Hi, folks, Ed Amoroso here.
And in this video, I want to introduce, in sort of a part one video,
the concept of blockchain in the context of cyber security.
Blockchain has a lot of different applications.
But for us, as we learn cyber security, we'll see that one of it usages
involve detection if something has been changed.
And detection in very clever way that makes it almost impossible to sort
of erase the footprint of whether something really has been changed.
So let's start with the idea that when we're hashing,
we generally hash on something abstractly we call a message.
But in practice, it's not going to be a message, it's going to be something.
And say we work at a bank or in a financial services organization,
then the kinds of things we would want to be producing authenticity on by hashing,
would be like a financial record or data that describes some financial transaction.
And it could be one person giving a dollar to another, and
we sort of have a record of that.
And we'd like to hash that.
Now, we could hash it directly, meaning, we take that message and
we could sort of run a function on it and produce use whatever comes out.
We generally refer abstractly to that as lambda.
It would be whatever it is.
It would be a string of ones and whatever, ones and zeros.
But if we did it in hex,
then it'd be a long hexadecimal number with ones, and twos, and nines,
and able, baker, Charlies, and foxes, and sixes and so on, big long number.
Now, if we decided that we wanted the output to be something that was fixed,
was a fixed pattern, and in the context of the BitCoin community,
there's been some agreement that a typical pattern that we would use for
blockchain output, as we hash, would be a hash value that starts with four zeros.
Now, you say, why that?
Well, it's just a convention.
Could it have been four ones?
Yes. Could it have been four sixes?
Yes, it could be whatever.
But the convention is four zeros.
So now what we do, is we introduce, along with that record,
something that we refer to in cryptography as a nonce.
So put the nonce and we put the data together.
I'm going to encrypt the two of them using a hash function, produce a lambda.
And it would be some number.
And I look at it, and it doesn't have four zeros, and I go boy,
I wish it had four zeros.
So, I try it again, and I try it again, and I try it again.
And eventually I get a number with the nonce selection that gives me four zeros.
And we refer to that as kind of being mined.
Now, if everything stays the way it does, then we're in good shape.
We got a record that has a nonce value that,
combined with the data record, produces a hash value that has four zeros.
Now, if somebody comes along and wants to change a record, like maybe change $1
to $4 million, for whatever reason, the whole thing goes all out of whack.
You've changed the record, you've changed the data.
And now, the nonce that you'd selected with the data record,
produced a hash value that doesn't have four zeros anymore.
Dr. Edward G. AmorosoResearch Professor, NYU and CEO, TAG Cyber LLC
