BLOCKCHAIN MODULE 1

1) Explain Cryptography ?
Cryptography is the technique of securing information and communications
through the use of codes so that only those for whom the information is
intended can understand and process it. This prevents unauthorized access to
information. The word "cryptography" is derived from the Greek words
"kryptos" meaning hidden and "graphein" meaning writing. It involves
converting plain text into cipher text through encryption and then converting it
back to plain text through decryption. Here are the key points to understand
cryptography:

1. Techniques:

Encryption: The process of converting plain text into cipher text using
an algorithm and a key.

Decryption: The process of converting cipher text back into plain text
using an algorithm and a key.

2. Features:

Confidentiality: Ensuring that information can only be accessed by the

intended recipient.

Integrity: Ensuring that information cannot be altered without detection.

Non-repudiation: Ensuring that the sender cannot deny having sent the
information.

Authentication: Confirming the identities of the sender and receiver,

and ensuring the origin and destination of the information.

3. Types:

Symmetric Key Cryptography: Uses the same key for both encryption
and decryption. It is efficient for encrypting large amounts of data.
Example: Advanced Encryption Standard (AES).

BLOCKCHAIN MODULE 1 1
 Asymmetric Key Cryptography: Uses a pair of keys, a public key for
encryption and a private key for decryption. It provides higher security
and is used for key exchange, digital signatures, and encryption.
Example: RSA (Rivest-Shamir-Adleman).

4. Applications:

Used for securing data in communication systems like emails, internet

transactions, and confidential data storage.

Employed in digital signatures, hash functions, and for ensuring secure

communication in various protocols like SSL/TLS.

2) Distinguish between Symmetric cryptography and asymmetric

cryptography ?
Symmetric and asymmetric cryptography are two fundamental types of
cryptographic systems used to secure data. Here are the key differences
between them:

Feature Symmetric Cryptography Asymmetric Cryptography

Single key for both

Key Usage Pair of keys (public and private)
operations

Speed Faster Slower

Key Challenging, requires secure

Easier, only public key shared
Management exchange

Examples AES, DES, RC2, Blowfish RSA, DSA, ECC

Security Confidentiality, authenticity, non-

Confidentiality
Features repudiation

Typical Use Key exchange, digital signatures,

Encrypting large data sets
Case small data encryption

3) Explain the properties of cryptographic hash

functions ?

BLOCKCHAIN MODULE 1 2
 Cryptographic hash functions are essential tools in the field of cryptography.
They take an input (or 'message') and return a fixed-size string of bytes,
typically a hash value or digest, which appears random. Here are the key
properties that make cryptographic hash functions valuable for securing data:

1. Deterministic:

A given input will always produce the same hash output. This
consistency ensures that any change in the input will result in a different
hash, making it reliable for verification.

2. Fast Computation:

The hash function must be able to return the hash value quickly, making
it practical for use in real-time applications and systems.

3. Preimage Resistance:

It should be computationally infeasible to reverse-engineer the hash

value to find the original input. This property ensures that an attacker
cannot easily determine the original message from its hash.

4. Second Preimage Resistance:

Given an input and its hash, it should be computationally infeasible to

find a different input with the same hash value. This prevents attackers
from substituting a valid message with a fraudulent one that has the
same hash.

5. Collision Resistance:

It should be computationally infeasible to find two different inputs that

produce the same hash value. This property ensures that each hash
value uniquely represents its input, making collisions (where two
different inputs have the same hash) highly unlikely.

6. Avalanche Effect:

A small change in the input should produce a significantly different hash

value. This sensitivity to input changes enhances security by ensuring
that similar inputs do not result in similar hashes.

7. Fixed Output Size:

Regardless of the input size, the hash function outputs a hash of a fixed
size. This uniformity simplifies processing and storage of hash values.

BLOCKCHAIN MODULE 1 3
 8. Efficiency:

Hash functions should be efficient in terms of computation and

resource usage. They must process data quickly without excessive use
of memory or computational power.

4) Explain the avalanche effect of cryptographic

hash functions. ?

The avalanche effect refers to the phenomenon where a tiny alteration to the
input of a cryptographic hash function (such as changing a single bit) causes a
drastic and seemingly random change in the resulting hash output. This means
that even a minimal modification in the input leads to a hash value that looks
entirely different from the original.

Importance
1. Unpredictability:

The avalanche effect ensures that the output hash appears random and
uncorrelated to the input, making it difficult for attackers to predict

2. Security Enhancement:

By ensuring that similar inputs do not produce similar hash outputs, the
avalanche effect helps protect against various attacks

3. Data Integrity:

When verifying the integrity of data, the avalanche effect ensures that
any minor alteration in the input data (intentional or accidental) results
in a completely different hash. This makes it easy to detect changes in
the data

Example
Consider a simple example using a hypothetical hash function:

Input 1: "Hello, World!"

Hash Output 1: 3b0f1c89f2ab34d5e6f9bcd81024657a

BLOCKCHAIN MODULE 1 4
 Input 2: "Hello, world!"

Hash Output 2: aef9c3d29045b8c1e573ccf42d9b3145

In this example, the only difference between Input 1 and Input 2 is the
capitalization of the letter "W" in "World". Despite this minor change, the hash
outputs

Mathematical Illustration
Suppose we have a hash function H . For an input X and a slightly modified
input X' , the avalanche effect ensures that:
H(X) ≠ H(X’)

Applications
Encryption Protocols: The avalanche effect is used in encryption protocols
to ensure that similar plaintexts do not produce similar ciphertexts, which
helps in preventing attacks that exploit such patterns.

Digital Signatures: It ensures that any change to the signed document will
result in a completely different signature, thus invalidating the signature if
any tampering occurs.

Checksum and Hash Tables: Used to quickly detect data corruption or

alterations in files and communications.

5) Discuss the role of secure hash functions in

blockchain ?
Secure hash functions play a vital role in blockchain technology and have
several important applications:

1. Ensuring data integrity: Secure hash functions like SHA-256 are used to
create a unique digital fingerprint or hash value for each block of
transactions in the blockchain. This hash value is computed using the
transaction data and some other metadata like the previous block's hash.
Any change to the transaction data will result in a completely different hash
value, thereby ensuring data integrity.

2. Linking blocks: The hash of the previous block is stored in the current
block's header. This cryptographically links the blocks together in a chain.

BLOCKCHAIN MODULE 1 5
 Any attempt to tamper with a block's data will cause its hash to change,
breaking the chain.

3. Merkle trees: Merkle trees are constructed by hashing pairs of transaction

hashes together until there is a single hash value representing all
transactions in a block (Merkle root). This enables efficient verification of
whether a transaction is included in a block.

4. Mining/Proof-of-Work: Many blockchain consensus mechanisms like

Bitcoin's proof-of-work require miners to find a nonce value that results in a
block hash below a given target difficulty. Secure hash functions ensure
this process is resource-intensive while being easy to verify.

5. Wallet addresses: Many blockchain platforms like Bitcoin and Ethereum

generate wallet addresses by applying a secure hash function to the user's
public key.

6. Digital signatures: Digital signatures used to authorize transactions rely on

secure hash functions being applied to the transaction data before signing
with the user's private key.

6) Explain Distributed hash table ?

A Distributed Hash Table (DHT) is a decentralized data structure used to store
and retrieve data efficiently across a distributed network. It provides a scalable
and fault-tolerant means of distributing data among many nodes without relying
on a central authority. Here’s a detailed explanation:

Key Concepts
1. Key-Value Storage:

DHTs store data in the form of key-value pairs. The key is typically a
unique identifier, and the value is the data associated with that key.

2. Distributed Nodes:

The data is distributed across multiple nodes in the network. Each node
is responsible for storing a subset of the key-value pairs.

3. Hash Functions:

BLOCKCHAIN MODULE 1 6
 A hash function maps keys to specific nodes in the network. This
mapping ensures that each key-value pair is stored on the appropriate
node.

How DHTs Work

1. Joining the Network:

When a new node joins the network, it uses a hashing algorithm to

determine its place in the network and to identify which keys it should
manage.

The network structure adjusts to accommodate the new node,

redistributing keys as necessary.

2. Storing Data:

To store a key-value pair, the key is hashed to determine the

responsible node.

The node identified by the hash stores the key-value pair.

3. Retrieving Data:

To retrieve a value, the key is hashed, and the request is routed to the
node responsible for that key.

The node returns the associated value.

Properties of DHTs
1. Scalability:

DHTs can scale to accommodate a large number of nodes and handle

vast amounts of data. As nodes join or leave, the DHT adapts
dynamically, maintaining efficient data distribution and retrieval.

2. Fault Tolerance:

The decentralized nature of DHTs provides resilience against node

failures. If a node fails, its data can be replicated on other nodes,
ensuring that no data is lost.

3. Decentralization:

There is no single point of failure or control. This decentralization

enhances the robustness and security of the network.

BLOCKCHAIN MODULE 1 7
 4. Load Balancing:

The hashing mechanism ensures that data is evenly distributed across

the network, preventing any single node from becoming a bottleneck.

Common DHT Algorithms

1. Chord:

Chord uses consistent hashing to assign keys to nodes. It organizes

nodes in a circular topology, with each node responsible for a portion of
the key space. It provides efficient key lookup with a logarithmic time
complexity.

2. Kademlia:

Kademlia uses XOR-based distance metrics to route queries and store

data. It maintains a routing table with information about other nodes,
enabling efficient lookup and robustness.

3. Pastry:

Pastry assigns keys to nodes based on a prefix-based routing scheme.

It ensures that each node maintains a set of neighbors in the network,
facilitating efficient message routing and data retrieval.

4. Tapestry:

Tapestry uses a similar prefix-based routing mechanism as Pastry, with

additional features for fault tolerance and load balancing.

Applications of DHTs
1. Peer-to-Peer Networks:

DHTs are commonly used in peer-to-peer (P2P) networks like BitTorrent

for decentralized file sharing. They enable efficient lookup and retrieval
of files distributed across many nodes.

2. Distributed Storage Systems:

DHTs provide the backbone for distributed storage systems, allowing

data to be stored and accessed across multiple nodes in a scalable and
fault-tolerant manner.

3. Blockchain and Cryptocurrencies:

BLOCKCHAIN MODULE 1 8
 DHTs can be used in blockchain and cryptocurrency networks to
manage data distribution, such as storing blockchain ledgers and
ensuring efficient data retrieval.

7) Explain Merkle trees ?

A Merkle tree, also known as a hash tree, is a data structure used in computer
science and cryptography to efficiently and securely verify the integrity of data.
Named after Ralph Merkle, who patented the concept in 1979, Merkle trees are
fundamental to blockchain technology and other distributed systems. Here's a
detailed explanation:

Structure of Merkle Trees

1. Leaf Nodes:

The leaf nodes of a Merkle tree contain the hashes of individual data
blocks. These are the lowest level of the tree.

2. Non-Leaf Nodes:

Each non-leaf node is the hash of the concatenation of its two child
nodes. This process continues up the tree, combining pairs of nodes at
each level.

3. Root Node (Merkle Root):

The topmost node, called the Merkle root, represents the hash of all the
underlying data. It is derived from the combination of all leaf and
intermediate nodes.

Building a Merkle Tree

1. Hashing Data Blocks:

Each data block (e.g., a transaction in a blockchain) is hashed using a

cryptographic hash function (like SHA-256).

2. Pairwise Hashing:

These hashes are then paired, and each pair is concatenated and
hashed to form the parent nodes.

3. Recursive Hashing:

BLOCKCHAIN MODULE 1 9
 This process of pairwise concatenation and hashing is repeated until
only one hash remains, which is the Merkle root.

Properties of Merkle Trees

1. Data Integrity and Verification:

Merkle trees ensure the integrity of data blocks. Any change in a single
data block will result in a completely different hash at the leaf level,
which propagates up the tree, altering the Merkle root. This makes it
easy to verify whether data has been tampered with.

2. Efficient Verification:

Verifying the integrity of a single data block requires checking only a

small subset of the tree (a logarithmic number of hashes), not the entire
dataset. This efficiency is crucial for large datasets and distributed
systems.

3. Scalability:

Merkle trees are highly scalable and can handle large amounts of data
efficiently. They are used in systems where data integrity and efficient
verification are paramount.

Applications of Merkle Trees

1. Blockchain Technology:

Transaction Integrity: In blockchain, each block contains a Merkle root,

which is derived from the transactions in that block. This ensures the
integrity of transactions.

Efficient Verification: Light clients (simplified payment verification or

SPV nodes) can verify transactions without downloading the entire
blockchain by using Merkle proofs.

2. Distributed Systems:

File Systems: Merkle trees are used in distributed file systems to

ensure data integrity and enable efficient data synchronization and
retrieval.

Version Control Systems: Systems like Git use Merkle trees to manage
changes and ensure the integrity of file versions.

3. Digital Signatures:

BLOCKCHAIN MODULE 1 10
 Merkle trees can be used to efficiently sign multiple data blocks. A
single Merkle root can be signed instead of signing each individual
block, reducing computational overhead.

Merkle Proofs
Merkle proofs are used to verify that a specific data block is included in the
Merkle tree without having to reveal the entire dataset. A Merkle proof includes:

The hash of the target data block.

The hashes of the siblings along the path from the target data block to the
Merkle root.

The verifier can recompute the hashes from the target data block up to the
Merkle root and compare it with the known Merkle root to confirm the integrity
and inclusion of the data block.

Example
Consider a Merkle tree with four transactions (T1, T2, T3, T4):

1. Hash each transaction: H(T1), H(T2), H(T3), H(T4).

2. Pairwise hash: H(H(T1) + H(T2)), H(H(T3) + H(T4)).

3. Hash the results to form the Merkle root: H(H(H(T1) + H(T2)) + H(H(T3) +
H(T4))).

If a single transaction (e.g., T2) changes, H(T2) will change, altering H(H(T1) +
H(T2)) and ultimately the Merkle root, signaling data modification.

8) Explain the applications of hash functions in

Blockchain ?
Hash functions are integral to the functionality and security of blockchain
technology. They serve several critical roles, ensuring the integrity,
authenticity, and efficiency of blockchain operations. Here are the primary
applications of hash functions in blockchain:

1. Ensuring Data Integrity

Merkle Trees:

BLOCKCHAIN MODULE 1 11
 Merkle Trees: Hash functions are used to build Merkle trees, a structure
that allows efficient and secure verification of data integrity. Each leaf node
of the Merkle tree is a hash of a data block (e.g., a transaction), and non-
leaf nodes are hashes of their respective child nodes. The root of the tree,
known as the Merkle root, represents the entire dataset.

Verification: To verify the integrity of a single transaction, a node only

needs to verify a small number of hashes along the path to the Merkle root,
rather than checking the entire dataset.

2. Secure and Immutable Ledger

Hash Chaining:

Block Hashing: Each block in a blockchain contains a hash of the previous

block's header, creating a chain of blocks. This chaining ensures that
altering any block in the chain would require changing all subsequent
blocks, which is computationally impractical.

Immutability: This linkage of blocks through hash functions ensures that

once a block is added to the blockchain, it cannot be altered or tampered
with without detection.

3. Proof of Work (PoW)

Mining Process:

Puzzle Solving: In Proof of Work (PoW) systems, miners compete to solve a

cryptographic puzzle that involves finding a nonce (a random number) such
that when hashed with the block's data, the resulting hash meets certain
difficulty criteria (e.g., a specific number of leading zeros).

Security: This process requires significant computational power, ensuring

that adding new blocks to the blockchain is difficult and resource-intensive,
thereby preventing spam and ensuring the network's security.

4. Efficient Data Verification

Compact Proofs:

Merkle Proofs: Hash functions enable compact proofs of inclusion. A

Merkle proof allows a node to prove that a particular transaction is part of a
block without revealing the entire block. This is crucial for lightweight
clients that do not store the entire blockchain.

BLOCKCHAIN MODULE 1 12
 Efficiency: Merkle proofs are logarithmic in size, making them efficient and
practical for verifying large datasets.

5. Digital Signatures
Transaction Authentication:

Signing Transactions: Hash functions are used in conjunction with digital

signatures to ensure the authenticity and integrity of transactions. Each
transaction is hashed, and the hash is then signed with the sender's private
key. The signature can be verified by others using the sender's public key.

Security: This process ensures that transactions are authorized and have
not been tampered with, providing security and trust in the blockchain
network.

6. Address Generation
Wallet Addresses:

Public Key Hashing: Hash functions are used to create blockchain wallet
addresses. A user's public key is hashed to produce a shorter, fixed-length
address. This makes addresses easier to handle and more secure.

Anonymity and Security: By using hash functions, wallet addresses do not

directly reveal the public keys, adding a layer of security and privacy for
users.

7. Data Fingerprinting
Unique Identifiers:

Transaction IDs: Each transaction in a blockchain is assigned a unique

identifier (TXID) generated by hashing the transaction data. This ensures
that each transaction can be uniquely identified and referenced.

Block IDs: Similarly, each block is assigned a unique identifier by hashing

its header, which includes the hash of the previous block, the Merkle root of
the transactions, a timestamp, and other metadata.

9) Explain the different types of keys used in

cryptography ?

BLOCKCHAIN MODULE 1 13
 Cryptography involves the use of various types of keys to secure information.
The main types of cryptographic keys are:

1. Symmetric Keys
Symmetric key cryptography, also known as private key cryptography, uses the
same key for both encryption and decryption. This means that both the sender
and receiver must possess the same key and keep it secret.

Advanced Encryption Standard (AES): A widely used symmetric

encryption algorithm known for its speed and security. It operates on fixed
block sizes of 128 bits and uses key sizes of 128, 192, or 256 bits
【3†source】.
Data Encryption Standard (DES): An older symmetric-key method which
has largely been replaced by AES due to its shorter key length and
vulnerability to brute-force attacks.

RC2, IDEA, Blowfish: Other examples of symmetric key algorithms.

Block Ciphers and Stream Ciphers: Block ciphers encrypt data in fixed-
size blocks, whereas stream ciphers encrypt data as a continuous stream
of bits or bytes.

2. Asymmetric Keys
Asymmetric key cryptography, also known as public key cryptography, uses a
pair of keys: a public key for encryption and a private key for decryption. The
public key can be distributed openly, while the private key must remain
confidential.

RSA: One of the most widely used asymmetric algorithms, based on the
mathematical difficulty of factoring the product of two large prime numbers
【 3†source .】
Elliptic Curve Cryptography (ECC): Provides similar security to RSA but
with smaller key sizes, making it more efficient. ECC is used in many
modern applications, including digital signatures and secure
【
communications 3†source . 】
Digital Signature Algorithm (DSA): Another widely used asymmetric
algorithm specifically designed for digital signatures.

ElGamal: Based on the Diffie-Hellman key exchange, used for both

encryption and digital signatures.

BLOCKCHAIN MODULE 1 14
 3. Hybrid Systems
These systems combine symmetric and asymmetric cryptography to leverage
the strengths of both. Typically, asymmetric cryptography is used to exchange
a symmetric key, which is then used to encrypt the actual data.

4. Key Types Based on Usage and Lifetime

Ephemeral Keys: Temporary keys used only for a single session. They
enhance security by limiting the amount of data encrypted with the same
key.

Static Keys: Long-term keys that are used over multiple sessions.

Master Keys: Used to generate and encrypt other keys, providing a

hierarchical approach to key management.

5. Cryptographic Hash Functions

While not keys in the traditional sense, cryptographic hash functions like SHA-
256 are essential in various cryptographic applications, including digital
signatures and data integrity verification 【3†source】.
6. Digital Signatures
Digital signatures use asymmetric keys to provide non-repudiation, ensuring
that a message or document is genuinely from the stated sender and has not
been altered. RSA and ECC are commonly used for digital signatures.

10) Explain the working of AES algorithm ?

Advanced Encryption Standard (AES) Algorithm
The AES algorithm is a widely used symmetric encryption standard designed to
secure data through a robust and efficient process. Here's a detailed
explanation of how it works, based on the provided document:

Overview
Inventors: Cryptographers Joan Daemen and Vincent Rijmen.

Security: No effective attack has been found against AES that is better than
brute-force methods.

BLOCKCHAIN MODULE 1 15
 Block Size: AES processes data in fixed-size blocks of 128 bits (16 bytes).

Key Sizes: Supports key lengths of 128, 192, or 256 bits.

Encryption Process
The AES algorithm transforms the plaintext data into ciphertext through multiple
rounds of processing. The number of rounds depends on the key size:

128-bit key: 10 rounds

192-bit key: 12 rounds

256-bit key: 14 rounds

Each round consists of four main operations applied to a 4x4 byte matrix called
the "state."

1. AddRoundKey

Description: Each byte of the state matrix is XORed with a subkey

(Round Key) derived from the original key.

Purpose: Introduces the key material into the state, providing security.

2. SubBytes

Description: Each byte in the state matrix is replaced with a byte from a
fixed substitution table called the S-box.

Purpose: Provides non-linearity to the encryption process.

3. ShiftRows

Description: The rows of the state matrix are shifted left by different
offsets. The first row is not shifted, the second row is shifted by one
byte, the third row by two bytes, and the fourth row by three bytes.

Purpose: Provides diffusion, spreading the plaintext over the rows.

4. MixColumns

Description: The columns of the state matrix are mixed by multiplying

each column by a fixed polynomial in the Galois Field (2^8).

Purpose: Provides further diffusion by mixing the bytes within each

column.

Final Round

BLOCKCHAIN MODULE 1 16
 In the last round of AES, the MixColumns step is omitted, and only
AddRoundKey, SubBytes, and ShiftRows are performed.

11) Explain RSA algorithm ?

RSA Algorithm
The RSA algorithm is a foundational public key cryptographic technique that
ensures secure data transmission. Here's a detailed explanation of how it works
based on the provided document:

Key Generation Process

The crux of RSA involves the generation of key pairs, which includes a public
key for encryption and a private key for decryption.

1. Modulus Generation:

Select two large prime numbers, \( p \) and \( q \).

Compute the modulus \( n \) by multiplying these primes: \( n = p \cdot

q \).

2. Generate the Co-prime:

Choose an integer \( e \) such that \( 1 < e < (p-1)(q-1) \) and \( e \) is

co-prime with \((p-1)(q-1)\). This means \( e \) and \((p-1)(q-1)\) have no
common divisors other than 1.

3. Public Key:

The public key consists of the modulus \( n \) and the exponent \( e \).
Thus, the public key is \((n, e)\). This key can be shared openly.

4. Private Key:

The private key \( d \) is computed such that \( d \) is the modular

multiplicative inverse of \( e \) modulo \((p-1)(q-1)\). In other words, \( d
\cdot e \equiv 1 \ (\text{mod} \ (p-1)(q-1)) \).

Encryption and Decryption

Once the key pairs are generated, RSA can be used for secure data encryption
and decryption.

1. Encryption:

BLOCKCHAIN MODULE 1 17
 A message \( M \) (represented as an integer) is encrypted using the
recipient's public key \( (n, e) \).

The ciphertext \( C \) is calculated as: \( C = M^e \ (\text{mod} \ n) \).

2. Decryption:

The recipient can decrypt the ciphertext \( C \) using their private key \(
d \).

The decrypted message \( M \) is obtained as: \( M = C^d \ (\text{mod} \

n) \).

This method ensures that even if the ciphertext is intercepted, it cannot be

decrypted without the private key, maintaining the confidentiality of the
message.

Example
Public Key: \( (n, e) \)

Private Key: \( d \)

For encryption:

M → C using C = M e (mod n)

For decryption:

C → M using M = C d (mod n)

This encapsulates the fundamental workings of the RSA algorithm, ensuring
secure communication through public key cryptography .

12) List out the properties of digital signatures ?

Properties of Digital Signatures
1. Authenticity:

Digital signatures are verifiable by the receiving party, ensuring that the
signature is valid and that the message indeed comes from the claimed
sender.

2. Unforgeability:

Only the sender of the message can generate the digital signature using
their private key. This property ensures that no one else can forge the

BLOCKCHAIN MODULE 1 18
 signature, providing protection against forgery. This is also referred to
as non-repudiation, meaning the sender cannot deny having signed the
message.

3. Non-reusability:

The digital signature cannot be detached from the original message and
reused with another message. The signature is uniquely bound to the
corresponding message, preventing it from being copied and reused in
a different context.

13) Explain digital signatures. Explain the uses of

digital signatures ?

Digital signatures are a method of associating a message with a specific entity

that originated the message. They are used to ensure data origin authentication
and non-repudiation, meaning that the origin of the data is verified and the
sender cannot deny having sent the message. Here is a step-by-step outline of
how digital signatures work:

1. Hashing the Data:

The original data or message is first processed through a hash function

to generate a fixed-length hash value (digest) that uniquely represents
the data. This ensures data integrity, as any alteration in the data will
result in a different hash value.

2. Signing the Hash:

The hash value is then encrypted with the sender's private key to create
the digital signature. Since the private key is known only to the sender,
this step ensures the authenticity of the signature.

3. Sending the Message:

The original message along with the digital signature is sent to the
recipient.

4. Verification:

The recipient decrypts the digital signature using the sender's public
key to obtain the original hash value.

BLOCKCHAIN MODULE 1 19
 The recipient also hashes the received message using the same hash
function.

If the hash value obtained from the decrypted signature matches the
hash value of the received message, the signature is verified,
confirming the authenticity and integrity of the message.

Uses:
Digital signatures have a wide range of applications, including but not limited to:

1. Email Security:

Digital signatures are used to ensure that email content has not been
altered and to verify the sender’s identity.

2. Software Distribution:

Software developers use digital signatures to verify that software

packages have not been tampered with.

3. Blockchain Transactions:

In blockchain technology, digital signatures are used to sign

transactions. This proves ownership and ensures that the transactions
are from the legitimate owner of the digital assets, such as
cryptocurrencies.

4. Document Signing:

Digital signatures are widely used in signing legal documents and

contracts to ensure their validity and authenticity.

5. Authentication:

Digital signatures are used in various authentication mechanisms, such

as in SSL/TLS certificates to establish secure connections over the
internet.

6. Integrity Verification:

Digital signatures help in verifying the integrity of messages or data

transferred across networks, ensuring that they have not been altered
during transit.

14) Explain RSA digital signature algorithm ?

BLOCKCHAIN MODULE 1 20
 The RSA digital signature algorithm is a widely used cryptographic technique
that ensures the authenticity and integrity of a message. It operates using
public and private key pairs and involves the following steps:

Steps in RSA Digital Signature Algorithm

1. Hash the Data:

Purpose: Calculate the hash value of the data packet to ensure data
integrity. The hash value acts as a fixed-size representation of the
original data.

Process: Use a cryptographic hash function (e.g., SHA-256) to

generate a hash value from the data. This hash is unique to the data,
meaning any change in the data will produce a different hash value.

Reason: While technically possible to sign the data directly, it is

inefficient and less secure due to the large size of data. Hashing
produces a fixed-size output that is faster to sign and verify.

2. Sign the Hash:

Purpose: Ensure the authenticity of the message by using the signer's

private key.

Process: Encrypt the hash value using the signer's private key. This
encrypted hash is the digital signature.

Reason: Only the signer has access to their private key, so only they
can generate a valid signature. The recipient can later verify this
signature using the signer's public key.

Methods of Combining Digital Signatures with Encryption

When a sender wants to send an authenticated and confidential message, they
can use one of the following methods:

1. Sign then Encrypt:

Process:

First, create a digital signature by signing the hash of the data with
the sender's private key.

Append this signature to the original data.

BLOCKCHAIN MODULE 1 21
 Encrypt the combined data and signature using the receiver's public
key.

Security: This method ensures both authenticity and confidentiality.

The receiver can decrypt the message with their private key, verify the
signature, and be confident that the message has not been altered and
is from the sender.

2. Encrypt then Sign:

Process:

First, encrypt the data using the receiver's public key.

Create a digital signature by signing the encrypted data with the

sender's private key.

Security: This method is less common because it can be less secure. If

the encrypted data is signed, an attacker with access to the sender's
private key can replace the encrypted data and still provide a valid
signature.

Verification Process
To verify an RSA digital signature, the recipient performs the following steps:

1. Decrypt the Message (if encryption was used):

Use their private key to decrypt the message and the signature (if the
"sign then encrypt" method was used).

2. Extract and Hash the Data:

Extract the data and the signature.

Compute the hash of the received data using the same hash function
used by the sender.

3. Verify the Signature:

Decrypt the digital signature using the sender's public key to obtain the
original hash.

Compare the decrypted hash with the hash computed from the received
data. If they match, the signature is valid, confirming the authenticity
and integrity of the message.

BLOCKCHAIN MODULE 1 22
 15) Explain the different services provided by
cryptography ?
Services Provided by Cryptography
Cryptography offers a range of services to ensure secure communication and
data integrity. Here are the primary services provided by cryptography, as
extracted from the provided PDF:

1. Confidentiality:

Ensures that information is only accessible to those authorized to

access it. This is typically achieved through encryption, which converts
readable data into an unreadable format that can only be deciphered by
those with the correct decryption key.

2. Data Integrity:

Ensures that information remains unaltered during storage or

transmission. Techniques such as hashing are used to verify that data
has not been tampered with.

3. Authentication:

Verifies the identity of the parties involved in communication.

Authentication mechanisms ensure that the entities (users, systems,
etc.) are who they claim to be. Digital certificates and public key
infrastructure (PKI) are commonly used for this purpose.

4. Non-repudiation:

Prevents entities from denying their actions. Digital signatures are used
to provide proof of the origin and integrity of data, ensuring that the
sender cannot deny having sent the information.

5. Access Control:

Restricts access to information and resources to authorized users.

Cryptographic methods help enforce policies that determine who can
access specific data and what actions they can perform.

16) Explain the design of SHA-256 and its

compression function using a diagram ?

BLOCKCHAIN MODULE 1 23
 Design of SHA-256 and Its Compression Function
SHA-256 is a cryptographic hash function that produces a 256-bit digest from
an input message of arbitrary length. The algorithm works in several steps to
ensure the security and integrity of the hash output. Here's an explanation of
the design of SHA-256 and its compression function:

Design of SHA-256
1. Pre-processing:

Padding: The message is padded to ensure its length is a multiple of

512 bits. Padding involves appending a single '1' bit, followed by enough
'0' bits, and finally appending the length of the original message as a
64-bit integer.

Parsing: The padded message is divided into 512-bit blocks.

Buffer Initialization: Eight 32-bit words are initialized. These words are
the fractional parts of the square roots of the first eight prime numbers.

2. Hash Computation:

Processing Blocks: Each 512-bit block is processed in 64 rounds.

Message Schedule: A message schedule is prepared from the input

block.

Initialization of Working Variables: Eight working variables are

initialized with the current hash value.

Compression Function: The core of SHA-256 is the compression

function, which is iterated 64 times for each block.

Intermediate Hash Value: After processing all blocks, the final hash
value is obtained by concatenating the intermediate hash values.

Compression Function
The compression function of SHA-256 involves several steps, including logical
functions and modular additions. Here’s a simplified overview:

1. Registers and Working Variables:

Eight working variables (a, b, c, d, e, f, g, h) are used.

2. Functions and Constants:

BLOCKCHAIN MODULE 1 24
 Logical Functions: The Ch (choose) function and Maj (majority)
function are used.

Round Constants: A sequence of 64 constants ( K ) is used, derived

from the fractional parts of the cube roots of the first 64 prime
numbers.

3. Processing Steps:

For each of the 64 rounds, the working variables are updated using the
following operations:

Compute T1 and T2 using the working variables, round constants,

and parts of the message schedule.

Update the working variables by shifting and rotating their values.

17) Explain how hash functions are used to build

Merkle trees in blockchain ?
Overview of Merkle Trees
A Merkle tree, also known as a hash tree, is a binary tree where every leaf node
is a hash of a block of data, and every non-leaf node is a hash of its child
nodes. This structure helps to efficiently and securely verify the integrity of
large datasets.

How Merkle Trees are Built Using Hash Functions

BLOCKCHAIN MODULE 1 25
 1. Data Hashing: Initially, each piece of data (e.g., transactions in a
blockchain) is hashed. These hashes become the leaf nodes of the Merkle
tree.

2. Pairwise Hashing: The leaf nodes are paired, and each pair is hashed
together to form the parent nodes. This process continues iteratively until a
single hash, known as the Merkle root, is produced at the top of the tree.

3. Merkle Root: The Merkle root represents the entire dataset's integrity. Any
change in the dataset would alter the corresponding leaf hash, which in
turn would alter all parent hashes up to the Merkle root.

Example Diagram of a Merkle Tree

Merkle Root
/ \\
Hash_AB Hash_CD
/ \\ / \\
Hash_A Hash_B Hash_C Hash_D
/ \\ / \\ / \\ / \\
Data1 Data2 Data3 Data4 Data5 Data6 Data7 Data8

In the above tree:

Data1, Data2, ... are the original data blocks.

Hash_A = Hash(Data1 + Data2) , Hash_B = Hash(Data3 + Data4) , and so on.

Hash_AB = Hash(Hash_A + Hash_B) , Hash_CD = Hash(Hash_C + Hash_D) , leading up to the

Merkle Root .

Explain Elliptic curve cryptography

Elliptic Curve Cryptography (ECC) is a type of asymmetric cryptography that
provides high levels of security with relatively smaller key sizes compared to
other systems like RSA. ECC is based on the mathematics of elliptic curves,
which are algebraic structures defined over finite fields.

Key Concepts of ECC:

1. Elliptic Curves:

BLOCKCHAIN MODULE 1 26
 An elliptic curve is defined by the equation y2 = x3 + ax + b over a
finite field, where a and bare constants that determine the shape of the
curve. For ECC to be used in cryptography, the curve must be non-
singular, meaning it has no cusps or self-intersections.

2. Points on the Curve:

The points on the elliptic curve form a group, which is a set equipped
with an operation (point addition) that satisfies certain axioms
(associativity, existence of an identity element, and existence of
inverses). These points and their properties are central to ECC.

1. Key Generation:

ECC uses pairs of keys: a public key and a private key. The private key
is a randomly selected number, while the public key is a point on the
elliptic curve obtained by multiplying the base point (a predefined point
on the curve) by the private key.

2. Encryption and Decryption:

Encryption: To encrypt a message, a sender uses the recipient's public

key and combines it with the message using elliptic curve point
addition.

Decryption: The recipient then uses their private key to reverse the
process and retrieve the original message.

3. Digital Signatures:

ECC is also used for creating digital signatures. The process involves
generating a signature using the private key and verifying it with the
public key, ensuring the integrity and authenticity of the message.

Advantages of ECC:
Security with Smaller Key Sizes: ECC offers comparable security to RSA
but with much smaller key sizes. For example, a 256-bit key in ECC
provides equivalent security to a 3072-bit key in RSA.

Efficiency: Smaller key sizes mean faster computations, which is beneficial

for devices with limited computational power, such as mobile devices and
smart cards.

BLOCKCHAIN MODULE 1 27
 Scalability: Due to its efficiency, ECC is well-suited for applications
requiring high performance and low power consumption.

Applications of ECC:
Cryptocurrencies: ECC is used in cryptocurrencies like Bitcoin and
Ethereum for secure transactions.

Secure Communications: ECC is employed in various secure

communication protocols, including TLS/SSL for web security.

Digital Signatures and Certificates: ECC is widely used in digital signature

algorithms and public key infrastructures (PKIs) for securing
communications and verifying identities.

Explain how data are stored and retrieved by using

DHT ?

Distributed Hash Table (DHT) Overview

Definition:

A Distributed Hash Table (DHT) is a distributed system providing a

lookup service similar to a hash table.

Unlike a traditional hash table, where data is stored in a single table, a

DHT distributes data across multiple nodes in a network.

Key Concepts
Node Responsibility:

Each node in the DHT network is responsible for storing and managing
a portion of the data.

Data Storage:

Client generates a key for the data using a hash function.

Key determines which node is responsible for storing the data.

Data and its key are forwarded to the appropriate node for storage.

Data Retrieval:

BLOCKCHAIN MODULE 1 28
 Client uses the key associated with the data to send a request to the
network.

Request is routed to the node responsible for the key.

Node retrieves the data and sends it back to the client.

Applications of DHTs
Peer-to-Peer (P2P) Networks:

Used in networks where nodes share resources directly, such as

BitTorrent.

Distributed Databases:

Employed in databases that span multiple locations to manage data

distribution and retrieval efficiently.

Distributed File Systems:

Utilized in systems like the InterPlanetary File System (IPFS) to locate

and manage file storage across a network of nodes.

Benefits of DHTs
Scalability:

Efficiently scales as the number of nodes increases; new nodes take on

a portion of the data, balancing the load.

Fault Tolerance:

Data is replicated across multiple nodes, enhancing reliability and fault

tolerance.

Decentralization:

Avoids central points of failure by distributing data and management

across many nodes, making the system robust and resilient to attacks.

BLOCKCHAIN MODULE 1 29
BLOCKCHAIN MODULE 1 30