BLOCKCHAIN REPORT

What is Blockchain?
 Blockchain is the technology the underpins digital currency (Bitcoin, Litecoin,
Ethereum, and the like). The tech allows digital information to be distributed, but not copied.
That means each individual piece of data can only have one owner. A block is record of a
new transactions. When a block is completed, it’s added to the chain. Bitcoin owners have the
private password (a complex key) to an address on the chain, which is where their ownership
is recorded. Crypto-currency proponents like the distributed storage without a middle man
— you don’t need a bank to verify the transfer of money or take a cut of the transaction.

Cryptography

Cryptography is associated with the process of converting ordinary plain text into
unintelligible text and vice-versa. It is a method of storing and transmitting data in a
particular form so that only those for whom it is intended can read and process it.
Cryptography not only protects data from theft or alteration, but can also be used for user
authentication.

cryptography concerns with:

1. Confidentiality : Information cannot be understood by anyone

2. Integrity : Information cannot be altered.
3. Accountability : Every individual who works with an information system should have
specific responsibilities for information assurance
4. Authentication : Sender and receiver can confirm each.

Confidentiality
Encryption : A very key component of protecting information confidentiality
would be encryption. Encryption ensures that only the right people (people who
knows the key) can read the information.

Encryption is the process of transforming information so it is unintelligible to anyone but the

intended recipient. Decryption is the process of transforming encrypted information so that it
is intelligible again. A cryptographic algorithm, also called a cipher, is a mathematical
function used for encryption or decryption. In most cases, two related functions are employed,
one for encryption and the other for decryption.
 With most modern cryptography, the ability to keep encrypted information secret is based not
on the cryptographic algorithm, which is widely known, but on a number called a key that
must be used with the algorithm to produce an encrypted result or to decrypt previously
encrypted information. Decryption with the correct key is simple. Decryption without the
correct key is very difficult, and in some cases impossible for all practical purposes.

The sections that follow introduce the use of keys for encryption and decryption.

 Symmetric-Key Encryption
 Public-Key Encryption
 Key Length and Encryption Strength

Symmetric-Key Encryption

Both the sender and receiver share a single key. The sender uses this key to encrypt plaintext
and send the cipher text to the receiver. On the other side the receiver applies the same key to
decrypt the message and recover the plain text.

Public-Key Encryption

The most commonly used implementations of public-key encryption are based on algorithms
patented by RSA Data Security. Therefore, this section describes the RSA approach to public-
key encryption.

Public-key encryption (also called asymmetric encryption) involves a pair of keys-a public key
and a private key-associated with an entity that needs to authenticate its identity electronically
or to sign or encrypt data. Each public key is published, and the corresponding private key is
kept secret. Data encrypted with your public key can be decrypted only with your private key.

Key Length and Encryption Strength

Breaking an encryption algorithm is basically finding the key to the access the encrypted data
in plain text. For symmetric algorithms, breaking the algorithm usually means trying to
determine the key used to encrypt the text. For a public key algorithm, breaking the algorithm
usually means acquiring the shared secret information between two recipients.

One method of breaking a symmetric algorithm is to simply try every key within the full
algorithm until the right key is found. For public key algorithms, since half of the key pair is
publicly known, the other half (private key) can be derived using published, though complex,
mathematical calculations. Manually finding the key to break an algorithm is called a brute
force attack.

Integrity

integrity is the assurance that digital information is uncorrupted and can only be
accessed or modified by those authorized to do so. Integrity involves maintaining the
consistency, accuracy and trustworthiness of data over its entire lifecycle. To maintain
integrity, data must not be changed in transit and steps must be taken to ensure that data
cannot be altered by an unauthorized person or program. Such measures include
implementing user access controls and version control to prevent erroneous changes or
accidental deletion by authorized users. Other measures include the use
of checksums and cryptographic checksums to verify integrity. Network administration
measures to ensure data integrity include documenting system administration procedures,
parameters and maintenance activities, and creating disaster recovery plans for occurrences
such as power outages, server failure or security attacks. Should data become
corrupted, backups or redundancies must be available to restore the affected data to its correct
state.

Hash Function :

Hash functions are extremely useful and appear in almost all information security
applications.A hash function is a mathematical function that converts a numerical input
value into another compressed numerical value. The input to the hash function is of arbitrary
length but output is always of fixed length.Values returned by a hash function are
called message digest or simply hash values.
Accountability

Accountability is an essential part of an information security plan. The phrase

means that every individual who works with an information system should have specific
responsibilities for information assurance. The tasks for which a individual is responsible are
part of the overall information security plan and can be readily measurable by a person who
has managerial responsibility for information assurance. One example would be a policy
statement that all employees must avoid installing outside software on a company-owned
information infrastructure. The person in charge of information security should perform
periodic checks to be certain that the policy is being followed. Individuals must be aware of
what is expected of them and guide continual improvement.

Digital Signature :

Digital signatures are the public-key primitives of message authentication. In the

physical world, it is common to use handwritten signatures on handwritten or typed
messages. They are used to bind signatory to the message.

Similarly, a digital signature is a technique that binds a person/entity to the digital data. This
binding can be independently verified by receiver as well as any third party.

Digital signature is a cryptographic value that is calculated from the data and a secret key
known only by the signer.

In real world, the receiver of message needs assurance that the message belongs to the
sender and he should not be able to repudiate the origination of that message. This
requirement is very crucial in business applications, since likelihood of a dispute over
exchanged data is very high.

Authentication

the user is not sure about the originator of the message. Message authentication can
be provided using the cryptographic techniques that use secret keys as done in case of
encryption. MAC algorithm is a symmetric key cryptographic technique to provide message
authentication. For establishing MAC process, the sender and receiver share a symmetric
key K.Essentially, a MAC is an encrypted checksum generated on the underlying message
that is sent along with a message to ensure message authentication.

Digital Certificate
Digital certificate is issued by a trusted third party which proves sender's identity to the
receiver and receiver’s identity to the sender.

A digital certificate is a certificate issued by a Certificate Authority (CA) to verify the

identity of the certificate holder. The CA issues an encrypted digital certificate containing the
applicant’s public key and a variety of other identification information. Digital certificate is
used to attach public key with a particular individual or an entity.

Digital certificate contains:-

1. Name of certificate holder.
2. Serial number which is used to uniquely identify a certificate, the individual or the
entity identified by the certificate
3. Expiration dates.
4. Copy of certificate holder's public key.(used for decrypting messages and digital
signatures)
5. Digital Signature of the certificate issuing authority.
Digital ceritifcate is also sent with the digital signature and the message.

Bitcoin

Bitcoin is a decentralized digital currency with no controlling institution or government.

Bitcoin uses a peer to peer (p2p) network to coordinate a worldwide, universal ledger where
all transactions on the bitcoin network are recorded. This ledger is called the blockchain, and
is the core of Bitcoin's success.

When someone makes a bitcoin transaction, it is verified and broadcast across the entire
network. Depending on the transaction fee (which the sender decides - a higher fee verifies
faster) the transaction may take less than 10 minutes to verified, and put into what is called
a block.

The bitcoin network consists of many computers attempting to "mine" blocks - each time a
block is found, all pending transactions on the network are sealed within it on the blockchain,
and they are considered verified. This bitcoin mining process essentially involves computers
making millions of guesses as to the block solution, which is designed to take roughly 10
minutes regardless of how many computers are mining bitcoin. The mining process is also
the only way new bitcoins are brought into existence - each block found has a reward value,
that decreases every 4 years until eventually it will reach zero.

Blockchain platform

1. BigChainDB, an open source system that “starts with a big data distributed database and
then adds blockchain characteristics — decentralized control, immutability and the
transfer of digital assets”.

2. Chain Core, a blockchain platform for issuing and transferring financial assets on a
permissioned blockchain infrastructure.

3. Corda, a distributed ledger platform with pluggable consensus.

4. Credits, a development framework for building permissioned distributed ledgers.

5. Domus Tower Blockchain, designed for regulated environments, benchmarked at

ingesting over 1 million transactions per second.

6. Elements Blockchain Platform, an open source, protocol-level technology for

extending the functionality of Bitcoin.

7. Eris:db, an open source, protocol-level technology for extending the functionality of

Bitcoin.

8. Ethereum, a decentralized platform that runs smart contracts on a custom built

blockchain.

9. HydraChain, an Ethereum extension for creating Permissioned Distributed Ledgers for

private and consortium chains.

10. Hyperledger Fabric, which supports the use of one or more networks, each managing
different Assets, Agreements and Transactions between different sets of Member nodes.

Blockchain Advantages

1. Distributed
 Since blockchain data is often stored in thousands of devices on a distributed network of
nodes, the system and the data are highly resistant to technical failures and malicious attacks.
Each network node is able to replicate and store a copy of the database and, because of this,
there is no single point of failure: a single node going offline does not affect the availability
or security of the network.

2. Stability

Confirmed blocks are very unlikely to be reversed, meaning that once data has been
registered into the blockchain, it is extremely difficult to remove or change it. This makes
blockchain a great technology for storing financial records or any other data where an audit
trail is required because every change is tracked and permanently recorded on a distributed
and public ledger.

3. Trustless system

In most traditional payment systems, transactions are not only dependent on the two
parties involved, but also on an intermediary - such as a bank, credit card company, or
payment provider. When using blockchain technology, this is no longer necessary because
the distributed network of nodes verify the transactions through a process known as mining.
For this reason, Blockchain is often referred to as a 'trustless' system.

Blockchain Disadvantage

1. 51% Attacks

The Proof of Work consensus algorithm that protects the Bitcoin blockchain has
proven to be very efficient over the years. However, there are a few potential attacks that can
be performed against blockchain networks and 51% attacks are among the most discussed.
Such an attack may happen if one entity manages to control more than 50% of the network
hashing power, which would eventually allow them to disrupt the network by intentionally
excluding or modifying the ordering of transactions.

2. Data modification
 Another downside of blockchain systems is that once data has been added to the
blockchain it is very difficult to modify it. While stability is one of blockchain’s advantages,
it is not always good. Changing blockchain data or code is usually very demanding and often
requires a hard fork, where one chain is abandoned, and a new one is taken up.

3. Private keys

Blockchain uses public-key (or asymmetric) cryptography to give users ownership

over their cryptocurrency units (or any other blockchain data). Each blockchain address has a
corresponding private key. While the address can be shared, the private key should be kept
secret. Users need their private key to access their funds, meaning that they act as their own
bank. If a user loses their private key, the money is effectively lost, and there is nothing they
can do about it.

4. Inefficient

Blockchains, especially those using Proof of Work, are highly inefficient. Since
mining is highly competitive and there is just one winner every ten minutes, the work of
every other miner is wasted. As miners are continually trying to increase their computational
power, so they have a greater chance of finding a valid block hash, the resources used by the
Bitcoin network has increased significantly in the last few years, and it currently consumes
more energy than many countries, such as Denmark, Ireland, and Nigeria.

5. Storage

Blockchain ledgers can grow very large over time. The Bitcoin blockchain currently
requires around 200 GB of storage. The current growth in blockchain size appears to be
outstripping the growth in hard drives and the network risks losing nodes if the ledger
becomes too large for individuals to download and store.

CONCLUSION
 Despite the downsides, blockchain technology presents some unique advantages, and
it is definitely here to stay. We still have a long road to mainstream adoption, but many
industries are getting to grips with the advantages and disadvantages of blockchain systems.
The next few years will likely see businesses and governments experimenting with new
applications to find out where blockchain technology adds the most value.