>/D_
Published on

Exploring Cryptography in Ethereum: The Building Blocks of Security

Authors
  • avatar
    Name
    Frank
    Twitter

A Deep Dive into Cryptography on Ethereum

Cryptography is a fundamental component of blockchain technology, enabling secure transactions, digital signatures, and the generation of unique addresses. This article explores key concepts of cryptography in the context of Ethereum, detailing how private and public keys, digital signatures, and hash functions work together to secure the network.

Understanding Cryptography in Ethereum

Cryptography, a branch of mathematics, is used extensively in computer security to enable:

  • Encryption (often called "secret writing")
  • Digital Signatures, which prove knowledge of a secret without revealing it
  • Hashes, which create unique digital fingerprints to prove the authenticity of data

Public Key Cryptography

Public key cryptography is foundational to Ethereum's security model:

  • Private Key: Secretly held by wallet software, it is used to sign transactions.
  • Public Key: Derived from the private key, it’s used to verify the authenticity of transactions without revealing the private key.
  • Anyone with access to the private key can control the corresponding Ethereum account.

Ethereum Addresses

Ethereum addresses are generated from public keys. For externally owned accounts (EOAs), the address is derived from the public key. However, addresses can also represent smart contracts, which don’t rely on public-private key pairs.

Public Key Cryptography Explained

Public key cryptography uses mathematical functions that are easy to compute in one direction but difficult to reverse. This is achieved using principles like:

  • Prime Factorization: Multiplying two large prime numbers is straightforward, but finding the original primes from the product is difficult.
    • For example, given the number 8,018,009, finding its prime factors is computationally hard.
  • Trapdoor Functions: Some mathematical functions can be reversed easily if specific information is known.
    • For instance, if you know one prime factor, finding the other becomes trivial.
  • Elliptic Curve Cryptography (ECC): Modern systems, including Ethereum, use elliptic curves, which are based on arithmetic operations on points on a curve. This enables secure key generation and transactions.

Digital Signatures

Digital signatures in Ethereum enable users to sign messages (like transactions) in a way that proves the message's authenticity:

  • Using cryptographic techniques, the transaction details are combined with the private key to create a digital signature.
  • When a transaction is sent to the network, it must be signed using the private key. This signature is then used to verify that the transaction came from the rightful owner without revealing the private key.

Private and Public Keys

Private Keys

Private keys can be generated randomly. For example, you could generate a private key using a simple method like flipping a coin 256 times to produce a binary string.

In practice, programming libraries use algorithms like Keccak-256 or SHA-256 to generate a 256-bit private key within a secure range.

Public Keys

A public key is derived from a private key using elliptic curve multiplication, which is easy to perform but nearly impossible to reverse:

  • Elliptic Curve Multiplication: In elliptic curve cryptography, this operation functions like multiplication but cannot be reversed with division.
    • For example: ( K = k \times G )
    • Here, ( K ) is the public key, ( k ) is the private key, and ( G ) is a predefined point on the elliptic curve.

Hash Functions

Hash functions convert data of arbitrary size into a fixed-size output:

  • They are many-to-one functions, meaning different inputs can produce the same output, known as a hash collision.
  • The Ethereum network uses Keccak-256, which outputs a unique digital fingerprint for any given input.

EOA Addresses in Ethereum

Ethereum addresses for EOAs are derived from public keys using the following steps:

  1. Generate the Private Key:

    k = f8f8a2f43c8376ccb0871305060d7b27b0554d2cc72bccf41b2705608452f315

  2. Compute the Public Key: The public key ( K ) is the result of elliptic curve multiplication, producing ( K ) as a set of ( x ) and ( y ) coordinates concatenated in hexadecimal:

    K = 6e145ccef1033dea239875dd00dfb4fee6e3348b84985c92f103444683bae07b83b5c38e5e...

  3. Hash the Public Key with Keccak-256:

    Keccak256(K) = 2a5bc342ed616b5ba5732269001d3f1ef827552ae1114027bd3ecf1f086ba0f9

  4. Generate the Ethereum Address: The address is derived by keeping the last 20 bytes (least significant bytes) of the hashed public key:

    Address = 001d3f1ef827552ae1114027bd3ecf1f086ba0f9

The final Ethereum address is typically represented with a 0x prefix to indicate hexadecimal encoding:

0x001d3f1ef827552ae1114027bd3ecf1f086ba0f9

The Zero Address

  • 0x0 is a special address used in Ethereum for actions like contract creation.
  • For intentionally burning Ether, a specific address, 0x000000000000000000000000000000000000dEaD, is used to clearly denote burned funds.

Conclusion

Cryptography in Ethereum involves advanced mathematical functions that underpin the security and functionality of the network. Through public key cryptography, hash functions, and digital signatures, Ethereum maintains a secure and decentralized environment for transaction processing and smart contracts. Understanding these elements is crucial for anyone interested in the technical foundations of blockchain and decentralized technologies.

My shorthand notes were the source material for this article which was produced by generative AI.