This is the complete crash course on the Elliptic Curves Cryptography used in Bitcoin and other blockchains. With code samples and a live demo from scratch.
Cryptography *
Encryption and cryptanalysis
Systematic coding and digital signature
Once the Teacher asked the Author:
Are there methods of redundancy introducing at an informational level, other than those that are studied by the theory of error-correcting codes? Emphasizing that he is talking about information redundancy, the Teacher thus made it clear that the question does not imply various ways of energy redundancy introducing, which are well studied in communication theory. After all, the noise immunity of information transmission is traditionally assessed by means of a threshold value that is calculated as the ratio of signal energy to noise energy. It is known that the methods of the theory of error-correcting codes offer an alternative solution, allowing energy saving.
After a cogitative pause, the Author answered in the affirmative, following intuition rather than rational knowledge. Upon hearing the answer, the Teacher noticed that this is a wrong conclusion and there are no such methods.
However, over time, the Author began to suspect that the immutability of the paradigm formulated above could be questioned.
The Cryptocurrency Bandwagon
The spread of cryptocurrencies contributed to the development of many solutions based on a distributed ledger technology (blockchain). Although the scope of these solutions varies, most of them have the same basic set of security services, i.e. confidentiality, authenticity, and integrity. These features are granted by the practical applications of public key cryptography, in particular, digital signature (DS). But unlike many other applications of public key cryptography, cryptocurrency networks do not use public key certificates. This is the aspect that we would like to talk about.
Let’s deal with WeChat — the second most popular messenger in the world
- A short excursion into WeChat;
- About the platform, the version of the application, the utilities used and the decryption of the executable file;
- • About two protocols (old one and new one);
- About serialization of objects;
- Used cryptography and key exchange;
- About headers and hash-functions;
- About the exposures found.
On the recent vulnerability in Diebold Nixdorf ATMs
Hi there! A while ago, Positive Technologies published the news that ATMs manufactured by Diebold Nixdorf (previously known as Wincor), or more specifically, the RM3 and CMDv5 cash dispensers, contained a vulnerability which allowed attackers to withdraw cash and upload modified (vulnerable) firmware. And since my former colleague Alexei Stennikov and I were directly involved in finding this vulnerability, I would like to share some details.
Private party protocol: how to distinguish friends and foes using cryptographic tools
ENCRY presents a new interactive identification protocol aimed at controlling the access of selected users to various resources.
Close your eyes and imagine Nice, a luxurious estate whose extravagant owner throws epic parties with jazz and fireworks every weekend.
To attend such a party is a lot of the elite. Invitations are sent out in advance, and guests do not know the names of other invited persons. The owner of the estate, the mysterious Jay Gatsby, an eager luxury-lover, values privacy so much that he is not ready to entrust the list of invitees to anyone, not even his buttress. Moreover, the owner of the estate would like the guests not to reveal their names when entering the property. After all, there may be the mayor of the city, or the chief prosecutor among them, and they would like to keep their visit secret. Unfortunately, the owner of the estate himself is so busy that he cannot independently check each guest at the entrance, especially since there are several access roads to his house. How could he solve this problem?
5 Thought-Provoking Use Cases Of Blockchain In Diverse Industries
Blockchain is a decentralized technology that maintains a record of all transactions occurring over a peer-to-peer network. Due to Blockchain's several different high-level use cases, numerous industries described Blockchain as the 'magic beans.'
Blockchains store the record in a decentralized system that is interconnected. This technology lessens vulnerability and enhances transparency in all industrial sectors as information is stored digitally, and it does not have any centralized point to carry out the transactions.
Do You Know?
How to develop and publish a smart-contract in the Telegram Open Network (TON)
What is this article about?
In this article, I will tell about my participation in the first (out of two so far) Telegram blockchain contest. I didn't win any prize. However, decided to combine and share the unique experience I have had from the start to finish line, so my observations could help anyone who is interested.
Since I didn't want to write some abstract code, instead make something useful. I created instant lottery smart-contract and website which shows smart-contract data directly from Telegram Open Network (TON) avoiding any middle storage layers.
The article will be particularly useful for those, who want to write their first smart-contract for TON but don't know where to start.
Using the lottery as an example, I will go from setting up the environment to publishing a smart contract, interacting with it. Moreover, I will create a website that will show smart-contract data.
Full disclosure: 0day vulnerability (backdoor) in firmware for Xiaongmai-based DVRs, NVRs and IP cameras
This is a full disclosure of recent backdoor integrated into DVR/NVR devices built on top of HiSilicon SoC with Xiaongmai firmware. Described vulnerability allows attacker to gain root shell access and full control of device. Full disclosure format for this report has been chosen due to lack of trust to vendor. Proof of concept code is presented below.
9 Key Benefits Of Blockchain Technology In Sports Software
There are numerous benefits provided by blockchain technology for sports betting software. The nine key benefits are detailed below.
Security of Blockchain
When this technology is integrated into sports betting software, there is a permanent and unchangeable record in the transaction ledger providing transparency. Sportsbooks must be certain their betting data is delivered safely with all bets resolved correctly and quickly. This technology provides significantly better protection through the use of smart contracts. Decentralized actors handle the wagers with the smart contracts being executed automatically. Publicly written data cannot be altered. The complex system of the past is simplified and performed for much less than the traditional costs. Blockchain Development Services, Blockchain Solutions are paramount not only in sports betting but every aspect of the new business world. Blockchain technology experts integrate cryptocurrency payment solutions, program smart contracts, and engineer blockchain networks and apps.
This provides better protection, flawless bet execution, enhanced data security, and complete information transparency. The use of cryptocurrency significantly decreases the fees for payment processing. This reduces the margins for the sportsbook while offering players an increased chance to win. Once the bets have been resolved with a smart contract, the funds will be in the wallet of the better for almost immediate withdrawal. Any issues for even larger amounts are eliminated due to cryptocurrency payouts.
How elliptic curve cryptography works in TLS 1.3
A couple of reader alerts:
In order to (somewhat) simplify the description process and tighten the volume of the article we are going to write, it is essential to make a significant remark and state the primary constraint right away — everything we are going to tell you today on the practical side of the problematics is viable only in terms of TLS 1.3. Meaning that while your ECDSA certificate would still work in TLS 1.2 if you wish it worked, providing backwards compatibility, the description of the actual handshake process, cipher suits and client-server benchmarks covers TLS 1.3 only. Of course, this does not relate to the mathematical description of algorithms behind modern encryption systems.
This article was written by neither a mathematician nor an engineer — although those helped to find a way around scary math and reviewed this article. Many thanks to Qrator Labs employees.
(Elliptic Curve) Diffie-Hellman (Ephemeral)
The Diffie–Hellman legacy in the 21 centuryOf course, this has started with neither Diffie nor Hellman. But to provide a correct timeline, we need to point out main dates and events.
There were several major personas in the development of modern cryptography. Most notably, Alan Turing and Claud Shannon both laid an incredible amount of work over the field of theory of computation and information theory as well as general cryptanalysis, and both Diffie and Hellman, are officially credited for coming up with the idea of public-key (or so-called asymmetric) cryptography (although it is known that in the UK there were made serious advances in cryptography that stayed under secrecy for a very long time), making those two gentlemen pioneers.
In what exactly?
PKI Decentralization: Proposed Approaches to Security Improvement
In this article, we will once again dive deeper into the problems of PKI and consider the solutions being developed that can overcome existing shortcomings.
How to Write a Smart Contract with Python on Ontology? Part 4: Native API
Earlier, I have introduced the Ontology Smart Contract in
Part 1: Blockchain & Block API and
Part 2: Storage API
Part 3: Runtime API
Today, let’s talk about how to invoke an Ontology native smart contract through the Native API. One of the most typical functions of invoking native contract is asset transfer.
How to Write a Smart Contract with Python on Ontology? Part 3: Runtime API
Introduction
Earlier, I have introduced the Ontology Smart Contract in
Part 1: Blockchain & Block API and
Part 2: Storage API
Now when you have an idea about how to call the relevant API for persistent storage when developing Python smart contract on Ontology, let’s go on to Runtime API (Contract Execution API). The Runtime API has 8 related APIs that provide common interfaces for contract execution and help developers get, convert, and validate data. Here’s a brief description of these 8 APIs:
DPKI: Addressing the Disadvantages of Centralized PKI by Means of Blockchain
Digital certificates are one of the most commonly known auxiliary tools that help protect data across public networks. However, the key disadvantage of this technology is also commonly known: users are forced to implicitly trust certification authorities which issue digital certificates. Andrey Chmora, Technology and Innovations Director at ENCRY, suggested a new approach for building a Public Key Infrastructure (PKI) to eliminate the existing disadvantages using the distributed ledger (blockchain) technology.
Let's begin with the basics.
Blockchain RSA-based random
In this article, we explain how we solved this problem for our games. The first of these was Waves Xmas Tree.
The Data Structures of the Plasma Cash Blockchain's State
Hello, dear Habr users! This article is about Web 3.0 — the decentralized Internet. Web 3.0 introduces the concept of decentralization as the foundation of the modern Internet. Many computer systems and networks require security and decentralization features to meet their needs. A distributed registry using blockchain technology provides efficient solutions for decentralization.
Random oracle based on blockchain digital signature
From idea to implementation: modifying the existing elliptic curve signature scheme to be deterministic and providing functions on it to obtain verifiable within the blockchain pseudorandom numbers.
Authors' contribution
-
alizar 5232.1 -
Scratch 1858.0 -
NeverWalkAloner 1168.0 -
GlobalSign_admin 1051.4 -
Jeditobe 594.0 -
shifttstas 572.0 -
m1rko 433.6 -
Data_center_MIRAN 420.1 -
OLS 396.0 -
deNULL 393.0