cipher" – encrypts block by block (e.g. 128 bits)  It has several modes of operation (CBC, ECB, CTR, …)  Some modes of operation require initial vector (IV)  Non-secret random salt  used to get different result each time  Recommended modes: CBC (Cipher Block Chaining) or CTR (Counter)  It may use a padding algorithm (typically PKCS7) to split the input data into blocks of fixed block-size (e.g. 128 bits)  It may use password to key derivation: key = Scrypt(pass, salt, …)  It may use MAC to check the password validity: HMAC(text, key) AES Cipher Settings
  • 41. 41 Example: AES Encrypt / Decrypt in Python import pyaes, pbkdf2, binascii, os, secrets plaintext = "Sample text for encryption" password = "s0m3p@$$w0rd" key = pbkdf2.PBKDF2(password, 'some salt').read(16) print('AES encryption key:', binascii.hexlify(key)) iv = secrets.randbelow(2 << 128) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) ciphertext = aes.encrypt(plaintext) print('encrypted:', binascii.hexlify(ciphertext)) aes = pyaes.AESModeOfOperationCTR(key, pyaes.Counter(iv)) decrypted = aes.decrypt(ciphertext) print('decrypted:', decrypted) pip install pyaes pip install pbkdf2
  • 42. 42 Ethereum UTC / JSON Wallet Encryption { "version": 3, "id": "…", "address": "b97e993872a9050c07f…ef195", "Crypto": { "ciphertext": "bc9215b2cd1571df…e3a1", // the encrypted private key "cipher": "aes-128-ctr", // AES, 128-bit encryption, CTR mode "cipherparams": { "iv": "2bac08cafc…8e" }, // random initial vector "kdf": "scrypt", "kdfparams": { "dklen": 32, // key length (256-bit key for AES encryption) "salt": "7d48230c94b90c0301bf9f4…eba1", // random-generated salt "n": 1024, // iterations count (CPU + memory cost factor) "r": 8, // block size (affects CPU + memory) "p": 1 // parallelization factor (threads count) }, "mac": "e3cd7ea4e3ceb0e9a…0564" // msg integrity key (password check) } } Learn more at: https://github.com/ethers-io/ethers.js/blob/master/wallet/secret-storage.js#L288
  • 44. License  This course (slides, examples, demos, videos, homework, etc.) is licensed under the "Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International" license 44
  • 45. Trainings @ Software University (SoftUni)  Software University – High-Quality Education, Profession and Job for Software Developers  softuni.bg  Software University Foundation  http://softuni.foundation/  Software University @ Facebook  facebook.com/SoftwareUniversity  Software University Forums  forum.softuni.bg