A particular strength of blockchain technology is its security. Much of that security is based on cryptography, a discipline that combines math, computer science, physics, and engineering concepts to protect data.
While it’s not necessary to have in-depth knowledge of how cryptography works, it is helpful to understand three of the fundamental concepts that are used to secure blockchain transactions and cryptocurrency:
(1) hash functions and values;
(2) public/private key pairs; and
(3) digital signatures.
These three concepts are an integral part of how blockchain technology works and how cryptocurrency wallets integrate with the blockchain.
Hash Functions and Values
Everything stored or processed in a computer is digital, meaning it’s ultimately a sequence of 1s and 0s, called bits. A movie on a DVD, for example, might have 40 billion bits. You can input the 40 billion 1s and 0s into a formula called a hash function and it will instantly compute a 64-character result that is unique to that input. It’s like a “digital fingerprint” of the movie. Each time you run the same 40 billion bits into the hash function in the same order, it will always give the same result. Whether your digital data has 1,000 bits or 100,0000 bits, you always get a 64-character result that uniquely identifies the data.
The hash functions used with blockchain technology are one-way functions, meaning that they only work in one direction. If you have digital information, it’s fast and easy to compute the hash value. But if you have a hash value, it’s virtually impossible to recreate the digital information it represents. For example, suppose you compute the hash value of the MP3 file of your favorite song:
Now imagine that someone gives you this hash value and asks you to provide an exact copy of the 10 million bits in the original MP3 file. Technically speaking, it’s not an impossible task. But it would take a supercomputer millions of years to come up with the right answer. To most people, that’s the same as impossible.
One other trait of the hash functions used in blockchain technology is called the avalanche effect. This means that a very tiny change to the input data will produce a dramatic change to the resulting hash value. This makes it easy to identify if someone has tampered with the data in a block.
The hash value of a block makes it immutable and also functions as the block’s unique identifier. Blocks are linked together to form the blockchain by their unique identifiers. This further strengthens the security of the blockchain because changing the data for a block breaks the entire chain and it essentially becomes too expensive to cheat. The distributed nature of the blockchain makes it impossible to cheat unless more than 50 percent of the miners agree to the same cheat at the same time.
“Proof of work” in the Bitcoin blockchain also uses hash values to create its cryptographic puzzles. Bitcoin miners are given the next block that will be added to the chain and the hash value for that block. However, the hash value provided doesn’t match the contents of the block. The puzzle is for miners to determine what number they need to add to the block contents to generate a hash value less than or equal to the value provided. The solution is called a number used once, or nonce. Solving the puzzle is largely an exercise in trial and error, since the avalanche effect provides no hint as to how the hash value changes as the input changes.
A special kind of hash function is reversible, but only if you know the secret password. Without the password, it’s impossible to reverse-engineer the hash value. It works using two 64-character hash values that have a special mathematical relationship. One is called the private key and the other is the public key. When you apply the private key to a hash created with the public key, the private key reverses the public key to reveal the underlying message. Without the private key, it’s like any other hash value — impossible to decode. A nice feature of public and private keys is that you can create as many public keys as you want that can all be reversed by the same private key.
Public/private keys are typically used to secure a cryptographic wallet, with the private key as the wallet’s password. Since many public keys can be created for the same private key, the address used for each new transaction is typically based on a new public key created for that transaction. Public/private key pairs are also the reason why you can publicly post the destination address of a cryptocurrency transaction without worrying that the coins will be stolen by a bad actor.
Digitally signing a document or a transaction on the blockchain is normally implemented using a combination of hash values and public/private key pairs. Your digital signature is a public/private key pair. When you sign a document or transaction, the system computes the hash value of the contents of the document plus the public key you’re your signature. You are the only person who can decode the result with the private key. If someone changes the contents of the document after you sign it, the hash value won’t match.
It’s not critical to know how hash functions work or how public/private key pairs are created, and that level of detail requires an advanced mathematics background. What’s important to understand are the capabilities these three concepts provide, and how they can be used in blockchain technology and cryptographic wallets to strengthen security.