FACULTY OF COMPUTING AND INFORMATION MANAGEMENT

BACHELOR OF SCIENCE IN INFORMATION SECURITY AND FORENSIC STUDIES

UNIT: BISF-3107

BY: KINYA SHARON KAGENI Reno – 20/00208

Email: 2000208@students.kca.ac.ke
LECTURER: DR DENNIS KABURU
MAY-AUG 2022

This CAT 1 is submitted IN PARTIAL FULFILMENT OF THE REQUIREMENTS OF the

award of BACHELORS OF SCIENCE IN INFORMATION SECURITY AND FORENSIC
STUDIES in KCA University
BISF 3107/BIT 04103/BBIT 04107: BLOCK CHAIN TECHNOLOGIES AND
APPLICATIONS
Take Away CAT hand in 3rd August 2022 via virtual campus.

a) The above diagram shows metadata about the transactions included in a block. Using
the diagram as reference identify the different components of a block header and
describe its role. (2 marks)

Timestamp

Timestamp in the block chain is used as proof that the particular block is used at what instance of
a time, also this timestamp is used as a parameter to verify the authenticity of any block.

Merkle Root

A Merkle root uses mathematical formulas to check if the data is not corrupted, hacked, or
manipulated

Difficulty Target

It specifies the complexity and the computation power required to mine the network, if we are
having a high difficulty target then it implies that we need more a computationally expensive
machine to mine it.
Nonce

A nonce refers to a number or value that can only be used once. Nonces are often used on
authentication protocols and cryptographic hash functions. It is abbreviated as ‘number only used
once’ and it is a number which block chain miners are finding and on average, it takes almost 10
times to find out the correct nonce.

Previous Hash

As Block chain is a collection of several interconnected nodes also called a block, so previous
hash stores the hashed value of the previous node’s address

b) Briefly describe the properties of Cryptographic hash functions ( 2 marks)

A hash function is used to map the data of arbitrary size to generate an output of a fixed size,
usually called the Hash Digest.it is also a process that takes plaintext data of any size and
converts it into a unique cipher text of a specific length. If the hash function satisfies some well-
established standards of security, integrity, and other conventions of similar scope, it can be
called a Cryptographic Hash Function (CHF). CHF is an algorithm that takes variable-sized
data as an input to generate a fixed-sized output.

Properties of Cryptographic hash functions:

  Non-reversibility, or one-way function: A good hash should make it very hard to
reconstruct the original password from the output or hash.
 Diffusion, or avalanche effect: A change in just one bit of the original password should
result in change to half the bits of its hash. when a password is changed slightly, the
output of enciphered text should change significantly and unpredictably.
 Deterministic: CHFs are deterministic in the sense that you will always get exactly the
same output for a single input.
 Collision resistance: It should be hard to find two different passwords that hash to the
same enciphered text. This means that no two input hashes should map to the same output
hash.
 Non-predictable: The hash value should not be predictable from the password.
 Pre-image resistance: Even if you have the hashed digest, it is probabilistically
impossible to find the input that resulted into that hash value.
 Fast: They are very fast and efficient because they largely rely on bitwise operations that
are quickly computable. It is quick to compute the hash value for any given message.

Some available cryptographic hash functions

We have SHA-1 (Secure Hashing Algorithm) CHF that generates a 40-character

hexadecimal output digest for the input of any length.

We have SHA-2 family that has 6 different hash functions including SHA-224, SHA-256,
SHA-384, SHA-512, SHA-512/224, and SHA-512/256

c) Based on the properties of the block chain and its characteristic as being a generic
data store for all kinds of data, briefly describe following generic-use patterns of the
block chain: (2 marks)

I. Proof of Existence

This use of the block chain focuses on storing data for the sole purpose of proving its existence.
Once an artifact is recorded in Block chain, anyone can prove the existence of it at a
particular instance of time with specific content. Proof of existence does not utilize neither the
ordering nor the time-stamping capabilities.

II. Proof of Nonexistence.

This use is the opposite of the proof of existence. It provides ways to verify whether specific
entries or items do not exist in the block chain. It is useful to dismiss complaints, fines, or
convictions.

III. Proof of Time.

In this case is important not only the sheer existence of an entry in the block chain but also the
time when the entry was added. This technology can serve that need since the blocks store the
time when the process of adding them took place. Applications that benefit from the time
stamping capabilities are those that track the occurrence of events in time such as tracking and
delivery of goods or notification, payments, tracking of orderly opening and closing of public
bidding procedure.

IV. Proof of Order.

It is a consensus algorithm that uses a voting system to choose network validators and
focuses on how long a network validator has been active within the network as well as its
reputation. Validators receive higher scores for being trustworthy and being active within
the network for a longer time. Staking a larger amount of tokens also makes it more likely
that a validator will be selected.

V. Proof of Identity.

It is a consensus protocol for permission-less block chain, in which each uniquely identified
individual receives one equal unit of voting power and associated rewards (minting token).
 a) Briefly describe the Transaction data information that describe a transfer of
ownership IN BLOCKCHAIN (2 marks)

Transfer of ownership involves:

 Privacy
 writing new data
 creating new data
 changing the state of ownership.

Ledger has to document any transfer of ownership, which in turn implies that new data are
produced and written to the ledger.
Proving ownership is easier when the ledger is open to anyone. Hence, transparency is the basis
of proving ownership rights in a similar way as witnesses making a public testimony in court.
However, transferring ownership must be exclusively restricted to the lawful owner. So privacy
forms the basis of transferring ownership. Since writing in the ledger means changing ownership,
only very trustful entities should be given writing access to ledgers

b) Every node, when receiving transactions, makes sure that each transaction adheres
to the network rules referred to as transaction validation. Describe the things a block
checks (2 marks)

i. The inputs of the transaction are previously unspent

It prevents double-spending. Any input that’s been spent (that is, included in the block chain)
cannot be spent again.

ii. The sum of the inputs is greater than or equal to the sum of the outputs.

It makes sure no new bitcoins are created (except in a special type of transaction called a
coinbase transaction

iii. The ScriptSig successfully unlocks the previous ScriptPubKey

It makes sure that the combined script is valid. In the vast majority of transactions, this means
checking that the one or more signatures in the ScriptSig are valid

c) There are seven major tasks that need to be addressed when designing and developing
a software system that manages ownership by using a purely distributed peer-to-peer
system of ledgers in an open and untrustworthy environment. Briefly describe any
five (2 marks)

Task 1: Describing Ownership

A transaction is the act of transferring ownership from one owner to someone else. The act of
transferring ownership relies on data that describe the intended transfer. Executing a transaction
means making the transfer of ownership happen as described by the transaction data. Executing a
transaction means adding the transaction data to a ledger. By adding transaction data to a ledger,
the transaction becomes part of the transaction history, which is used to clarify ownership. When
the ledger is used the next time to clarify ownership by aggregating the transaction data it contains,
the newly added transaction will be included in the aggregation and hence will impact the resulting
state of ownership. The block chain maintains the whole history of all transactions that have ever
happened by storing their transaction data in the block chain-data-structure in the order in which
they occurred.

TASK2: Protecting ownership

Describing ownership by means of transactions and having security measures that protect
ownership on the level of individual transactions are important steps toward the goal of designing
a software system that manages ownership
Blockchain applies the concept of f cryptography is to protect data from being accessed by
unauthorized people.
The major cryptographic activities are:
i. Encryption: Protecting data by turning them into cypher text by utilizing a cryptographic
key
 ii. Decryption: Turning cypher text back into useful data by utilizing a matching
cryptographic key

TASK 3: Storing transaction data

The block chain-data-structure is a specific kind of data structure that is made up of ordered units
called blocks used to store data on block chain.
Each block of the block chain-data-structure consists of a block header and a Merle tree that
contains transaction data.

TASK 4: Preparing ledgers to be distributed in an untrustworthy environment

The block chain protects the history of transaction data from manipulation and forgery by storing
transaction data in an immutable data store.
The history of a transaction is made immutable by utilizing two ideas:
 Storing the transaction data in the change-sensitive block chain-data-structure, which when
being changed requires rewriting the data structure starting at the point that causes the
change until the head of the whole chain.
 Requiring the solution of a hash puzzle for writing, rewriting, or adding every single block
header in the block chain-data-structure.

The hash puzzle is unique for each block header because it depends on its unique content.

TASK 5: Distributing the ledgers

Once the ledger is append-only, you can create a distributed peer-to-peer system of ledgers by
making copies of it available to everyone who asks for it.

TASK6: Adding new transaction to the ledgers

The block chain-algorithm is a series of rules and instructions that governs the way in which
transaction data are processed and added to the system.
The challenge solved by the block chain-algorithm is to keep the system open to everyone while
ensuring that only valid and authorized transactions are added.
The block chain-algorithm utilizes the carrot-and-stick approach, combined with competition and
peer control.
The major idea of the block chain-algorithm is to allow all nodes of the system to act as supervisors
of their peers and reward them for adding valid and authorized transactions and for finding errors
in the work of others.
Due to the rules of the block chain-algorithm, all nodes of the system have an incentive to process
transactions correctly and to supervise and point out any mistakes made by the other peers.
The block chain-algorithm is based on the following concepts:
 Validation rules for transaction data and block headers
 Reward for submitting valid blocks
 Deciding which ledgers represents the truth
 Punishment for counteracting the integrity of the system
 Competition among peers for earning reward based on processing speed and quality
 Peer control

Task 7: Deciding Which Ledgers Represent the Truth

Different peers may have received different transactions and soon the history of transactions
maintained by them differs. Hence, different versions of the transaction history can exist in the
peer-to-peer system.
Since the transaction history is the basis for identifying lawful owners, having different conflicting
transaction histories is a serious threat to the integrity of the system.
Hence, it is important to find a way either to prevent the emergence of different transaction
histories in the first place or to find a way to decide which transaction history represents the truth.
Due to the nature of a purely distributed peer-to-peer system, the former approach is not possible.
As a result, you need a criterion for how to find and choose one transaction history that represents
the truth.
Distributed consensus is an agreement among the members of a purely distributed peer-to-peer
system in a collective decision-making problem.
The collective decision-making problem of the block chain is characterized by the following facts:
 All nodes operate in the identical environment, consisting of the network, nodes that
maintain their individual copies of the block chain-data-structure, and the block chain-
algorithm that governs the behavior of the nodes.
 The decision-making problem is to select the identical transaction history across all nodes.
 All nodes strive to maximize their individual income earned as a reward for adding new
valid blocks to the block chain-data-structure.
 In order to achieve their goals, all nodes send their new blocks to all their peers to have
them examined and accepted. As a result, each nodes leaves its individual footprint in the
environment that is the collectively maintained block chain-data-structure.
 All nodes use the identical criterion for selecting a history of transaction data.