An overview into encryption
To fully understand the concept of blockchains, one must first have a basic primer into what encryption is all about, as the blockchains heavily rely upon this. A formal definition of encryption is as follows: “It is the method by which plaintext or any other type of data is converted from a readable form to an encoded version that can only be decoded by another entity if they have access to a decryption key.” (SOURCE: 1).
Let us illustrate this definition with an example. Suppose Person X wishes to send Person Y some confidential data. Obviously, they will have some apprehension of sending the message in the format that it is already in. The original, written message that is decipherable is known as the “plaintext”. The only way secure that this data can be sent is by converting it over into a garbled state, which is completely incomprehensible.
This is very often done by using what is known as a “private key” (this is essentially a mathematical algorithm – the more sophisticated the private key is, the complexity of the mathematical algorithm also increases). Once the plaintext has been converted over into this state, it becomes known as the “ciphertext”. Now, the data can be sent safely over to Person Y. Even if this ciphertext were to be intercepted by a third party, there is no way that it can be unscrambled, because they do not have the private key to do so.
But once the ciphertext reaches Person Y, it can now be translated back into a readable format, because this entity is in possession of the private key that is required to unlock it. This simple example of encryption can now be used to illustrate what the concept of blockchain is all about.
Blocks, the blockchain, and encryption
Suppose that you work in the finance department of ABC Corporation. You are working on an especially important financial spreadsheet, and it needs to be accessed by your co-workers, as well as upper management. As you are creating this document, it will obviously go through a series of edits and revisions by this group of people before it is finally approved.
But you need to keep a lock on these different versions to prevent any unintentional or intentional modifications/alterations from being made to it by other people who are not authorised to do so. In other words, you are creating a version history of this financial spreadsheet that is secure, and which will be accessed by a much larger audience.
For example, suppose that Version 1 of this document has been created, and it has been through its first round of edits and revisions. It will now be locked and made more secure by adding an extra piece of code to it which is called the “block”. This is essentially the same private key that was described in our earlier example. In other words, this first version of the financial spreadsheet becomes totally undecipherable unless the appropriate party (such as your co-workers, or upper management) possesses this private key.
Now, let us assume that over a period of few days, there has been further discussion about Version 1 of your financial spreadsheet, and that the appropriate parties are now ready to make new changes and revisions. With the private key that they have been assigned, they will be able to unlock Version 1, and add in these changes and revisions. This updated document will now become Version 2. It too will be locked and made secure by adding a new block to it (which will be essentially a new private key and be different from the one that was implemented for Version 1).
This same process as just described will keep continuing until the final version of your financial spreadsheet has been approved. In other words, Version 3, Version 4, etc. will be locked down and secured by adding new blocks to them (once again, these will be newer private keys, different than the ones that were assigned to Version 1 and Version 2).
The blocks that have been assigned to all versions of your document now form a chain, also known as the “blockchain”.
Our next article will continue with the theme of blockchaining.
Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.