Cryptography Essentials

The word “crypto” is taking fintech industry by storm in recent couple of years with the emerging distributed ledger technology ( DLT ), blockchain. Decentralized Finance (DEFI) protocols and trustless ecosystems are acquiring many areas in the businesses. Trustless means, there is no need of a trust to create an engagement. Like we have to trust the bank to protect our money deposits in daily life. In DEFI we do not need to trust any centralized institute or organization to be part of it. Technology take care of the trust.

Today I’m going to simplify some of the key components used to build this technology as one of the most powerful concepts in past decade. After reading this article hopefully you can understand, underline cryptographical processes happening while using blockchain wallets, sending transactions etc.

This article consisting of simple javascript code snippets written with NodeJS crypto modules.

Install the packages below, before practice samples:

npm install crypto — save

npm install bcrypt — save

Data Encryption

Encrypting the data is nothing new. Encrypting means, hiding the data in a form that is not able to read without knowing the secret used in encryption process. In software engineering, the concept of encryption is using in many different use cases. Most of the popular database systems support record level encryption for the data they persist. Some cloud data providers support data encryption protection at their data centers as well.

Very common use case is “https” or secure data transfer over an internet.
Clients who browse the web over https need to retrieve the public key from the particular website certificate to start secure encrypted data communication.

Encryption algorithms are in 2 major forms. Symmetric and Asymmetric.

Symmetric Encryption

In symmetric encryption methodology, same key is used for both encryption and decryption.

AES is popular symmetric algorithm. Ethereum blockchain network “keystore” file is created using symmetric encryption. Symmetric encryption is relatively faster compared to asymmetric encryption and therefore its popular in use cases rely on performance.

You need to import NodeJS “crypto” module to execute below code. A parameter “key” is the secret code used in encryption.

encryptaes128(txt,key){

let mykey = crypto.createCipher(‘aes-128-cbc’, key);

let mystr = mykey.update(txt, ‘utf8’, ‘hex’)

mystr += mykey.final(‘hex’);

return mystr;

}

decryptaes128(encryptedtxt,key){

let mykey = crypto.createDecipher(‘aes-128-cbc’, key);

let mystr = mykey.update(encryptedtxt, ‘hex’, ‘utf8’)

mystr += mykey.final(‘utf8’);

return mystr;

}

Asymmetric Encryption

Presented by key pair. Private and public key. If you encrypt the data with either of the keys then only the other key can decrypt it.

RSA and elliptic curve (EC) algorithms are popular asymmetric algorithms. EC is used in blockchain platforms such as bitcoin and ethereum to sign transactions. I am using RSA in below code that supported by nodejs crypto module.

Step 1: Generate key pair

keygen (){

const { privateKey, publicKey } = crypto.generateKeyPairSync(‘rsa’, {

modulusLength: 1024,

publicKeyEncoding: {

type: ‘spki’,

format: ‘pem’

},

privateKeyEncoding: {

type: ‘pkcs8’,

format: ‘pem’

}

});

let out={};

out.publicKey=publicKey;

out.privateKey=privateKey;

return out;

}

Step2: Encrypt with private key

encryptStringWithRsaPrivateKey(toEncrypt, privateKey) {

let first_result = crypto.privateEncrypt({

key: privateKey

}, new Buffer.from(toEncrypt));

return first_result.toString(“base64”);

}

Step3: Decrypt with public key

decryptStringWithRsaPublicKey(toDecrypt, publicKey) {

let first_result = crypto.publicDecrypt({

key: publicKey

}, Buffer.from(toDecrypt, ‘base64’) );

return first_result.toString(“base64”);

}

Signing Vs Encryption

Both signing and encryption are identical concepts. Some people often initially confuse with signing and asymmetric encryption. So thought of sharing a briefing about the difference.

If you need to “sign” a data, then you have to sign it with “private key”. Because it is private to you. Only you can sign it with that key and create signature value. So the signed signature can be verified by public key by other parties.

In blockchain technology, wallet owners sign each transaction with their private keys.

But in the encryption process, we can encrypt the data with both public key or private key and so the related key can decrypt it. Usually we can see data are encrypted with the public key and decrypt with private key. Https secure communication is a good practical example.

Data Hashing

Hashing the data is a good way to ensure the integrity. Hashing a user password is a good example. After you create a hash of some data, then that is not able to revert back to the original form. Non-Revertible.

In software systems, hashing a user password in to non-revertible string helps to hide clear text password as well as allowing software system to check integrity and verify it without storing the clear text.

MD5, sha1, HMAC are popular hashing algorithms.

I am using “bcrypt” npm package to hash the data in the code snippet below.

const saltRounds = 10;

let salt = await bcrypt.genSalt(saltRounds);

let hash= await bcrypt.hash(txt, salt);

Data Encoding — base64

Encoding is a process of converting a data in such a way that is optimal for transfer. We are seeing that in many use cases like transfering images, files, sounds or complex text formats. Decode is reverting it back to original form.

So encoding and decoding ensures that the data is not changing during the transmitting process. Encoding a data buffer to send it over an api is common example.

Base64 encode and decode are very popular in software engineering.

How do we relate these concepts with blockchain technology?

A Blockchain is a decentralized ledger, managed by a consensus mechanism, in a peer-to-peer network of non-trusting parties. Therefore no trust is required like in centralized cloud storage platforms, to persist the data in the blockchain platform.

Some of the encryption and hashing concepts are used to ensure the safer, secure and highly integrated chain of data that is almost imposible to break.

Encryption helps to securely verify the identity of the blockchain transactions while hashing helps to ensure data integrity within blocks.

In my next article ill simplify how exactly blockchain technology is constructed.

Hope this helps!

A Software Architect based in Singapore.