Course Outcomes

SYLLABUS
Module –1 (Fundamentals of Cryptography)
Introduction to Cryptography, Symmetric cryptography –AES. Asymmetric cryptography –
RSA. Elliptic curve cryptography, Digital signatures –RSA digital signature algorithms. Secure
Hash Algorithms –SHA-256. Applications of cryptographic hash functions –Merkletrees,
Distributed hash tables.
Module –2 (Fundamentals of BlockchainTechnology)
Blockchain–Definition, architecture, elements of blockchain, benefits and limitations, types of
blockchain. Consensus –definition, types, consensus in blockchain.
Decentralization –Decentralization using blockchain, Methods of decentralization, Routes to
decentralization, Blockchainand full ecosystem decentralization
Module -3 (Consensus Algorithms and Bitcoin)
Consensus Algorithms, Crash fault-tolerance (CFT) algorithms –Paxos, Raft. Byzantine
faulttolerance(BFT) algorithms –Practical Byzantine Fault Tolerance (PBFT), Proof of work
(PoW), Proof of stake (PoS), Types of PoS.
Bitcoin –Definition, Cryptographic keys –Private keys, public keys, addresses. Transactions
Lifecycle, coinbasetransactions, transaction validation. Blockchain–The genesis block.
Mining –Tasks of miners, mining algorithm, hash rate. Wallets –Types of wallets.
 SYLLABUS
Module -4 (Smart Contracts and Use cases)
Smart Contracts –Definition, Smart contract templates, Oracles, Types of oracles,
Deploying smart contracts. Decentralization terminology –Decentralized applications,
Decentralized Autonomous Organizations.
Use cases of Blockchaintechnology –Government, Health care, Finance, Supply chain
management.
Blockchainand allied technologies –Blockchainand Cloud Computing, Blockchainand
Artificial Intelligence.
Module -5 (Ethereumand Solidity)
Ethereum–The Ethereumnetwork. Components of the Ethereumecosystem –Keys and
addresses, Accounts, Transactions and messages. The EthereumVirtual Machine, Blocks
and blockchain.
The Solidity language –The layout of a Solidity source code, Structure of a smart
contract, variables, data types, control structures, events, inheritance, libraries, functions,
error handling.
Smart contracts Case study: Voting, Auction.
Assignments

Assignment 1 Assignment 3
Class Test

Assignment 2
Develop blockchain based
solutions and smart contracts
using Ethereum Framework.
• Cryptography is the science of making information secure in
P, E, C, and D represent plaintext,
the presence of adversaries.
encryption,
ciphertext, and decryption,
respectively. This model utilizes
concepts such
as entities, senders, receivers,
adversaries, keys, and channels.
These
concepts are explained
Sender: This asthat
is an entity follows:
Entity:
transmitsEither a person or system
the data
that sends,This
Receiver: receives, or performs
is an entity that takes
operations on data
delivery of the data
Adversary: This is an entity that tries
to circumvent the security service
Key: A key is data that is used to
encrypt the plaintext and also to
decrypt the ciphertext
Channel: A channel provides a
medium of communication between
entities
• Accountability is the assurance that
actions affecting security can be traced
back to the responsible party. This is
usually provided by logging and audit
mechanisms in systems where a
detailed audit is required due to the
nature of the business

• There are two types of authentication

mechanisms, namely, entity
authentication and data origin
authentication
Entity authentication is the
assurance that an entity is currently
involved and active in a
communication session.
Data origin authentication
Also known as message authentication,
data origin authentication is an
assurance that the source of the information
is indeed verified.Various methods, such
as Message Authentication Codes
(MACs) and digital signatures, are
Cryptographic
Primitives

Note:
Role of Cryptography in
Blockchain:
Securing a blockchain
ecosystem requires
many different cryptographic
primitives, such as hash
Classifications of
Cryptography
Symmetric Cryptography
• Symmetric cryptography refers to a
type of cryptography where the key
that is used to encrypt the data is the
same one that is used for decrypting
the data. Thus, it is also known as
shared key cryptography. The key must
be established or agreed upon before
the data exchange occurs between the
communicating parties. This is the There are two types of symmetric
ciphers: stream ciphers and block
reason it is also called secret key ciphers.
cryptography. Data Encryption Standard (DES)
and Advanced Encryption Standard
(AES) are typical examples of block
ciphers, whereas RC4 and A5 are
 Stream Ciphers
 Stream ciphers are
encryption algorithms that
apply encryption algorithms
on a bit-by-bit basis (one bit
at a time)to plaintext using a
keystream.
 Two types of stream ciphers:
synchronous stream
ciphers- keystream is
dependent only on the key
and asynchronous stream
ciphers-
Note: keystream
The fundamental that is in stream ciphers is the security and
requirement
also dependent
randomness of keystreamson the
 Block Ciphers
• Block ciphers are encryption algorithms that break
up the text to be
encrypted (plaintext) into blocks of a fixed length and
apply the encryption block by block.
• Block ciphers are generally built using a design
strategy known as a Feistel cipher (combining multiple
rounds of repeated operations to achieve desirable
Confusion adds complexity to the relationship
cryptographic
between the encryptedproperties known
text and plaintext. This as
confusion and diffusion)
is achieved by substitution.
The diffusion property spreads the plaintext
statistically over the encrypted data.
This ensures that even if a single bit is
changed in the input text, it results in
changing at least half (on average) of the bits
in the ciphertext.
 Random • RNGs are software or hardware
Randomness Numbers
systems that make use of the
• provides an indispensable element randomness available in the real
for the security of the cryptographic protocols. It world, that is, the analog world,
is used for the generation of keys and in where uncertainty in the environment
encryption algorithms. produces randomness. This can be
• Randomness ensures that operations of a
temperature variations, thermal
cryptographic algorithm do not become noises from various electronic
predictable enough to allow cryptanalysts to components, or acoustic noise. This is
predict the outputs and operations of the called real randomness. Other
algorithm, which will make the algorithm
There are two categories of source of randomness, sources are based on the fact that a
insecure.
namely, Random Number Generators (RNGs) running computer system generates
and Pseudorandom Number Generators some randomness from the running
(PRNGs). processes, such as keystrokes or disk
movements. These types of sources
of randomness are not very practical
due to
PRNGs are deterministic functions that work on the principle of the difficulty
using a randomof acquiring this
initial value
data or
called a seed to produce a random looking set of elements. not having
PRNGs enough entropy.
are commonly used to
generate keys for encryption algorithms. A common example of a PRNG is the Blum-Blum-
Shub (BBS). PRNGs are a better alternative to RNGs due to their reliability and
deterministic nature.
Hash
Functions
• Hash functions are used to create fixed-length digests of arbitrarily long
input strings. Hash functions are keyless, and they provide a data
integrity service. They are usually built using iterated and dedicated hash
function construction techniques. Hash functions are efficient and fast
one-way functions
• Various families of hash functions are available, such as MD, SHA1, SHA-
2, SHA-3, RIPEMD, and Whirlpool. Hash functions are commonly used for
digital signatures and message authentication codes, such as HMACs.
They have three security properties, namely, pre-image resistance,
second preimage resistance, and collision resistance.
• Some applications use hash functions as a means for generating PRNGs.
Properties of Hash
Functions
Easy to compute
• Hash functions are efficient and fast one-way functions. It is required that hash
functions be very quick to compute regardless of the message size.
• The efficiency may decrease if the message is too big, but the function should
still be fast enough for practical use.
Security properties of hash functions
1. Pre-image resistance
• This property can be explained by using the simple equation: h(x) = y
Here, h is the hash function, x is the input, and y is the hash.
The first security property requires that y cannot be reverse-computed to x. x is
considered a pre-image of y, hence the name pre-image resistance. This is
also called a one-way property.
 Properties of Hash
Functions
2. Second pre-image resistance
• The second pre-image resistance property requires that given x and h(x), it is
almost impossible to find any other message m, where m! = x and hash of m =
hash of x or h(m) = h(x). This property is also known as weak collision
resistance..
3. Collision resistance
• The collision resistance property requires that two different input messages
should not hash to the same output. In other words, h(x) != h(z). This property is
also known as strong collision resistance

Weak collision resistance protects against second pre-image attacks, where the
attacker targets a specific message.
Strong collision resistance protects against general collision attacks, where the
•.
attacker tries to find any two inputs with the same hash
Properties of Hash
Functions
AES Origins
• clear a replacement for DES was needed
• have theoretical attacks that can break it
• have demonstrated exhaustive key search attacks
• can use Triple-DES – but slow, has small blocks
• US NIST issued call for ciphers in 1997
• 15 candidates accepted in Jun 98
• 5 were shortlisted in Aug-99
• Rijndael was selected as the AES in Oct-2000
• issued as FIPS PUB 197 standard in Nov-2001
The AES Cipher - Rijndael
• designed by Rijmen-Daemen in Belgium
• has 128/192/256 bit keys, 128 bit data and expands the key into
array of 44/52/60 32-bit words
• designed to have:
• resistance against known attacks
• speed and code compactness on many CPUs
• design simplicity
 AES Structure

https://legacy.cryptool.org/en/cto/aes-step-by-step
AES Encryption
Process
AES Key Expansion (for key length of 128 bits)
The AES key expansion algorithm takes as input a 4-word (16-byte)
key and produces a linear array of 44 words (176 bytes). This is
sufficient to provide a 4-word round key for the initial
AddRoundKey stage and each of the 10 rounds of the cipher.
The following pseudocode describes the expansion:

for (i = 0 ; i < 4 ; i++)

[key[4*i] , key[4*i+1] , key[4*i+2] , key[4*i+3]]
for (i = 4; i < 44 ; i++)
temp = w[i – 1];
if (i mod 4 = 0)
temp = SubWord ( RotWord ( temp ) )  Rcon[i / 4];
w[i] = w[i – 4]  temp
Where
*RotWord performs a one-byte circular left shift on a word.
*SubWord performs a byte substitution on each byte of its input
word using the S-box.
*Rcon[j] is a round constant.

27
Add Round Key

XOR state with 128-bits of the round key

processed by column
inverse for decryption identical
since XOR own inverse, with reversed keys
Substitute Bytes
• a simple substitution of each byte
• uses one table of 16x16 bytes containing a
permutation of all 256 8-bit values
• each byte of state is replaced by byte indexed by
row (left 4-bits) & column (right 4-bits)
• eg. byte {95} is replaced by byte in row 9 column 5
• which has value {2A}
• S-box constructed using defined transformation
of values in GF(28)
• designed to be resistant to all known attacks
Substitute Bytes
Substitute Bytes Example
Shift Rows
• a circular byte shift in each each
• 1st row is unchanged
• 2nd row does 1 byte circular shift to left
• 3rd row does 2 byte circular shift to left
• 4th row does 3 byte circular shift to left
• decrypt inverts using shifts to right
• since state is processed by columns, this
step permutes bytes between the columns
Shift Rows
Mix Columns

• each column is processed separately

• each byte is replaced by a value dependent
on all 4 bytes in the column
• effectively a matrix multiplication in GF(28)
using prime poly m(x) =x8+x4+x3+x+1
Mix
Columns
Mix Columns Example
AES
Round
AES-Decryption
AES-Decryption
AES-Decryption
AES
Example
Key
Expansion
AES
Example
Encryption
AES
Example
Avalanche
 RSA

RSA was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard
Adelman, hence the name RSA. This type of public key
cryptography is based on the integer factorization problem, where
the multiplication of two large prime numbers is easy, but it is
difficult to factor the product (the result of the multiplication) back
to the two original numbers.
RSA
Extended Euclidean Algorithm
• The Extended Euclidean Algorithm builds upon the
coefficients 𝑥 and y such that:
Euclidean Algorithm to find not only the GCD but also

• ax + by = GCD(a, b)
• These coefficients can be particularly useful in solving
Diophantine equations and in cryptographic algorithms
like RSA.

1.Apply the Euclidean Algorithm to find the GCD of 𝑎 and

• Steps of the Extended Euclidean Algorithm

b.

of 𝑎 and 𝑏.
2.Backtrack to express the GCD as a linear combination
RSA Example
Elliptic Curve Cryptography
• ECC is based on the discrete logarithm problem founded upon elliptic
curves over finite fields (Galois fields).
• The main benefit of ECC over other types of public key algorithms is that
it requires a smaller key size, while providing the same level of
security.
• The same level of security can be achieved with ECC when only using
256-bit operands as compared to 3,072 bits in RSA.
• Two notable schemes that originate from ECC are ECDH for key
exchange and ECDSA for digital signatures.
• ECC can also be used for encryption.
• As ECC needs less space to operate, it is becoming very popular on
embedded platforms and in systems where storage resources are
limited.
Mathematics Behind ECC
Elliptic Curve Cryptography
• An elliptic curve is basically a type of polynomial equation known as the
Weierstrass equation, which generates a curve over a finite field. The most
commonly used field is where all arithmetic operations are performed modulo a
prime number p.
• Elliptic curve groups consist of points on the curve over a finite field.
• An elliptic curve is defined in the following equation:
y2 = x3 + ax + b mod p
• Here, a and b belong to a finite field Zp or Fp (prime finite field), such that the
discriminant, which is 4a3 + 27b2, is non-zero which means that the curve is
nonsingular.
• The point of infinity is an important point that always lies on an elliptic curve and is
used to provide identity operations for points on the curve
Mathematics Behind ECC
Elliptic Curve Cryptography
• First, the group elements are identified as a set of points that satisfy the equation.
• Basic group operations on elliptic curves are point addition and point doubling.
• Point addition is a process where two different points are added, and point
doubling means that same point is added to itself.
 Elliptic Curve
Mathematics Behind ECC
Cryptography
 Elliptic Curve
Mathematics Behind ECC
Cryptography
 Elliptic Curve
Mathematics Behind ECC
Cryptography
 Elliptic Curve
Hard Problem in ECC
Cryptography

Consider the equation Q = kP where Q, P ∈ EP(a, b) and k < p. It is

relatively easy to calculate Q given k and P, but it is hard to determine k
given Q and P. This is called the discrete logarithm problem for elliptic
curves

Here k = 9. In a real application, k would be so large as to make the bruteforce

approach infeasible.
ECC-Diffie-Hellman Key Exchange

To break this scheme, an attacker would

need to be able to compute k given G and
kG, which is assumed to be hard.
Elliptic Curve
Encryption/Decryption
• The first task in this system is to encode the plaintext message m to be sent
as an (x, y) point Pm. It is the point Pm that will be encrypted as a ciphertext
and subsequently decrypted.
• An encryption/decryption system requires a point G and an elliptic group
Eq(a, b) as parameters. Each user A selects a private key nA and generates a
public key PA = nA * G. To encrypt and send a message Pm to B, A chooses a
random positive integer k and produces the ciphertext Cm consisting of the
pair of points: Cm = {kG, Pm + kPB}
• A has used B’s public key PB. To decrypt the ciphertext, B multiplies the first
point in the pair by B’s private key and subtracts the result from the second
point: Pm + kPB - nB(kG) = Pm + k(nBG) - nB(kG) = Pm.
Elliptic Curve
Encryption/Decryption
Digital Signatures
• Digital signatures provide a means of associating a message with an entity
from which the message has originated.
• Digital signatures are used to provide data origin authentication and non-
repudiation.
• Digital signatures are used in blockchains, where transactions are digitally
signed by senders using their private key, before the sender broadcasts the
transaction to the network. This digital signing proves that the sender is the
rightful owner of the asset; for example, bitcoins.
• The transactions are verified again by other nodes on the network to
ensure that the funds indeed belong to the node (user) who claims to be
the owner
Properties of Digital Signatures
• Authenticity means that the digital signatures are verifiable by a
receiving party.
• The unforgeability property ensures that only the sender of the
message can use the signing functionality using the private key.
Unforgeability means that no one else can produce the signed
message produced by a legitimate sender. This is also called the
property of non-repudiation.
• Non-reusability means that the digital signature cannot be separated
from a message and used again for another message.
RSA Digital Signature
Algorithms
• RSA-based digital signature algorithms are calculated using the two
steps.
1. Calculate the hash value of the data packet.
This will provide the data integrity guarantee, as the hash can be
computed at the receiver’s end again and matched with the original
hash to check whether the data has been modified in transit.
2.Sign the hash value with the signer's private key.
As only the signer has the private key, the authenticity of the signature
and the signed data is ensured.
RSA Digital Signature
Digital Signature Approaches
• If a sender wants to send an authenticated message to a receiver,
there are two methods that can be used: sign then encrypt and
encrypt then sign. These two approaches of using digital signatures
with encryption are as follows.
• Sign then encrypt
With this approach, the sender digitally signs the data using the private
key, appends the signature to the data, and then encrypts the data and
the digital signature using the receiver's public key. This is considered a
more secure scheme compared to the encrypt then sign scheme.
Digital Signature Approaches
• Encrypt then sign
• With this method, the sender encrypts the data using the receiver's
public key and then digitally signs the encrypted data.
Various schemes, such as RSA-, DSA-, and ECDSA-based digital signature
schemes, are used in practice. RSA is the most commonly used;
however, with the traction of ECC, ECDSA-based schemes are also
becoming quite popular. This is beneficial in blockchains because ECC
provides the same level of security that RSA does, but it uses less
space. Also, the generation of keys is much faster in ECC compared to
RSA, so it helps with the overall performance of the system.
 Secure Hash Algorithms
• The most common Secure Hash Algorithms (SHAs):
SHA-0 This is a 160-bit function introduced by the U.S. National Institute of Standards and Technology
(NIST) in 1993.
SHA-1 Introduced in 1995 by NIST as a replacement for SHA-0. This is also a 160-bit hash function. SHA-1 is
used commonly in SSL and TLS implementations. SHA-1 is now considered insecure.
SHA-2 Includes four functions defined by the number of bits of the hash: SHA-224, SHA-256, SHA-384, and
SHA-512.
SHA-3 This is the latest family of SHA functions. SHA3-224, SHA3-256, SHA3-384, and SHA3-512 are
members of this family. SHA3 is a NIST standardized version of Keccak. Keccak uses a new approach
called sponge construction instead of the commonly used Merkle-Damgard transformation.
RIPEMD RIPEMD is the acronym for RACE Integrity Primitives Evaluation Message Digest. It is based on the
design ideas used to build MD4. There are multiple versions of RIPEMD, including 128-bit, 160-bit,
256-bit, and 320-bit.
Whirlpool This is based on a modified version of the Rijndael cipher known as W. It uses the Miyaguchi-
Preneel compression function, which is a type of one-way function used for the compression of two
fixed-length inputs into a single fixed-length output. It is a single block length compression function.
Applications of Hash Function

• Hash functions have many practical applications ranging from simple

file integrity checks and password storage to use in cryptographic
protocols and algorithms. They are used in hash tables, distributed
hash tables, bloom filters, virus fingerprinting, peer-to-peer (P2P) file-
sharing, and many other applications.
• Hash functions play a vital role in blockchain. The Proof-of-Work
(PoW) function in particular uses SHA-256 twice in order to verify the
computational effort spent by miners. RIPEMD 160 is used to produce
Bitcoin addresses.
SHA-256
• SHA-256 has an input message size limit of 264 - 1 bits. The block size
is 512 bits, and it has a word size of 32 bits. The output is a 256-bit
digest. The compression function processes a 512-bit message block
and a 256-bit intermediate hash value.
• There are two main components of this function: the compression
function and a message schedule.
SHA-256- Algorithm
• Pre-processing
1. Padding of the message is used to adjust the length of a block to 512 bits
if it is smaller than the required block size of 512 bits.
2. Parsing the message into message blocks, which ensures that the
message and its padding is divided into equal blocks of 512 bits.
3. Setting up the initial hash value, which consists of the eight 32-bit words
obtained by taking the first 32 bits of the fractional parts of the square roots
of the first eight prime numbers. These initial values are fixed and chosen to
initialize the process. They provide a level of confidence that no backdoor
exists in the algorithm.
SHA-256- Algorithm
• Hash computation
4. Each message block is then processed in a sequence, and it requires 64 rounds to
compute the full hash output. Each round uses slightly different constants to ensure
that no two rounds are the same.
5. The message schedule is prepared.
6. Eight working variables are initialized.
7. The compression function runs 64 times.
8. The intermediate hash value is calculated.
9. Finally, after repeating steps 5 through 8 until all blocks (chunks of data) in the
input message are processed, the output hash is produced by concatenating
intermediate hash values.
SHA-256- Algorithm

a, b, c, d, e, f, g, and h are the

registers for 8 working
variables. Maj and Ch
functions are applied
bitwise.∑0 and ∑1perform
bitwise rotation.
The round constants are Wj
and Kj, which are added in the
main loop (compressor
function) of the hash function,
which runs 64 times.
Applications of cryptographic hash functions

• Hash functions are used in cryptographic puzzles such as the Proof of Work (PoW)
mechanism in Bitcoin. Bitcoin's PoW makes use of the SHA-256 cryptographic hash
function.
• The generation of addresses in blockchains. For example, in Ethereum, blockchain
accounts are represented as addresses. These addresses are obtained by hashing
the public key with the Keccak-256 hash algorithm and then using the last 20 bytes
of this hashed value.
• Message digests in digital signatures.
• The creation of Merkle trees to guarantee the integrity of transaction structure in
the blockchain. Specifically, this structure is used to quickly verify whether a
transaction is included in a block or not. Merkle trees are the core building blocks
of all blockchains.
Merkle Trees

• Hash functions are used to build Merkle trees, which are used to
efficiently and securely verify large amounts of data in distributed
systems.
• The concept of Merkle trees was introduced by Ralph Merkle.
Merkle Trees

• A Merkle tree is a binary tree in which the inputs are first placed at
the leaves (nodes with no children), and then the values of pairs of
child nodes are hashed together to produce a value for the parent
node (internal node),until a single hash value known as a Merkle root
is achieved. This structure helps to quickly verify the integrity of the
entire tree (entire dataset), but just by verifying the Merkle root on
top of the Merkle tree, because if any change occurs in any of the
hashes in the tree, the Merkle root will also change. This is the reason
why the integrity of the system can be verified quickly by just looking
at the Merkle root.
Merkle Trees

• Another advantage of Merkle trees is that there is no requirement of

storing large amounts of data, only the hashes of the data, which are
fixed-length digests of the large dataset. Due to this property, the
storage and management of Merkle trees is easy and efficient as it
takes a very small amount of space for storage. Also, due to the fact
that the tree is storage efficient, the relevant proofs for integrity are
also smaller in size and quick to transmit over the network, thus
making them bandwidth efficient over the network.
Distributed Hash Tables

• A hash table is a data structure that is used to map keys to values.

Internally, a hash function is used to calculate an index into an array of
buckets from which the required value can be found. Buckets have
records stored in them using a hash key and are organized into a
particular order.
• Distributed Hash Table (DHT) as a data structure where data is spread
across various nodes, and nodes are equivalent to buckets in a peer-to-
peer network.
Distributed Hash Tables

Data is passed through a hash function, which then generates a

compact key. This key is then linked with the data (values) on the peer-
to-peer network. When users on the network request the data (via the
filename), the filename can be hashed again to produce the same key,
and any node on the network can then be requested to find the
corresponding data. A DHT provides decentralization, fault tolerance,