A quick lesson on blockchain for accountants: Part 3 – cryptography
Following from the previous two posts, today I will explain cryptography in the simplest way I can – in reality, it is more complicated. However, a basic understanding is useful to appreciate blockchain – which will be the final post on this topic.
Cryptography is the art/task of creating and solving codes. Messages have been sent in code from centuries, and you can read a good summary of some methods here. The basic idea of cryptography is to render communications unreadable to the human eye by mixing up inputs (e.g. letters) to give a different output. One of the more famous uses of cryptography was the Enigma machine used by the German armed forces during WWII. The Enigma worked by scrambling letters into other letters and relied on the sending and receiving machines being set up the same. The set up was from three initial letters, resulting in over 17,576 (26^3) combinations. As you may know, it took a computer and some captured settings to break the Enigma code.
Move forward 70 years and a lot of information sent today over the internet uses some form of cryptography. There are two basic forms 1) encryption and 2) hashing. Encryption is what the Enigma did, an original message was scrambled on one end, sent via morse code, and de-scrambled on the other end. Hashing only involves scrambling. It uses an algorithm to derive a fixed length string which is different from the original text. A good example is a password. Passwords are usually not stored on servers in their original form, but as a hash value. If you enter a password, it is run through the algorithm and if it matches the stored hash value, you’re in. A commonly used hash is SHA256, which has 2^256 possible combinations – let’s just say that is a big number.
Encryption, as mentioned above, is a two-way thing. While I could write a lot more, let me try to keep it simple and explain the most common form, which is asymmetric encryption. First though, let us remind ourselves that encryption means some form of setup or code is needed, which is usually referred to as a key. In asymmetric encryption, there are two keys, a public key and a private key. Here is a simple example of how this works. Let’s say I want to send you an encrypted message. Your public key is sent out to anyone who may want to send messages to you. To send the message, I use your public key to encrypt it, so the message is secure when sent across any networks. When you receive the message, your private key unscrambles it. Only the combination of these pair of keys can do this, making the system quite secure. An example of an asymmetric encryption protocol (or set of rules) is TLS (Transport Layer Security) which is embedded within most operating systems and web browsers. It also offers 256 bit security, which is 2^256 – see more about TLS here. The current agreed TLS version is 1.2, and below you can see it is embedded within my version of Windows.
So, to sum up, encryption is complicated, but it is commonplace in our daily lives and apps. So can it be broken/cracked? Yes, but it would take a long long long time. See a great infographic below which details how long it would take to crack the code/cipher used in AES 256 – which is used by the TLS protocol mentioned above.
So now you know a little about cryptography, the next post in this series will cover blockchain.
A quick lesson on blockchain for accountants: Part 2 – mining cryptocurrency
In Part 1 two weeks ago, I wrote about currency. Here, I’ll explain how “miners” help a cryptocurrency like bitcoin be useable.
To be honest, I had no idea until recently what bitcoin mining actually means – and remember bitcoin is just one cryptocurrency, but I will use it here as an example.
Some weeks ago, I visited a friend of mine who owns and runs a technology maintenance firm. His office is always full of various parts of computers, but on this visit I noticed the office was quite warm and there was a hum of computer fans. So, I stuck my head around a corner and I seen something like what is in the picture above. So, joking I said, “what are you at now, mining bitcoin?”. “Yep” was the reply. So I took the opportunity to lean on my friend for some explanations.
The bottom line for me as an accountant, is that a “bit-coin mining rig” like that in the photo costs about €3,000 and can earn about €500 per month before energy costs – I will come back to these costs in a later post. So what the hell is it and what does it do I hear you ask? In my previous post, I established that bitcoin is not really a currency (yet) in the sense of dollars, euro or pounds. It also does not have a central bank behind it, or commercial banks taking it on board as a major currency. So this creates a problem, which in essence is if I want to pay you one bitcoin, how is this to be done – and remember bitcoin is an electronic medium, there are no paper notes.
Well, if I were to pay for a coffee with my credit/debit card, there is an extensive payments processing system behind the payment – think of the credit card machine, Visa/Mastercard/Amex systems and ultimately the retailer’s bank. Also, you may know that for every card transaction, the retailer is charged by the bank so they never get the full value of a card sale. For a bitcoin payment, where is the system? This is where the “miners” come in. A miner is someone who essentially processes bitcoin payments. My friend mentioned above told me the steps roughly are as follows:
- you get a rig (like the picture above). The faster the better, so rigs tend to use the fastest available memory cards – think about the graphics in a gaming console – these use really fast memory.
- Join a mining community
- Start solving hashes (encryption puzzles)- that is, process and verify bitcoin transactions. This includes working with blockchain, which will be explained in an upcoming post.
- Get a commission for each transaction
- Transfer the commission to a bitcoin wallet – for example, the Coinbase app
- Transfer to your bank account as you see fit.
So, in essence, a bitcoin miner like my friend is taking the place of the commercial banks and/or credit companies and processing payments. It is basically a form of distributed computing.
So from an accounting perspective what does this mean? Well, not very much actually. But, and this is a big but, would/could we trust people like my friend to effectively become a banking system. Personally, I am not sure. We have decades of regulation around our banking systems, and even with all the oversight, it still fails from time to time. The counter-argument could be something like the redundancy of systems or devolvement of the now rather central power of the banking and finance systems. But I’m not so sure just yet.
My next post will explain the basics of encryption.
Martin's accounting blog 