# Security of cryptography

Last updated

Last updated

If you have ever traded cryptocurrencies, you will know that addresses are expressed in hexadecimal numbers (0-9, A-F) with more than 20 digits. Why not design an address with less than 10 digits, such as a phone number? In this article, we will see why this address structure is used. cryptosystem consists of a cryptographic algorithm and a cryptographic key. Since encryption algorithms are usually made public because they are mutual promises, the security of the cryptography has a dependency on the encryption key. It's as if you can't open your smartphone because you don't know the 6-digit password.

But why is the password on a smartphone only 6 digits? If the password is a single-digit number, there is a 1/10 chance that someone could unlock the smartphone by randomly selecting a number. If the password is 6 digits long, it is very difficult to find within the given chance by random number substitution because it has to be matched against a probability of 1/100000. In this way, the encryption system guarantees security based on the probability of estimating the encryption key compared to the number of attempts by the attacker.

Unlike the login attempts of smartphones, what if the situation is that there is no limit on the number of attempts and an attacker uses a supercomputer for the substitution. In this case, how long would the encryption key have to be in order to be safe? The security of a cryptographic system is slightly different for each cryptographic algorithm, and the degree of security is determined by the standard. According to the encryption algorithm, the standard provides recommendations on the minimum encryption key length that is safe to use as a password. NIST in the United States is a representative example of such a standard organization.

In the previous article, we asked a question "If the private key I created is the same as someone else's, can someone else take my money out first?". To prevent this from happening, you should use a system with a long enough encryption key. In the case of addresses, you should create them using a hash function that is long enough to avoid overlapping with another. In order to satisfy collision resistance, which is one of the characteristics of hash functions in blockchain, an address structure such as a 20-digit or longer is used.

A long address of more than 20 digits is more than enough to satisfy the question above. It may be inconvenient, but it provides a higher guarantee of the unique address. No matter how many keys people around the world generate, they will never generate the same keys and addresses as you. However, since the use of such an address is inconvenient for a person to directly identify, a QR code that can be substituted for is often used. If you understand the things that are happening behind the scenes, you can be more prudent and be safe when trading.

So far, we have dealt with the basic contents of cryptography that constitute a blockchain. Due to the blockchain, there have been many advances in cryptocurrencies used in a decentralized environment. Cryptographic technologies such as zero-knowledge proofs, which are representative examples, will be covered later.