Cryptocurrencies have enthralled the niche and one of the primary reasons for this massive change is their unparalleled extent of security.

I know cybersecurity has been around for a couple of decades (way before 2009), but blockchain has taken the entire stage to a new level. Of course, secure data storage also happens to be a crucial use case, there are various techniques for doing so and please be advised, all of the choices are debatable.

However, due to the inherent property of the MimbleWimble blockchain, TARUSH utilizes hashing instead of encryption. In this article, we’ll have a detailed look as to why we chose this and what are the perks.

What does a hashing function do and how is it different?

Let’s understand it from the perspective of cryptocurrencies, in contrast with encryption.

Basically, a hash function is responsible for taking the data as input, processing it and then producing a string against it. The coolest thing about this function is that it only proceeds in one direction, unlike encryption. It implies that once the string is generated, there is no way a person could decode it to retrieve the information for which it was generated. It might seem like an ordinary thing, but if you look at encryption, it happens to be the exact opposite of hashing where any techie person could generate an output for data and at the same time, use it to perform reverse-engineering as well!

In layman’s terms, here is what hashing looks like:

Whatever you provide as input is ‘eaten’ by the algorithm and instead, it gives you something even securer to refer to the data. But the ORIGINAL form of it cannot be retrieved at all. However, you can always point towards it or use it, without knowing the details that could potentially reveal sensitive information regarding the transaction, sender or receiver.

One of the greatest perks is that the output of hash function is always of the same length. For instance, if you have heard about the SHA-256 algorithm, it produces a string of 256 bits. This is a great step which ensures that whether a set of data is equivalent to a sentence or millions of pages, the function will only produce 256 unique bits against it. So it does not only store the data securely but allows it to be found pretty easily at a later instance.

Let’s have a look at some of the properties possesses by hash functions.

Deterministic

The output of a hash function does not change upon the number of iterations. In fact, it is dependent on the “content” that you pass into it. For instance, if you give “My name is Chris” as an input for 100 times, the result will never change. However, if you change it to “My name Chris”, there will be a totally different result.

Moreover, since these outputs are unique every time, it is next to impossible for anyone to “guess” the input or the pattern used in the algorithm.

Efficient computation

Cryptocurrencies are meant to offer efficiency and therefore, all of their security-related features, like hashing, must not halt or disrupt the overall transaction speed. Therefore, these algorithms possess significant throughputs than their counterparts — it is more of an imminent requirement than a feature.

Collision resistant

It simply means that the outputs of two separate inputs cannot be similar. There are a couple of algos in the market that often “collide” at frequent points, but the one used in MimbleWimble 2.0 is quite robust in that regard.

See, it must be admitted that none of the functions is 100% collision resistant however if we increase the number of probabilities, the risk goes down. For instance, just to give you an example, 128 and 256-bit functions produce 2¹²⁸ and 2²⁵⁶ sample spaces, respectively. Therefore, it is pretty rational to understand that the later mentioned has a fairly low possibility of output collisions.

This is not a big deal though because it is mathematically proven that if a function takes an infinite number of inputs but has a fixed sample space to produce the output, it is bound to collide at one point. We can only diminish the frequency of collisions but if we want to get rid of it completely, then we must allow infinite outputs as well and that won’t be a good choice to make in such use cases.

What is encryption?

It happens to be a two-way function and this factor alone is enough for discouraging TARUSH from implementing it. As you must have understood, unlike hashing, it is possible to evaluate the output and determine the original input in encryption.

Even though some encryption functions can secure the data pretty decently, the presence of decryption key can make it fairly simple for a hacker to get his hands on sensitive data. So it is pretty reasonable to assume that even if an encryption technique claims to “secure” your information, it is only helping you to keep the ‘layman’ blind. But if a tech-savvy person can extract the two keys mentioned above, the game is over!

The pros of hashing and cons of encryption

Well, you must have guessed half of them until now, but let’s just look into some of the advantages offered by hashing to give you a clear picture.

Hashing algorithms opt for a very reasonable approach where they change the string output even if a single lowercase is changed to uppercase, hence reflecting all modifications. However, in traditional encryption methods, some files (to be secured) may be coded/designed in such a way that their creation date and time can never be changed. It confuses the users as to whether the data is altered or not. But for hashing, you just need to compare the output strings — if they happen to be different, the data given to them for processing was different as well.

Likewise, it can also be used to verify data integrity at the time of transfer (e.g. backup, emailing, downloading, etc.)