Cryptography is a practice/mechanism to establish secure communication in the presence of third parties called advisories, Cryptography is moreover constructing and analyzing tools and protocols that prevent third parties or the public from reading private message. There is a various aspect of Information technology such as data confidentiality, data integrity, authentication, are central to modern cryptography. Cryptography mainly applies to high-end mathematics, computer science, electrical engineering, communication science, physics.Modern cryptographic technology heavily based on mathematical theory part and computer science practice.
Application cryptographic include electronic commerce, military device, Sim-Card, chip-based payments system, digital currency, computer password be the world’s most widely used security token in the world. OTA deployed via SMS, the cards even extendable through java applets, while this extendibility used very rare, its existence already pose to critical security risk.
SIM CARD – sim card is the factor trust of the consumers worldwide using its services. The mobile companies keep user data secure using the mode of encryption, with the associated devices and with phone number, and increasing payments credentials, for example : Over seven billion cards which is inactive use SIM may be well as the DES Chiper which use PGPA clusters, though PGPA is one of the famous methods of cryptography, these DES ciphers can be cracked within several weeks using FPGA clusters, but soon can be recovered through leveraging rainbow tables, similar to those that made GSM’s A5/1 cipher breakable by anyone. To derive a DES OTA key attackers start by sending binary SMS over the target, the SIM card doesn’t execute the improperly signed OTA command but does in many cases responses to the attacker with an error code carrying a cryptographic signature once again sent over binary SMS. A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer.
Authentication: So to decide whether SIM accessing network or not, to activate a random number is generated by the operator and is sent over a mobile device. Together with a secret encrypted key Ki, this random runs through A3 Algorithm output is calculated and sent back to the operator where the output is compared with the execution where the operator has sent for verification
Encryption: This is the part that is cracked. In short, the operator generates a random sequence number and send it to the mobile phone together with the secret key Ki this random number runs through the A8 algorithm and generates a session key called KC, Basically, the KC algorithm is used to with A5 algorithm to encrypt and decrypt data is transmitting.
Encryption is an interesting piece of technology that works by scrambling of data so it is unreadable – unidentified by the middle or third parties.
RAND + Ki -> [A8] –Kc -> [A5]-> Data encrypted
Since encryption is the most important nature of IOT, & while encrypting any data such as :
- Loan agreement.
- Financial document
- Research documents
- Insurance documents
- Medical records
- Insurance and health papers
Above all data are widely used by cryptographers cautiously while encrypting any of these, these fields are also important as these data are widely used and researched by blockchain companies to store and securely decentralize using a cryptographic method known as hashing.
Hashing relation of blockchain & Cyber-security :
In “Bitcoin blockchain” mining is the essential part to run a series of SHA-256 hashing algorithms, In the cryptocurrency world, today hashing algorithms are widely used to write new valid transactions, giving time-stamps and add them into the previous block. Whenever a new block is added in blockchain transaction it is impossible to reverse any transaction because of the enormous amount of computing power which is required to anyone who is attempting to tamper the BTC block-chain, also it is because of the one-way nature of hashing algorithm used in. Hashing is, therefore, an essential term to maintain the cryptographic integrity of the blockchain.
When any Organization discovers that the user’s platform passwords have been compromised it only means that the hackers have acquired the hashes which represent the password. Hackers then use hashes of common words using a rainbow table to decipher some of the passwords that users may have saved. The cyber-security world now uses a term called Salting, Salting include a random data before encrypting one-way hash function then storing that ‘Salt value’ with the hash algorithm, this method made extreme-hard for hackers to use pre-computational method to crack passwords for hashed data they have acquired.
Merkle trees are a fundamental part of any blockchain technology which allows an efficient & secure verification methodology in a large body of data, while on another hand while doing encryption this method is very useful to verify each and every byte of data. This methodology is used by both famous blockchain BTC (Bitcoin Core) and ETH (Ethereum Blockchain). Merkle method is created repeatedly hashing pair of nodes until there is the last node left and no further hashing pair of a node is created. These are constructed by bottom-up, from hashes of individual unique transaction known as ‘Transaction ID’. Each node contains a unique transaction ID that is used to track, whereas each non-leaf node contains a hash of its previous hash. Merkle is into binary form which requires an even number of nodes, but if the number of transactions is odd then the last hash will become duplicate and will be removed to get added in the next block of transaction.
Merkle tree root summarizes all data in a single node in the related transaction and then it is transferred to store in node header which maintains the integrity of data but if even a single detail of any transaction even changes so does the same with the Merkle tree root. Merkle tree root also allows testing the specific node of that particular transaction.
[TRANSACTION]->[Hash5 Hash6]->Hash56 ->[Hash56 Hash78]-> Hash5678 ----->
Merkle tree differs from the hash list when one branch of Merkle tree is downloaded at the same time integrity branch is verified even if the remaining branches are not available. This process is an advantage because that particular data re divided into several bits small pieces of data and can be further downloaded even by chance in some cases the original fine is damaged. Using a Merkle tree has the capability to reduce the amount of unverified data which was rejected by miners because of the duplicate transactions also replace the validation of data from other data. Merkle tree available on distributed systems.
Merkle tree has three different benefits :
-Provide a mean of integrity and validation of data.
-Require very little memory or disk space for the computation
-Validation proof requires only a tiny amount of data to be transmitted across the network.
There are basically 3 different Merkle Tree roots used in Ethereum Block-chain in each and single block of transaction :
-The first root of transaction is in the block.
-The second root represents the block
-The third root is for transcription of scripts.
At most basic fundamental of Blockchain is a simplified distributed ledger that tracks different unique transactions among different parties, the only thing which makes it amazing is the fundamental’s of the technology which occurs on each and every unique verified single transaction’s.
-All parties agree that the unique transaction will occur.
-All parties agree on the point of identities of individuals participating in the transactions.
-All parties agree on the time of each and every unique transaction.
-The details of transactions are easy to review open to all and not under any subject to dispute.
Evidence of each and every unique transaction (Sent & receive) are unchangeable over time.
This combination of the system results in by design, timestamps, and records in a secure and permanent manner, which is easily auditable in the future. In addition because of its distributed nature, it is silent during its downtime. The interest in blockchain makes interest high of any finance medical educational institutions and companies because of its nature to put the data very silently to make it more secure and the way of encryption.
Shared: Traditional database is stored in a single server which also acts as a single point of failure also when the server is overloaded then the user can’t make it into any type of query which leads to failure of the server. Whereas this issue has been sorted out in Blockchain since it is on distributed ledger where single proof of data is stored in multiple copies over the network of different participants, So whenever there is the need of cloned data it can be retrieved with the random word used during encryption of that particular data. As a result, the system servers are more silent to disrupt.
Authentication: Every transaction over the blockchain is associated with an encrypted identifier that enables its transparent trails and the authorization based on data-based permissions.
Auditable: Since over Blockchain each and every single transaction are open to users and every transactions are made in a way that it will be saved over time to time and can’t be altered which provides a highly transparent system.
Tamper-Proof: The cryptographic blockchain technology makes the system free from tampering, No single participant can attack/tamper the data in any form and the advanced form of this technology ensure that once logged then the data can’t be changed.
Blockchain technology uses cryptography and is built to verify every single unique transaction, process payments, and provides security for individual participants to maintain trust within the system. Blockchain normally relays on two cryptographic systems “digital signatures” & “hash function”. Which enables the encrypted information of the transaction’s /payment process instruction between two parties to authenticate the unique transaction’s every second. The combination of these two cryptographic tools with the technological advancement that allows any blockchain to serve as a re-owned model for revolutionizing the financial systems. The capability of sending payments over the blockchain is associated with digital signatures and which are therefore linked up with public and private keys. Each public key contains one unique private key and that private key is associated with one random data to validate the transaction, without the match of unique public and private key the transaction can’t be validated and thus counted in double-spending. Any payment including any unique transactions and a particular public key associated with a sending address needs to be verified with the proper private key validation. This identity verification process is used in all blockchain. Blockchain use hash functions in order to quickly verify the unique transactions among all various ledger within the system. Cryptographic hash functions generate a small fingerprint that allows each unique data to enter into the function allowing quick comparison of large and small data-sets. with the combination of distributed ledgers and cryptography, blockchain allows for the creation of a permanent immutable audit trail, of transactions through the use of decentralized nodes. The transaction of overstock blockchain is recorded in an electronic database that is maintained by ATS. This ledger reflects the definitive ownership record with respect to the distributed ledgers.