Blockchain security

Advanced cryptography in blockchain

November 24, 2020 by Howard Poston

Blockchain is Built with Cryptography

Blockchain technology is revolutionary.  It provides a completely different way of accomplishing a wide range of tasks, which has led to its widespread adoption.

However, blockchain technology is largely built using algorithms and ideas that predate it.  It is the combination of these ideas and the design of the blockchain protocol that make it capable of providing the features and guarantees that it does.

Many of these blockchain building blocks are cryptographic algorithms.  Hash functions and digital signature algorithms are widely used in the basic blockchain protocol.  However, additional cryptographic algorithms have been incorporated into blockchain technology as well, providing additional benefits.


Digital signatures are designed to provide integrity and authenticity validation for data.  This enables the recipient of a message to verify that it originated with the alleged sender and has not been modified in transit.

Multisignature algorithms enable the generation of digital signatures that require the participation of multiple parties to be valid.  This can either be accomplished programmatically or using cryptographic algorithms like Shamir Secret Sharing.

Zero-Knowledge Proofs

Knowledge of a secret (like a password) is a common way to authenticate as a member of a group.  However, on the blockchain where everything is perfect, data cannot be shared in a transaction without revealing it to the entire blockchain network.

Zero knowledge proofs enable a user to prove knowledge of a secret without revealing the secret itself.  A simple zero-knowledge proof can demonstrate that two balls are different colors to someone who is color-blind:

  1. Take two balls that are different colors and give to color-blind person (the “verifier”)
  2. The verifier conceals the two balls from the prover
  3. The verifier shows the prover one ball, then conceals it again
  4. The verifier shows the prover one ball
  5. The prover states whether or not the balls were the same

Under this proof, it is possible to demonstrate with high probability (after repeated trials) that the balls are in fact different colors.  However, the verifier never learns which ball is which color.

More complex proofs can be created using cryptographic primitives.  Blockchain technology uses the more complicated zero-knowledge proofs to demonstrate knowledge of some fact on the distributed ledger without revealing the fact itself.

Stealth Addresses

The original blockchains, like Bitcoin, were designed to be completely transparent.  In order to have a completely decentralized system, nodes needed to be able to verify the validity of transactions.  This includes the ability to ensure that an account attempting to perform a transaction actually contained the value required to do so.

As a result, the sender, recipient, and value of every transaction is publicly exposed.  This allows anyone to know the value stored in anyone else’s wallet by analyzing transactions.

Stealth addressing is designed to help with this.  It enables a cryptocurrency user to generate one-time addresses and claim the value sent to them.  This makes it impossible to determine the identity of a transaction recipient or that two transactions went to the same recipient.

Ring Signatures

Stealth addressing helps to anonymize the recipient side of a transaction.  Ring signatures make it possible to do the same for the sender.

All blockchain transactions are digitally signed by their creator.  This makes it possible to verify that a particular transaction was authorized by the owner of the account.

A ring signature allows data to be signed by someone as a member of a group.  Using a set of public keys, a signature is generated that can be verified as belonging to one member of that group.  However, it is not possible to determine which of the group’s members generated the signature.

Since public keys are public information, it is possible to generate a ring signature as a member of any group.  However, the signature creator needs to know the private key associated with one of these public keys to create the signature, which provides the verification that the signer is actually a group member.

Commitment Schemes

In some situations, it is desirable to be able to commit to something without revealing it.  For example, some auctions work by having everyone place a bit secretly, then naming the winner as the one who made the highest bid.

On the blockchain, such a system can be difficult to design since all information placed on the digital ledger is publicly visible.  A commitment scheme enables a user to commit to a particular value without revealing it.

Hash functions are an example of a simple commitment scheme.  Publishing the hash of a piece of data does not allow anyone to determine the original data, except by a brute-force search (which can be defeated by the use of a random nonce appended to the data).  Later on, the user can reveal the data, and anyone else can verify its validity and be confident that it has not been changed (due to hash function collision resistance).

Hash functions are simple commitment schemes, but more complex ones exist that allow mathematical operations on commitments.  This, combined with other cryptographic algorithms, makes it possible to build confidential transactions that hide the value of a transaction.

Cryptography for the Blockchain

The blockchain is built using cryptography.  Cryptography provides many of the basic guarantees that make blockchain technology possible, such as the immutability of the digital ledger.

The use of additional cryptography can provide additional functionality and guarantees.  This can help to increase the privacy of the blockchain in a number of different ways without sacrificing the verifiability of transactions that is necessary for it to function.


Posted: November 24, 2020
Articles Author
Howard Poston
View Profile

Howard Poston is a cybersecurity researcher with a background in cryptography and malware analysis. He has a Master’s degree in Cyber Operations from the Air Force Institute of Technology and two years of experience in cybersecurity R&D at Sandia National Labs. He currently provides consulting and technical content writing for cybersecurity, cryptocurrency, and blockchain.