Sunday, January 13, 2019

Building Blocks of a Blockchain - Part 2

I strongly suggest that you read the first part before reading this part as I can assure you that the old man still has a long story to tell.

Blockchain involves a lot of technical terms which we are going to learn about in the second part. Thinking of running away, don’t, as we are going to understand each and every term and the complete functioning of blockchain through real-life analogies. So grab yourself something to eat and start reading…

What the old man suggested in the story was an example of DISTRIBUTED LEDGER TECHNOLOGY (DLT)? A distributed ledger is a type of database that is shared, replicated, and synchronized among the members of a DECENTRALIZED network. The distributed ledger records the transactions, such as the exchange of assets or data, among the participants in the network.

Taking cues from the story, the book of promises which the brothers maintained is the ledger book. A ledger book is a record of transactions which is maintained to ensure that no one forgets his promises. It’s similar to what a bank maintains to records the transactions. Since this ledger book was maintained by everyone, replicated whenever a change happened and synchronized to reflect the changes it would be a distributed ledger. 

Before we move further, I want you to be clear with one aspect. The blockchain is a type of DLT. This means when you hear the word blockchain, the following statement must come into your mind- A distributed database that is available with everyone (for simplicity).  DLT is like a common terminology and blockchain is like an example of it. It’s similar to Lion being an Animal. The blockchain is the Lion and DLT is animal.

I know you are getting restless. Think of it like a Sherlock Holmes mystery. You need to understand all the pieces before you start appreciating the bigger picture.

We all transact with banks. Have you ever wondered that if there is a problem with the current system of banking? If your answer is No, then you really are quite gullible. Let’s taken an example. Suppose you want to send me 100$, what would you do? You will ask my account details and transfer the same. Even though this was a transaction between the two of us, inevitably, a third party always gets involved. The BANK. Going back to the story, the bank is like the LEDGERWOMAN. The bank maintains the records of the transactions which you and I make. We TRUST this authority to keep the records clean and this authority takes a cut to maintain these transactions. In a way, it CONTROLS the records. If hacked, it can lose all records. If fraudulent, it can fudge these records. 

There are a few more terms which we need to understand before we can appreciate the real definition and working of a blockchain. 

If you have tried torrent (that allows you to download free pirated stuff), then you can easily understand peer to peer networking. Think of it as you helping a fellow colleague instead of going to the boss. When you download a movie from Netflix, that movie gets downloaded from a central server which Netflix owns and maintains. However, when you download something from a torrent, it is not a central authority that does that. Multiple people download it and start sharing it amongst themselves. EVERYONE has a copy of it or in a way, CONTROL, of it. In the old man’s story too, EVERYONE had CONTROL over the ledger. [ We can fight over the technicalities of this example, some other time]

Monday, January 7, 2019

Understanding Blockchain – Part 1

In the first part, instead of bombarding you with technical jargons, I will tell you a story. This story will form the basis of understanding the technical jargons which will get introduced in Part 2 of this series.

There once lived an old man who had 10 sons. They all lived together. The old man was a clever man. He made each son choose a different profession so that they all could help out each other. One farmed while the other one hunted, the third one made pottery while the fourth one became a milkman. Hence, all decisions were taken by him. The family lived in this manner for quite some time. However, all the produce was brought to the old man for distribution among the brothers. You can say the old man was a central authority.

The old man thought that since he has to die one day, he must think of a solution that the brothers can apply to distribute the various items they produced. He knew that the centralized authority which he has commanded over the years will not remain after he dies. 

The old man thought that he will ask each son to make a PROMISE to one another. Why so? Because different items took a different time to produce. While the milkman was ready with milk every day for the family, the farmer took around 3 months to bring back his share of produce. He called all his sons for a meeting and gave them this solution. All the brothers agreed. The milkman made a promise to supply milk to all the brother’s families in exchange for pottery and rice. The farmer made a promise to supply the grains to everyone and so on. 

The brothers were fine with this idea as they TRUSTED each other. This trust factor was important as it was basis this trust that they all agreed to exchange goods with each other and keep their promises. The old man thus transformed the decision making from a centralized system to a decentralized system.

Initially, the system worked, but over time, there were more and more promises being made. It became really hard to track all of these “promises”. Soon brothers were disputing over promises forgotten or never made. This brought the family’s survival to a question. So all the sons got together to find a solution to this problem.

They all decided to appoint someone to track these promises.
Let’s call her as the LedgerWoman. 
She called in all the sons and got to work to write down the promises which they made to each other on a daily basis. Over time, the family size increased and the ledgerwoman had more and more work to do since the number of promises increased. One day, the ledgerwoman stopped all work and went on a protest that she must be paid a share of the trade as she worked so hard. Reluctantly, the families agreed. The families were now equivalent to a big village. Hence, in every transaction (promise) which was logged in the ledger, a cut was taken by the ledgerwoman.

Over time, this ledgerwoman became extremely wealthy and powerful as she controlled the book of promises. As time passed, she started taking bribes and increased her cut of shares. She also started fudging the book of promises.

The families were now back to square one. They kicked the Ledgerwoman out and decided to do something about it. Appointing another person for this job was not the solution, hence, a new innovative idea had to be thought through. Transactions had to be recorded, but the issue was asking one person to maintain this book of promises. So, the families got together to come to a conclusion that all would maintain the ledger details.

This forms the basis of the block chain, where every individual will own the records of transactions and in case of any change, all the ledgers with all the families will get updated. For making these changes, the families would have to meet at regular intervals for a Verification Check. This check would ensure that all ledgers are updated with the most recent promises. Everyone will come to a CONSENSUS that the ledgers match and in this manner, EVERYONE will have complete CONTROL and KNOWLEDGE of the transactions taking place.

A young man pointed out that what would happen if an entry in one of the ledgers did not match such as :

Ledger 1: Jason promised to give 20Kg of rice to Ethan hunt in exchange for 4 chicken.

Ledger 2: Jason promised to give 10Kg of rice to Ethan hunt in exchange for 5 chicken.

An old man suggested that we follow the 51% rule in this case. If 51% or a majority of the ledgers say that “Jason promised to give 20Kg of rice to Ethan hunt in exchange for 4 chicken” we accept that as the truth and nothing else. He also suggested marking a special symbol after a page of the ledger got completed. The symbol on the next page would be a derivative of this new symbol. In this manner, even if a person wanted to change a page in the ledger, he would not be able to do so as he would have to change the symbol too which was impossible.

In this manner, no one will have to trust each other and still the distributed ledger where the 51% rule applies will be the source of trust for everyone. TRUSTLESS system is what the old man called it.
This story will form the principle of understanding the basics of Blockchain which will be covered in Part 2.

I leave you with the following questions:

1. What when the families and village grows to thousands of members? Will this solution still work?

2. What if someone gets hold of all the ledgers and make changes in all of them?

3. What mechanism would be used if every village had their own separate way of ledger keeping?

Feel free to share your thoughts in the comment(s) section below…

This is Part 1 of the 5-part series on the blockchain. In this series, we will learn about what is exactly blockchain and the need for it. We will then focus on understanding the working of a blockchain followed by its applications in the real world. We will then move on to Blockchain 2.0 – Smart contracts. In the final part, we will focus on Blockchain 3.0 & 4.0.

Saturday, January 5, 2019

Digital Signature

We learned about the basics of cryptography in the first post. We then learned about the types of cryptography – symmetric and asymmetric (private and public key cryptography). Then we mixed both of them to get the hybrid aspect. As if this was not enough, intelligent minds mixed hashing into cryptography to produce digital signatures.

It’s time to learn about this new potion – Digital Signature. Before we delve into detail, we must understand what is hashing. Hashing is a method to ensure that the integrity of the message has not been compromised with. A one-way hash function is used for creating a hash that takes a variable-length string (a message) and produces a fixed-length value called a hash value. This hash value will only change if a change has occurred in the message. If there is no change, then the hash value will not change if you apply the one-way hash function 1 time or a 1000 times. Let’s take an example to understand this. 

Message: This blog really helps me to understand information security concepts in a simple manner. 

There are various hashing algorithms which can be used to create a hash value of this message. For simplicity purposes, let’s consider the hash value after the hash function is: D34mCd768218g367.

What to do with value now? This value will help you identify if the message sent across has changed or not. How? If the message will change, the hash value will also change. This is just one piece of the puzzle of the digital signature. 

This diagram will help us to understand the complete picture.

Our old friends – Alice and Bob want to share information as usual. This time, however, an important requirement is that the message must not be modified. Alice, therefore, decides to use the digital signature to give confirmation to Bob that the message which he will get to read has not been modified.

These steps will help you understand the complete process.

1. Alice has a data file with her. This is the secret script of Captain Marvel. 

2. She applies a hash function on this data file to create a hash value. This hash value will act as proof that no changes have been made in the script.

3. This hash value is then encrypted to keep it safe. Alice uses her own private key for this encryption.

4. This complete package is the digital signature.

5. An important point to note here is that the data file is not encrypted here. The hash value is encrypted here.

6. This digital signature is then appended to the data file and sent across.

7. Bob receives this message and he opens the data file.

8. He is elated to see the Marvel script, however, he is unsure that whether the message has been tampered with or not.

9. To do that, he checks the public key of Alice and uses that to decrypt the hash value.

10. In addition to that, Bob calculates the hash value of the message himself.

11. Both these values are then compared by Bob to come to a conclusion whether the message’s integrity has been tampered with or not.

The hashing function ensures the integrity of the message, and the signing of the hash value provides authentication and non-repudiation. The act of signing just means the value was encrypted with a private key.

It would be extremely unfair if I leave you without questions to tax your brain. Do not forget to leave answers to them in the comment(s) section below.

1. What would be the best key for the digital signature – Private or Public?
2. If the hash value is different, does it mean that the digital signature is corrupted?
3. Do digital signatures provide non-repudiation?