One of the core technologies that the BTC system needs to rely on during the operation includes cryptography technology. The cryptography functions used in the BTC system include hash algorithms and digital signatures .
1. Hash algorithm
The function of hash (Hash) is to transform an input of any length into a fixed-length output through a hash algorithm.
In BTC, the hash function (SHA-256) is mainly used to hash the source data information to generate a fixed-length output, which is used as the basis for checking whether the information has been tampered with. The hash algorithm used in BTC should have three properties, namely collision resistance, hiding and puzzle friendly.
Nature 1: Collision Resistance
The nature of Collision Resistance emphasizes that in the process of practice, there is no (not yet discovered) efficient way to artificially create a hash collision, that is, for a given xxx , cannot be calculated artificially within the effective time such thatH ( x ) = H ( y ) H(x)=H(y)H(x)=H ( y ) holdsyyy (the brute force method is not advisable in practice, because the workload is huge). The function of this property is mainly used to detect whether the information content has been tampered with, such as the existence of original datammm , if the original data is tampered withm ′ m'm′,则H ( m ) ≠ H ( m ′ ) H(m) \ne H(m')H(m)=H(m’ )to ensure the validity of the data.
Hash Collision (Hash Collision) means that if there is data x, yx,yx,y,且x ≠ yx \ne yx=y,满足 H ( x ) = H ( y ) H(x) = H(y) H(x)=H ( y ) , it is said that there is a hash collision, where,HHH represents a hash function. Generally speaking, since the input space of the hash is much larger than the output space (the input length is variable and the output length is fixed), all hash collisions are objective and inevitable.
Nature 2: Hiding
The Hiding property emphasizes that the calculation process of the hash function is one-way irreversible, but the premise of the property is that the input space is large and the value distribution is uniform, otherwise it will be cracked by brute force. In the actual application process, if the input space is not large enough, you can choose to concatenate a random number none to ensure that the input space is large enough and the distribution is random. The role of this property is that it can be combined with property one to realize the digital promise.
Digital Commitment refers to a two-phase interactive protocol involving a committer and a receiver. The first phase is the commitment level phase, the commitment party chooses a message mmm ,sent to the receiver in the form ofciphertextmmm (property two); the second stage is the opening stage, where the promise party discloses the informationmmm , the receiver uses this to verify whether it is consistent with the message received in the commitment phase (nature one).
Nature Three: Puzzle Friendly
The Puzzle Friendly property emphasizes that the calculation of the hash value cannot be predicted in advance, that is, if you want to get an input that makes the hash value fall within a certain range, you can only keep trying different inputs, and there is no shortcut. This property is mainly used in the Mining process of BTC. For example, for a 256-bit hash value, if the calculated hash value is required to be kkThe k bits are all zero, and the other bits can take any value, so the optional space of the input cannot be narrowed down in advance only by constantly trying different inputs.
Mining refers to the process of finding a random number nonce, combining the nonce with other information in the block header and obtaining the corresponding hash value so that the hash value is less than or equal to a given target threshold, that is, H ( blockheader ) ≤ target H(block \quad header) \leq targetH(blockheader)≤t a r g e t . There is no shortcut in the Mining process, only by constantly trying nonce to find a satisfactory solution.
2. Digital signature
Before understanding the concept of digital signature, you need to 对称加密have 非对称加密a certain understanding of these two concepts:
(1) Symmetric encryption
In a symmetric encryption system, when two entities need to communicate, it is easy to be eavesdropped by other people when they are directly transmitted in plain text in the network. Encrypt it, and then send it to the receiver, and the receiver uses the key to decrypt the ciphertext after receiving it. Since the encryption and decryption process uses the same key, the process is called symmetric encryption, but only if there is some secure way to distribute the key to the communicating parties (a weakness of symmetric encryption).
(2) Asymmetric encryption
In an asymmetric encryption system, each entity has a pair of public and private keys. When two entities need to communicate, the sender uses the receiver’s public key (public) to encrypt and then sends it to the receiver. After the receiver receives the ciphertext Use your own private key (secret) to decrypt. It should be noted that both the encryption and decryption processes use the receiver's public key and private key, which can solve the problem of inconvenient key distribution in the symmetric encryption system.
BTC is a decentralized system. Before a transaction occurs, an account needs to be created for the transaction. In BTC, the process of creating an account is to create a public-private key pair. The public key is equivalent to the account ID (can be made public), and the private key It is equivalent to the account password (need to be kept secret). When someone transfers money to you, you need to know your public key. When you transfer money to others, you need to use your private key. The main function of the public-private key pair in this process is to use digital signature. For example, the sender A transfers a transaction to the receiver B and announces it to the public. Others need to verify whether the transaction is really initiated by the sender A himself. This requires the sender A to use his own private key to pair the transaction before sending the transaction. The transaction is signed, and B's public key is used as the receiver. When others receive the transaction, they use the sender A's public key to verify the transaction to ensure that the transaction is initiated by A himself.