Introduction

In order to allow secure digital communication between any two parties in the presence of an adversarial third party, there’s a need for methods that will allow the sender of a message to transform the information into an illegible format such that only the authorized receiver is able to read it by using a known key. Cryptography is the science that deals with the construction of protocols that prevent adversaries or the public from reading private messages.

The aim is to offer information security such as data confidentiality, data integrity, authentication, and non-repudiation as introduced in this lesson. Modern cryptography protocols are based on so-called cryptographic primitives, which are standardized, well-established, and low-level algorithms, for which no efficient breaking is known, even if the complete design and the implementation of the algorithms are known to the opponents.

Kerckhoff’s principle

Kerckoff’s principle states the following:

  A cryptographic system should be secure even if everything about the system is public knowledge, except the secret key. Therefore, a cryptographic system should be secure even if an adversary knows the encryption and decryption algorithms and their implementations (Niels Ferguson and Bruce Schneier, 2003Niels Ferguson and Bruce Schneier. Practical cryptography. New York, NY, 2003. Wiley. and Christoph Paar and Jan Pelzl, 2009Christoph Paar and Jan Pelzl. Understanding Cryptography: A Textbook for Students and Practitioners. Springer Berlin Heidelberg, 2009.).

An important consequence of this principle is that the security of a cryptographic system is entirely based on secret keys. From this point of view, cryptography deals with complexity theory to guarantee that any protocol cannot be broken quickly and in the best case any attack is not much more efficient than an exhaustive key search or brute-force attack, where the attacker tries all the possibilities of the key as long as the protocol is not broken.

As a consequence, any cryptographic system can be attacked successfully by investing enough resources in order to find the key, so there’s the question of how much work must be done in order to break a system. A natural way to quantify the effort for an attack is its comparison to an exhaustive key search or brute-force attack (Niels Ferguson and Bruce Schneier, 2003Niels Ferguson and Bruce Schneier. Practical cryptography. New York, NY, 2003. Wiley.).

Security level

According to Lenstra, “A protocol of a symmetric cryptosystem with an $n$-bit key is said to have a security leve of $n$ bit if the system does not allow an attack that is faster than exhaustive key search, i.e., the best-known attack requires $2^{n}$ steps” (Arjen K. Lenstra, 2004Arjen K. Lenstra. Key lengths: Contribution to the handbook of information security. https://infoscience.epfl.ch/record/164539/files/NPDF-32.pdf, 2004. Accessed: 201810-19. and Christoph Paar and Jan Pelzl, 2009Christoph Paar and Jan Pelzl. Understanding Cryptography: A Textbook for Students and Practitioners. Springer Berlin Heidelberg, 2009.).

Since any blockchain-based system highly depends on cryptographic primitives, such as hash functions, Merkle trees, or digital signatures, we describe the basic cryptographic mechanisms that are involved in building secure blockchains.

Chapter structure