1

I'm holding a course on Bitcoin and blockchain technology. On my agenda I have an exercise where I'm going to let the attendees create their own blockchain on the wall using post-its.

I'm in search for something that would resample Bitcoins proof of work that the attendees could calculate by paper and pencil. I've seen the 0.67 hashes per day however I'm in search for something much simpler.

What algoritms for generating hashcodes, or better for this purpose a checksum, exist that does not require ascii or base conversions? Could you invent something for this purpose?

Gustav
  • 113
  • 5
  • https://en.wikipedia.org/wiki/Fletcher%27s_checksum – MCCCS Jan 09 '18 at 15:50
  • I feel like you are confusing checksums with hash digests. They are different things. https://stackoverflow.com/questions/460576/hash-code-and-checksum-whats-the-difference – Jestin Jan 09 '18 at 16:33
  • @Jestin Well if there is a algo for a hashcode that could be computed for this purpose I would be much interested. – Gustav Jan 09 '18 at 17:21
  • @Gustav, a checksum would be simpler for pen and paper...but again, a checksum is not a hash. It might not suit your purposes. – Jestin Jan 09 '18 at 17:28
  • @Jestin You got a good point anyway, I've clarified my question. – Gustav Jan 09 '18 at 17:46

1 Answers1

2

When it comes to doing an easy calculation by hand, you are going to run into a problem. An important part of a cryptographic hash function is unpredictability. It is this unpredictability that allows us to use a cryptographic hash function as a proof of work.

For comparison, let's use a simple checksumming method on the alphabet. Normally, a checksum is used to detect copy errors during a transmission or copy of data. A simple method would be to count the number of vowels in the message, and append this number to end. For example:

This message is checksummed

becomes

This message is checksummed|7

A simple checksum like this can be used to check if a vowel as accidentally turned into a consonant, or a consonant accidentally turned into a vowel (not very useful, I know). If either of those two types of errors were to happen during transmission, the checksum wouldn't match on the receiving end, and we'd know there has been an error.

This mrssage is checksummed|7  <--- the checksum is wrong, so there's an error

This simple checksum is also a hash function, as it maps a larger block of data to a smaller chunk of data. Obviously, this is a terrible hash function with an extremely high collision rate, but it's a simple enough example to calculate with pen and paper.

Now let's see what happens when we try to use this hash function as a proof of work. We need to also add a nonce value that can be changed to modify the output of the hash function, without modifying the important part of the message. I'll use the form message|nonce|hash. Let's say that someone performing the proof-of-work needs to find a nonce such that the hash digest is greater than or equal to 10. For example, the following would satisfy the proof-of-work:

This message is checksummed|aaa|10

When the message is hashed (checksummed) together with the nonce, we meet the proof-of-work.

The problem, however, is that our hash function is non-cryptographic, and therefore reversible. Starting with our target value of 10, and our message of This message is checksummed, we can perform the checksum on the message and then do simple arithmetic to generate an acceptable nonce. There is no unpredictability in the system.

If you use some sort of pen and paper hash function, you are almost certainly going to run into this problem. Likely, those attending your class will see right through it, and not understand the purpose of the proof-of-work. In the case of this example, it would be pointless.

If you choose to use a method like this, it is probably worth explaining to your class the significance of cryptographic hashing functions. Otherwise the entire concept of proof-of-work doesn't make sense.

Jestin
  • 8,802
  • 1
  • 22
  • 32
  • Very good points. Your thinking in vowels is on the right pen & paper-level needed. Aside from the missing avalanche effect I'm thinking of elaborating the algo by just doing `count_vowels(message) + count_consonants(message) + length(message)`. By the way if the attendees hack or forge a block that would be a interesting scenario to speak about and doing a comparison with how bitcoin works. – Gustav Jan 22 '18 at 10:18