An important component of the blockchain technology is the use of cryptographic hash functions for many operations, such as hashing the content of a block.
Blockchain systems can seem complex; however, they can be easily understood by examining each component technology individually. At a high level, blockchains employ well-known computer science mechanisms (linked lists, distributed networking) as well as cryptographic primitives (hashing, digital signatures, public/private keys) mixed with financial concepts (such as ledgers).
An important component of the blockchain technology is the use of cryptographic hash functions for many operations, such as hashing the content of a block. Hashing is a method of calculating a relatively unique fixed-size output (called a message digest, or just digest) for an input of nearly any size (e.g., a file, some text, or an image). Even the smallest change of input (e.g., a single bit) will result in a completely different output digest.
Hash algorithms are designed to be one-way (known as being preimage resistant): it is computationally infeasible to find any input that maps to any pre-specified output. If a particular output is desired, many inputs must be tried by passing them through the hash function until an input is found that produces the desired result. Hash algorithms are also designed to be collision resistant (known a second preimage resistant): it is computationally infeasible to find two or more inputs that produce the same output.
A transaction is a recording of a transfer of assets (digital currency, units of inventory, etc.) between parties. An analog to this would be a record in a checking account for each time money was deposited or withdrawn. Each block in a blockchain contains multiple transactions. A single transaction typically requires at least the following information fields, but can contain more:
Amount – The total amount of the digital asset to transfer.
Inputs – A list of the digital assets to be transferred (their total value equals the amount).
Note that each digital asset is uniquely identified and may have different values from other assets. However, assets cannot be added or removed from existing digital assets. Instead, digital assets can be split into multiple new digital assets (each with lesser value) or combined to form fewer new digital assets (each with a correspondingly greater value).
Outputs – The accounts that will be the recipients of the digital assets. Each output specifies the value to be transferred to the new owner(s), the idbody of the new owner(s), and a set of conditions the new owners must meet to receive that value. If the digital assets provided are more than required, the extra funds are returned to the sender (this is a mechanism to “make change”).
Transaction ID/Hash – A unique identifier for each transaction. Some blockchains use an ID, and others take a hash of the specific transaction as a unique identifier.
A fundamental technology employed by blockchain technologies is asymmetric-key cryptography (also referred to as public/private key cryptography). Asymmetric-key cryptography uses a pair of keys: a public key and a private key that are mathematically related to each other. The public key may be made public without reducing the security of the process, but the private key must remain secret if the data is to retain its cryptographic protection. Even though there is a relationship between the two keys, the private key cannot efficiently be determined based on knowledge of the public key.
Asymmetric key cryptography uses the different keys of the key pair for specific functions, dependent on which service is to be provided. For example, when digitally signing data, the cryptographic algorithm employs the private key to sign. The signature can then be verified using the corresponding public key.
Asymmetric-Key Cryptography Utilisation in Blockchain Systems:
Private keys are used to digitally sign transactions.
Public keys are used to derive addresses, allowing for a one-to-many approach for pseudonymity (one public key pair can yield multiple addresses; in some cases, multiple public key pairs are employd to create multiple addresses).
Public keys are used to verify signatures generated with private keys.
Asymmetric-key cryptography provides the ability to verify that the user transferring value to another user is in possession of the private key capable of signing the value.
Addresses and Address Derivation
A user’s address is a short, alphanumeric string derived from the user’s public key using a hash function, along with some additional data (used to detect errors). Addresses are used to send and receive digital assets. Most blockchain systems make use of addresses as the “to” and “from” endpoints in a transaction. Addresses are shorter than the public keys and are not secret. To generate an address, it typically means taking a public key, hashing it, and converting the hash to text:
public key > hash function > address
Users can generate as many private/public key pairs, and therefore addresses as desired, allowing for a varying degree of pseudo-anonymity. Addresses act as the public-facing “idbody” on a blockchain for a user, and oftentimes an address will be converted into a QR code for easier use.
When a blockchain distributes digital assets, it does so by assigning them to an address. To spend that digital asset, a user must prove possession of the address’s corresponding private key. By digitally signing a transaction with the private key, the transaction can be verified with the public key.
Private Key Storage
Most users of a blockchain system do not record their private keys manually, rather, software commonly called a wallet securely stores them. The wallet can store private keys, public keys, and associated addresses. The wallet software can also calculate the total number of assets a user may have.
A private key is usually generated using a secure random function, meaning that reconstructing it is difficult, if not impossible. If a user loses a private key, then any asset associated with that key is lost. If a private key is stolen, the attacker will have full access to all assets controlled by that private key. The security of private keys is so important that many users use special secure hardware to store it.
Private key storage is an greatly important aspect of blockchain technology. When it is reported in the news that “Bitcoin was stolen from…”, it almost certainly means the private keys were found and used to sign a transaction sending the money to a new account, not that the system was compromised. Note that because blockchain data cannot generally be changed, once a criminal steals a private key and publicly moves the associated funds to another account, it cannot be undone.
A ledger is a collection of transactions. Throughout history, pen and paper ledgers have been used to keep track of the exchange of goods and services. More recently, ledgers have been stored digitally, often in large databases owned and operated solely by centralized “trusted” third parties on behalf of a community of users (i.e., the third party is the owner of the ledger).
Centralized ledgers may have shortcomings, such as:
They may be lost or destroyed; a user must trust that the owner is properly backing up the system.
The transactions may not be valid; a user must trust that the owner is validating each received transaction.
The transaction list may not be complete; a user must trust that the owner is including all valid transactions that have been received.
The transaction data may have been altered; a user must trust that the owner is not altering past transactions.
Of course, it is in the best interest of any centralized ledger to backup data, validate transactions, include all valid transactions, and not to alter history.
A ledger implemented using a blockchain can mitigate these issues through the use of a distributed consensus mechanism. One aspect of this is that the blockchain ledger will be copied and distributed amongst every node within the system.
Users may submit candidate transactions to the ledger by sending these transactions to some of the nodes participating in the blockchain. Submitted transactions are propagated to the other nodes in the network (but this by itself does not include the transaction in the blockchain). The distributed transactions then wait in a queue, or transaction pool, until they are added to the blockchain by a mining node.
Mining nodes are the subset of nodes that maintain the blockchain by publishing new blocks. Transaction are added to the blockchain when a mining node publishes a block. A block contains a set of validated transactions. ‘Validity’ is ensured by checking that the providers of funds in each transaction (listed in the transaction’s ‘input’ values) have each cryptographically signed the transaction. This verifies that the providers of funds for a transaction had access to the private key which could sign over the available funds. The other mining nodes will check the validity of all transactions in a published block and will not accept a block if it contains any invalid transactions.
After creation, each block is hashed thereby creating a digest that represents the block. The change of even a single bit in the block would completely change the hash value. The block’s hash digest is used to help protect the block from change since all nodes will have a copy of the block’s hash and can then check to make sure that the block has not been changed.
The actual construction of a block is slightly more complicated. The data fields comprising a block typically consist of the following:
The block number, also known as block height
The current block hash value
The previous block hash value
The Merkle tree root hash (defined below)
The size of the block
The nonce value, which is a number manipulated by the mining node to solve the hash puzzle that gives them the right to publish the block
A list of transactions included within the block
Rather than storing the hash of every transaction within the header of a block, a data structure known as a Merkle tree is employd. A Merkle tree combines the hash values of data together until there is a singular root (a Merkle tree root hash). The root is an efficient mechanism used to summarize the transactions in a block and verify the presence of a transaction within a block.
Blocks are chained together through each block containing the hash of the previous block’s header, thus forming the blockchain. If a previously published block were changed, it would have a different hash. This in turn would cause all subsequent blocks to also have different hashes since they include the hash of the previous block. This makes it possible to easily detect and reject any changes to previously published blocks.
Source: National Institute of Standards and Technology, U.S. Department of Commerce (Jan 2018)
New Media Aid has been the app development partner for Kelly Turkeys since 2006 and has developed a number of mission-critical bespoke apps for us and we highly recommend them for bespoke application development.
Asa Howard, Finance Director
Kelly Turkeys - Danbury, Essex
New Media Aid has been our development partner for both our website and virtual learning environment since 2004. The quality of service has been consistently exceptional in every way. I would be very happy to recommend them for any development and as a highly reliable long term partner as well as for short term projects.
John Rubinstein, Principal
Woodhouse College - Finchley, London
New Media Aid has developed a number of advanced, bespoke apps for BAE Systems and we are happy to recommend them for bespoke app development.
Rob Morris, Vice President Marketing & Analysis, Asset Management
BAE Systems - Hatfield, Hertfordshire
These apps developed by App Developer for Android mark a new turn towards technology for an industry that’s been slow to adapt until now. With no suitable ‘off the shelf’ solution available below costly, enterprise level software, we were involved in the development process from the start, getting the right solution that suited our operations and our customers.
Ben Guy, Managing Director
App Developer for Android quickly understood what we needed and were able to develop exactly what was required with minimal input from ourselves. As this was the first Android app we had developed we were pleased that it was done on time and within the quoted price. We would gladly work with them again and recommend them.
Mark Austin, Managing Director
Having recently moved to Android PDAs for our mobile workforce, we identified a need for a Bespoke App and a Web-based Management System to control it. App Developer for Android demonstrated a real understanding for our needs and a "can do" attitude that we found extremely helpful.
Their solution was provided on time and within budget and has exceeded our expectations. We will be happy to work with them again when we have further requirements.
Trevor Wright, IT Manager
New Media Aid has successfully developed a number of bespoke applications for us over the last few years - we have always been pleased with the results and with the ongoing support and assistance we receive.
Anne Barlow, Marketing Manager
British Chiropractic Association - Reading, Berkshire
New Media Aid undoubtedly fulfils the requirements we have for our company’s corporate website. Not only did they provide us with all the features we needed from the get-go, they also promptly come up with solutions when we have new requests.
JD Venter, Deputy Editor
Dry Cargo International - Colchester, Essex
New Media Aid developed a bespoke website and content management system for us that makes it easy to run our business. The app has been designed in such a way that we’re able to have it updated when our needs as a company develop. Our trade customers love the fact that they can login and view historical orders as well as viewing new products and ordering online themselves. I would definitely recommend New Media Aid for bespoke app development.
Shona Easton, Managing Director
Easton Design Studio - Cranleigh, Surrey
We are thrilled and very excited by our new mobile-friendly website from New Media Aid which is seamlessly integrated with a bespoke candidate and vacancy management system. They have been extremely responsive and patient and have talked us through the whole process. They are always available for queries and trouble-shooting not only on this project but also with other web apps they have developed for us. We couldn’t recommend them more highly.
New Media Aid develops business-critical bespoke applications for Gateway College and we are happy to recommend them for bespoke application development.
Paul Taylor, Network And Corporate Data Manager
Gateway College - Leicester
We are delighted with the flexible and efficient service we received from New Media Aid. Highly professional and personable which works well for us as a small business. We wanted to update our old website and not being IT specialists it was good to talk through issues and get helpful advice on new design ideas and practical solutions. Working together on the design and implementation of our new site has resulted in a user-friendly eCommerce website on PCs, phones and tablets – and we instantly saw a huge increase in business once the new site went live. No hesitation in recommending their services.
Gordon Little, Managing Director
GE Little Radiator Covers - Basildon, Essex
New Media Aid developed Gigacom Tems a bespoke and fully integrated project management system. New Media Aid fully support all our IT requirements and must be congratulated on the valued and excellent support that we continue to receive from the New Media Aid team. I have no doubt that without the high level of innovative support that we receive we would not be able to efficiently deliver the services that we provide for our customers.
Phil Taylor, Operational Management Team
Gigacom Telecommunication Engineers Management Services - Alton, Hampshire
The certificate scanning system developed by New Media Aid is working really well for us and is more efficient than our previous way of processing certificates. It really is brilliant and must have saved us a fortune in paper!
Rachel Bothamley, Senior Examinations Officer
New Media Aid has supported the development of a complex store and back office system that significantly helps improve the accuracy of our processes whilst improving the efficiency and service to our clients. Couldn't be happier with a supplier (who we genuinely consider as a partner).
Stephen Mason, Managing Director
Mason Information Technologies - Nottingham
New Media Aid has an excellent understanding of our business and therefore can offer a high level, intuitive service. They have programmed and maintained our websites and CMS for nearly 10 years and are responsive and very easy to work with, we highly recommend talking to them about your digital projects.
Donald Campbell, Marketing Manager
Team London Bridge - Southwark, London
Excellent service, clear pricing and Alastair is so easy to deal with. Would definitely recommend. We're very pleased with our new App!
Mary Stealey, Operations Manager
Just Filters - Harlow, Essex
Alastair was great at understanding our needs and building a new android app and web-facing management interface that met all our requirements. The solution was delivered within impressive timescales and at a competitive price. He kept us up to date throughout the project, was happy to be involved in conference calls to discuss setup and deployment, and was always incredibly responsive to our questions and requests for further enhancements. It was a pleasure working with Alastair and we look forward to the opportunity of working with him again in the future.
Stephen Connolly, Technical Team Manager
Parker Hannifin - Hemel Hempstead, Hertfordshire