2021-11-11

What's a Crypto: BTC - BitCoin!

BTC: Bitcoin!

Structure

Bitcoin is a peer-to-peer (P2P) payment network that enables folks to send money to each other without some intermediate financial institution like a Bank or Broker. Similar to the Tor network, but with money.

This was setup to avoid needing a trusted third party to validate transactions. That trust can be broken and manipulated depending on the entity in charge of the financial transactions.

Transactions are secured against double-spending via hashing timestamps along with the transaction information itself. Bitcoin is transferred from one party to another via computational power that attempts to collect all the transactions since the last block and create a new chain of transactions. The longest chain with the most history is the victorious chain that will have more blocks added to it.

* This is why when you transact on any cryptocurrency network, most often times, you'll see say "your funds are locked until X number of confirmations"; they want to be certain an attacker doesn't have the opportunity to "unspend" those coins.

Proof of Work

Proof of work is when CPU power is expensed to calculate the transactions into a chain. We've covered this concept in a previous video, but to expand on the previous explanation, let's imagine a tree instead of a box for a block. As each transaction comes into the network, it's also marked with a timestamp. These computers are all trying to create a chain of transactions that make sense and includes as many transactions as it can into the block of transactions.

Rewards

To incentivize people to secure the network, rewards are granted for the computing power invested in securing the network.

The genesis block is the first block on the chain and includes the original 50 BTC that was first ever minted. Every transaction after that is either the transfer of those original 50 BTC, or the minting of 50 new BTC. Every 210,000 blocks, the rewards are cut in half.

In addition to the block reward, transaction fees are included in the block as well. This will continue to incentivize people to secure the network even after all blocks have been mined. Each new block added to the chain includes the block reward as the first transaction, all other transactions and their fees are added up and sent to the address that found the next block all miners can agree to start working on next. The block reward itself is called the Coinbase block. Seems there's a bit of a cooincidence in the name of the company.

Transactions

Transactions are made via the PKI infrastructure we talked about in a previous video. Using this private/public key setup, the recipient is able to sign the request with the public key and the sender is able to verify it with their private key. This is why it's absolutely critical you have a secure lock on your private key (e.g. your seed phrase) because with that, an attacker can completely replicate your wallet, its contents and sign transactions on your behalf.

Privacy

Your privacy is secured via the "anonymity" of your public key being open and on the network, but nobody knowing its you until you associate yourself with that public key as your identity.

Exploits

Now, let's talk about the security of BitCoin.

An attacker is only ever able to try to reverse transactions where they spent their Bitcoin; Bitcoin can never just appear out of thin air from an exploited chain of blocks because it would be rejected by the honest players in the network.

An attacker would need at least 51% of the hashing power of the network to perform an attack. However, this could only ever be an attack that could "unspend" the coins, or allocate the block reward to an address they control. This is not beneficial to the attacker because then the coin would lose its value from the lack of trust in the network.

An attacker can also "guess" at the seed phrase used to generate a wallet. However, this isn't really practical because they would need that entire nemonic phrase in order to replicate your wallet.

All in all, Bitcoin as a network is actually really secure itself. The exploit vector is you.

Conclusion

So, Bitcoin itself is very secure and has great incentive to remain as such. Bitcoin does one thing, and it does it well: Store of value and transfer of that value.

So stay smart. Stay safe. Take care of yourself and others. Think before you click!


Sources:


Posted by at No comments:
Labels: , , , ,

Hashing vs Encryption

Hashing vs Encryption

Today, we're going to take a look at the difference between Hashing and Encryption. It should be a nice and quick video since the explanations can be made relatively simple.

Hashing

Hashing is one way. You can take any amount of data and reduce it down to a series of hexadecimal characters that are a fixed length. Some examples of hashing algorithms include MD5, SHA1, SHA256.

In some cases and for some algorithms like MD5, the results can clash. Clashing happens when you take more than one input and get the same output. For an oversimplified example, I input "AAAA" into the MD5 algorithm and get a hash. I input "CCCCCC" into the algorithm and get the same hash. You can say there is a clash in the MD5 algorithm between those two values.

For security, you'll want to select an algorithm that has a low number of clashes to avoid the chances at "reverse hashing" the data you put into the algorithm.

Reverse Hashing

Reverse hashing is really a term that is coined off this concept here:

  • I will execute a bruteforce password cracking attack and create a hash of "a", then "b", then "c".
  • I will repeat for "aa", "bb", and "cc".
  • I will repat until "zzzzzzzz".

This is called creating a Rainbow Table, in which you get a text file that represents the hash and the input that created the hash. So, really it's not "reverse hashing" as much as it's a "reverse table lookup for the hash" to determine the source of data that went into the algorithm.

Hashing Examples

Real world example cases of hashing include passwords. As a developer, you should never store passwords in plaintext. You should always hash them (with a salt) and store the result. If the user enters the same password and it's correct, the hashes should match. If not, reject the login.

Encryption

Encryption is the act of taking information and altering the value of that data until its unrecognizable. An oversimplified example could be to suppose you take the alphabet and reverse the characters. Z is A, B is Y and so on. The result would appear to be unreadable to anyone who doesn't know the algorithm that went into encrypting the data.

Encryption is reversable. You need to know the algorithm and the rules that go into that encryption. Some encryption is really simple and just requires a password. Other encryptions require a password and a key. More advanced algorithms require a password, key and IV or Initialization Vector.

Encryption Keys

An encryption key is not limited to just encryption, but also can be used for authentication and authorization. In a previous video, we covered the concept of PKI or Public Key Infrastructure. This can also be used to sign the encryption to also verify the property of key ownership. If you need to validate identity, then keys will be used to sign the encryption as well to ensure the party is not only the only one who can view the data, but also the person to whom you think you're speaking.

Initialization Vector

An Initialization Vector (IV) is basically a seed random number that kicks off the encryption algorithm. You can think of the IV as the spark plug that starts the encryption engine.

Summary

So that's hashing vs Encryption in a nutshell. Hashing is one-way and cannot be reversed. However, there's nothing stopping you from creating a database of hashes to values. Encryption is reversable, but you need to know the rules of engagement before embarking upon this journey.


Posted by at No comments:
Labels: , , , , , , ,

2021-11-02

New Series: What's a Crypto?

This is an editorial edutainment post.

Intro

So, we are going to start a new series called: What's a Crypto? In these episodes, we're going to cover several cryptocurrencies. We'll be examining the project, their purpose, use cases, and how to apply some of the concepts we've covered on my channel.

Before we get into that, there are a few technical terms we will need to cover first that aren't directly related to cryptocurrency, but apply to technology on a more general level.

These include:

  • PKI: Public Key Infrastructure
  • Hashing vs Encryption

In our first two episodes, we're going to cover: Bitcoin and Ethereum!

We'll take a look at the Whitepaper, what it says and we'll look at some use cases. If there's anything else relevant, we'll include that as well. If you have any coins you want me to cover, drop a comment below!

If you're seeing this video, it means at least Bitcoin is live, so head on over to my profile and find the video with the poster label: "BTC" I'll label the videos according to the ticker symbol found in most exchanges.

If you found this helpful, then you should double-tap that screen for a like! If you like learning about cryptocurrencies and all their fun applications, you should subscribe :) If you have any coin requests, drop a comment below and I'll cover it in one of my upcoming videos.

I have several coins on my list I plan on publishing so stay tuned!


Posted by at No comments:
Labels: , , , , , ,

2021-11-01

PKI: Public Key Infrastructure

PKI: Public Key Infrastructure

This is an editorial edutainment post.

PKI is a set of rules and policies that enables the transfer of information in a secure manner. It can be as simple and informal as two parties exchanging information securely among themselves, or it can be a larger integration where a third party validates the sender and recipient via signing the keys used in the exchange.

Structure

PKI involves at least two pairs of keys. A public and a private key. I generate a key pair. You generate a key pair.

The public key is open to the world and can be shared with anyone. Anyone can use the public key to encrypt information, or securely lock it so nobody else can read said data. You can equate the public key to this Master lock in this example.

The private key is yours and yours alone!

Don't share your privates in public, got it private?

The private key is used to decrypt anything encrypted with the public key. The private key is the only way to access data once it's been encrypted with the public key.

This is why folks often say "backup your keys/wallets" in cryptocurrencies. You never want to be in a single point of failure and lose the only key that can access your data. So, when you encrypt your data, be sure to make a copy of the password or key that encrypted that data.

Security

To further enhance the security of this setup, you can optionally encrypt your private key with a password/passphrase. This is a passphrase that is used to access the private key before decryption takes place.

It's like taking your key and putting it into a mini-safe that requires a PIN to access instead of just laying on your counter.

Keep in mind: The key is only as safe as your password.

This is why the cryptocommunity advocates using offline storage like a hardware wallet to store your crypto to avoid the chance at malicious software from ever accessing your private keys.

Simple Exmple

For a simple example, let's assume we want to exchange information in a secure manner. In this case: I would send you a copy of my public key. You would send me a copy of your public key.

If I wanted to send you data, I would take your public key, encrypt the data with that public key and send the result to you. Rest assured nobody will be able to view or intercept the data unless they have the private key you own, hold and control.

If you want to view the data and interact with it, simply use your private key to decrypt and see the plain version of the data.

Likewise: If you want to send data to me, then you would use my public padlock I gave to you to encrypt the data and send it back to me with the confidence that I will be the only one who will have access to said data via using my private key to decrypt the data.

This relates to cryptocurrency because your wallet is basically a public-private key pair. When you see that 12 word mnemonic phrase and your wallet tells you to backup that phrase, basically, that phrase is the private key that is used to generate the wallet.


@markizano.draconus

Let's talk about ##PKI or ##PublicKeyInfrastructure ##CryptoTalk ##Crypto ##Blockchain ##bitcoin ##ethereum

♬ original sound - Markizano Draconus

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)