SAVEETHA SCHOOL OF ENGINEERIING

SAVEETHA INSTITUTE OF MEDICAL AND TECHNICAL SCIENCES

CHENNAI-602105

ACADEMIC YEAR 2019-2020

ASSIGNMENT – 2

Name : K.VIKAS REDDY

Register Number : 191711181

Department/Year : CSE/3rd YEAR

Slot : B

Semester : 5th

Sub Code : CS02208

Sub Name : CRYPTOGRAPHY AND NETWORK SECURITY

- SECRET WRITING
 Saveetha School of Engineering
Department of Computer Science and Engineering

COURSE CODE: CS02204

COURSE NAME: CRYPTOGRAPHY AND NETWORK SECURITY

Project Based Assignment Rubrics

1. Report/Assignment 2
S.No Components Marks(100)
1. Problem Statement 20

1. Novelty (8)
2. Complexity (6)
3. Application (6)
2. Motivation 10

1. Feasibility (4)
2. Related area (6)
3. Issues 10

1. Number of Issues (5)

2. Open Issues (5)
4. Literature Survey 60

1. Recent papers with problem (10)

2. Number of papers surveyed & Quality of (5)
Journals
3. Cryptographic algorithms/Security issues (20)
4. Mathematical Models (10)
5. Comparison Table with metrics (10)
6. Conclusion (3)
(2)
Total 100
 SMART CONTRACT: BLOCK CHAIN
USING CRYPTOGRAPHY
PROBLEM STATEMENT:
The main objective of the project is to create a platform from which people can benefit and
enjoy a hassle free contracts, transactions, storing personal data with utmost security and
privacy without intervention of third party service providers. Global trade has been the single
greatest creator of wealth in human history and market friction the greatest obstacle to wealth.
Over the years, businesses have overcome multiple sources of friction. Institutions and
instruments of trust emerged to reduce risk in business transactions. Technology innovations
helped overcome distances and inefficiencies. Still, many business transactions remain
inefficient, expensive, and vulnerable.
Novelty:
Blockchain technology has the potential to remove much of the remaining market friction the
speed bumps that throttle the pace of business. As friction dissipates, a new science of
organization will emerge, revolutionizing the way industries and enterprises are structured.
With transparency the norm, a robust foundation for trust can become the springboard for
further ecosystem evo-lution. Participants and assets once shut out of markets can join in,
unleashing an accelerated flow of capital and unprecedented opportunities to create wealth.
Market friction is anything that impedes the exchange of assets, adding costs or delays: taxes,
regulations, bureaucracy, fraud, the involvement of intermediaries, delays in executing
contracts, and more. Various types of market friction impact different indus- tries in different
ways and to varying degrees; they remain a drag on global business and trade, slowing business
or even stopping it cold. In this section, you find out about the common types of market friction
that blockchain is capable of alleviating.
Complexity:
There are a number of differences between blockchains and the above analogy, but it’s still a
good starting point to get your head around what blockchains are and why they are useful.
One of the key contrasts is that blockchains aren’t on display in public, instead, anyone who
wants to can store a copy of a blockchain on their computer. Blockchains use cryptography,
computers and electricity to build the blocks, rather than stone and cement.
The most important aspects of blockchains are that they cannot be changed, aren’t controlled
by any single entity, and everyone can view the transactions. These properties are why
people believe that the technology has the potential to be used in a vast range of applications.
Applications:
Management: Smart contracts in businesses can act as business process management tools.
Usually, the lag in decisions in business creates deadlocks for other processes, blockchain can
make sure decisions are taken as soon as possible and there’s no lag in conducting the action
on previous orders. Information passed on in the next step will only be available to concerned
users and the transactions will be recorded in real time.
Digital Identity: There are several projects targeting Blockchain digital identity management.
The technology can significantly reduce identity theft and fraud, and promote transparency. It
can also reduce the threat of third party involvement in sensitive personal data.
Agriculture: Despite there being fewer uses of Blockchain in agriculture than in other
industries, progress is still being made and is focused on eliminating the need for middlemen
in agricultural supply chains. Additionally, many records on food certificates, sustainability,
and safety are recorded on paper and in private databases. This method of data storage can lead
to excessive managerial costs and opens up a vast amount of opportunities for corruption and
fraud. Blockchain tech can aid greatly in reducing fraud, decreasing costs, and promoting
efficiency.
Education: Blockchain in education can be used to create immutable performance records,
transcripts, diplomas, certificates, etc. It can also provide more efficient means of accessing
records and can also be used to help build recognition of achievements. The social impact of
Blockchain tech is astounding.

MOTIVATION:
Feasibility:
This section provides results of our survey regarding the feasibility of taking advantage of
blockchain technology in evoting applications. By speaking of feasibility, we mean a cost-
effective, scalable, secure, and easy-to-deploy system (or subsystem). While it is hard to
determine global measures of these properties, we have considered some thresholds or factors
in order to determine whether it is feasible to replace the existing (and prospective) structures
with their blockchain-based counterparts, or not. Any blockchain-based solution should be
(noticeably) cheaper than the traditional elections in the long term, say in a 3-years period with
at least 1 elections per year [19]. It should not be more expensive than non-blockchain solutions
either. The system should support millions of people, depending on the country, business size
or target group population. The security level should not be lower than non-blockchain
solutions, details regarding security requirements are given later in the text.

Related Work:
It is worth mentioning that almost all papers indicate a need for further research in the field. A
lot of authors believe that blockchain has significant potential, but still there are a lot of
obstacles and challenges for real-life implementation. For example, there is not even single,
worldwide accepted definition of blockchain; therefore, developing of common standards and
regulations (both technical and legal) is highly necessary. Standardisation would be the first
step towards formulating unified approaches in blockchain software development and security
practices, without which a reasonable employment of blockchain is not feasible.
 ISSUES:
NUMBER OF ISSUES

Public and Private Key Security

Access to a blockchain requires both a public and a private key. Keys are cryptic strings of
characters of sufficient length to make the odds of guessing them truly astronomical. Since it is
essentially impossible to access data within a blockchain without the right combination of public
and private keys, this represents the strength — and the weakness — of blockchain technology.
Without the right keys, no hacker will be able to access your data ever. On the other hand, all a
hacker needs is the right keys to access your data and do with it what they will. In the world of the
blockchain, possession of keys and ownership of content are totally synonymous.Since hackers
know there is no use in trying to guess anyone’s keys, they focus a great deal of their time on
stealing them. The best chance of obtaining keys is to attack the weakest point in the entire system,
the personal computer or mobile device.The same security vulnerabilities that make computers,
Android, and Windows mobile devices susceptible to malware also makes them targets of
blockchain hackers. Anytime blockchain keys are entered, displayed, or stored unencrypted on
such devices, the prying eyes of hackers can capture them. Unfortunately, most of us make the
hacker’s job far easier than it needs to be by failing to adequately protect our devices.

OPEN ISSUES

On top of the security issues mentioned In block chain security, there are issues around
safeguarding private keys. Furthermore, securing the link between the blockchain infrastructure
and the peripheral applications that are reading and writing from and to the blockchain is not to be
ignored! In other words, protecting a blockchain-based solution is not limited to the blockchain
structure only, but should also consider the whole chain of requests/responses to eliminate risks of
man-in-the-middle (MITM) attacks. This is much harder than it can be thought!

LITERATURE SURVEY

TITLE 1: BLOCKCHAIN
AUTHOR: MANAV GUPTA

YEAR: 2018

DESCRIPTION:
This Book equips you with an understanding of what blockchain is, how it works, and how it
can enhance your business and the industry in which it operates. You learn the fundamentals
of blockchain and how this technology revolutionizes transactions and business networks. You
also discover the important difference between “blockchain” and “blockchain for business”
and what makes blockchain an ideal solution for streamlining business networks. .
 Its guide to all things blockchain for business. It’s been said that blockchain will do for
transactions what the Internet did for information. What that means is that blockchain allows
increased trust and efficiency in the exchange of almost anything.

TITLE 2: An Exploration of Blockchain enabled Smart-Contracts Application in the Enterprise

AUTHOR: Chibuzor Udokwu , Aleksandr Kormiltsyn , Kondwani Thangalimodzi , Alex

Norta

YEAR: 2018

DESCRIPTION:
The application and use of smart contracts enabled blockchain technology in enterprises require
a holistic overview. This overview helps to under- stand the current adoption of this technology
and also deduces factors that are inhibiting its use in the modern enterprise that can be business,
government, or military. This study provides a systematic review of previous studies
comprising of frameworks, methods, working prototypes and simulations that demonstrate the
application of smart contracts in organizations. Understanding the cur- rent state and usage of
smart-contract technology in an organization is a focal point of this paper because much
progress occur in developing technologies that support smart contracts while little
understanding exists pertaining to their us- age in enterprises. In this study, we identify
properties of smart contract applications in different domains of modern enterprises. We further
analyze and categorize challenges and problems mitigating the use of smart contracts according
to the severity of the challenges being low importance, significance and critical challenges. We
then discuss current studies that propose solutions to address the significant and critical
blockchain limitations.

TITLE 3: REINFORCING THE LINKS OF THE BLOCKCHAIN

AUTHOR: Morgen Peck, Freelance Technology Writer, Contributing Editor of IEEE

Spectrum Magazine Special Edition “Blockchain World”
DESCRIPTION:Blockchain, as an industry, has entered its Cambrian phase. A glut of
investor interest has led to an explosion in the technical diversity of projects now underway.
During the first half of 2017 alone, over one billion dollars was directed to the funding of
blockchain start-ups.1 This money, which supports the development of competing
technologies, is accelerating the speed of fragmentation in the industry. At the heart of the
burgeoning innovation in the blockchain space is an undeniable contradiction: though the
impulse to compete is at its peak, so too is the need for collaboration.
Blockchain technology is poised to change nearly every facet of our digital lives, from the way
we send money to the way we heat our homes. By obviating third parties, blockchains promise
to make our systems more efficient. By circumventing censorship, they promise to make our
systems more equitable. And if properly implemented, they could make our systems more
reliable and secure. All these changes will arrive more quickly, and their effects will be
compounded, if the parties who are now building them work together. Today, that is not the
case. Alliances have been announced. But, thus far, what they have added to the industry is
more blockchains, more designs, more choices, more competition.

IEEE sees the need for three things: a paradigm for evaluating the design options that are now
available, a strategy for adopting technical standards, and a path for continued research in
blockchain development.The purpose of this white paper is to explore the various ways by which
the IEEE can lead and support the above initiatives while providing educational materials that will
foster the next generation of blockchain engineers.This white paper summarizes and expands upon
a workshop held by IEEE at the end of October in 2017. The workshop was attended by
representatives from the IEEE Reliability Society, IEEE Communications Society, IEEE
Computer Society, IEEE Society on Social Implication of Technology, the IEEE Standards
Association, IEEE Society Engineering in Medicine and Biology Society, IEEE Power & Energy
Society, IEEE Technology and Engineering Management Society, IEEE Technical Committee on
RFID, IEEE Consumer Electronics Society, IEEE Vehicular Technology Society, IEEE Educational
Activities, IEEE Standards Association, and IEEE Technical Activities.

TITLE 4: Design of the Blockchain Smart Contract: A Use Case

for Real Estate
AUTHOR: Ioannis Karamitsos, Maria Papadaki , Nedaa Al Barghuthi

YEAR: 2013

DESCRIPTION:

Blockchain is a fast-disruptive technology becoming a key instrument in share economy. In

recent years, Blockchain has received considerable attention from many researchers and
government institutions. This paper aims to present the Blockchain and smart contract for a
specific domain which is real estate. A detailed design of smart contract is presented and then
a use case for renting residential and business buildings is examined.
Cryptographic algorithms/Security issues

Cryptographic hashing is a method for transforming large amounts of data into short numbers
that are di cult to imitate. One can convert a text or a picture, which represents a variable-length
bit sequence, to produce a xed-length bit se- quence in the form of a hash. Hashes are mostly
used in combination with digital signatures. These functions ensure data integrity. Hashing in
the Bitcoin Network is used for four processes: (I) encoding wallet addresses; (II) encoding
transactions between wallets; (III) verifying and validating the account balances of wallets; and
for the consensus mechanism (IV) “Proof-of-Work.”

The Bitcoin Network uses SHA (Secure Hash Algorithm), such as SHA-256. An important
property of hashes is that if one single bit of input data is changed, the output changes signi
cantly, which makes it easy to detect small changes in large text les, for example. As you can
see from the example below, an entirely di erent hash gets generated when we change only one
letter. This is based on the so-called avalanche e ect, and it is useful for easily providing data
integrity. An entirely di erent string results from hashing the hash. “Avalanche effect” describes
the behavior of a mathematical function where even a slight change in an input string should
cause the resulting hash value to change drastically. This means that in a document of several
hundred pages, if one ads only one word, or even a comma, the whole hash will change. A
document‘s hash value can, therefore, serve as a cryptographic equivalent of the document – a
digital ngerprint. This is why one-way hash functions are central to public-key cryptography.
When producing a digital signature for a document, we no longer need to encrypt the entire
document with a sender‘s private key, which can take a lot of time. It is su cient to compute
the document‘s hash value instead.

Hashing

Hashing is the process of sending data through a hash function to produce a specific, essentially
unique hash of a fixed length. In blockchain applications, we use cryptographic hash
functions such as SHA-256.

Cryptographic hash functions have several important characteristics which make them useful:

• They are deterministic – a given input will always have the same output.
• Each output is essentially unique. The chances of two separate inputs having the same
output are so low that we don’t really worry about it.
• It is infeasible to figure out the original input from the output (under current
techniques and technology).
 • Hashes can be computed quickly.
• A slight change in the input results in a significantly different output.

As an example, if we put “Let’s eat dinner” through an online hash function, it gives us:

a754edc281dfb28ca15fa0662de2e238550151a6c49514491eb1f60ac725bf65

Every time we put it through, it will give us the same result. But if we change even one
character, it returns a value that is completely different. “Let’s eat dinnet” gives us:

c323ef87e6a9e4fe8fede20738a7e3c7122f5ffa504bdf6c5541a33e76949812 public-Key
Cryptography

The main purpose of using public-key cryptography for the Bitcoin block- chain is to create a
secure digital reference about the identity of a user. Secure digital references about who is who,
and who owns what, are the basis for P2P transactions. Public-key cryptography allows proving
one’s identity with a set of cryptographic keys: a private key and a public key. The combination
of both keys creates a digital signature. This digital signature proves ownership of one’s tokens
and allows control of the tokens through a piece of so ware called the “wallet.” Digital
signatures prove ownership of one’s tokens and allow one to control one’s funds. Just as we
sign a bank transaction or a cheque by hand, or we use authenti- cation for Internet banking,
we use public-key cryptography to sign Bitcoin trans- actions or other blockchain transactions.

Mathematical Models
POW:

PoW (Proof of work) is a consensus strategy used in the Bitcoin network. In a decentralized
network, someone has to be selected to record the transactions. The easiest way is random
selection. However, random selection is vulnerable to attacks. So if a node wants to publish a
block of transactions, a lot of work has to be done to prove that the node is not likely to attack
the network. Generally the work means computer calculations. In PoW, each node of the
network is calculating a hash value of the block header. The block header contains a nonce and
miners would change the nonce frequently to get different hash values. The consensus requires
that the calculated value must be equal to or smaller than a certain given value. When one node
reaches the target value, it would broadcast the block to other nodes and all other nodes must
mutually confirm the correctness of the hash value. If the block is validated, other miners would
append this new block to their own blockchains. Nodes that calculate the hash values are called
miners and the PoW procedure is called mining in Bitcoin.
POS:

PoS (Proof of stake) is an energy-saving alternative to PoW. Miners in PoS have to prove the
ownership of the amount of currency. It is believed that people with more currencies would be
less likely to attack the network. The selection based on account balance is quite unfair because
the single richest person is bound to be dominant in the network. As a result, many solutions
are proposed with the combination of the stake size to decide which one to forge the next block.
In particular, Blackcoin [26] uses randomization to predict the next generator. It uses a formula
that looks for the lowest hash value in combination with the size of the stake. Peercoin favors
coin age based selection. In Peercoin, older and larger sets of coins have a greater probability
of mining the next block. Compared to PoW, PoS saves more energy and is more effective.
Unfortunately, as the mining cost is nearly zero, attacks might come as a consequence. Many
blockchains adopt PoW at the beginning and transform to PoS gradually. For instance,
ethereum is planing to move from Ethash (a kind of PoW) to Casper (a kind of PoS) .

Conclusion:

The Application is built and tested with limited peers. It have performed moderately well on
the test scenarios. The application is capable of maintaining admin ,peers and owners for some
example products. It successfully made a trade between the two parties and stored in the ledger
. This is the most secure way possible to authenticate and make the trade between two parties
without intervention of third party.This Application is implemented to secure and deal with
most of the privacy issues on users data which is being misused by the third parties which are
providing the services and costing people a lot of money. This Blockchain architecture deals
with all the security issues and provide people with a distributed ledger for secure transactions
without paying the third parties for the services. It can be employed various platforms for
storing data and maintain database with high security.
REFERENCES:

• Book References:
Blockchain For Dummies®, 2nd IBM Limited Edition
Published byJohn Wiley & Sons, Inc. River St. Hoboken, NJ 07030-5774
www.wiley.com
Internet References:

• Hyperledger Composer Playground is one method to use Hyperledger Composer, other

methods are also available at https://hyperledger.github.io/composer/installing/installing-
index.html.

• Hyperledger Composer (https://hyperledger.github.io/composer) is an open-source set

of tools designed to make building blockchain applications easier.

• It allows users to model the business networks, assets and transactions that are required
for blockchain applications, and to implement those transactions using simple JavaScript
functions. The blockchain applications run on instances of Linux Foundation
Hyperledger Fabric (www.hyperledger.org).

• Swan, M. Blockchain: Blueprint for a New Economy; O’Reilly Media: Newton, MA, USA,
2015.

• Szabo, N. Smart Contracts: Formalizing and Securing Relationships on Public

Networks.
First Monday, Volume 2, No. 9. 1997. Available online:
http://firstmonday.org/article/view/548/469 (accessed on 19 February 2018).

• Ayvazyan, A. Blockchain—The Next Big Thing. Available online:

https://www.catalysts.cc/en/big-data/

• blockchain-the-next-big-thing/ (accessed on 29 December 2017).

• Future Internet 2018, 10, 20 14 of 16

• Ramada, M. For Insurers #Blockchain Is the New Black. Available online:

http://blog.willis.com/2016/12/ for-insurers-blockchain-is-the-new-black/ (accessed on
29 December 2017).

• Duvivier, P.J. Is the Blockchain the New Graal of the Financial Sector? Available
online:
https://www. linkedin.com/pulse/blockchain-new-graal-financial-sector-pierre-jean-
duvivier (accessed on 29 December 2017).