5 Security and privacy

 

This chapter covers

  • Understanding basics of cryptography and public-private key pairs
  • Managing digital identity for decentralized participants using public-key cryptography
  • Using cryptography and hashing for the privacy and security of blockchain data
  • Illustrating security and privacy concepts using blind auction smart contract
  • Deploying smart contracts on a public blockchain

Security and privacy are concerns in any system open to public access, from public buildings and highways to hardware and software systems. But they are especially serious concerns in blockchain-based systems. These systems operate beyond traditional boundaries of trust, such as the one established by a medical provider for its patients or by a university for its enrolled students. Security in these systems is typically established by verifying government-issued credentials, such as a driver’s license and passport, authentication using usernames and passwords, and end-to-end encryption of messages and communications.

5.1 Cryptography basics

5.1.1 Symmetric key cryptography

5.1.2 Asymmetric key cryptography

5.2 The relevance of public-key cryptography to blockchain

5.2.1 Generating Ethereum addresses

5.2.2 Transaction signing

5.2.3 Deploying smart contracts on Ropsten

5.2.4 Using the private key in mnemonic form

5.2.5 Populating a blockchain wallet

5.2.6 Deploying and transacting on Ropsten

5.3 Hashing basics

5.3.1 Digital signing of documents

5.3.2 Hashed data on distributed ledger

5.3.3 Hashes in Ethereum block header

5.3.4 Solidity hashing functions

5.4 Application of hashing

5.4.1 Blind auction design