UNIT-I

GETTING STARTED WITH BLOCKCHAIN

Blockchain is a buzzword in today's technology and this technology is described as the most disruptive
technology of the decade. Thus, Blockchain is used for the secure transference of items like money, contracts,
property rights, stocks, and even networks without any requirement of Third Party Intermediaries like
Governments, banks, etc. Once the data is stored in the Blockchain it becomes very difficult to manipulate the
stored data. A Blockchain is a Network Protocol like SMTP. However, Blockchain cannot be run without the
Internet. BlockChain is useful in many areas like Banking, Finance, Healthcare, Insurance, etc.

A blockchain is an open, distributed ledger that can record transactions between two parties efficiently and in
a verifiable and permanent way without the need for a central authority.

Key Characteristics:

• Open: Anyone can access blockchain.

• Distributed or Decentralised: Not under the control of any single authority.

• Efficient: Fast and Scalable.

• Verifiable: Everyone can check the validity of information because each node maintains a copy of the

transactions.

• Permanent: Once a transaction is done, it is persistent and can't be altered.

Blockchain can be defined as the Chain of Blocks that contain some specific Information. Thus, a
Blockchain is a ledger i.e file that constantly grows and keeps the record of all transactions
permanently. This process takes place in a secure, chronological (Chronological means every
transaction happens after the previous one) and immutable way. Each time when a block is completed
in storing information, a new block is generated.
Distributed Systems:

Understanding distributed systems is essential to our understanding blockchain, as blockchain was a distributed
system at its core. It is a distributed ledger that can be centralized or decentralized. A blockchain is originally
intended to be and is usually used as a decentralized platform. It can be thought of as a system that has properties
of the both decentralized and distributed paradigms. It is a decentralized-distributed system.

Distributed systems are a computing paradigm whereby two or more nodes work with each other in a
coordinated fashion to achieve a common outcome. It is modeled in such a way that end users see it as a single
logical platform. For example, Google's search engine is based on a large distributed system; however, to a user,
it looks like a single, coherent platform.

A node can be defined as an individual player in a distributed system. All nodes are capable of sending and
receiving messages to and from each other. There is no Central Server or System which keeps the data of
Blockchain. The data is distributed over Millions of Computers around the world which are connected with the
Blockchain. This system allows Notarization of Data as it is present on every Node and is publicly
verifiable.A node can be defined as an individual player in a distributed system. All nodes are capable of
sending and receiving messages to and from each other.

Nodes can be honest, faulty, or malicious and have their own memory and processor. A node that can exhibit
arbitrary behavior is also known as a Byzantine node. This arbitrary behavior can be intentionally malicious,
which is detrimental to the operation of the network. Generally, any unexpected behavior of a node on the
network can be categorized as Byzantine. This term arbitrarily encompasses any behavior that is unexpected or
malicious.

The main challenge in distributed system design is coordination between nodes and fault tolerance. Even if some
of the nodes become faulty or network links break, the distributed system should tolerate this and should
continue to work flawlessly in order to achieve the desired result. This has been an area of active research for
many years and several algorithms and mechanisms has been proposed to overcome these issues.
A network of nodes: A node is a computer connected to the Blockchain Network. Node gets connected with
Blockchain using the client. Client helps in validating and propagates transaction on to the Blockchain. When
a computer connects to the Blockchain, a copy of the Blockchain data gets downloaded into the system and the
node comes in sync with the latest block of data on Blockchain. The Node connected to the Blockchain which
helps in the execution of a Transaction in return for an incentive is called Miners.
Disadvantages of current transaction system:
• Cash can only be used in low amount transaction locally.
• Huge waiting time in the processing of transactions.
• Need to third party for verification and execution of Transaction make the process complex.
• If the Central Server like Banks is compromised, whole System is affected including the participants.
• Organization doing validation charge high process thus making the process expensive.

Building trust with Blockchain:

Blockchain enhances trust across a business network. It's not that you can't trust those who you conduct
business with its that you don't need to when operating on a Blockchain network.
Blockchain builts trust through the following five attributes:

• Distributed: The distributed ledger is shared and updated with every incoming transaction among the
nodes connected to the Blockchain. All this is done in real-time as there is no central server controlling the
data.
• Secure: There is no unauthorized access to Blockchain made possible through Permissions and
Cryptography.
• Transparent: Because every node or participant in Blockchain has a copy of the Blockchain data, they
have access to all transaction data. They themselves can verify the identities without the need for
mediators.
• Consensus-based: All relevant network participants must agree that a transaction is valid. This is
achieved through the use of consensus algorithms.
• Flexible: Smart Contracts which are executed based on certain conditions can be written into the
platform. Blockchain Network can evolve in pace with business processes.

History of Blockchain:

• In 1991, researcher scientists named Stuart Haber and W. Scott Stometta introduce Blockchain Technology.
These scientists wanted some Computational practical Solution for time-stamping the digital documents so
that they couldn't be tempered or misdated. So both scientists together developed a system with the help of
Cryptography. In this System, the time-stamped documents are stored in a Chain of Blocks.

• After that in 1992, Merkle Trees formed a legal corporation by using a system developed by Stuart Haber
and W. Scott Stometta with some more features. Hence, Blockchain Technology became efficient to store
several documents to be collected into one block. Merkle used a Secured Chain of Block which stores
multiple data records in a sequence. However, this Technology became unused when Patent came into
existence in 2004.

• However, in the same year 2004, Cryptographic activist Hal Finney introduced a system for digital
cash known as "Reusable Proof of Work". This step was the game-changer in the history ofBlockchain
and Cryptography. This System helps others to solve the Double Spending Problem by keeping the
ownership of tokens registered on a trusted server.

• After that in 2008, Satoshi Nakamoto conceptualized the concept of "Distributed Blockchain" under his
white paper: "A Peer to Peer Electronic Cash System". He modified the model of Merkle Tree and created
a system that is more secure and contains the secure history of data exchange. His System follows a peer
to-peer network of time stamping. His system became so useful that Blockchain become the backbone of
 Cryptography.

• After that, the evolution of Blockchain is steady and promising and became a need in various fields.
Blockchain technology is so secure that the following surprising news will give proof about that. A person
named, James Howells was an IT worker in the United Kingdom, he starts mining bitcoins which are part
of Blockchain in 2009 and stopped this in 2013. He spends $17,000 on it and after he stopped he sells the
parts of his laptop on eBay and keep the drive with him so that when he needs to work again on bitcoin he
will utilize it but while cleaning his house in 2013, he thrashed his drive with garbage and now his bitcoins
cost nearly $127 million. This money now remains unclaimed in the Bitcoin system.

The blockchain is the public ledger of all Bitcoin transactions that have ever been exe- cuted. lt is constantly
growing as miners add new blocks to it (every 10 minutes) to record the most recent transactions. The blocks are
added to the blockchain in a lin- ear, chronological order. Each full node (i.e., every computer connected to the
Bitcoin network using a client that performs the task of validating and relaying transactions) has a copy of the
blockchain, which is downloaded automatically when the miner joins the Bitcoin network. The blockchain has
complete information about addresses and balances from the genesis block (the very first transactions ever
executed) to the most recently completed block.

Blockchain is the backbone Technology of Digital CryptoCurrency BitCoin. The blockchain is a distributed
database of records of all transactions or digital event that have been executed and shared among participating
parties. Each transaction verified by the majority of participants of the system. lt contains every single record
of each transaction. BitCoin is the most popular cryptocurrency an example of the blockchain. Blockchain
Technology Records Transaction in Digital Ledger which is distributed over the Network thus making it
incorruptible. Anything of value like Land Assets, Cars, etc. can be recorded on Blockchain as a Transaction.

One of the famous use of Blockchain is Bitcoin. The bitcoin is a cryptocurrency and is used to exchange
digital assets online. Bitcoin uses cryptographic proof instead of third-party trust for two parties to execute
transactions over the internet. Each transaction protects through digital signature.
CAP theorem:

The CAP theorem, also known as Brewer's theorem, was introduced by Eric Brewer in 1998 as a conjecture. In
2002, it was proven as a theorem by Seth Gilbert and Nancy Lynch. The theorem states that any distributed
system cannot have consistency, availability, and partition tolerance simultaneously:

• Consistency is a property that ensures that all nodes in a distributed system have a single, current, and
identical copy of the data.

Consistency is achieved using consensus algorithms in order to ensure that all nodes have the same copy
of the data. This is also called state machine replication. The blockchain is a means for achieving state
machine replication.

• Availability means that the nodes in the system are up, accessible for use, and are accepting incoming
requests and responding with data without any failures as and when required. In other words, data is
available at each node and the nodes are responding...

The CAP theorem states that a distributed database system has to make a tradeoff between Consistency
and Availability when a Partition occurs. A distributed database system is bound to have partitions in a real-
world system due to network failure or some other reason.

The CAP Theorem is comprised of three components (hence its name) as they relate to distributed data
stores:
Consistency. All reads receive the most recent write or an error.

Availability. All reads contain data, but it might not be the most recent.

Partition tolerance.

The CAP Theorem is comprised ofthree components (hence its name) as they relate to distributed data stores:

• Consistency. All reads receive the most recent write or an error.

• Availability. All reads contain data, but it might not be the most recent.
• Partition tolerance. The system continues to operate despite network failures (ie; dropped partitions,
slow network connections, or unavailable network connections between nodes.)
In normal operations, your data store provides all three functions. But the CAP theorem maintains that when a
distributed database experiences a network failure, you can provide either consistency or availability.

It's a tradeoff All other times, all three can be provided. But, in the event of a network failure, a choice must be
made.In the theorem, partition tolerance is a must. The assumption is that the system operates on a distributed
data store so the system, by nature, operates with network partitions. Network failures will happen, so to offer
any kind ofreliable service, partition tolerance is necessary-the P of CAP.
That leaves a decision between the other two, C and A. When a network failure happens, one can choose to
guarantee consistency or availability:

• High consistency comes at the cost of lower availability.

• High availability comes at the cost of lower consistency.

Benefits and limitations of blockchain:

Numerous benefits of blockchain technology are being discussed in the industry and proposed by thought
leaders around the world in blockchain space. The top 10 benefits are listed and discussed as follows.

Decentralization :

This is a core concept and benefit ofblockchain. There is no need for a trusted third party or intermediary to

validate transactions; instead a consensus mechanism is used to agree on the validity of transactions.

Transparency and trust :

As blockchains are shared and everyone can see what is on the blockchain, this allows the system to be
transparent and as a result trust is established. This is more relevant in scenarios such as the disbursement of
funds or benefits where personal discretion should be restricted.
Immutability:

Once the data has been written to the blockchain, it is extremely difficult to change it back. It is not truly
immutable but, due to the fact that changing data is extremely difficult and almost impossible, this is seen as a
benefit to maintaining an immutable ledger of transactions.

High availability:

As the system is based on thousands of nodes in a peer-to-peer network, and the data is replicated and updated on
each and every node, the system becomes highly available. Even if nodes leave the network or become
inaccessible, the network as a whole continues to work, thus making it highly available.

Highly secure:

All transactions on a blockchain are cryptographically secured and provide integrity.

Simplification of current paradigms:

The current model in many industries such as finance or health is rather disorganized, wherein multiple entities
maintain their own databases and data sharing can become very difficult due to the disparate nature of the
systems. But as a blockchain can serve as a single shared ledger among interested parties, this can result in
simplifying this model by reducing the complexity of managing the separate systems maintained by each entity.

Faster dealings:

In the financial industry, especially in post-trade settlement functions, blockchain can play a vital role by
allowing the quicker settlement of trades as it does not require a lengthy process of verification, reconciliation,
and clearance because a single version of agreed upon data is already available on a shared ledger between
financial organizations.

Cost saving:

As no third party or clearing houses are required in the blockchain model, this can massively eliminate
overhead costs in the form of fees that are paid to clearing houses or trusted third parties.
Decentralization:

Decentralization is a core benefit and service provided by blockchain technology. By design, blockchain is a
perfect vehicle for providing a platform that does not need any intermediaries and that can function with many
different leaders chosen via consensus mechanisms. This model allows anyone to compete to become the
decision-making authority. A consensus mechanism governs this competition, and the most famous method
is known as Proof of Work (PoW).

Decentralization is applied in varying degrees from a semi-decentralized model to a fully decentralized one
depending on the requirements and circumstances. Decentralization can be viewed from a blockchain perspective
as a mechanism that provides a way to remodel existing applications and paradigms, or to build new
applications, to give full control to users.

Information and communication technology (ICT) has conventionally been based on a centralized paradigm
whereby database or application servers are under the control of a central authority, such as a system
administrator. With Bitcoin and the advent of blockchain technology, this model has changed, and now the
technology exists to allow anyone to start a decentralized system and operate it with no single point of failure or
single trusted authority. It can either be run autonomously or by requiring some human intervention, depending
on the type and model of governance used in the decentralized application running on the blockchain.

The following diagram shows the different types of systems that currently exist: central, distributed, and

decentralized.

Different types of networks/systems

Centralized systems are conventional (client-server) IT systems in which there is a single authority that controls
the system, and who is solely in charge of all operations on the system. All users of a centralized system are
dependent on a single source of service. The majority of online service providers, including Google, Amazon,
eBay, and Apple's App Store, use this conventional model to deliver services.

In a distributed system, data and computation are spread across multiple nodes in the network. Sometimes, this
term is confused with parallel computing. While there is some overlap in the definition, the main difference
between these systems is that in a parallel computing system, computation is performed by all nodes
simultaneously in order to achieve the result; for example, parallel computing platforms are used in weather
research and forecasting, simulation, and financial modeling. On the other hand, in a distributed system,
computation may not happen in parallel and data is replicated across multiple nodes that users view as a single,
coherent system. Variations of both of these models are used to achieve fault tolerance and speed. In the parallel
system model, there is still a central authority that has control over all nodes and governs processing. This means
that the system is still centralized in nature.

The critical difference between a decentralized system and distributed system is that in a distributed system,
there is still a central authority that governs the entire system, whereas in a decentralized system, no such
authority exists.

A decentralized system is a type of network where nodes are not dependent on a single master node; instead,
control is distributed among many nodes. This is analogous to a model where each department in an organization
is in charge of its own database server, thus taking away the power from the central server and distributing it to
the sub-departments, who manage their own databases.

A significant innovation in the decentralized paradigm that has given rise to this new era of decentralization
of applications is decentralized consensus. This mechanism came into play with Bitcoin, and it enables a user to
agree on something via a consensus algorithm without the need for a central, trusted third party, intermediary, or
service provider.

We can also now view the different types of networks shown earlier from a different perspective, where we
highlight the controlling authority of these networks as a symbolic hand, as shown in the following diagram. This
model provides a clearer understanding of the differences between these networks from a decentralization point

of view,

Different types of networks/systems depicting decentralization from a modem perspective

In the middle we have distributed systems, where we still have a central controller but the system comprises
many dispersed nodes. On the right-hand side, notice that there is no hand/controller controlling the networks.

This is the key difference between decentralized and distributed networks. A decentralized system may look
like a distributed system from a topological point of view, but it doesn't have a central authority that controls the
network.

A traditional distributed system comprises many servers performing different roles

The following diagram shows a decentralized system (based on blockchain) where an exact replica of the
applications and data is maintained across the entire network on each participating node:

A comparison between centralized and decentralized systems (networks/applications) is shown in the following
table:

Feature Centralized Decentralized

Ownership Service provider All users

Architecture Client/server Distributed, different topologies

Security Basic More secure

High availability No Yes

Fault tolerance Basic, single point of failure Highly tolerant, as service is replicated

Collusion Basic, because it's under the control of a Highly resistant, as consensus
resistance group or even single individual algorithms ensure defense against
adversaries

Application Application replicated across all nodes on

Single application
architecture the network

Consumers have to trust the service

Trust No mutual trust required
provider

Cost for
Higher Lower
consumer

The comparison in the table only covers some main features and is not an exhaustive list of all features. There
may be other features of interest that can be compared too, but this list should provide a good level of
companson.

Now we will discuss what methods can be used to achieve decentralization.

Methods of Decentralization:

Two methods can be used to achieve decentralization: disintermediation and competition. These methods will be
discussed in detail in the sections that follow.

The concept of disintermediation can be explained with the aid of an example. Imagine that you want to send
money to a friend in another country. You go to a bank, which, for a fee, will transfer your money to the bank in
that country. In this case, the bank maintains a central database that is updated, confirming that you have sent the
money. With blockchain technology, it is possible to send this money directly to your friend without the need for
a bank. All you need is the address of your friend on the blockchain. This way, the intermediary (that is, the
bank) is no longer required, and decentralization is achieved by disintermediation. It is debatable, however, how
practical decentralization through disintermediation is in the financial sector due to the massive regulatory and
compliance requirements. Nevertheless, this model can be used not only in finance but in many other industries
as well, such as health, law, and the public sector. In the health industry, where patients, instead of relying on a
trusted third party (such as the hospital record system) can be in full control of their own identity and their data
that they can share directly with only those entities that they trust. As a general solution, blockchain can serve as
a decentralized health record management system where health records can be exchanged securely and directly
between different entities (hospitals, pharmaceutical companies, patients) globally without any central authority.

Contest-driven decentralization:

In the method involving competition, different service providers compete with each other in order to be selected
for the provision of services by the system. This paradigm does not achieve complete decentralization. However,
to a certain degree, it ensures that an intermediary or service provider is not monopolizing the service. In the
context of blockchain technology, a system can be envisioned in which smart contracts can choose an external
data provider from a large number of providers based on their reputation, previous score, reviews, and quality of
service.

This method will not result in full decentralization, but it allows smart contracts to make a free choice based on
the criteria just mentioned. This way, an environment of competition is cultivated among service providers where
they compete with each other to become the data provider of choice.
In the following diagram, varymg levels of decentralization are shown. On the left side, the conventional
approach is shown where a central system is in control; on the right side, complete disintermediation is achieved,
as intermediaries are entirely removed. Competing intermediaries or service providers are shown in the center.
At that level, intermediaries or service providers are selected based on reputation or voting, thus achieving
partial decentralization:

Figure : Scale of decentralization

There are many benefits of decentralization, including transparency, efficiency, cost saving, development of
trusted ecosystems, and in some cases privacy and anonymity. Some challenges, such as security requirements,
software bugs, and human error, need to be examined thoroughly.

This view raises some fundamental questions. Is a blockchain really needed? When is a blockchain required? In
what circumstances is blockchain preferable to traditional databases? To answer these questions, go through the
simple set of questions presented below:

Question Yes/No Recommended solution

Is high data throughput

Yes Use a traditional database.
required?

A central database might still be useful if other requirements are met.

For example, if users trust each other, then perhaps there is no need for
No
a blockchain. However, if they don't or trust cannot be established for
any reason, blockchain can be helpful.
Are updates centrally
Yes Use a traditional database.
controlled?

No You may investigate how a public/private blockchain can help.

Do users trust each

Yes Use a traditional database.
other?

No Use a public blockchain.

Are users anonymous? Yes Use a public blockchain.

No Use a private blockchain.

Is consensus required
to be maintained within Yes Use a private blockchain.
a consortium?

No Use a public blockchain.

Is strict data
Yes Use a blockchain.
immutability required?

No Use a centraVtraditional database.

Answering all of these questions can help you decide whether or not a blockchain is required or suitable for
solving the problem. Beyond the questions posed in this model, there are many other issues to consider, such as
latency, choice of consensus mechanisms, whether consensus is required or not, and where consensus is going to
be achieved. If consensus is maintained internally by a consortium, then a private blockchain should be used;
otherwise, if consensus is required publicly among multiple entities, then a public blockchain solution should be
considered. Other aspects, such as immutability, should also be considered when deciding whether to use a
blockchain or a traditional database. If strict data immutability is required, then a public blockchain should be
used; otherwise, a central database may be an option.

As blockchain technology matures, there will be more questions raised regarding this selection model. For now,
however, this set of questions is sufficient for deciding whether a blockchain-based solution is suitable or not.
Now we understand different methods of decentralization and have looked at how to decide whether a
blockchain is required or not in a particular scenario. Let's now look at the process of decentralization, that is,
how we can take an existing system and decentralize it.

Routes to decentralization:

There are systems that pre-date blockchain and Bitcoin, including BitTorrent and the Gnutella file
sharing system, which to a certain degree could be classified as decentralized, but due to a lack of any
incentivization mechanism, participation from the community gradually decreased. There wasn't any incentive to
keep the users interested in participating in the growth of the network. With the advent ofblockchain technology,
many initiatives are being taken to leverage this new technology to achieve decentralization. The Bitcoin
blockchain is typically the first choice for many, as it has proven to be the most resilient and secure blockchain
and has a market cap of nearly $166 billion at the time of writing. Alternatively, other blockchains, such as
Ethereum, serve as the tool of choice for many developers for building decentralized applications. Compared to
Bitcoin, Ethereum has become a more prominent choice because of the flexibility it allows for programming any
business logic into the blockchain by using smart contracts.

How to decentralize

The framework raises four questions whose answers provide a clear understanding of how a system can be
decentralized:

1. What is being decentralized?

2. What level of decentralization is required?
3. What blockchain is used?
4. What security mechanism is used?

The first question simply asks you to identify what system is being decentralized. This can be any system, such
as an identity system or a trading system.

The second question asks you to specify the level of decentralization required by examining the scale of
decentralization, as discussed earlier. It can be full disintermediation or partial disintermediation.
The third question asks developers to determine which blockchain is suitable for a particular application. It can
be Bitcoin blockchain, Ethereum blockchain, or any other blockchain that is deemed fit for the specific
application.

Finally, a fundamental question that needs to be addressed is how the security of a decentralized system will be
guaranteed. For example, the security mechanism can be atomicity-based, where either the transaction executes
in full or does not execute at all. This deterministic approach ensures the integrity of the system. Other
mechanisms may include one based on reputation, which allows for varying degrees of trust in a system.

In the following section, let's evaluate a money transfer system as an example of an application selected to be
decentralized.

Decentralization framework example:

The four questions discussed previously are used to evaluate the decentralization requirements of this
application. The answers to these questions are as follows:

1. Money transfer system

2. Disintermediation

3. Bitcoin

4. Atomicity

The responses indicate that the money transfer system can be decentralized by removing the intermediary,
implemented on the Bitcoin blockchain, and that a security guarantee will be provided via atomicity. Atomicity
will ensure that transactions execute successfully in full or do not execute at all. We have chosen the Bitcoin
blockchain because it is the longest established blockchain and has stood the test of time.

Similarly, this framework can be used for any other system that needs to be evaluated in terms of
decentralization. The answers to these four simple questions help clarify what approach to take to decentralize
the system.

To achieve complete decentralization, it is necessary that the environment around the blockchain also be
decentralized. We'll look at the full ecosystem of decentralization next.

The blockchain is a distributed ledger that runs on top of conventional systems. These elements include storage,
communication, and computation.
Storage

Data can be stored directly in a blockchain, and with this fact it achieves decentralization. However, a
significant disadvantage of this approach is that a blockchain is not suitable for storing large amounts of data by
design. It can store simple transactions and some arbitrary data, but it is certainly not suitable for storing images
or large blobs of data, as is the case with traditional database systems.

A better alternative for storing data is to use distributed hash tables (DHTs). DHTs were used initially in
peer to-peer file sharing software, such as BitTorrent, Napster, Kazaa, and Gnutella. DHT research was made
popular by the CAN, Chord, Pastry, and Tapestry projects. BitTorrent is the most scalable and fastest network,
but the issue with BitTorrent and the others is that there is no incentive for users to keep the files indefinitely.
Users generally don't keep files permanently, and if nodes that have data still required by someone leave the
network, there is no way to retrieve it except by having the required nodes rejoin the network so that the files
once again become available.

Two primary requirements here are high availability and link stability, which means that data should be
available when required and network links also should always be accessible. Inter-Planetary File System
(IPFS) by Juan Benet possesses both of these properties, and its vision is to provide a decentralized World Wide
Web by replacing the HTTP protocol. IPFS uses Kademlia DHT and Merkle Directed Acyclic Graphs (DAGs)
to provide storage and searching functionality, respectively.

The incentive mechanism for storing data is based on a protocol known as Filecoin, which pays incentives to
nodes that store data using the Bitswap mechanism. The Bitswap mechanism lets nodes keep a simple ledger of
bytes sent or bytes received in a one-to-one relationship. Also, a Git-based version control mechanism is used
in IPFS to provide structure and control over the versioning of data.

There are other alternatives for data storage, such as Ethereum Swarm, Storj, and MaidSafe. Ethereum has its
own decentralized and distributed ecosystem that uses Swarm for storage and the Whisper protocol for
communication. MaidSafe aims to provide a decentralized World Wide Web. All of these projects are
discussed later in this book in greater detail.

BigChainDB is another storage layer decentralization project aimed at providing a scalable, fast, and linearly
scalable decentralized database as opposed to a traditional filesystem. BigChainDB complements decentralized
processing platforms and filesysterns such as Ethereum and IPFS.
Communication

The Internet (the communication layer in blockchain) is considered to be decentralized. This belief is correct to
some extent, as the original vision of the Internet was to develop a decentralized communications system.
Services such as email and online storage are now all based on a paradigm where the service provider is in
control, and users trust such providers to grant them access to the service as requested. This model is based on
the unconditional trust of a central authority (the service provider) where users are not in control of their data.
Even user passwords are stored on trusted third-party systems.

Thus, there is a need to provide control to individual users in such a way that access to their data is guaranteed
and is not dependent on a single third party.

Access to the Internet (the communication layer) is based on Internet Service Providers (ISPs) who act as a
central hub for Internet users. If the ISP is shut down for any reason, then no communication is possible with
this model.

An alternative is to use mesh networks. Even though they are limited in functionality when compared to the
Internet, they still provide a decentralized alternative where nodes can talk directly to each other without a
central hub such as an ISP.

Now imagine a network that allows users to be in control of their communication; no one can shut it down for
any reason. This could be the next step toward decentralizing communication networks in the blockchain
ecosystem. It must be noted that this model may only be vital in a jurisdiction where the Internet is censored
and controlled by the government.

As mentioned earlier, the original vision of the Internet was to build a decentralized network; however, over the
years, with the advent of large-scale service providers such as Google, Amazon, and eBay, control is shifting
toward these big players. For example, email is a decentralized system at its core; that is, anyone can run an
email server with minimal effort and can start sending and receiving emails. There are better alternatives
available. For example, Gmail and Outlook already provide managed services for end users, so there is a natural
inclination toward selecting one of these large centralized services as they are more convenient and free to use.
This is one example that shows how the Internet has moved toward centralization.

Free services, however, are offered at the cost of exposing valuable personal data, and many users are unaware of
this fact. Blockchain has revived the vision of decentralization across the world, and now concerted efforts are
being made to harness this technology and take advantage of the benefits that it can provide.
Computing power and decentralization:

Decentralization of computing or processing power is achieved by a blockchain technology such as Ethereum,

where smart contracts with embedded business logic can run on the blockchain network. Other blockchain
technologies also provide similar processing-layer platforms, where business logic can run over the network in a
decentralized manner.

The following diagram shows an overview of a decentralized ecosystem. In the bottom layer, the Internet or
mesh networks provide a decentralized communication layer. In the next layer up, a storage layer uses
technologies such as IPFS and BigChainDB to enable decentralization. Finally, in the next level up, you can see
that the blockchain serves as a decentralized processing (computation) layer. Blockchain can, in a limited way,
provide a storage layer too, but that severely hampers the speed and capacity of the system. Therefore, other
solutions such as IPFS and BigChainDB are more suitable for storing large amounts of data in a decentralized
way. The Identity and Wealth layers are shown at the top level. Identity on the Internet is a vast topic, and
systems such as bitAuth and OpenID provide authentication and identification services with varying degrees of
decentralization and security assumptions:

Decentralized ecosystem

The blockchain is capable of providing solutions to various issues relating to decentralization. A concept relevant
to identity known as Zooko's Triangle requires that the naming system in a network protocol is secure,
decentralized, and able to provide human-meaningful and memorable names to the users. Conjecture has it that a
system can have only two of these properties simultaneously.

Nevertheless, with the advent of blockchain in the form of Namecoin, this problem was resolved. It is now
possible to achieve security, decentralization, and human-meaningful names with the Namecoin blockchain.
However, this is not a panacea, and it comes with many challenges, such as reliance on users to store and
maintain private keys securely. This opens up other general questions about the suitability of decentralization to
a particular problem.

Decentralization may not be appropriate for every scenario. Centralized systems with well-established
reputations tend to work better in many cases. For example, email platforms from reputable companies such as
Google or Microsoft would provide a better service than a scenario where individual email servers are hosted by
users on the Internet.

There are many projects underway that are developing solutions for a more comprehensive distributed
blockchain system. For example, Swarm and Whisper are developed to provide decentralized storage and
communication for Ethereurn.
 UNIT-II
WORKING OF BLOCKCHAIN

Cryptography in Blockchain:

The BlockChain is the invention that allows digitally generated information to be allocated without being copied.
BlockChainTechnology is the heart of the new internet i.e. digital currency, BitCoin and any other online
transaction. Tech experts found a big potential in this technology. "BlockChain is an incorruptible digital ledger
of economic transaction that can be programmed to record not just financial transactions but virtually everything
of value."In plain layout, the data is not owned by any single computer but by a chain of computers so that the
blocks of data are secured and bound to each other using chain, that technology is known as BlockChain
technology. There is no transaction cost due to BlockChain, in Layman language BlockChain is a process to
pass information or data from A to B in a safe and automated manner.

Cryptocurrency works on the principle of BlockChain Technology, that is why, BlockChain is the most trending
item of current era, due to it's secure nature cryptocurrency is widely accepted. It's value is increasing day
by day. Many oil industries, IBM Technologies, Mercedes Benz, Swiss Bank, Samsung, and even Google is
planning to launch their own ryptocurrency in 2019 for safe and secure transactions. Now, this technology is
disrupting almost every marketshare due to its popularity and demand in the world.

Satoshi Nakamoto introduced the concept of BlockChain in 2008 in the form of cryptocurrency BitCoin. It's
function is to allow users to secure and control their monetary values so that no third party like government or
banks would be able to access or control it. It is a process to carry everyone to the highest grade of
liability.Three technologies work behind the BlockChain Technology-
• Private Key Cryptography
• Peer 2 Peer Network
• BlockChain's Protocol Program
Private Key Cryptography
• Peer 2 Peer Network
• BlockChain's Protocol Program
Introduction - cryptographic primitives:

Private Key Cryptography

• Peer 2 Peer Network
• BlockChain's Protocol Program

Blockchain, as one of the crypto-intensive creatures, has become a very hot topic recently. Although many
surveys have recently been dedicated to the security and privacy issues of blockchains, there still lacks a
systematic examination on the cryptographic primitives in blockchains.

Since its introduction in the early 1980s (Chaum, 1982), the design of e-cash has always been one of the main
research topics in the field of cryptography. However, the one without any trusted third party remained an
open problem till Bitcoin (Nakamoto) launched in 2009. Due to its decentralization, unforgeability, double
spending resistance and pseudonymity, this brand new e-cash system has brought a remarkable culmination
of cryptocurrency research and its applications. Based on its main :framework, many new cryptocurrencies
including decentralized (such as (Litecoin), Nxtcoin (Nxt)) and centralized ones (such as RScoin (Danezis and
Meiklejohn, 2016)) have been proposed. The market value of these cryptocurrencies has increased more than
30 times during 2017 (from about $17 billion on 1st Jan. to $591 billion on 31st Dec.) (Coinmarketcap). As
the core technology behind Bitcoin, the blockchain has demonstrated its capability of innovation
and infiltration in many domains, including finance, insurance, industry, healthcare, agriculture and so on.

There are many recent surveys have been dedicated to the security and privacy issues of blockchains .

classify cryptographic primitives in blockchains into two categories: primary and optional. The former
category includes cryptographic hashes and standard digital signatures that are essential for ensuring the
blockchain as a globe ledger with tamper-proof, public verifiability and achievable consensus. While the latter
category, mainly used for enhancing the privacy and anonymity of blockchain-based transactions, covers
some special signatures (such as ring signatures), commitments, accumulators, zero-knowledge proofs and so
on.
Special signature primitives for blockchains: To enhance the privacy and anonymity of transactions, some
advanced signature primitives such as ring signature and multi-signature are also widely applied in blockchains.
I.Ring signatures :

Anonymity is always required in information systems (Shen et al., 2018), especially in the e-cash system.
However, Bitcoin can only provide pseudonymity due to the linkability of transactions. Therefore, many new
alternative cryptocurrencies have been proposed to address this problem. From a perspective of cryptography,
there are many kinds of signatures for achieving anonymity, such as blind signature (Chaum, 1982), ring
signature (Rivest et al., 2001), group signature (Chaum and van Heyst, 1991) and DC-nets (Chaum, 1988).
However, only ring signature and its variants have been used in blockchains for anonymity.

2. One-time (ring) signatures:

Lamport in 1979 (Lamport, 1979) proposed the concept of one-time signature (OTS), where the signing key can
be used securely but only once, and the signing key would be revealed if it is used twice or more. OTS is
frequently used as a building block in constructions of encryptions and authenticated key agreements.

3. Borromean (ring) signatures:

Another interesting primitive related to ring signature and blockchain is the so-called Borromean (ring) signature
(BRS), proposed by Maxwell and Poelstra in 2015 (Maxwell and Poelstra, 2015). Poelstra (Poelstra, 2017)
claimed that BRS is now used in Elements (Element, 2015), Liquid (Liquid) and Monero.

4. Multi-signatures:

The primitive of multi-signature allows a single signature to work as several ordinary signatures on the same
message. One of the critical requirements of multi-signature is that the single signature has the same size as one
regular signature.
Assymetric cryptography:

Public Key Cryptography or in short PK.I is also known as asymmetric cryptography. It uses two pairs of keys -
public and private. A key is a some long binary number. The public key is distributed worldwide and is truly
public as its name suggests. The private key is to be strictly held private and one should never lose it.

In case of Bitcoin, if you ever lose the private key to your Bitcoin wallet, the entire contents of your wallets
would be instantly vulnerable to theft and before you know it, all your money (the contents of your wallet)
would be gone with no mechanism in the system to trace out who stole it - that is the anonymity in the system
that I mentioned earlier.

The PK.I accomplies two functions - authentication and the message privacy through encryption/decryption
mechanism. I will now explain both these functions

Authentication

When the two parties exchange messages, it is important to establish a trust between the sender and the receiver.
Especially, the receiver must trust the source of message. Going to our earlier scenario (depicted in Figure 1) of
Bob sending some money to Lisa for purchasing of some goods from her, let us see how the PK.I builds this
trust between Bob and Lisa. Look at below image
In the first place, if Bob wants to send some money to Lisa, he has to create a private/public key of its own.
Note that both keys are always paired together and you can not mix the private and public keys of different
individuals or different instances.

Now, Bob says that he is sending $10 to Lisa. So he creates a message (a plain-text message) containing Bob's
(sender) public key, Lisa's (receiver) public key, and the amount ($10).

The purpose of this remittance such as "I want to buy pumpkin from you" is also added into the message. The
entire message is now signed using Bob's private key. When Lisa receives this message, she will use the
signature verification algorithm of PK.I and Bob's public key to ensure that the message indeed originated from
Bob. How the PK.I works is beyond the scope of this tutorial. The interested reader is referred to this site for a
more detailed discussion on PK.I. This establishes the authenticity of the message originator. Now, let us look at
the message privacy

Message Privacy:

Now, as Lisa has received her payment, she wants to send the link to her ebook which Bob wants to buy. So
Lisa would create a message and send it to Bob as shown in image
Public and private keys -line interface:

In order to understand public key cryptography, the first concept that needs to be looked at is the idea of public
and private keys.

A private key, as the names suggests, is basically a randomly generated number that is kept secret and held
privately by the users. Private key needs to be protected and no unauthorized access should be granted to that
key; otherwise, the whole scheme of public key cryptography will be jeopardized as this is the key that is used to
decrypt messages. Private keys can be of various lengths depending upon the type and class of algorithms used.
For example, in RSA, typically, a key of 1024-bit or 2048-bits is used. 1024-bit key size is no longer considered
secure and at least 2048 bit is recommended to be used in practice.

A public key is the public part of the private-public key pair. A public key is available publicly and published by
the private key owner. Anyone who would then like to send the publisher of the public key an encrypted
message.

The Lisa creates a message such as "Here is the link to my ebook which you had requested", signs it with Bob's
public key that she has received in Bob's request message and also encrypts the message using some secret key
which is shared between the two during HTTPS handshake.

Now, Lisa is sure that only Bob can decode the message using the private key that is held by Bob alone. Also,
somebody intercepting the message would not be able to recover its contents because the contents are encrypted
by a secret key held only by Bob and Alice. This guarantees to Lisa that access to her ebook is granted only to
Bob.

Having seen both the features, Authentication and Message Privacy, implied by PK.I, let us move ahead to see
how Bitcoin makes use of PK.I to secure the public ledger.
Public And Private Keys:

Bitcoin, as well as all other major cryptocurrencies that came after it, is built upon public-key cryptography, a
cryptographic system that uses pairs of keys: public keys, which are publicly known and essential for
identification, and private keys, which are kept secret and are used for authentication and encryption.

Major cryptocurrencies like Bitcoin, Ethereum, and Bitcoin Cash function using three fundamental pieces of
information: the address, associated with a balance and used for sending and receiving funds, and the address'
corresponding public and private keys. The generation of a bitcoin address begins with the generation of a
private key. From there, its corresponding public key can be derived using a known algorithm. The address,
which can then be used in transactions, is a shorter, representative form of the public key.

The private key is what grants a cryptocurrency user ownership of the funds on a given address. The Blockchain
wallet automatically generates and stores private keys for you. When you send from a Blockchain wallet, the
software signs the transaction with your private key (without actually disclosing it), which indicates to the entire
network that you have the authority to transfer the funds on the address you're sending from.

The security of this system comes from the one-way street that is getting from the private key to the public
address. It is not possible to derive the public key from the address; likewise, it is impossible to derive the private
key from the public key.

In the Blockchain.com Wallet, your 12-word Secret Private Key Recovery Phrase is a seed of all the private keys
of all the addresses generated within the wallet. This is what allows you to restore access to your funds even if
you lose access to your original wallet. Using the recovery phrase will allow you to recover your crypto.
Bitcoin improvement proposals (BIPs):

A Bitcoin Improvement Proposal (BIP) is a design document for introducing features or information to Bitcoin.
This is the standard way of communicating ideas since Bitcoin has no formal structure.

The first BIP (BIP 0001) was submitted by Amir Taaki on 2011-08-19 and described what a BIP is.

Types

There are three types of BIPs:

• Standards Track BIPs - Changes to the network protocol, block or transaction validation, or anything
affecting interoperability.
• Informational BIPs - Design issues, general guidelines. This type of BIP is NOT for proposing new
features and do not represent community consensus
• Process BIPs - Describes or proposes a change in process. Similar to Standards BIPs but apply outside the
Bitcoin protocol.

Layers

BIP 0123 established four layers for Standards BIPs:

1. Consensus
2. Peer Services
3. API/RPC
4. Applications
Workflow:

As described in BIP 0001 the workflow of a BIP is as follows:

ConsensusAlgorithms:

We know that Blockchain is a distributed decentralized network that provides immutability, privacy, security,
and transparency. There is no central authority present to validate and verify the transactions, yet every
transaction in the Blockchain is considered to be completely secured and verified. This is possible only because
of the presence of the consensus protocol which is a core part of any Blockchain network.

A consensus algorithm is a procedure through which all the peers of the Blockchain network reach a common
agreement about the present state of the distributed ledger. In this way, consensus algorithms achieve reliability
in the Blockchain network and establish trust between unknown peers in a distributed computing environment.
Essentially, the consensus protocol makes sure that every new block that is added to the Blockchain is the one
and only version of the truth that is agreed upon by all the nodes in the Blockchain.

The Blockchain consensus protocol consists of some specific objectives such as commg to an agreement,
collaboration, co-operation, equal rights to every node, and mandatory participation of each node in the
consensus process. Thus, a consensus algorithm aims at finding a common agreement that is a win for the entire
network.

Now, we will discuss various consensus algorithms and how they work.

ProofofWork(PoW):

This consensus algorithm is used to select a mmer for the next block generation. Bitcoin uses this PoW
consensus algorithm. The central idea behind this algorithm is to solve a complex mathematical puzzle and easily
give out a solution. This mathematical puzzle requires a lot of computational power and thus, the node who
solves the puzzle as soon as possible gets to mine the next block. For more details on PoW, please read Proof of
Work (PoW) Consensus

PracticalByzantineFaultTolerance(PBFT):
Please refer to the existing article on practical Byzantine Fault Tolerance(pBFT).

ProofofStake(PoS):
This is the most common alternative to PoW. Ethereum has shifted from PoW to PoS consensus. In this type of
consensus algorithm, instead of investing in expensive hardware to solve a complex puzzle, validators invest in
the coins of the system by locking up some of their coins as stake. After that, all the validators will start
validating the blocks. Validators will validate blocks by placing a bet on it if they discover a block which they
think can be added to the chain. Based on the actual blocks added in the Blockchain, all the validators get a
reward proportionate to their bets and their stake increase accordingly.
In the end, a validator is chosen to generate a new block based on their economic stake in the network. Thus, PoS
encourages validators through an incentive mechanism to reach to an agreement.

Proofoffiurn(PoB):
With PoB, instead of investing into expensive hardware equipment, validators 'bum' coins by sending them to
an address from where they are irretrievable. By committing the coins to an unreachable address, validators earn
a privilege to mine on the system based on a random selection process. Thus, burning coins here means that
validators have a long-term commitment in exchange for their short-term loss.
Depending on how the PoB is implemented, miners may bum the native currency of the Blockchain application
or the currency of an alternative chain, such as bitcoin. While PoB is an interesting alternative to PoW, the
protocol still wastes resources needlessly. And it is also questioned that mining power simply goes to those who
are willing to bum more money.

ProofofCapacity:
In the Proof of Capacity consensus, validators are supposed to invest their hard drive space instead of investing
in expensive hardware or burning coins. The more hard drive space validators have, the better are their chances
of getting selected for mining the next block and earning the block reward.

ProofofElapsedTime:
PoET is one of the fairest consensus algorithms which chooses the next block using fair means only. It is widely
used in permissionned Blockchain networks. In this algorithm, every validator on the network gets a fair chance
to create their own block. All the nodes do so by waiting for random amount of time, adding a proof of their wait
in the block. The created blocks are broadcasted to the network for others consideration. The winner is the
validator which has least timer value in the proof part. The block from the winning validator node gets appended
to the Blockchain. There are additional checks in the algorithm to stop nodes from always winning the election,
stop nodes from generating a lowest timer value.

There also exist other consensus algorithms like Proof of Activity, Proof of Weight, Proof oflmportance, Leased
Proof of Stake, etc. It is therefore important to wisely choose one as per the business network requirement
because Blockchain networks cannot function properly without the consensus algorithms to verify each and
every transaction that is being commited.
 UNIT-III
WORKING OF BITCOIN

INTRODUCTION TO BITCOIN:

Bitcoin is the first application of the blockchain technology.Bitcoin has started a revolution with the introduction
of the very first fully decentralized digital currency, and one that has proven to be extremely secure and stable.
This has also sparked a great interest in academic and industrial research and introduced many new research
areas.

Since its introduction in 2008, bitcoin has gained much popularity and is currently the most successful digital
currency in the world with billions of dollars invested in it. It is built on decades of research in the field of
cryptography, digital cash, and distributed computing. In the following section, a brief history is presented in
order to provide the background required to understand the foundations behind the invention ofbitcoin.

Bitcoin: A Peer-to-Peer Electronic Cash System was written by Satoshi Nakamoto. The first key idea introduce
was that purely peer-to-peer electronic cash that does need an intermediary bank to transfer payments between
peers.
Bitcoin is built on decades of cryptographic research such as the research in Merkle trees, hash functions, public
key cryptography, and digital signatures. Moreover, ideas such as BitGold, b-money, hashcash, and
cryptographic time stamping provided the foundations for bitcoin invention. All these technologies are cleverly
combined in bitcoin to create the world's first decentralized currency.

Bitcoin can be defined in various ways: it's a protocol, a digital currency, and a platform. It is a combination of
peer-to-peer network, protocols, and software that facilitate the creation and usage of the digital currency named
bitcoin. Note that Bitcoin with a capital B is used to refer to the Bitcoin protocol, whereas bitcoin with a
lowercase b is used to refer to bitcoin, the currency. Nodes in this peer-to-peer network talk to each other using
the Bitcoin protocol.

Decentralization of currency was made possible for the first time with the invention of bitcoin. Moreover, the
double spending problem was solved in an elegant and ingenious way in bitcoin. Double spending problem arises
when, for example, a user sends coins to two different users at the same time and they are verified independently
as valid transactions.

Bitcoin Working Mechanism:

When you send an email to another person, you just type an email address and can communicate directly to that
person. It is the same thing when you send an instant message. This type of communication between two parties
is commonly known as Peer-to-Peer communication.

Whenever you want to transfer money to someone over the internet, you need to use a service of third-party such
as banks, a credit card, a PayPal, or some other type of money transfer services. The reason for using third-party
is to ensure that you are transferring that money. In other words, you need to be able to verify that both parties
have done what they need to do in real exchange.

For example, Suppose you click on a photo that you want to send it to another person, so you can simply attach
that photo to an email, type the receiver email address and send it. The other person will receive the photo, and
you think it would end, but it is not. Now, we have two copies of photo, one is a simple email, and another is an
original file which is still on my computer. Here, we send the copy of the file of the photo, not the original file.
This issue is commonly known as the double-spend problem.

The double-spend problem provides a challenge to determine whether a transaction is real or not. How you can
send a bitcoin to someone over the internet without needing a bank or some other institution to certify the
transfer took place. The answer arises in a global network of thousands of computers called a Bitcoin Network
and a special type of decentralized laser technology called blockchain.
Transactions & Structure:

Transactions are at the core of the bitcoin ecosystem. Transactions can be as simple as just sending some bitcoins
to a bitcoin address, or it can be quite complex depending on the requirements. Each transaction is composed of
at least one input and output.
Inputs can be thought of as coins being spent that have been created in a previous transaction and outputs as
coins being created. If a transaction is minting new coins, then there is no input and therefore no signature is
needed. If a transaction is to sends coins to some other user (a bitcoin address), then it needs to be signed by the
sender with their private key and a reference is also required to the previous transaction in order to show the
origin of the coins. Coins are, in fact, unspent transaction outputs represented in Satoshis.
Transactions are not encrypted and are publicly visible in the blockchain. Blocks are made up of transactions and
these can be viewed using any online blockchain explorer.
The transaction life cycle
1. A user/sender sends a transaction using wallet software or some other interface.
2. The wallet software signs the transaction using the sender's private key.
3. The transaction is broadcasted to the Bitcoin network using a flooding algorithm.
4. Mining nodes include this transaction in the next block to be mined.
5. Mining starts once a miner who solves the Proof of Work problem broadcasts the newly mined block to the
network.
6. The nodes verify the block and propagate the block further, and confirmation starts to generate.
7. Finally, the confirmations start to appear in the receiver's wallet and after approximately six confirmations, the
transaction is considered finalized and confirmed. However, six is just a recommended number, the transaction
can be considered final even after the first confirmation. The key idea behind waiting for six confirmations is
that the probability of double spending is virtually eliminated after six confirmations.

TRANSACTION STRUCTURE

A transaction at a high level contains metadata, inputs, and outputs. Transactions are combined to create a block.
The transaction structure is shown in the following table:
MetaData: This part of the transaction contains some values such as the size of the transaction, the number of
inputs and outputs, the hash of the transaction, and a lock_time field. Every transaction has a prefix specifying
the version number.
Inputs: Generally, each input spends a previous output. Each output is considered an Unspent Transaction
Output (UTXO) until an input consumes it.
Outputs: Outputs have only two fields, and they contain instructions for the sending of bitcoins. The first field
contains the amount of Satoshis, whereas the second field is a locking script that contains the conditions that
need to be met in order for the output to be spent.
Verification:Verification is performed using bitcoin's scripting language.

Types of transaction:

There are various scripts available in bitcoin to handle the value transfer from the source to the destination.
These scripts range from very simple to quite complex depending upon the requirements of the transaction.
Standard transactions are evaluated using IsStandard() and IsStandardTx() tests and only standard transactions
that pass the test are generally allowed to be mined or broadcasted on the bitcoin network. However, nonstandard
transactions are valid and allowed on the network.
Pay to Public Key Hash (P2PKH):
P2PKH is the most commonly used transaction type and is used to send transactions to the bitcoin addresses. The
format of the transaction is shown as folows:
ScriptPubKey: OP_DUP OP_HASH160 OP_EQUALVERIFY OP_CHECKSIG ScriptSig: The ScriptPubKey
and ScriptSig parameters are concatenated together and executed.

Pay to Script Hash (P2SH):

P2SH is used in order to send transactions to a script hash (that is, the addresses starting with 3) and was
standardized in BIP16. In addition to passing the script, the redeem script is also evaluated and must be valid.
The template is shown as follows:
ScriptPubKey: OP_HASH160 OP_EQUAL
ScriptSig: [...]

MultiSig (Pay to MultiSig): M of n multisignature transaction script is a complex type of script where it is
possible to construct a script that required multiple signatures to be valid in order to redeem a transaction.
Various complex transactions such as escrow and deposits can be built using this script. The template is shown
here:
ScriptPubKey: [ ... ] OP_CHECKMUL TISIG
ScriptSig: 0 [ ... ] Raw multisig is obsolete, and multisig is usually part of the P2SH redeem script,
mentioned in the previous bullet point.

Pay to Pubkey: This script is a very simple script that is commonly used in coinbase transactions. It is now
obsolete and was used in an old version ofbitcoin. The public key is stored within the script in this case, and the
unlocking script is required to sign the transaction with the private key. The template is shown as follows:
OP_CHECKSIG Null data/OP_RETURN: This script is used to store arbitrary data on the blockchain for a fee.
The limit of the message is 40 bytes. The output of this script is unredeemable because OP_RETURN will fail
the validation in any case. ScriptSig is not required in this case.
The template is very simple and is shown as
follows: OP RETURN<data>
A P2PKH script execution is shown as follows:

P2PKH script execution:

All transactions are eventually encoded into the hex before transmitting over the bitcoin network.

Blockchain is a public ledger of a timestamped, ordered, and immutable list of all transactions on the bitcoin
network. Each block is identified by a hash in the chain and is linked to its previous block by referencing the
previous block's hash. In the following structure of a block, a block header is described, followed by a detailed
diagram that provides an insight into the blockchain structure.
The, stru cture of a ,bl ock
1 1

D cripio11.
•
This includes fields frmn ad .r described: in th. l"leJ.t
c 'op.,
T a:nsa n coun :r dwns in lhe bl de,

1
The structure of a ,bil oc!k.heade,r

:iat- di tates th

r.

Thi· i t1 rnerk1e rrre

iindud d in Uiie Nock

This fl,d on lime :,f l:b m

it:he • . . . l .. this is .hen
1th •' C • • • the header the lime m I.he
A visualization ofblockchain, block, block header, transaction and script.
As shown in the preceding diagram, blockchain is a chain of blocks where each block is linked to its previous
block by referencing the previous block header's hash. This linking makes sure that no transaction can be
modified unless the block that records it and all blocks that follow it are also modified. The first block is not
linked to any previous block and is known as the genesis block.

The Genesis Block:

This is the first block in the bitcoin blockchain. The genesis block was hardcoded in the bitcoin core software.

Bitcoin provides protection against double spending by enforcing strict rules on transaction verification and via
mining. Blocks are added in the blockchain only after strict rule checking and successful Proof of Work solution.
Block height is the number of blocks before a particular block in the blockchain. The current height (at the time
of writing this) of the blockchain is 434755 blocks. Proof of Work is used to secure the blockchain.

Each block contains one or more transactions, out of which the first transaction is a coinbase transaction. There
is a special condition for coinbase transactions that prevent them to be spent until at least I00 blocks in order to
avoid a situation where the block may be declared stale later on.
Stale blocks are created when a block is solved and every other miner who is still working to find a solution to
the hash puzzle is working on that block. Mining and hash puzzles will be discussed later in the chapter in detail.
As the block is no longer required to be worked on, this is considered a stale block.
Orphan Blocks : are also called detached blocks and were accepted at one point in time by the network as valid
blocks but were rejected when a proven longer chain was created that did not include this initially accepted
block. They are not part of the main chain and can occur at times when two miners manage to produce the blocks
at the same time.

The Bitcoin Network:

The bitcoin network is a P2P network where nodes exchange transactions and blocks. There are different types
of nodes on the network. There are two main types of nodes, full nodes and SPY nodes. Full nodes, as the name
implies, are implementations of bitcoin core clients performing the wallet, miner, full blockchain storage, and
network routing functions. However, it is not necessary to perform all these functions. SPY nodes or lightweight
clients perform only wallet and network routing functionality. The latest version ofBitcoin protocol is 70014 and
was introduced with bitcoin core client 0.13.0.

Bitcoin network is identified by its different magic values. A list is shown as follows:

A full node performs four functions: wallet, miner, blockchain, and the network routing node.
When a bitcoin core node starts up, first, it initiates the discovery of all peers. This is achieved by querying DNS
seeds that are hardcoded into the bitcoin core client and are maintained by bitcoin community members. This
lookup returns a number of DNS A records. The bitcoin protocol works on TCP port 8333 by default for the
main network and TCP 18333 for testnet.
First, the client sends a protocol message Version that contains vanous fields, such as version, services,
timestamp, network address, nonce, and some other fields. The remote node responds with its own version
message followed by verack message exchange between both nodes, indicating that the connection has been
established.
After this, Getaddr and addr messages are exchanged to find the peers that the client do not know. Meanwhile,
either of the nodes can send a ping message to see whether the connection is still live. Now the block download
can begin.
If the node already has all blocks fully synchronized, then it listens for new blocks using the Inv protocol
message; otherwise, it first checks whether it has a response to inv messages and have inventories already. If yes,
then it requests the blocks using the Getdata protocol message; if not, then it requests inventories using the
GetBlocks message. This method was used until version 0.9.3
Wallets: The wallet software is used to store private or public keys and bitcoin address. It performs various
functions, such as receiving and sending bitcoins. Nowadays, software usually offers both functionalities: bitcoin
client and wallet. On the disk, the bitcoin core client wallets are stored as the Berkeley DB file:
:~/.bitcoin$ file wallet.dat
wallet.dat: Berkeley DB (Btree, version 9, native byte-order) Private keys can be generated in different ways
and are used by different types of wallets.

Wallets do not store any coins, and there is no concept of wallets storing balance or coins for a user. In fact, in
the bitcoin network, coins do not exist; instead, only transaction information is stored on the blockchain (more
precisely, UTXO unspent outputs), which are then used to calculate the amount ofbitcoins.

WALLET TYPES In bitcoin, there are different types of wallets that can be used to store private keys. As a
software program, they also provide some functions to the users to manage and carry out transactions on the
bitcoin network.
Non-deterministic wallets:
These wallets contain randomly generated private keys and are also called Just a Bunch of Key wallets. The
bitcoin core client generates some keys when first started and generates keys as and when required. Managing a
large number of keys is very difficult and an error-prone process can lead to theft and loss of coins. Moreover,
there is a need to create regular backups of the keys and protect them appropriately in order to prevent theft or
loss.
Deterministic wallets:
In this type of wallet, keys are derived out of a seed value via hash functions. This seed number is generated
randomly and is commonly represented by humanreadable mnemonic code words. Mnemonic code words are
defined in BIP39. This phrase can be used to recover all keys and makes private key management comparatively
easier.
Hierarchical deterministic wallets :
Defined in BIP32 and BIP44, HD wallets store keys in a tree structure derived from a seed. The seed generates
the parent key (master key), which is used to generate child keys and, subsequently, grandchild keys. Key
generation in HD wallets does not generate keys directly; instead, it produces some information (private key
generation information) that can be used to generate a sequence of private keys. The complete hierarchy of
private keys in an HD wallet is easily recoverable if the master private key is known. It is because of this
property that HD wallets are very easy to maintain and are highly portable.

Brain wallets:
The master private key can also be derived from the hash of passwords that are memorized. The key idea is that
this passphrase is used to derive the private key and if used in HD wallets, this can result in a full HD wallet that
is derived from a single memorized password. This is known as brain wallet. This method is prone to password
guessing and brute force attacks but techniques such as key stretching can be used to slow down the progress
made by the attacker. Paper wallets As the name implies, this is a paper-based wallet with the required key
material printed on it. It requires physical security to be stored. Paper wallets can be generated online from
various service providers, such as https://bitcoinpaperwallet.com/ or https://www.bitaddress.org/.

Hardware wallets:
Another method is to use a tamper-resistant device to store keys. This tamper-resistant device can be custombuilt
or with the advent of NFC-enabled phones, this can also be a secure element (SE) in NFC phones. Trezor and
Ledger wallets (various types) are the most commonly used bitcoin hardware wallets.
Online wallets :
Online wallets, as the name implies, are stored entirely online and are provided as a service usually via cloud.
They provide a web interface to the users to manage their wallets and perform various functions such as making
and receiving payments. They are easy to use but imply that the user trust the online wallet service provider.

Mobile wallets :
Mobile wallets, as the name suggests, are installed on mobile devices. They can provide various methods to
make payments, most notably the ability to use smart phone cameras to scan QR codes quickly and make
payments. Mobile wallets are available for the Android platform and iOS, for example, breadwallet, copay, and
Jaxx.

Jaxx Mobile wallet

Bitcoin payments:

Bitcoins can be accepted as payments using various techniques. Bitcoin is not recognized as a legal currency in
many jurisdictions, but it is increasingly being accepted as a payment method by many online merchants and e
commerce websites. There are a numbers of ways in which buyers can pay the business that accepts bitcoins. For
example, in an online shop, bitcoin merchant solutions can be used, whereas in traditional physical shops, point
of sale terminals and other specialized hardware can be used.

Customers can simply scan the QR barcode with the seller's payment URI in it and pay using their mobile
devices. Bitcoin URis allow users to make payments by simply clicking on links or scanning QR codes. URI
(Uniform Resource Idenfier) is basically a string that represents the transaction information. It is defined in
BIP21.
The QR code can be displayed near the point of the sale terminal. Nearly all bitcoin wallets support this feature.
Business can use the following screenshot to advertise that they can accept bitcoins as payment.

Various payment solutions, such as xbtterminal and 34 bytes bitcoin POS terminal are available commercially.
34 bytes POS solution.
Bitcoin payment processor, offered by many online service providers, allows integration with e-commerce
websites.

Bitcoin investment and buying and selling bitcoins

There are many online exchanges where users can buy and sell bitcoins. This is a big business on the Internet
now and it offers bitcoin trading, CFDs, spread betting, margin trading, and various other choices. Traders can
buy bitcoins or trade by opening long or short positions to make profit when bitcoin's price goes up or down.
Several other features, such as exchanging bitcoins for other virtual currencies, are also possible, and many
online bitcoin exchanges provide this function. Advanced market data, trading strategies, charts, and relevant
data to support traders is also available. An example is shown from CEX.IO here.

Bitcoin installation
The bitcoin core client can be installed from https://bitcoin.org/en/download. This is available for different
architectures and platforms ranging from x86 windows to ARM Linux, as shown in the following image:

SETTING UP A BITCOIN NODE

A sample run of the bitcoin core installation on Ubuntu is shown here; for other platforms, you can get details
from
www.bitcoin.org.

Step 2:
drequinox@drequinox-OP7010:~$ sudo apt-get update
Depending on the client required, users can use either of the following commands, or they can issue both
commands at once:
sudo apt-get install bitcoind
sudo apt-get install bitcoin-
qt
drequinox@drequinox-OP7010:~$ sudo apt-get install bitcoin-qt bitcoind
Reading package lists... Done Building dependency tree
Reading state information... Done ......

SETTING UP THE SOURCE CODE

The bitcoin source code can be downloaded and compiled if users wish to participate in the bitcoin code or for
learning purpose. Git can be used to download the bitcoin source code:
$ sudo apt-get install git
$ mkdir bcsource
$cd bcsource
drequinox@drequinox-OP7010:~/bcsource $ git clone https://github.com/bitcoin/bitcoin.git
Cloning into 'bitcoin'...
remote:
Counting objects: 78960, done.
remote: Compressing objects: 100% (3/3), done.
remote: Total 78960 (delta 0), reused 0 (delta 0), pack-reused 78957
Receiving objects: 100% (78960/78960), 72.53 MiB I 1.85 MiB/s, done.
Resolving deltas: 100% (57908/57908), done.
Checking connectivity... done.
Change the directory to bitcoin:
drequinox@drequinox-OP7010:~/bcsource$ cd bitcoin
After the preceding steps are completed, the code can be compiled:
drequinox@drequinoxOP7010:~/bcsource/bitcoin$./autogen.sh
drequinox@drequinoxOP7010:~/bcsource/bitcoin$./configure.sh
drequinox@drequinoxOP7010:~/bcsource/bitcoin$make drequinox@drequinoxOP7010:~/bcsource/bitcoin$
sudo make install

SETTING UP BITCOIN.CONF
bitcoin.conf file is a configuration file that is used by the bitcoin core client to save configuration settings. All
command line options for the bitcoind client with the exception of -conf switch can be set up in the configuration
file, and when bitcoin-qt or bitcoind will start up, it will take the configuration information from that file. In
Linux systems, this is usually found in $HOME/.bitcoin/, or it can also specified in the command line using the -
conf= switch to bitcoind core client software.
STARTING UP A NODE IN TESTNET
The bitcoin node can be started in the testnet mode if you want to test the bitcoin network and run an experiment.
This is a faster network as compared to the live network and has relaxed rules for mining and transactions.
Various faucet services are available for the bitcoin test network. One example is Bitcoin TestNet sandbox,
where users can request bitcoins to be paid to their testnet bitcoin address. This can be accessed via
https://testnet.manu.backend.hamburg/. This is very useful for experimentation with transactions on test net.
The command line to start up test net is as follows:
bitcoind --testnet -
daemon bitcoin-cli -
testnet
bitcoin-qt -testnet

STARTING UP A NODE IN REGTEST

The regtest mode (regression testing mode) can be used to create a local blockchain for testing purposes. The
following commands can be used to start up a node in the reg test mode
bitcoind -regtest -daemon
Bitcoin server starting
Blocks can be generated using the following command:
bitcoin-cli -regtest
generate 200 Relevant log messages can be viewed in the .bitcoin/regtest directory on a Linux system under
debug.log.

After block generation, the balance can be viewed as follows:

drequinox@drequinoxOP70I 0:
~/.bitcoin/regtest
$ bitcoin-cli - regtest getbalance 8750.00000000
The node can be stopped using this:
drequinox@drequinox-OP70I0:~/.bitcoin$ bitcoin-cli -regtest stop
Bitcoin server stopping
STARTING UP A NODE IN LIVE MAINNET
Bitcoind is the core client software that can be run as a daemon, and it provides the JSON RPC
interface. Bitcoin-cli is the command line feature-rich tool to interact with the daemon; the daemon
then interacts with the blockchain and performs various functions. Bitcoin-cli calls only JSON-RPC
functions and does not perform any actions on its own on the blockchain.
Bitcoin-qt is the bitcoin core client GUI. When the wallet software starts up first, it verifies the
blocks on the disk and then starts up and shows the following GUI:
Bitcoin Core QT client, just after installation, showing that blockchain is not in sync The verification
process is not specific to the Bitcoin-qt client; it is performed by the bitcoind client as well.
EXPERIMENTING WITH BITCOIN CLI
Bitcoin-cli is the command-line interface available with the bitcoin core client and can be used
to perform various functions using the RPC interface provided by the bitcoin core client. A sample
run ofbitcoin-cli getinfo; the same format can be used to invoke other commands A list of all
commands can be shown via the following command: Testnet bitcoin-cli, this is just the first few
lines of the output, actual output has many commands HTTP REST: Starting from bitcoin core
client 0.10.0, the HTTP REST interface is also available. By default, this runs on the same TCP port
8332 as JSON-RPC.

Bitcoin programming and the command-line interface

Bitcoin programming is a very rich field now. The bitcoin core client exposes various JSON RPC
commands that can be used to construct raw transactions and perform other functions via custom
scripts or programs. Also, the command line tool Bitcoin-cli is available, which makes use of the
JSON-RPC interface and provides a rich toolset to work with Bitcoin.

These APIs are also available via many online service provider in the form of bitcoin APIs, and they
provide a simple HTTP REST interface. Bitcoin APis, such as blockchain.info and bitpay, block.io,
and many others, offer a myriad of options to develop bitcoin-based solutions. Various libraries are
available for bitcoin programming. A list is shown as follows, and those if you interested can further
explore the libraries.
Libbitcoin: Available at https://libbitcoin.dyne.org/ and provides powerful command line utilities and
clients.
Pycoin: Available at https://github.com/richardkiss/pycoin, is a library for Python.
Bitcoinj: This library is available at https://bitcoinj.github.io/ and is implemented in Java.
There are many online bitcoin APis available,the most commonly used APis are listed as follows:
https://bitcore.io/
https://bitcoinjs.or
g/
https://blockchain.i
nfo/api
All APis offer more or less the same type of functionality, and it gets difficult to choose which API is
the best.

Bitcoin improvement proposals (BIPs) :

These documents are used to propose or inform the bitcoin community about the improvements
suggested, the design issues, or information about some aspects of the bitcoin ecosystem. There are
three types of bitcoin improvement proposals, abbreviated as BIPs:
Standard BIP: Used to describe the major changes that have a major impact on the bitcoin system,
for example, block size changes, network protocol changes, or transaction verification changes.
Process BIP: A major difference between standard and process BIPs is that standard BIPs cover
protocol changes, whereas process BIPs usually deal with proposing a change in a process that is outside
the core Bitcoin protocol. These are implemented only after a consensus among bitcoin users.
Informational BIP: These are usually used to just advise or record some information about
the bitcoin ecosystem, such as design issues.
 UNIT-4
Asymmetric Ciphers and Key Management
Prime Numbers Definition:
 A prime number can be defined as a natural number greater than 1 whose only
factors are 1 and the number itself.
 A prime number is a positive integer greater than 1 that cannot be written as a product of
two distinct integers which are greater than 1.

Public Key Cryptography

 Unlike symmetric key cryptography, we do not find historical use of public-key cryptography. It is a
relatively new concept.
 Symmetric cryptography was well suited for organizations such as governments, military, and big
financial corporations were involved in the classified communication.
 With the spread of more unsecure computer networks in last few decades, a genuine need was felt to
use cryptography at larger scale. The symmetric key was found to be non-practical due to challenges
it faced for key management. This gave rise to the public key cryptosystems.
The process of encryption and decryption is depicted in the following illustration −

The most important properties of public key encryption scheme are −

  Different keys are used for encryption and decryption. This is a property which set this scheme
different than symmetric encryption scheme.
 Each receiver possesses a unique decryption key, generally referred to as his private key.
 Receiver needs to publish an encryption key, referred to as his public key.
 Some assurance of the authenticity of a public key is needed in this scheme to avoid spoofing by
adversary as the receiver. Generally, this type of cryptosystem involves trusted third party which
certifies that a particular public key belongs to a specific person or entity only.
 Encryption algorithm is complex enough to prohibit attacker from deducing the plaintext from the
ciphertext and the encryption (public) key.
 Though private and public keys are related mathematically, it is not be feasible to calculate the
private key from the public key. In fact, intelligent part of any public-key cryptosystem is in
designing a relationship between two keys.
There are three types of Public Key Encryption schemes. We discuss them in following sections −

RSA Cryptosystem
 This cryptosystem is one the initial system. It remains most employed cryptosystem even today. The
system was invented by three scholars Ron Rivest, Adi Shamir, and Len Adleman and hence, it is
termed as RSA cryptosystem.
 We will see two aspects of the RSA cryptosystem, firstly generation of key pair and secondly
encryption-decryption algorithms.
Generation of RSA Key Pair
Each person or a party who desires to participate in communication using encryption needs to generate a
pair of keys, namely public key and private key. The process followed in the generation of keys is described
below −
 Generate the RSA modulus (n)
o Select two large primes, p and q.
o Calculate n=p*q. For strong unbreakable encryption, let n be a large number, typically a
minimum of 512 bits.
 Find Derived Number (e)
o Number e must be greater than 1 and less than (p − 1)(q − 1).
o There must be no common factor for e and (p − 1)(q − 1) except for 1. In other words two
numbers e and (p – 1)(q – 1) are coprime.
 Form the public key
o The pair of numbers (n, e) form the RSA public key and is made public.
o Interestingly, though n is part of the public key, difficulty in factorizing a large prime number
ensures that attacker cannot find in finite time the two primes (p & q) used to obtain n. This is
strength of RSA.
 Generate the private key
o Private Key d is calculated from p, q, and e. For given n and e, there is unique number d.
o Number d is the inverse of e modulo (p - 1)(q – 1). This means that d is the number less than
(p - 1)(q - 1) such that when multiplied by e, it is equal to 1 modulo (p - 1)(q - 1).
o This relationship is written mathematically as follows −
ed = 1 mod (p − 1)(q − 1)
The Extended Euclidean Algorithm takes p, q, and e as input and gives d as output.
Example
An example of generating RSA Key pair is given below. (For ease of understanding, the primes p & q taken
here are small values. Practically, these values are very high).
 Let two primes be p = 7 and q = 13. Thus, modulus n = pq = 7 x 13 = 91.
 Select e = 5, which is a valid choice since there is no number that is common factor of 5 and (p − 1)
(q − 1) = 6 × 12 = 72, except for 1.
  The pair of numbers (n, e) = (91, 5) forms the public key and can be made available to anyone whom
we wish to be able to send us encrypted messages.
 Input p = 7, q = 13, and e = 5 to the Extended Euclidean Algorithm. The output will be d = 29.
 Check that the d calculated is correct by computing −
de = 29 × 5 = 145 = 1 mod 72
 Hence, public key is (91, 5) and private keys is (91, 29).
Encryption and Decryption
Once the key pair has been generated, the process of encryption and decryption are relatively
straightforward and computationally easy.
Interestingly, RSA does not directly operate on strings of bits as in case of symmetric key encryption. It
operates on numbers modulo n. Hence, it is necessary to represent the plaintext as a series of numbers less
than n.
RSA Encryption
 Suppose the sender wish to send some text message to someone whose public key is (n, e).
 The sender then represents the plaintext as a series of numbers less than n.
 To encrypt the first plaintext P, which is a number modulo n. The encryption process is simple
mathematical step as −
C = Pe mod n
 In other words, the ciphertext C is equal to the plaintext P multiplied by itself e times and then
reduced modulo n. This means that C is also a number less than n.
 Returning to our Key Generation example with plaintext P = 10, we get ciphertext C −
C = 105 mod 91
RSA Decryption
 The decryption process for RSA is also very straightforward. Suppose that the receiver of public-key
pair (n, e) has received a ciphertext C.
 Receiver raises C to the power of his private key d. The result modulo n will be the plaintext P.
Plaintext = Cd mod n
 Returning again to our numerical example, the ciphertext C = 82 would get decrypted to number 10
using private key 29 −
Plaintext = 8229 mod 91 = 10
RSA Analysis
The security of RSA depends on the strengths of two separate functions. The RSA cryptosystem is most
popular public-key cryptosystem strength of which is based on the practical difficulty of factoring the very
large numbers.
 Encryption Function − It is considered as a one-way function of converting plaintext into ciphertext
and it can be reversed only with the knowledge of private key d.
 Key Generation − The difficulty of determining a private key from an RSA public key is equivalent
to factoring the modulus n. An attacker thus cannot use knowledge of an RSA public key to
determine an RSA private key unless he can factor n. It is also a one way function, going from p & q
values to modulus n is easy but reverse is not possible.
If either of these two functions are proved non one-way, then RSA will be broken. In fact, if a technique for
factoring efficiently is developed then RSA will no longer be safe.
The strength of RSA encryption drastically goes down against attacks if the number p and q are not large
primes and/ or chosen public key e is a small number.

Key Management in Cryptography

In cryptography, it is a very tedious task to distribute the public and private keys between sender
and receiver. If the key is known to the third party (forger/eavesdropper) then the whole security
mechanism becomes worthless. So, there comes the need to secure the exchange of keys.
There are two aspects for Key Management:
1. Distribution of public keys.
2. Use of public-key encryption to distribute secrets.
Distribution of Public Key:
The public key can be distributed in four ways:
1. Public announcement
2. Publicly available directory
3. Public-key authority
4. Public-key certificates.
These are explained as following below:
1. Public Announcement: Here the public key is broadcasted to everyone. The major weakness of
this method is a forgery. Anyone can create a key claiming to be someone else and broadcast it.
Until forgery is discovered can masquerade as claimed user.

2. Publicly Available Directory: In this type, the public key is stored in a public directory.
Directories are trusted here, with properties like Participant Registration, access and allow to modify
values at any time, contains entries like {name, public-key}. Directories can be accessed
electronically still vulnerable to forgery or tampering.
3. Public Key Authority: It is similar to the directory but, improves security by tightening control
over the distribution of keys from the directory. It requires users to know the public key for the
directory. Whenever the keys are needed, real-time access to the directory is made by the user to
obtain any desired public key securely.
4. Public Certification: This time authority provides a certificate (which binds an identity to the
public key) to allow key exchange without real-time access to the public authority each time. The
certificate is accompanied by some other info such as period of validity, rights of use, etc. All of this
content is signed by the private key of the certificate authority and it can be verified by anyone
possessing the authority’s public key.
First sender and receiver both request CA for a certificate which contains a public key and other
information and then they can exchange these certificates and can start communication.
Public Key Infrastructure (PKI)
 The most distinct feature of Public Key Infrastructure (PKI) is that it uses a pair of keys to achieve
the underlying security service. The key pair comprises of private key and public key.
 Since the public keys are in open domain, they are likely to be abused. It is, thus, necessary to
establish and maintain some kind of trusted infrastructure to manage these keys.

Key Management
 It goes without saying that the security of any cryptosystem depends upon how securely its keys are
managed. Without secure procedures for the handling of cryptographic keys, the benefits of the use
of strong cryptographic schemes are potentially lost.
 It is observed that cryptographic schemes are rarely compromised through weaknesses in their
design. However, they are often compromised through poor key management.
There are some important aspects of key management which are as follows −
 Cryptographic keys are nothing but special pieces of data. Key management refers to the secure
administration of cryptographic keys.
 Key management deals with entire key lifecycle as depicted in the following illustration −

 There are two specific requirements of key management for public key cryptography.
o Secrecy of private keys. Throughout the key lifecycle, secret keys must remain secret from
all parties except those who are owner and are authorized to use them.
o Assurance of public keys. In public key cryptography, the public keys are in open domain
and seen as public pieces of data. By default there are no assurances of whether a public key is
correct, with whom it can be associated, or what it can be used for. Thus key management of
public keys needs to focus much more explicitly on assurance of purpose of public keys.
The most crucial requirement of ‘assurance of public key’ can be achieved through the public-key
infrastructure (PKI), a key management systems for supporting public-key cryptography.
PKI provides assurance of public key. It provides the identification of public keys and their distribution. An
anatomy of PKI comprises of the following components.

 Public Key Certificate, commonly referred to as ‘digital certificate’.

 Private Key tokens.
 Certification Authority.
 Registration Authority.
 Certificate Management System.

Digital Certificate
For analogy, a certificate can be considered as the ID card issued to the person. People use ID cards such as
a driver's license, passport to prove their identity. A digital certificate does the same basic thing in the
electronic world, but with one difference.
Digital Certificates are not only issued to people but they can be issued to computers, software packages or
anything else that need to prove the identity in the electronic world.
  Digital certificates are based on the ITU standard X.509 which defines a standard certificate format
for public key certificates and certification validation. Hence digital certificates are sometimes also
referred to as X.509 certificates.
Public key pertaining to the user client is stored in digital certificates by The Certification Authority
(CA) along with other relevant information such as client information, expiration date, usage, issuer
etc.
 CA digitally signs this entire information and includes digital signature in the certificate.
 Anyone who needs the assurance about the public key and associated information of client, he carries
out the signature validation process using CA’s public key. Successful validation assures that the
public key given in the certificate belongs to the person whose details are given in the certificate.
The process of obtaining Digital Certificate by a person/entity is depicted in the following illustration.

Block Cipher modes of

Operation
Encryption algorithms are divided into two categories based on the input type, as a block cipher and
stream cipher. Block cipher is an encryption algorithm that takes a fixed size of input say b bits and
produces a ciphertext of b bits again. If the input is larger than b bits it can be divided further. For
different applications and uses, there are several modes of operations for a block cipher.

Electronic Code Book (ECB) –

Electronic code book is the easiest block cipher mode of functioning. It is easier because of direct
encryption of each block of input plaintext and output is in form of blocks of encrypted ciphertext.
Generally, if a message is larger than b bits in size, it can be broken down into a bunch of blocks
and the procedure is repeated.
Procedure of ECB is illustrated below:

Advantages of using ECB –

 Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.
 Simple way of the block cipher.
Disadvantages of using ECB –
 Prone to cryptanalysis since there is a direct relationship between plaintext and ciphertext.
Cipher Block Chaining –
Cipher block chaining or CBC is an advancement made on ECB since ECB compromises some
security requirements. In CBC, the previous cipher block is given as input to the next encryption
algorithm after XOR with the original plaintext block. In a nutshell here, a cipher block is produced
by encrypting an XOR output of the previous cipher block and present plaintext block.
The process is illustrated here:

Advantages of CBC –
 CBC works well for input greater than b bits.
 CBC is a good authentication mechanism.
 Better resistive nature towards cryptanalysis than ECB.
Disadvantages of CBC –
 Parallel encryption is not possible since every encryption requires a previous cipher.
Cipher Feedback Mode (CFB) –
In this mode the cipher is given as feedback to the next block of encryption with some new
specifications: first, an initial vector IV is used for first encryption and output bits are divided as a
set of s and b-s bits.The left-hand side s bits are selected along with plaintext bits to which an XOR
operation is applied. The result is given as input to a shift register having b-s bits to lhs,s bits to rhs
and the process continues. The encryption and decryption process for the same is shown below, both
of them use encryption

algorithms.

Advantages of CFB –
 Since, there is some data loss due to the use of shift register, thus it is difficult for applying
cryptanalysis.

Disadvantages of using CFB –

 The drawbacks of CFB are the same as those of CBC mode. Both block losses and
concurrent encryption of several blocks are not supported by the encryption. Decryption,
however, is parallelizable and loss-tolerant.
Output Feedback Mode –
The output feedback mode follows nearly the same process as the Cipher Feedback mode except
that it sends the encrypted output as feedback instead of the actual cipher which is XOR output. In
this output feedback mode, all bits of the block are sent instead of sending selected s bits. The
Output Feedback mode of block cipher holds great resistance towards bit transmission errors. It also
decreases the dependency or relationship of the cipher on the plaintext.
Advantages of OFB –
 In the case of CFB, a single bit error in a block is propagated to all subsequent blocks. This
problem is solved by OFB as it is free from bit errors in the plaintext block.

Disadvantages of OFB-
 The drawback of OFB is that, because to its operational modes, it is more susceptible to a
message stream modification attack than CFB.
Counter Mode –
The Counter Mode or CTR is a simple counter-based block cipher implementation. Every time a
counter-initiated value is encrypted and given as input to XOR with plaintext which results in
ciphertext block. The CTR mode is independent of feedback use and thus can be implemented in
parallel.
Its simple implementation is shown below:
Advantages of Counter –
 Since there is a different counter value for each block, the direct plaintext and ciphertext
relationship is avoided. This means that the same plain text can map to different ciphertext.
 Parallel execution of encryption is possible as outputs from previous stages are not chained
as in the case of CBC.
Disadvantages of Counter-
 The fact that CTR mode requires a synchronous counter at both the transmitter and the
receiver is a severe drawback. The recovery of plaintext is erroneous when synchronisation is
lost.

Applications of Block Ciphers

1. Data Encryption: Block Ciphers are widely used for the encryption of private and sensitive
data such as passwords, credit card details and other information that is transmitted or stored for
a communication. This encryption process converts a plain data into non-readable and complex
form. Encrypted data can be decrypted only by the authorised person with the private keys.
2. File and Disk Encryption: Block Ciphers are used for encryption of entire files and disks in
order to protect their contents and restrict from unauthorised users. The disk encryption
softwares such as BitLocker, TrueCrypt aslo uses block cipher to encrypt data and make it
secure.
3. Virtual Private Networks (VPN): Virtual Private Networks (VPN) use block cipher for the
encryption of data that is being transmitted between the two communicating devices over the
internet. This process makes sure that data is not accessed by unauthorised person when it is
being transmitted to another user.
4. Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL and TLS
protocols use block ciphers for encryption of data that is transmitted between web browsers and
 servers over the internet. This encryption process provides security to confidential data such as
login credentials, card information etc.
5. Digital Signatures: Block ciphers are used in the digital signature algorithms, to provide
authenticity and integrity to the digital documents. This encryption process generates the unique
signature for each document that is used for verifying the authenticity and detecting if any
malicious activity is detected.

As shown in the illustration, the CA accepts the application from a client to certify his public key. The CA,
after duly verifying identity of client, issues a digital certificate to that client.

Certifying Authority (CA)

As discussed above, the CA issues certificate to a client and assist other users to verify the certificate. The
CA takes responsibility for identifying correctly the identity of the client asking for a certificate to be issued,
and ensures that the information contained within the certificate is correct and digitally signs it.
Key Functions of CA
The key functions of a CA are as follows −
 Generating key pairs − The CA may generate a key pair independently or jointly with the client.
 Issuing digital certificates − The CA could be thought of as the PKI equivalent of a passport agency
− the CA issues a certificate after client provides the credentials to confirm his identity. The CA then
signs the certificate to prevent modification of the details contained in the certificate.
 Publishing Certificates − The CA need to publish certificates so that users can find them. There are
two ways of achieving this. One is to publish certificates in the equivalent of an electronic telephone
directory. The other is to send your certificate out to those people you think might need it by one
means or another.
 Verifying Certificates − The CA makes its public key available in environment to assist verification
of his signature on clients’ digital certificate.
 Revocation of Certificates − At times, CA revokes the certificate issued due to some reason such as
compromise of private key by user or loss of trust in the client. After revocation, CA maintains the
list of all revoked certificate that is available to the environment.
Classes of Certificates
There are four typical classes of certificate −
 Class 1 − These certificates can be easily acquired by supplying an email address.
 Class 2 − These certificates require additional personal information to be supplied.
 Class 3 − These certificates can only be purchased after checks have been made about the
requestor’s identity.
 Class 4 − They may be used by governments and financial organizations needing very high levels of
trust.
Registration Authority (RA)
CA may use a third-party Registration Authority (RA) to perform the necessary checks on the person or
company requesting the certificate to confirm their identity. The RA may appear to the client as a CA, but
they do not actually sign the certificate that is issued.
Certificate Management System (CMS)
It is the management system through which certificates are published, temporarily or permanently
suspended, renewed, or revoked. Certificate management systems do not normally delete certificates
because it may be necessary to prove their status at a point in time, perhaps for legal reasons. A CA along
with associated RA runs certificate management systems to be able to track their responsibilities and
liabilities.
Private Key Tokens
While the public key of a client is stored on the certificate, the associated secret private key can be stored on
the key owner’s computer. This method is generally not adopted. If an attacker gains access to the computer,
he can easily gain access to private key. For this reason, a private key is stored on secure removable storage
token access to which is protected through a password.
Different vendors often use different and sometimes proprietary storage formats for storing keys. For
example, Entrust uses the proprietary .epf format, while Verisign, GlobalSign, and Baltimore use the
standard .p12 format.

Hierarchy of CA
With vast networks and requirements of global communications, it is practically not feasible to have only
one trusted CA from whom all users obtain their certificates. Secondly, availability of only one CA may lead
to difficulties if CA is compromised.
In such case, the hierarchical certification model is of interest since it allows public key certificates to be
used in environments where two communicating parties do not have trust relationships with the same CA.
 The root CA is at the top of the CA hierarchy and the root CA's certificate is a self-signed certificate.
 The CAs, which are directly subordinate to the root CA (For example, CA1 and CA2) have CA
certificates that are signed by the root CA.
 The CAs under the subordinate CAs in the hierarchy (For example, CA5 and CA6) have their CA
certificates signed by the higher-level subordinate CAs.
Certificate authority (CA) hierarchies are reflected in certificate chains. A certificate chain traces a path of
certificates from a branch in the hierarchy to the root of the hierarchy.
The following illustration shows a CA hierarchy with a certificate chain leading from an entity certificate
through two subordinate CA certificates (CA6 and CA3) to the CA certificate for the root CA.
Verifying a certificate chain is the process of ensuring that a specific certificate chain is valid, correctly
signed, and trustworthy. The following procedure verifies a certificate chain, beginning with the certificate
that is presented for authentication −
 A client whose authenticity is being verified supplies his certificate, generally along with the chain of
certificates up to Root CA.
 Verifier takes the certificate and validates by using public key of issuer. The issuer’s public key is
found in the issuer’s certificate which is in the chain next to client’s certificate.
 Now if the higher CA who has signed the issuer’s certificate, is trusted by the verifier, verification is
successful and stops here.
 Else, the issuer's certificate is verified in a similar manner as done for client in above steps. This
process continues till either trusted CA is found in between or else it continues till Root CA.
 UNIT-5
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Cryptography Hash functions

Hash functions are extremely useful and appear in almost all information security applications.
A hash function is a mathematical function that converts a numerical input value into another compressed
numerical value. The input to the hash function is of arbitrary length but output is always of fixed length.
Values returned by a hash function are called message digest or simply hash values. The following picture
illustrated hash function −

Features of Hash Functions

The typical features of hash functions are −
 Fixed Length Output (Hash Value)
o Hash function coverts data of arbitrary length to a fixed length. This process is often referred
to as hashing the data.
o In general, the hash is much smaller than the input data, hence hash functions are sometimes
called compression functions.
o Since a hash is a smaller representation of a larger data, it is also referred to as a digest.
o Hash function with n bit output is referred to as an n-bit hash function. Popular hash
functions generate values between 160 and 512 bits.
 Efficiency of Operation
o Generally for any hash function h with input x, computation of h(x) is a fast operation.
o Computationally hash functions are much faster than a symmetric encryption.
Properties of Hash Functions
 Pre-Image Resistance
 Second Pre-Image Resistance
 Collision Resistance
Design of Hashing Algorithms
  At the heart of a hashing is a mathematical function that operates on two fixed-size blocks of data to
create a hash code. This hash function forms the part of the hashing algorithm.
 The size of each data block varies depending on the algorithm. Typically the block sizes are from
128 bits to 512 bits. The following illustration demonstrates hash function −

 Hashing algorithm involves rounds of above hash function like a block cipher. Each round takes an
input of a fixed size, typically a combination of the most recent message block and the output of the
last round.
 This process is repeated for as many rounds as are required to hash the entire message. Schematic of
hashing algorithm is depicted in the following illustration −

 Since, the hash value of first message block becomes an input to the second hash operation, output of
which alters the result of the third operation, and so on. This effect, known as an avalanche effect of
hashing.
 Avalanche effect results in substantially different hash values for two messages that differ by even a
single bit of data.
 Understand the difference between hash function and algorithm correctly. The hash function
generates a hash code by operating on two blocks of fixed-length binary data.
 Hashing algorithm is a process for using the hash function, specifying how the message will be
broken up and how the results from previous message blocks are chained together.

Popular Hash Functions

Let us briefly see some popular hash functions −
Message Digest (MD)
MD5 was most popular and widely used hash function for quite some years.
 The MD family comprises of hash functions MD2, MD4, MD5 and MD6. It was adopted as Internet
Standard RFC 1321. It is a 128-bit hash function.
 MD5 digests have been widely used in the software world to provide assurance about integrity of
transferred file. For example, file servers often provide a pre-computed MD5 checksum for the files,
so that a user can compare the checksum of the downloaded file to it.
 In 2004, collisions were found in MD5. An analytical attack was reported to be successful only in an
hour by using computer cluster. This collision attack resulted in compromised MD5 and hence it is no
longer recommended for use.
Secure Hash Function (SHA)
Family of SHA comprise of four SHA algorithms; SHA-0, SHA-1, SHA-2, and SHA-3. Though from same
family, there are structurally different.
 The original version is SHA-0, a 160-bit hash function, was published by the National Institute of
Standards and Technology (NIST) in 1993. It had few weaknesses and did not become very popular.
Later in 1995, SHA-1 was designed to correct alleged weaknesses of SHA-0.
  SHA-1 is the most widely used of the existing SHA hash functions. It is employed in several widely
used applications and protocols including Secure Socket Layer (SSL) security.
 In 2005, a method was found for uncovering collisions for SHA-1 within practical time frame
making long-term employability of SHA-1 doubtful.
 SHA-2 family has four further SHA variants, SHA-224, SHA-256, SHA-384, and SHA-512
depending up on number of bits in their hash value. No successful attacks have yet been reported on
SHA-2 hash function.
 Though SHA-2 is a strong hash function. Though significantly different, its basic design is still
follows design of SHA-1. Hence, NIST called for new competitive hash function designs.
 In October 2012, the NIST chose the Keccak algorithm as the new SHA-3 standard. Keccak offers
many benefits, such as efficient performance and good resistance for attacks.

SHA Hashing in Java

In this section, we are going to learn what is SHA Hashing, where and how it is used in the Java
programming language. We are going to see examples of SHA hashing in Java to understand the in-depth
usage of SHA hashing in the Java programming language.

What is SHA Hashing?

The "Secure Hash Algorithm" is widely known as SHA. The Secure Hash Algorithm is a cryptographic
hash function. A cryptographic hash function is an algorithm that randomly takes data as input without a
specific reason and produces an output of text in a coded form called "Hash value".

The coded text will be stored instead of the password that is used to verify the user, and this enciphered text
is used to verify the user instead of the password. The SHA is also a non-reversible function similar to other
cryptographic hash functions. SHA can be used to create a text signature by taking input of 20 bytes long
maximum. The Secure Hash Function returns a 40-digit hexadecimal hash value as its output. Even the
smallest changes in the input can make a big difference in the coded text output. The phenomenon is called
the avalanche effect. The avalanche effect helps in securing the user data from attackers as it makes the
decrypting of code difficult.

Types of SHA
There are several different forms of the Secure Hashing Algorithm. The following forms of SHA are
mentioned below:

1. SHA-1
2. SHA-2
3. SHA-256
4. SHA-512
5. SHA-224
6. SHA-384

There are many more forms of SHA that are being used in the programming world, but then, in reality, there
are only two types of SHA they are SHA-1 and SHA-2. The other forms of SHA are just versions of SHA-2
that note different bit lengths of SHA-2 while enciphering the texts. SHA-1 used to be the original form of
the Secure Hash Algorithm as it produced a 160-bit message digest as the output. As the SHA-1 was used to
give the same digest value to two different values, the number of combinations produced with 160 bits was
small. This made the SHA-1 brute forced by the attackers and could be cracked easily. Due to this failure of
SHA-1, a new form of Secure Hash Algorithm "SHA-2" is introduced. It produces various bit lengths
ranging from 256 to 512 and also assigns a unique value to every message digest.
Next Generation of Hashing
At present, SHA-2 is used in the industrial grade for secure hashing algorithms. SHA-3 was also released by
the Creators of SHA-1 and SHA-2. The American-based organization " NIST " is the creator and publisher
of the secure hashing algorithms SHA-1, SHA-2 and SHA-3. The software of SHA-3 is much slower than
the previous versions of SHA, but the hardware of SHA-3 is faster when compared with SHA-1 and SHA-2.
Though released in 2015, SHA-3 is not made the industrial grade yet, but we will likely see SHA-3 grow in
the future.

Usage of SHA in Java

The Secure Hash Algorithms are used in digital signatures and their related certificates to establish a secure
connection between the web server and its clients using explicit or implicit connections
like SSL and TSL cryptographic protocols. Various applications also utilize SHA. They are:

1. Secure Shell Protocol (SSH) applications.

2. Secure Multipurpose Internet Mail Extensions (S-MIME)
3. Intrusion Prevention System (IPS)

SHAs are also used to used for hashing passwords of web servers so that the server has to remember only
the Hashes. The technique of hashing the passwords prevents the attackers from having direct access to
plain text passwords as he/she can only view the hashes that are stored in the database. So as mentioned
above, we use the Secure Hash Algorithms to protect several applications, web servers and files from
attackers.

Implementing SHA in Java

To begin using SHA in Java, the "java.security" package must be imported into the program. After
importing the above package into a Java program, the "MessageDigest" class is used in Java for calculating
the value of cryptographic hash functions.

The Secure Hash Algorithms are always initiated in a static method called "getInstance()". a preferred SHA
form must be selected after the initiation to calculate the message digest. The results return a byte array
value after the message digest is calculated. The byte array is converted into its sign form by using a "
BigInteger " class. At last, the sign form is turned into a hexadecimal format, which is our required hash
value, i.e., message digest

RIPEMD
The RIPEMD is an acronym for RACE Integrity Primitives Evaluation Message Digest. This set of hash
functions was designed by open research community and generally known as a family of European hash
functions.
 The set includes RIPEMD, RIPEMD-128, and RIPEMD-160. There also exist 256, and 320-bit
versions of this algorithm.
 Original RIPEMD (128 bit) is based upon the design principles used in MD4 and found to provide
questionable security. RIPEMD 128-bit version came as a quick fix replacement to overcome
vulnerabilities on the original RIPEMD.
 RIPEMD-160 is an improved version and the most widely used version in the family. The 256 and
320-bit versions reduce the chance of accidental collision, but do not have higher levels of security as
compared to RIPEMD-128 and RIPEMD-160 respectively.
Whirlpool
This is a 512-bit hash function.
  It is derived from the modified version of Advanced Encryption Standard (AES). One of the designer
was Vincent Rijmen, a co-creator of the AES.
 Three versions of Whirlpool have been released; namely WHIRLPOOL-0, WHIRLPOOL-T, and
WHIRLPOOL.
Applications of Hash Functions
There are two direct applications of hash function based on its cryptographic properties.
Password Storage
Hash functions provide protection to password storage.
 Instead of storing password in clear, mostly all logon processes store the hash values of passwords in
the file.
 The Password file consists of a table of pairs which are in the form (user id, h(P)).
 The process of logon is depicted in the following illustration −

 An intruder can only see the hashes of passwords, even if he accessed the password. He can neither
logon using hash nor can he derive the password from hash value since hash function possesses the
property of pre-image resistance.
Data Integrity Check
Data integrity check is a most common application of the hash functions. It is used to generate the
checksums on data files. This application provides assurance to the user about correctness of the data.
The process is depicted in the following illustration −

The integrity check helps the user to detect any changes made to original file. It however, does not provide
any assurance about originality. The attacker, instead of modifying file data, can change the entire file and
compute all together new hash and send to the receiver. This integrity check application is useful only if the
user is sure about the originality of file.

Message Authentication Code (MAC)

 MAC algorithm is a symmetric key cryptographic technique to provide message authentication. For
establishing MAC process, the sender and receiver share a symmetric key K.
  Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent along
with a message to ensure message authentication.
The process of using MAC for authentication is depicted in the following illustration −

Let us now try to understand the entire process in detail −

 The sender uses some publicly known MAC algorithm, inputs the message and the secret key K and
produces a MAC value.
 Similar to hash, MAC function also compresses an arbitrary long input into a fixed length output.
The major difference between hash and MAC is that MAC uses secret key during the compression.
 The sender forwards the message along with the MAC. Here, we assume that the message is sent in
the clear, as we are concerned of providing message origin authentication, not confidentiality. If
confidentiality is required then the message needs encryption.
 On receipt of the message and the MAC, the receiver feeds the received message and the shared
secret key K into the MAC algorithm and re-computes the MAC value.
 The receiver now checks equality of freshly computed MAC with the MAC received from the
sender. If they match, then the receiver accepts the message and assures himself that the message has
been sent by the intended sender.
 If the computed MAC does not match the MAC sent by the sender, the receiver cannot determine
whether it is the message that has been altered or it is the origin that has been falsified. As a bottom-
line, a receiver safely assumes that the message is not the genuine.

Limitations of MAC
There are two major limitations of MAC, both due to its symmetric nature of operation −
 Establishment of Shared Secret.
o It can provide message authentication among pre-decided legitimate users who have shared
key.
o This requires establishment of shared secret prior to use of MAC.
 Inability to Provide Non-Repudiation
o Non-repudiation is the assurance that a message originator cannot deny any previously sent
messages and commitments or actions.
o MAC technique does not provide a non-repudiation service. If the sender and receiver get
involved in a dispute over message origination, MACs cannot provide a proof that a message
was indeed sent by the sender.

Types of Authentication Protocols

User authentication is the first most priority while responding to the request made by the user to the
software application. There are several mechanisms made which are required to authenticate the
access while providing access to the data. In this blog, we will explore the most common
authentication protocols and will try to explore their merits and demerits.
1. Kerberos :
Kerberos is a protocol that aids in network authentication. This is used for validating clients/servers
during a network employing a cryptographic key. It is designed for executing strong authentication
while reporting to applications. The overall implementation of the Kerberos protocol is openly
available by MIT and is used in many mass-produced products.

Some advantages of Kerberos :

 It supports various operating systems.
 The authentication key is shared much efficiently than public sharing.
Some disadvantages of Kerberos :
 It is used only to authenticate clients and services used by them.
 It shows vulnerability to soft or weak passwords.
2. Lightweight Directory Access Protocol (LDAP) :
LDAP refers to Lightweight Directory Access Protocol. It is a protocol that is used for determining
any individuals, organizations, and other devices during a network regardless of being on public or
corporate internet. It is practiced as Directories-as-a-Service and is the grounds for Microsoft
building Activity Directory.

Some advantages of LDAP :

 It is an automated protocol which makes it modernizing easier.
 It supports existing technologies and allows multiple directories.
Some disadvantages of LDAP :
 It requires the experience of deployment.
 The directory servers are required to be LDAP obedient for deployment.
3. OAuth2 :
OAuth as the name suggests it is an authorization framework that promotes granting limited access
to the user on its account through an HTTP service. When a user requests access to resources an
API call is made and after the authentication token is passed.

Some advantages of OAuth2 :

 It is a simple protocol and is easy to implement.
 It provides server-side authorization of code.
Some disadvantages of OAuth2 :
 It is vulnerable to manage different sets of code.
 It shows serious effects on sites connected to another affected system.
4. SAML :
SAML stands for Security Assertion Markup Language which is based on XML-based
authentication data format which provides the authorization between an identity provider and
service provider. It serves as a product of the OASIS Security Services Technical Committee.
Some advantages of SAML :
 It reduced the administrative costs for the end-users.
 It provides a single sign-in for authenticating across service providers.
Some disadvantages of SAML :
 It is dependent on the identity provider.
 All the data is managed in a single XML format.
5. RADIUS :
RADIUS stands for Remote Authentication Dial-In User Service. It is a network protocol that
provides sufficient centralized Authentication, Accounting, and Authorization for the users that use
and network services. The functioning of the protocol occurs when the user requests access to
network resources, where the RADIUS server encrypts the credentials which are entered by the
user. After this, the user credentials are mapped through the local database and provide access.
Some advantages of RADIUS :
 It is a great mechanism for providing multiple access for Admins.
 It provides a unique identity to each user in a session.
Some disadvantages of RADIUS :
 Initial implementation for this mechanism is hard on hardware.
 It has a variety of models that may require a special team which is cost consuming.
Differentiating between the protocols will not make justice to the protocols because it depends on
the use of the application and for what purpose it is being used