最近学习区块链的知识,学习过程中,了解了区块链中常用的几种算法。有一大胆的想法,把这些算法整理成为一个清单,并找出算法论文,目前市场应用,以及实现代码。如果还有其他的算法或者代币,也欢迎大家推荐加入此清单。
SHA-256
介绍:SHA代表安全散列算法(Secure Hash Algorithm),SHA-256是由美国国家安全局(NSA)设计的SHA-2加密散列函数的成员(SHA-2的其他成员有SHA-224、SHA-384、SHA-512)。加密散列函数是对数字数据运行的数学运算,通过将所计算的“散列”与已知的散列值进行比较,人们可以确定数据的完整性。 单向散列可以从任意数据生成,但不能从散列生成数据。在比特币等多个区块链应用中的多个环节被使用。
论文:Courtois, Nicolas T., Marek Grajek, and Rahul Naik. "Optimizing sha256 in bitcoin mining." International Conference on Cryptography and Security Systems. Springer, Berlin, Heidelberg, 2014.
应用:Bitcoin(BTC)、BitcoinCash(BCH)、Peercoin(PPC)、Zetacoin(ZET)、Universal(UNIT)、Deutsche eMark(DEM)、AUR-SHA(AUR)、DGB-SHA(DGB)
算法实现:SHA-256算法要求输入报文的最大长度不能超过2^64bit,输入按512bit分组进行处理,产生的输出是一个256bit的报文摘要。
SHA256.h
#ifndef _SHA_256_H #define _SHA_256_H #include using namespace std; typedef unsigned int UInt32; //六个逻辑函数 #define Conditional(x,y,z) ((x&y)^((~x)&z)) #define Majority(x,y,z) ((x&y)^(x&z)^(y&z)) #define LSigma_0(x) (ROTL(x,30)^ROTL(x,19)^ROTL(x,10)) #define LSigma_1(x) (ROTL(x,26)^ROTL(x,21)^ROTL(x,7)) #define SSigma_0(x) (ROTL(x,25)^ROTL(x,14)^SHR(x,3)) #define SSigma_1(x) (ROTL(x,15)^ROTL(x,13)^SHR(x,10)) //信息摘要结构 struct Message_Digest{ UInt32 H[8]; }; //SHA256类 class SHA256 { public: SHA256(){INIT();}; ~SHA256(){}; Message_Digest DEAL(UInt32 W[16]);//处理512比特数据,返回信息摘要 private: void INIT(); //初始杂凑值 UInt32 ROTR(UInt32 W,int n);//右旋转 UInt32 ROTL(UInt32 W,int n);//左旋转 UInt32 SHR(UInt32 W,int n); //右移位 private: //信息摘要 Message_Digest MD; }; #endifSHA256.cpp
#include"SHA-256.h" //64个32比特字的常数(前64个素数的立方根小数前32位) const UInt32 K[64] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2, }; //初始化杂凑值(前8个素数的平方根小数前32位) void SHA256::INIT(){ MD.H[0] = 0x6a09e667; MD.H[1] = 0xbb67ae85; MD.H[2] = 0x3c6ef372; MD.H[3] = 0xa54ff53a; MD.H[4] = 0x510e527f; MD.H[5] = 0x9b05688c; MD.H[6] = 0x1f83d9ab; MD.H[7] = 0x5be0cd19; } //处理512比特数据,返回信息摘要 Message_Digest SHA256::DEAL(UInt32 M[16]){ int i; UInt32 T1=0,T2=0; UInt32 W[64]={0}; UInt32 A=0,B=0,C=0,D=0,E=0,F=0,G=0,H=0; for(i=0;i<16;i++){ W[i] = M[i]; } for(i=16;i<64;i++){ W[i] = SSigma_1(W[i-2])+W[i-7]+SSigma_0(W[i-15])+W[i-16]; } A = MD.H[0]; B = MD.H[1]; C = MD.H[2]; D = MD.H[3]; E = MD.H[4]; F = MD.H[5]; G = MD.H[6]; H = MD.H[7]; cout<<"初始:"; cout<<hex<<A<<" "<<B<<" "<<C<<" "<<D<<" "<<E<<" "<<F<<" "<<G<<" "<<H<<endl; for(i=0;i<64;i++){ T1 = H + LSigma_1(E) + Conditional(E, F, G) + K[i] + W[i]; T2 = LSigma_0(A) + Majority(A, B, C); H = G; G = F; F = E; E = D + T1; D = C; C = B; B = A; A = T1 + T2; cout<<dec<<i<<":"; cout<<hex<<A<<" "<<B<<" "<<C<<" "<<D<<" "<<E<<" "<<F<<" "<<G<<" "<<H<<endl; } MD.H[0]=(MD.H[0]+A) & 0xFFFFFFFF; MD.H[1]=(MD.H[1]+B) & 0xFFFFFFFF; MD.H[2]=(MD.H[2]+C) & 0xFFFFFFFF; MD.H[3]=(MD.H[3]+D) & 0xFFFFFFFF; MD.H[4]=(MD.H[4]+E) & 0xFFFFFFFF; MD.H[5]=(MD.H[5]+F) & 0xFFFFFFFF; MD.H[6]=(MD.H[6]+G) & 0xFFFFFFFF; MD.H[7]=(MD.H[7]+H) & 0xFFFFFFFF; return MD; } //右旋转 UInt32 SHA256::ROTR(UInt32 W,int n){ return ((W >> n) & 0xFFFFFFFF) | (W) << (32-(n)); } //左旋转 UInt32 SHA256::ROTL(UInt32 W,int n){ return ((W << n) & 0xFFFFFFFF) | (W) >> (32-(n)); } //右移位 UInt32 SHA256::SHR(UInt32 W,int n){ return ((W >> n) & 0xFFFFFFFF); }test.cpp
#include #include"SHA-256.h" using namespace std; typedef unsigned int UInt32; typedef unsigned __int64 UInt64; typedef unsigned char UChar; #define Max 1000//最大字符数 SHA256 sha256=SHA256(); Message_Digest M_D; UInt32 W[Max/4];//整型 UInt32 M[16]; //存分组信息 //压缩+显示 void compress(){ int i; M_D = sha256.DEAL(M); cout<<"哈希值: "; for(i=0;i<8;i++){ cout<<hex<<M_D.H[i]<<" "; } cout<<endl; } //添加填充位+添加长度 void PAD(UChar Y[Max]){ //x+1+d+l=|x| UInt32 i,j; UInt32 T1=0,T2=0,T3=0,T4=0; UChar temp[Max]={0}; UInt64 x = strlen((char *)Y);//数据长度 UInt32 d = abs(55-x) % 64; //填充长度 UInt32 n = (x+8)/64+1; //分组数 UInt32 m = x%64; //最后组数据长度 UInt32 l = 8; cout<<"数据长度x:"<<int(x)<<" "; cout<<"填充长度d:"<<d<<" "; cout<<"分组数量n:"<<n<<" "; cout<<"最后长度m:"<<m<<endl; //不填充 for(i=0;i<x;i++){ temp[i] = Y[i]; } //填充1次1000 0000 temp[x] = 0x80; //填充d次0000 0000 for(i=x+1;i<x+d+1;i++){ temp[i] = 0x00; } //填充长度的63-0位 for(i=1;i<=l;i++){ temp[(n*64)-i] = (UChar)(8*x>>(i-1)*8); } //无符号字符转换为无符号整型 for(i=0;i<Max/4;i++){ for(j=0;j<4;j++){ if(j==0) T1 = temp[4*i+j]; if(j==1) T2 = temp[4*i+j]; if(j==2) T3 = temp[4*i+j]; if(j==3) T4 = temp[4*i+j]; } W[i] = (T1<<24) + (T2<<16) + (T3<<8) +T4; } //显示16进制数据 cout<<"16进制数据:"; for(i=0;i<n*16;i++){ cout<<hex<<" "<<W[i]; } cout<<endl; //分组处理 for(i=0;i<n;i++){ cout<<"分组处理:"<<i+1<<endl; for(j=0;j<16;j++){ M[j] = W[(i*16)+j]; } compress();//sha-256压缩 } } //主函数 int main(){ UChar Y[Max]; cout<<"请输入要加密的字符串(最大"<<Max<<"个):"<<endl; cin>>Y; PAD(Y); system("pause"); return 0; }
Scrypt
介绍:Scrypt是一个内存依赖型的hash算法。该算法是由著名的FreeBSD黑客Colin Percival为他的备份服务Tarsnap开发的。内存依赖顾名思义会占用很多内存空间,从而减少cpu负荷。由于其内存依赖的设计特别符合当时对抗专业矿机的设计,成为数字货币算法发展的一个主要应用方向。
论文:Percival, Colin. "Stronger key derivation via sequential memory-hard functions." Self-published (2009): 1-16.
应用:Litecoin(LTC)、Dogecoin(DOGE)、DNotes(NOTE)、Florin(FLO)、Gulden(NLG)、DGB-Scrypt(DGB)、GameCredits(GAME)、Verge-Scrypt(XVG)、Einsteinium(EMC2)、AUR-Scrypt(AUR)
算法实现:
public class ScryptDemo { public static void main(String[] args) { String originalPassword = "passw0rd"; String generatedSecuredPasswordHash = SCryptUtil.scrypt(originalPassword, 16, 16, 16); System.out.println(generatedSecuredPasswordHash); boolean matched = SCryptUtil.check("password", generatedSecuredPasswordHash); System.out.println(matched); matched = SCryptUtil.check("passwordno", generatedSecuredPasswordHash); System.out.println(matched); } } // Copyright (C) 2011 - Will Glozer. All rights reserved. package com.lambdaworks.crypto; import java.io.UnsupportedEncodingException; import java.security.GeneralSecurityException; import java.security.SecureRandom; import static com.lambdaworks.codec.Base64.*; /** * Simple {@link SCrypt} interface for hashing passwords using the * scrypt key derivation function * and comparing a plain text password to a hashed one. The hashed output is an * extended implementation of the Modular Crypt Format that also includes the scrypt * algorithm parameters. * * Format:$s0$PARAMS$SALT$KEY. * * * PARAMS32-bit hex integer containing log2(N) (16 bits), r (8 bits), and p (8 bits) * SALTbase64-encoded salt * KEYbase64-encoded derived key * * *s0identifies version 0 of the scrypt format, using a 128-bit salt and 256-bit derived key. * * @author Will Glozer */ public class SCryptUtil { /** * Hash the supplied plaintext password and generate output in the format described * in {@link SCryptUtil}. * * @param passwd Password. * @param N CPU cost parameter. * @param r Memory cost parameter. * @param p Parallelization parameter. * * @return The hashed password. */ public static String scrypt(String passwd, int N, int r, int p) { try { byte[] salt = new byte[16]; SecureRandom.getInstance("SHA1PRNG").nextBytes(salt); byte[] derived = SCrypt.scrypt(passwd.getBytes("UTF-8"), salt, N, r, p, 32); String params = Long.toString(log2(N) << 16L | r << 8 | p, 16); StringBuilder sb = new StringBuilder((salt.length + derived.length) * 2); sb.append("$s0$").append(params).append('$'); sb.append(encode(salt)).append('$'); sb.append(encode(derived)); return sb.toString(); } catch (UnsupportedEncodingException e) { throw new IllegalStateException("JVM doesn't support UTF-8?"); } catch (GeneralSecurityException e) { throw new IllegalStateException("JVM doesn't support SHA1PRNG or HMAC_SHA256?"); } } /** * Compare the supplied plaintext password to a hashed password. * * @param passwd Plaintext password. * @param hashed scrypt hashed password. * * @return true if passwd matches hashed value. */ public static boolean check(String passwd, String hashed) { try { String[] parts = hashed.split("\\$"); if (parts.length != 5 || !parts[1].equals("s0")) { throw new IllegalArgumentException("Invalid hashed value"); } long params = Long.parseLong(parts[2], 16); byte[] salt = decode(parts[3].toCharArray()); byte[] derived0 = decode(parts[4].toCharArray()); int N = (int) Math.pow(2, params >> 16 & 0xffff); int r = (int) params >> 8 & 0xff; int p = (int) params & 0xff; byte[] derived1 = SCrypt.scrypt(passwd.getBytes("UTF-8"), salt, N, r, p, 32); if (derived0.length != derived1.length) return false; int result = 0; for (int i = 0; i < derived0.length; i++) { result |= derived0[i] ^ derived1[i]; } return result == 0; } catch (UnsupportedEncodingException e) { throw new IllegalStateException("JVM doesn't support UTF-8?"); } catch (GeneralSecurityException e) { throw new IllegalStateException("JVM doesn't support SHA1PRNG or HMAC_SHA256?"); } } private static int log2(int n) { int log = 0; if ((n & 0xffff0000 ) != 0) { n >>>= 16; log = 16; } if (n >= 256) { n >>>= 8; log += 8; } if (n >= 16 ) { n >>>= 4; log += 4; } if (n >= 4 ) { n >>>= 2; log += 2; } return log + (n >>> 1); } }