IoT and cyber-physical systemsA Cyber-Physical System (CPS) is a type of system that integrates physical and computational components to monitor and control the physical processes seamlessly. In other words, cyber-physical system consists of a collection of computing devices communicating with one another and interacting with the physical world via sensors and actuators in a feedback loop. These systems combine the sensing, actuation, computation, and communication capabilities, and leverage these to improve the overall performance, safety, and reliability of the physical systems.Examples: CPS includes self-driving cars, The STARMAC is a small quadrotor aircraft.Key Features of Cyber-Physical SystemIn terms of the cyber-physical system, there are some key features are classified as Reactive Computation, Concurrency , Feedback Control of the Physical World, Real-Time Computation, Safety-Critical Application. The Internet of things is also called in the short form of (IoT). basically, IoT describes the network of physical objects with embedded system sensors, software, and other technologies. It is provided as a Unique Identifier (UID) and allows data to be transmitted over the network without human interaction objects to collect and exchange data. Example: Object detection software device, electronic vehicle system.Key Features of the Internet of thingsThe following are some of the key feature of IOTs;Automation, Endpoint management, Connectivity, Scaling & Sensing, and Connectivity & Analyzing etc. IoT SecurityIoT Security is based on a cybersecurity strategy to defend against cyberattacks on IoT devices and the vulnerable networks they are linked to. There is no built-in security on IoT devices, as IoT devices behave without being noticed by traditional cybersecurity systems and transport data over the internet in an unencrypted manner, IoT security is necessary to assist in avoiding data breaches.Security was not considered during the design of IoT devices. The constant diversity and expansion of IoT devices and communication channels raises the possibility that cyber attacks may target your company.What is IoT Security?IoT security is a technology area that particularly focuses on protecting connected devices and networks in IoT. The act of protecting these devices and making sure they don't bring risks into a network is known as IoT security. Attacks are likely to occur to anything linked to the Internet at some time. From the Internet of Things devices, Attackers may utilize remote access to steal data by using a variety of strategies, including credential theft and vulnerability exploitation.Types of IoT SecurityIoT security encompasses a multi-layered approach to protect devices, networks, and data. It involves both user and manufacturer responsibilities.1.Network Security :this focuses on safeguarding the overall IoT network infrastructure. It involves:i .Establishing a strong network perimeter: Implementing firewalls, intrusion detection systems, and access controls to prevent unauthorized entry.ii. Enforcing zero-trust architecture: Assuming every device and user is potentially malicious, requiring continuous verification.iii. Securing network communication: Encrypting data transmitted between devices and using secure protocols.2. Device Security: this centers on protecting individual IoT devices:i. Embedded security agents: Employing lightweight software to monitor device behavior and detect anomalies.ii. Firmware hardening: Ensuring device software is free from vulnerabilities through rigorous testing and updates.iii. Secure boot process: Verifying the integrity of the device's operating system before startup.3. Data Security: this safeguards the information generated and transmitted by IoT devices:i. Data encryption: Protecting data both at rest and in transit using strong encryption algorithms.ii. Data privacy: Implementing measures to protect sensitive information from unauthorized access.iii. Data integrity: Ensuring data accuracy and consistency through checksums and other techniques.How Does IoT Security Work?i.IoT devices are any devices that can store data by connecting to the cloud.ii.IoT devices need a special set of cybersecurity guidelines because of how they differ from conventional mobile devices. They lack the benefit of built-in security guidelines seen in mobile operating systems like iOS and Android.iii.A lot of information is stored in the cloud, if an attacker manages to get access to the user's account, it might be exploited for identity theft or privacy invasion.iv.Although there isn't a single solution for IoT security, cybersecurity experts have made it their mission to inform manufacturers and developers about secure coding practices and how to strengthen cloud activity defences.Importance of IoT Securityi.Cyberattacks are a continual concern because of the unusual way that IoT devices are manufactured and the enormous volume of data they process.ii.IoT security is necessary, as evidenced by some high-profile cases in which a common IoT device was an advantage to breach and attack the wider network.iii.Strong IoT security is desperately needed, as seen by the regular threat of vulnerabilities, data breaches, and other dangers related to the use of IoT devices.iv.IoT security, which encompasses a broad variety of tactics, strategies, protocols, and activities aimed at reducing the growing IoT vulnerabilities of contemporary firms, is essential for corporations.Benefits of IoT SecurityBelow are some benefits of IoT SecurityNetwork protection: By identifying and preventing threats like Distributed Denial of Service (DDoS) attacks, which can disrupt and harm the whole network, security solutions may aid in the protection of the Internet of Things as a whole.Privacy protection: These solutions shield user privacy from unauthorized surveillance, data theft, and device tracking by protecting IoT devices.Scalability: Strong IoT security is scalable in that it can keep up with the expansion of an organization's IoT environment and guarantee security protocols work even as the number of connected devices risesDevice protection: IoT security ensures the lifetime and correct operation of devices by protecting them from viruses, hacking, and unauthorized access.IoT Security Issues and ChallengesBelow are some challenges of IoT SecurityLack of industry foresight: Certain sectors and their products have undergone digital changes at the same rate as organizations. In an attempt to increase productivity and save costs, the automotive and healthcare sectors have broadened their range of IoT devices.Lack of encryption: the majority of network traffic coming from Internet of Things devices is not encrypted which raises the risk of data breaches and security concerns. By making sure every device is encrypted and secured, these risks may be averted.Multiple connected devices: nowadays, the majority of homes have several linked devices. The disadvantage of this ease of use is that all linked devices within the same home will malfunction if one item malfunctions due to a security misconfiguration.Resource constraints: not every IoT device has the processing capacity to include complex firewalls or antivirus programs. Some devices can hardly connect to other devices at all.Vulnerable Industries To IoT Security Threats?Cyberattacks pose significant risks to various industries;i.Manufacturing: the manufacturing sector has become a prime target of cybercriminals since its wide dependency on interconnected systems and supply chains is at an all-time high. The most widespread threats are:Industrial spying: This refers to an act where competitors or nation-states that steal or attempt to steal a company's intellectual property, product designs, or even the way in which a particular product is being manufactured.Supply chain attacks: Suppliers or third-party vendors are compromised to get access to the target organization.Ransomware: Critical systems are encrypted, and in return for their restoration and hence return of operations, a huge ransom is demanded, hence financial loss and production disturbance.IoT vulnerabilities: All kinds of vulnerabilities that exist in industrial IoT devices are exploited to interrupt operations or steal data.ii. Finance and Insurance: the financial sector has been of interest to each attacker, for the reason that it contains sensitive financial information and huge amounts of money. The various threats posed against them are:Fraudulent activities: Entail financial fraud, including identity theft, account takeover, and fraudulent transactions.Cyber spying: Financial data, trade secrets, customer information can be stolen for competitive advantage.Ransomware: Bringing financial services to an absolute standstill, entailing huge financial losses and reputational damage.Insider threats: Those people who have some kind of access to sensitive information may bring along certain risks because of negligence or malicious intentions.iii.Energy and Utilities: the energy sector provides critical services and represents high-value targets. Potential threats include:Cyber-physical attacks: these are attacks aimed at IT and OT systems with the view to disrupt power generation, distribution, or transmission.Data breaches: exposure of sensitive customer information, financial data, and operational data.Spying: Intellectual property, trade secrets, and critical infrastructure information are stolen.Sabotage: This includes attacks on infrastructures, which cause disruptions of operations, resulting in blackouts and losses of production.iv. Retail : Processing vast amounts of customer data and transacting thousands of sales daily, the retail industry becomes a more tantalizing target for attackers by the day. Some common threats include:POS attacks: Stealing payment card data either via malware or through skimming.Data breaches: Exposure of personal information of customers, which can lead to identity theft and financial losses.Supply chain attacks: Targeting suppliers or logistic providers to cause disruption in its operations or stealing data.E-commerce fraud: It includes unauthorized access to online shops and processing fraudulent orders and crimes related to payment.v. Healthcare: the healthcare sector contains sensitive information about the patients, making it one of the most prized targets for cybercriminals. Some of the important threats include:Ransomware: This could disrupt patient care, followed by financial loss and reputational damage.Data breaches: Exposure of patient records, including personally identifiable information, medical history, and financial data.Insider threats: Those employees or contractors who have access to patient data and become a source of risk owing to negligence or malice.Medical device vulnerabilities: The exploitation of medical devices for vulnerabilities will then allow the disruption of operations or data theft.vi. Public Administration: governmental organizations manage sensitive information, critical infrastructure, and national security; therefore they are susceptible to the following threats.Cyber spying: It involves the theft of classified information, intellectual property, and national security secrets.Disinformation and propaganda: the spreading of fake information in order to change opinion, public opinion, or destroy confidence in government.Ransomware: Affecting government services that disrupt financial operations and attack the reputation.Supply chain attack: To gain access to sensitive information, attack the weakest link in the supply area, which includes government contractors or suppliers.v.Education and Research : educational institutions store data of sensitive nature about all their students and employees, besides data from lucrative research, all being a doomed target. These threats include:Data breaches: Personal data exposure of students, employees, financial data, and academic records.Property theft: theft of research data, patents, and academic publications.Ransomware: This disrupts all the campus operations, including online learning and all the administrative systems.Insider threats: Insider threats of the category of students, faculty, or staff are in line with sensitive information risks.IoT Devices Vulnerable to Security BreachesSome IoT devices are more vulnerable than others due to factors like processing power, connectivity, and the sensitivity of data they handle. Some of the most vulnerable IoT devices asr follows:Home IoT DevicesSmart cameras: This device mostly comes with weak default passwords and less good encryption. It can also be easily hacked and used for spying purposes.Smart speakers: Even though they are voice-controlled per se, they can turn out to be a potential target for eavesdropping and data theft.Smart TVs: Web-connected; can be vulnerable to malware, data breaches, and adware.Wearable DevicesSmartwatches and fitness trackers: Even though these devices are majorly used to collect the least amount of personal data, this kind of sensitive information might be discovered upon infringement.Medical devices—pacemakers and insulin pumps—which, when hacked, may lead to fatal results. Industrial IoT DevicesICS (Industrial Control Systems): These are utilized in the control of critical infrastructure, such as power plants and factories, and may become targets for cyber-attacks that can cause physical damage or disruptions.Connected vehicles: Connectivity in vehicles has increased with years; therefore, so have the chances of car hacking, which could result in remotecar control or data theft. Vulnerable DevicesHome Routers: As the gateway to your entire home network, a weak router can give way to the compromise of all devices connected to it.Smart thermostats: It looks harmless, but they could have actually been part of a botnet or even used as spies over your home.Applications Area of IoT SecurityHealthcare: Even medical devices, like pacemakers, insulin pumps, and remote patient monitoring systems, are susceptible to cyber-attacks that may result in the loss of lives.Manufacturing: Cyber attacks paralyze ICS/OT environments of critical infrastructure and bring with them enormous financial losses and safety hazards. Energy and Utilities: This sector represents critical infrastructure that is accompanied by a high utilization of IoT devices, powering power grids and water treatment plants, among others, making them very attractive targets for cyber-attacks that may have catastrophic consequences.Transportation: Autonomous vehicles, smart traffic systems, and connected cars use vast volumes of data, making them quite vulnerable to hacking and subsequent data breaches. Financial Services: IoT-related devices used in banking, payments, and financial transactions process sensitive financial data and hence require robust security measures against fraud and data theft. Retail: Point-of-sale systems, inventory management data, and customer data are all at risk if IoT devices are compromised.Government: IoT security is necessary for critical infrastructure, national security, and citizen data. Agriculture: Cyber-attacks on smart farms and IoT-enabled equipment can affect food production and its supply chain. Building Automation: Security is required for smart buildings with IoT-enabled systems against unauthorized access and data breaches.How to protect IoT systems and devices?Here are the steps to secure IoT DevicesDNS filtering: Using the Domain Name System to restrict harmful websites is known as DNS filtering. When DNS filtering is added to a network including IoT devices, it stops such devices from connecting to domains that are not authorized.Encryption: Without encryption, data transfers between IoT devices are susceptible to on-path and external attackers while travelling over the network. Consider encryption as a means of protecting a letter's contents during transit via the postal service, similar to an envelope.Device authentication: Internet of Things (IoT) devices are connected to servers, other networked devices, and one other. All connected devices must undergo authentication to prevent unwanted inputs or requests from third parties.Security of credentials: If at all feasible, IoT device admin credentials must be updated. It is recommended to avoid sharing login credentials between various apps and devices, instead every device should have its password. In doing so, credential-based attacks are less likely.Tools to Secure IoT DevicesFore Scout Platform: This protects and ensures on a network the consent of all managed and unmanaged devices, including IT, IoT, and OT devices, using zero trust principles.Microsoft Defender for IoT: Microsoft Defender for IoT helps enterprises manage, discover, and protect their IoT and OT devices. Extra features include network and device threat monitoring around the clock, identifying every asset and device.Asimily: Asimily is a complete IoT security platform that focuses on medical and laboratory equipment.AWS IoT Device Defender: AWS IoT Device Defender is Amazon's Internet of Things security management service. AWS IoT Device Defender allows administrators to authorize security measures such as authentication and permission.Every connected device creates opportunities for attackers. These vulnerabilities are broad, even for a single small device. The risks posed include data transfer, device access, malfunctioning devices, and always-on/always-connected devices.The main challenges in security remain the security limitations associated with producing lowcost devices, and the growing number of devices which creates more opportunities for attacks.Security SpectrumThe definition of a secured device spans from the most simple measures to sophisticated designs. Security should be thought of as a spectrum of vulnerability which changes over time as threats evolve.Security must be assessed based on user needs and implementation. Users must recognize the impact of security measures because poorly designed security creates more problems than it solves.Example − A German report revealed hackers compromised the security system of a steel mill. They disrupted the control systems, which prevented a blast furnace from being shut down properly, resulting in massive damage. Therefore, users must understand the impact of an attack before deciding on appropriate protection.ChallengesBeyond costs and the ubiquity of devices, other security issues plague IoT −I.Unpredictable Behavior : the sheer volume of deployed devices and their long list of enabling technologies means their behavior in the field can be unpredictable. A specific system may be well designed and within administration control, but there are no guarantees about how it will interact with others.II.Device Similarity: IoT devices are fairly uniform. They utilize the same connection technology and components. If one system or device suffers from a vulnerability, many more have the same issue.III.Problematic Deployment : one of the main goals of IoT remains to place advanced networks and analytics where they previously could not go. Unfortunately, this creates the problem of physically securing the devices in these strange or easily accessed places.IV.Long Device Life and Expired Support: one of the benefits of IoT devices is longevity, however, that long life also means they may outlive their device support. Compare this to traditional systems which typically have support and upgrades long after many have stopped using them. Orphaned devices and abandonware lack the same security hardening of other systems due to the evolution of technology over time.V.No Upgrade Support : many IoT devices, like many mobile and small devices, are not designed to allow upgrades or any modifications. Others offer inconvenient upgrades, which many owners ignore, or fail to notice.VI.Poor or No Transparency : many IoT devices fail to provide transparency with regard to their functionality. Users cannot observe or access their processes, and are left to assume how devices behave. They have no control over unwanted functions or data collection; furthermore, when a manufacturer updates the device, it may bring more unwanted functions.VII.No Alerts : another goal of IoT remains to provide its incredible functionality without being obtrusive. This introduces the problem of user awareness. Users do not monitor the devices or know when something goes wrong. Security breaches can persist over long periods without detection.Software-Defined Radio (SDR)Software-defined radio (SDR) is a radio communication system where components that conventionally have been implemented in analog hardware (e.g. mixers, filters, amplifiers, modulators/demodulators, detectors, etc.) are instead implemented by means of software on a computer or embedded system.While the concept of SDR is not new, the rapidly evolving capabilities of digital electronics render practical many processes which were once only theoretically possible.Software Defined Radio (SDR) is commonly defined as a “Radio in which some or all of the physical layer functions are software defined”. SDR technology uses software, instead of conventional hardware, to perform radio-signal processing functions. Filters, error correction, synchronizers, modulators/demodulators, and frequency tuners used in conventional systems can all be written in software. Software defined devices can be reconfigured to adapt to changing product requirements.While the term SDR refers to radio systems, the concept of processing signals in software rather than through hardware components is applicable to many more systems such as Radar, Automobile, Robotics, Electronic Warfare. A more generic term could be Software Defined Systems, or SDS.A basic SDR system may consist of a computer equipped with a sound card, or other analog-to-digital converter, preceded by some form of RF front end. Significant amounts of signal processing are handed over to the general-purpose processor, rather than being done in special-purpose hardware (electronic circuits). Such a design produces a radio which can receive and transmit widely different radio protocols (sometimes referred to as waveforms) based solely on the software used.Software radios have significant utility for the military and cell phone services, both of which must serve a wide variety of changing radio protocols in real time. In the long term, software-defined radios are expected by proponents like the Wireless Innovation Forum to become the dominant technology in radio communications. SDRs, along with software defined antennas are the enablers of cognitive radio.SDRs work much like desktop computing where a single hardware platform can carry out many functions based on the software applications loaded. SDRs use high-speed reprogrammable devices such as Digital Signal Processors (DSPs), Field Programmable Gate Arrays (FPGAs), or General Purpose Processors (GPPs), executing tasks performed by hardware in conventional radio systems.The system’s software-based filtering algorithms configure radio parameters such as operating modes, frequency, and modulation, eliminating the need for hardware components such as mixers, filters, amplifiers, modulators, and demodulators. This type of design results in a radio which can receive and transmit different radio protocols simply by changing software, providing the flexibility needed to efficiently use the radio frequency spectrum and expand a radio’s capabilities without the need for hardware updates.SDR technology addresses the exponential growth by which people need to communicate. Data, voice, video, messaging, command and control, emergency response communications, etc. are all encompassing communication mechanisms currently within the SDR domain. SDR is a solution to competing demands about providing greater access to communication means while keeping a tap on the equipment costs. SDR is a flexible and cost-efficient solution where benefits can be realized by service providers, product developers and even reaching end users.Benefits of SDRBelow are several key features and benefits of using SDR:I.Reduce development cost and time to market by integrating software blocks rather than hardware redesignII.Reduce innovation cycleIII.Protection against hardware obsolescenceIV.In-field updates/upgrade of system capability via software downloadV.Single hardware platform can support multiple communications protocols via software application loadsVI.Multi-purpose platform supporting multiple application domains (e.g. Radio/EW)VII.Development of domain specific applications can be initiated on personal computers or COTS platformVIII.COTS eco-system to simplify the software development can be usedApplication Domains/Areas of SDRThe flexibility provided by SDR makes the technology a logical choice to meet the ever-changing requirements of today’s commercial and military products. While the term SDR refers to radio systems, the concept of processing signals in software rather than through hardware components is applicable to many more systems such as Radar, Automobile, Robotics, Electronic Warfare. A more generic term could be Software Defined Systems, or SDS. CryptographyCryptography is a technique of securing communication by converting plain text into unintelligible ciphertext.Cryptography is a technique of securing information and communications through the use of some algorithms so that only those persons for whom the information is intended can understand it and process. It involves various algorithms and protocols to ensure data confidentiality, integrity, authentication, and non-repudiation. Features of CryptographyBelow are some features of cryptography;Confidentiality: Cryptography keeps your sensitive information hidden from hackers by transforming it into an unreadable form.Integrity: Cryptography ensures that your data remains intact and unaltered during transmission or storage.Authentication: Cryptography helps verify the identity of a sender and confirms the origin of a message.Non-repudiation: Cryptography prevents the sender from denying their involvement in a message or transaction.Key Management: Cryptography securely manages the keys used for encryption and decryption.Scalability: Cryptography can handle different levels of data volume and complexity, from individual messages to large databases.Interoperability: Cryptography allows for secure communication between different systems and platforms.Adaptability: Cryptography continuously evolves to stay ahead of security threats and technological advancementThe primary types of cryptography are symmetric key cryptography, asymmetric key cryptography and Harsh function. This plays a vital role in ensuring the security and privacy of information in today’s digital world and enables secure online transactions, protects sensitive data stored in databases, and ensures the confidentiality of communication. As technology continues to advance, cryptography remains a crucial tool in the ongoing battle to keep our information safe from hackers.How Cryptography Works? Plaintext: This is the original intelligible message or data that is fed into the algorithm as input.Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext.Secret key: The secret key is also input to the encryption algorithm. The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time. The exact substitutions and transformations performed by the algorithm depend on the key.Ciphertext: Ciphertext is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts. The ciphertext is an apparently random stream of data and, as it stands, is unintelligible. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the original plaintext.Applications of CryptographySecure Communication: Cryptography enables secure communication channels, such as encrypted messaging apps and virtual private networks (VPNs), and Cloud security to protect conversations and data transmitted over the internet.E-commerce and Online Transactions: Cryptography is crucial in securing e-commerce transactions, online banking, and digital payment systems. It protects sensitive financial information, such as credit card details and personal identification numbers (PINs).Password Storage: Storing passwords securely is essential to prevent unauthorized access to user accounts. Cryptographic techniques like hashing and salting help protect passwords from being easily compromised in the event of a data breach.Digital Rights Management (DRM): Digital Rights Management (DRM) systems use cryptography to enforce copyright protection and prevent unauthorized copying or distribution of digital content, such as e-books, music, and movies.Symmetric CryptographySymmetric cryptographic schemes are also referred to as symmetric-key, secret-key, and single-key schemes or algorithms. Symmetric cryptography is best introduced with an easy to understand problem: There are two users, Alice and Bob, who want to communicate over an insecure channel. The term channel might sound a bit abstract but it is just a general term for the communication link: This can be the Internet, a stretch of air in the case of mobile phones or wireless LAN communication , or any other communication media you can think of. The actual problem starts with the bad guy, Oscar1, who has access to the channel, for instance, by hacking into an Internet router or by listening to the radio signals of a Wi-Fi communication. This type of unauthorized listening is called eavesdropping. Obviously, there are many situations in which Alice and Bob would prefer to communicate without Oscar listening. For instance, if Alice and Bob represent two offices of a car manufacturer, and they are transmitting documents containing the business strategy for the introduction of new car models in the next few years, these documents should not get into the hands of their competitors, or of foreign intelligence agencies for that matter.In this situation, symmetric cryptography offers a powerful solution: Alice encrypts her message x using a symmetric algorithm, yielding the ciphertext y. Bob receives the ciphertext and decrypts the message. Decryption is, thus, the inverse process of encryption.Stream ciphers encrypt bits individually. This is achieved by adding a bit from a key stream to a plaintext bit. There are synchronou stream ciphers where the key stream depends only on the key, and asynchronous ones where the key stream also depends on the ciphertext.Block ciphers encrypt an entire block of plaintext bits at a time with the same key. This means that the encryption of any plaintext bit in a given block depends on every other plaintext bit in the same block. In practice, the vast majority of block ciphers either have a block length of 128 bits (16 bytes) such as the advanced Encryption Standard (AES), or a block length of 64 bits (8 bytes) such as the Data Encryption Standard (DES) or Triple DES (3DES) algorithmHash functionsA hash function in cryptography is like a mathematical function that takes various inputs, like messages or data, and transforms them into fixed-length strings of characters. Means the input to the hash function is of any length but output is always of fixed length. This is like compressing a large balloon into a compact ball.The importance of this process lies in its generation of a unique "fingerprint" for each input. Any minor alteration in the input results in a substantially different fingerprint, a quality known as "collision resistance."Hash functions play a crucial role in various security applications, including password storage (hash values instead of passwords), digital signatures, and data integrity checks. Hash values, or message digests, are values that a hash function returns.Key Points of Hash Functionsi.Hash functions are mathematical operations that "map" or change a given collection of data into a fixed-length bit string that is referred to as the "hash value."ii.Hash functions have a variety of complexity and difficulty levels and are used in cryptography.iii.Cryptocurrency, password security, and communication security all use hash functions.Operation of Cryptographic Hash FunctionsIn computing systems, hash functions are frequently used data structures for tasks like information authentication and message integrity checks. They are not easily decipherable, but because they can be solved in polynomial time, they are regarded as cryptographically "weak".Typical hash functions have been improved with security characteristics by cryptographic hash functions, which make it more challenging to decipher message contents or recipient and sender information.Specifically, cryptographic hash functions display the following;i.The hash function are called as "collision-free." As a result, no two input hashes should be equal to the same output hash.ii.They are hidden. A hash function's output should make it difficult to figure out the input value from it.iii.They should to be friendly to puzzles. The selection of an input that generates a predetermined result needs to be difficult. As such, the input needs to be taken from as wide as possible.Properties of hash functionsTo be a reliable cryptographic tool, the hash function should have the following properties −Pre-Image Resistancei.According to this feature, reversing a hash function should be computationally difficult.ii.In other words, if a hash function h generates a hash value z, it should be difficult to identify an input value x that hashes to z.iii.This feature defends against an attacker attempting to locate the input with just the hash value.Second Pre-Image Resistancei.This property says that given an input and its hash, it should be difficult to find another input with the same hash.ii.In other words, it should be challenging to find another input value y such that h(y) equals h(x) if a hash function h for an input x returns the hash value h(x).iii.This feature of the hash function protects against an attacker who wants to replace a new value for the original input value and hash, but only holds the input value and its hash.Collision Resistancei.This feature says that it should be difficult to identify two different inputs of any length that produce the same hash. This characteristic is also known as a collision-free hash function.ii.In other words, for a hash function h, it is difficult to identify two distinct inputs x and y such that h(x)=h(y).iii.A hash function cannot be free of collisions because it is a compression function with a set hash length. The collision-free condition simply indicates that these collisions should be difficult to locate.iv.This characteristic makes it very hard for an attacker to identify two input values that have the same hash.v.Furthermore, a hash function is second pre-image resistant if it is collision-resistant.Efficiency of Operationi.Computation of h(x) for any hash function h given input x can be an easy process.ii.Hash functions are computationally considerably faster than symmetric encryption.Fixed Output SizeHashing generates an output of a specific length, regardless of the input size, and helps to make an output of the same size from different input sizes.DeterministicFor a given input, the hash function consistently produces the same output, like a recipe that always yields the same dish when followed precisely.Fast ComputationHashing operations occur rapidly, even for large amounts of data sets.Design of Hashing AlgorithmsHashing essentially involves a mathematical function that takes two data blocks of fixed size and converts them into a hash code. The function is a key part of the hashing algorithm. The length of these data blocks differ according to the algorithm used. Usually, they range from 128 bits to 512 bits. Below is an example of a hash function.Hashing algorithms use a sequence of rounds, similar to a block cipher, to process a message. In each round, a fixed-size input is used, which usually combines the current message block and the result from the previous round.This process continues for multiple rounds until the entire message is hashed. Due to the interconnected nature of hashing, where the output of one operation affects the input of the next, even a minor change (a single bit difference) in the original message can drastically alter the final hash value.This phenomenon is known as the avalanche effect. Additionally, it's crucial to distinguish between a hash function and a hashing algorithm. The hash function itself takes two fixed-length binary blocks of data and generates a hash code.A hashing algorithm, on the other hand, establishes how the message is divided into blocks and how the outcomes of multiple hash operations are combined.Popular Hash FunctionsHash functions play an important role in computing, providing versatile capabilities like: Quick retrieval of data, Secure protection of information (cryptography), Ensuring data remains unaltered (integrity verification). Some commonly used hash functions are −Message Digest (MD): for a number of years, MD5 was the most popular and often used hash function.The hash functions MD2, MD4, MD5, and MD6 are members of the MD family. It was adopted as the RFC 1321, Internet Standard. It is a 128-bit hash function. In the software industry, MD5 digests are frequently used to ensure the integrity of transferred files. To enable users to compare the checksum of the downloaded file with the pre-computed MD5 checksum, file servers frequently provide this feature. In 2004, collisions were found in MD5. It was claimed that an analytical attack using a computer cluster was successful in under one hour. Since MD5 was compromised by this collision attack, using it is no longer recommended.ii.Secure Hash Function (SHA) : the four SHA algorithms which make up the SHA family are SHA-0, SHA-1, SHA-2, and SHA-3. Despite coming from the same family, the structure of it differs.The National Institute of Standards and Technology (NIST) released the first iteration of the 160-bit hash algorithm, known as SHA-0, in 1993. It did not gain much popularity and had few drawbacks. SHA-1 was created later in 1995 to address perceived flaws in SHA-0. SHA-1 is the most widely used of the existing SHA hash functions. It is used in most of the applications and protocols including Secure Socket Layer (SSL) security. In 2005, a technique was discovered for SHA-1 collision detection that can be used in a realistic time frame. So it is doubtful on SHA-1's long-term usability.SHA-224, SHA-256, SHA-384, and SHA-512 are the other four SHA variants in the SHA-2 family, which vary based on the number of bits in their hash value. The SHA-2 hash function has not yet been the target of any effective attacks. Though SHA-2 is a strong hash function. Though significantly different, its basic design still follows the design of SHA-1. NIST thus demanded the creation of new competitive hash function designs. The Keccak algorithm was selected by the NIST in October 2012 to replace the SHA-3 standard. Keccak has several advantages, including effective operation and strong attack resistance.iii.CityHash: cityHash is another non-cryptographic hash function that is designed for fast hashing of large amounts of data. It is optimized for modern processors and offers good performance on both 32-bit and 64-bit architectures.iv.BLAKE2: BLAKE2 is a fast and secure hash function that improves upon SHA-3. It is widely used in applications like cryptocurrency mining that need fast hashing. There are two types of BLAKE2. BLAKE2b is the Best for 64-bit computers, it produces hash values up to 512 bits long. BLAKE2s : is the best for smaller computers (8-32 bits), it produces hash values up to 256 bits long.v.CRC (Cyclic Redundancy Check): CRC (Cyclic Redundancy Check) is a technique used to detect errors in data transfer. It involves adding a special value called a checksum to the end of a message. This checksum is calculated based on the message's content and is included during transmission. When the data is received, the recipient recalculates the checksum using the same method. If the new checksum matches the original one, it's likely that the message was transmitted without errors. While CRC is effective for error detection, it's not a security measure. It is primarily used to ensure the integrity of data during transmission, not to protect it from unauthorized access or modification.MurmurHash: MurmurHash is a speedy and effective hash function that is not meant for security. It is great for things like hash tables but not for tasks that need protection against collisions (situations where different inputs produce the same hash).Applications of Hash FunctionsBased on its cryptographic characteristics, the hash function has two direct uses.i.Password StorageHash functions provide protection to password storage. Instead of storing passwords in clear, mostly all login processes store the hash values of passwords in the file.The Password file is a table of pairs in the format (user id, h(P)).Even if an attacker has access to the password, all they can see is the hashes of the passwords. Because the hash function contains the pre-image resistance feature, he cannot use it to log in or get the password from it.ii.Data Integrity CheckData integrity checks, commonly using hash functions, provide assurances about the accuracy of data files by creating checksums. This method allows users to detect any alterations made to the original file.However, it does not guarantee the authenticity of the file. An attacker could potentially modify the entire file and generate a new hash, sending it to the receiver. This integrity check is only effective if the user trusts the file's original source.Different Between Hash Function and EncryptionEncryption transforms data into a disguised form, requiring a cipher (key) to decipher and read it. Encryption and decryption are reversible processes enabled by the cipher. Encryption is used with the goal of later deciphering the data. While Hashing function transforms data of any size into a fixed-length output. Unlike encryption, hashing is typically a one-way function. The high computational effort needed to reverse a hash makes it difficult to retrieve the original data from the hashed output.Data is protected during transmission by encryption, which stops unwanted access. By comparing the data to a distinct fingerprint (hash) created from the original data, hashing ensures the integrity of the data. Encryption keeps data confidential, while Hashing function ensures authenticity by detecting any modifications.BlockchainBlockchain Technology is the name given to a modern database management technique, which enables a large business to share information and communicate with the help of links and chains between different nodes in the network. It is a new way of handling digital transactions that have started to gain traction in recent years.Data is kept in blocks that are connected in a chain within a blockchain database. Because the chain cannot be removed or altered without network approval, the data is consistent across time.Blockchain Technology is a distributed ledger that assures data is safe, transparent, and unchangeable by recording transactions across several computers. Every transaction is documented as a "block" of data, which is connected to the one before it to create a chain of blocks thus the term "blockchain".A blockchain is an ever-growing ledger in a network, which keeps a track record of all transactions, changes and implementations that have taken place inside the network in a secure, ordered and immutable way. In simple terms, it is a chain of blocks like a linked list, with each node being before and after another node. All nodes or blocks have links to the next node, just like pointers in programming.Each block records all of the recent transactions, and once completed goes into the blockchain as a permanent database. This technique is based on Cryptographic Concepts of Information Security, which will be studied later on. Each time a block gets completed, a new block is generated. Once a block of information is created in the chain, it can’t be changed or deleted. This makes the blockchain very secure and trustworthy.A blockchain network is independent of centralized institutions, and it can work without any need for third-party middle-man such as central authorities, banks, government, etc. Transactions are verified by a network of computers. A blockchain network is based on the internet, and hence, it cannot run offline.Key NotesWe can take the following important points from the above explanation, and memorize these before moving on to the next few sections;i.Blockchain represents a form of distributed database that contrasts with conventional databases in its method of information storage.ii.It organizes data into blocks that are interconnected through cryptographic techniques, which will be studied later.iii.A variety of information can be recorded on a blockchain, yet its primary application has been as a ledger for transactions.iv.Blockchain operates in a decentralized manner, meaning that no individual or group possesses authority over it; control is shared among all users.Key Principles of Blockchaini.Distributed Ledger Technology: All participants in the network have access to the distributed ledger and its immutable record of transactions. This eliminates the need for a central authority and reduces the risk of data tampering.ii.Immutable Records: Once a transaction is recorded, it cannot be altered or deleted. If an error is found, a new transaction must be added to correct it, ensuring transparency and traceability.iii. Smart Contracts: These are self-executing contracts with the terms of the agreement directly written into code. They automatically execute and enforce the terms of the contract when predefined conditions are met.How Blockchain WorksA blockchain consists of small sequenced programs, known as scripts, which conduct the tasks available in a database, like entering information, accessing data stored in the database, saving data and copying it elsewhere. By default, data once saved in a ledger cannot be altered. A blockchain is distributed, which means multiple copies are saved on many machines, and they must all match for it to be valid.Transactions in a network follow a sequence of steps, which may differ depending on the type of network where they are implemented. Generally, when a transaction is initiated, the application that provides an interface for the blockchain starts a sequence of events.Every node in the network proposes its own blocks in this way because they all choose different transactions. Each works on their own blocks, trying to find a solution to the difficulty target, using the query number used once, also called by its acronym nonce. Once a block is closed, a transaction is complete.Although this process is a generalized sequence of steps, not all networks follow these in order, or at all. Some cryptocurrencies like Ethereum, Dogecoin, and Bitcoin are discussed in the later sections of this article.Features/ Properties of BlockchainBlockchain technology is a major booming force for decentralized cryptocurrencies across the globe. Due to its many features, it finds use in various sectors of modern life. The following points briefly explain the features and concepts of Blockchain technology i. DecentralizationA blockchain facilitates the distribution of data across multiple network nodes (computers or devices) operating blockchain software, located in different geographical areas. This architecture not only ensures redundancy, but also preserves the integrity of the data.For instance, if an attempt is made to modify a record at one instance of the database, the other nodes will thwart this action by comparing block hashes. Consequently, no individual node within the network possesses the capability to alter information contained within the chain.ii. TransparencyDue to the decentralized structure of all blockchain networks, all transactions are openly accessible for viewing by downloading and examining them, or by utilizing blockchain explorers that enable real-time monitoring of transactions.Every node maintains its own version of the chain, which is continuously updated with the addition of new blocks. Consequently, it is possible to trace the movement of a bitcoin to its destination, if desired.iii. SecurityBlockchain technology ensures decentralized security and trust through various methods. Initially, new blocks are consistently stored in a linear and chronological manner, always being appended to the last of the blockchain. Once a block is added to the end of the blockchain, it becomes immutable, preventing any changes to previous blocks.A modification in any data within a block alters its hash value. Since each block includes the hash of the previous block, any change would impact subsequent blocks. In the event of an attempt to modify a block, the network would reject it due to hash inconsistencies. Nevertheless, this manipulation can potentially occur in smaller blockchain networksTypes of Blockchain Networksi.Public Blockchains: These are open to anyone and are typically used for cryptocurrencies like Bitcoin. They offer high transparency but may have lower security and privacy.ii.Private Blockchains: These are restricted and controlled by a single organization. They offer higher security and privacy but may lack transparency.iii. Permissioned Blockchains: These can be either public or private and require permission to join. They offer a balance between security, privacy, and transparency.iv. Consortium Blockchains: These are managed by a group of organizations rather than a single entity. They are often used in industries where multiple parties need to collaborate1.Benefits of Blockchaini.Greater Trust: Blockchain provides a single source of truth that all participants can trust1.ii. Enhanced Security: Transactions are encrypted and linked to previous transactions, making it difficult for hackers to alter the data1.iii.Increased Efficiency: By eliminating intermediaries and automating processes with smart contracts, blockchain can significantly speed up transactions and reduce costs.Use Cases of BlockchainBlockchain technology has a wide range of applications across various industries:i.Supply Chain Management: Enhances transparency and traceability of goods from production to delivery.ii.Healthcare: Improves patient data management and ensures data integrity.iii.Financial Services: Facilitates faster and more secure transactions, reducing the need for intermediaries.iv.Voting Systems: Provides a secure and transparent way to conduct electionsCryptography in BlockchainCryptography is a growing phenomenon in the realm of modern data security and efficient information exchange. Cryptography represents the age-old pursuit of secure communication. It has evolved from ancient cryptic manuscripts to the complex algorithms of modern science and technology.A cryptocurrency is a digital or virtual currency secured by cryptography, which makes it nearly impossible to counterfeit or double-spend. Most cryptocurrencies exist on decentralized networks using blockchain technology which is a distributed ledger enforced by a disparate network of computers.There are mainly two types of cryptography used in modern networks and communication systemi.Public Key Cryptographyii.Elliptic Curve Cryptographyi. Public Key CryptographyPublic key cryptography utilizes a set of keys, with one being public (accessible to all) and the other private (known solely by the owner).Let us take an example of two people- Alice and Bob. Alice wants to send a message to Bob but in a secure way. In order to transmit a message to Bob, Alice employs Bob's public key for encryption. Bob, in possession of his private key, is able to decrypt and access the message.This works in the following way;Encryption : Bob’s public key is like a special lock, and Alice uses it to lock her message.Decryption : Bob’s private key is like the unique key that opens the lock to read the message.ii.Elliptic Curve CryptographyECC is a powerful and innovative encryption method, revolutionizing the modern cryptographic techniques. It enhances security while requiring smaller key sizes compared to traditional cryptographic algorithms. Let us learn different aspects of ECC.Key GenerationPublic Key (Q) − Bob picks a curve and a point on it. He calls this point (G). His public key (Q) is a result of multiplying (G) by a secret number (d).Example − Q = d . GEncryptionI.When Alice wants to send Bob a secret message, she picks a random number (k).II.She computes a point (C) on the curve by multiplying (G) by (k).III.The x-coordinate of (C) is part of the encrypted message.IV.The shared secret is derived by Bob multiplying (C) by his secret number (d).Example − s = k . QDecryptionI.Bob, with his private key, multiplies (C) by (d) to get the same shared secret (s).II.Using a key derivation function, both Alice and Bob derive a symmetric key from (s).III.The symmetric key is used to decrypt the message.Example − S = d . CUses of ECCi.Websites make extensive use of ECC to secure customers’ hypertext transfer protocol connections.ii.It is used for encryption by combining the key agreement with a symmetric encryption scheme. iii.It is also used in several integer factorization algorithms like Lenstra elliptic-curve factorization.iv.Time stamping uses an encryption model called a blind signature scheme. It is possible using Elliptic Curve CryptographyBlockchain - Merkle TreeThe issue of disk space in a node is easily overcome because all transactions in a block are hashed in a Merkle Tree Chapter 1: Title