# Merkle trees

A Merkle tree is a tree consisting of leaves and nodes. Each non-leaf node is defined with a value or a label and contains a hash of its children. This builds a hash tree, where the root of the tree is a value distributed by a trusted-third party, used to provide a verification of large-scale data structures. Competing teams need to understand the concept of Merkle trees, calculate certain hash values, and finally compute a signature in a hash-based tree construction.

An online server for saving users' files, uses Merkle tree structures to store values related to specific documents. We know that this server uses the hash function SHA-256 for hashing the nodes. The files, which are represented by the nodes, are marked with a unique number, in order to make the hashing procedure easier (so we don’t have to hash the whole file, but the corresponding number to the file). Given the figure below(**see artifacts -> merkle.png**), the public root node:

R= 8b80cda3f604e6406501a427e4ee699a2b33bd30a0ee0c05e3c406cee667c570

H1 = H(L1) = 2a57042a43991d2ca310938e6802d7283954e38c825a548c4bee89c45238b43b$ |

H2 = H(L2) = 02dc668144d5bceea63129dbf78d853aafbadddf8c4b1e7909965e62422f2ebf |

H3 = H(L3) = 023849c38925e2af028a2eb4e1dc41afd7dc7a238195c1c2ae00438d1dae00e1 |

H4 = H(L4) = c76b405781134be1dab7fe45adfb8c32104805a01de7b863e1004b66d56edf9f |

H5 = H(L5) = 227445a988500528d7826c6921d2e3b4a79ccf3a94cc3bcf7b667e3ae4990b36 |

H6 = H(L6) = e52d08747b9d7a6d04551bb86ee3f7ee6c49f7477c8cd66f77448378cc30b92b |

H7 = H(L7) = d4e33e2934280979f580a63f992daa7d0de2cd64a145d5c403a75c3dc5c0004e |

H8 = H(L8) = b4944c6ff08dc6f43da2e9c824669b7d927dd1fa976fadc7b456881f51bf5ccc |

H12 = H(1)||H(2) = 25962b8724bb0b5e64390f35bda4e9fc12a88eed2c88c39c59247521a730155a |

H56 = H(5)||H(6) = 795aa46e2f616151f345ec5d0e7e72d28354d8805d9c35f057fa032b58f1600e |

H78 = H(7)||H(8) = 3ed5c614e59b93f111b4ee74d5201d6f23deac0ac2f917ca73c10e30f07cf8d1 |

H1234 = H(12)||H(34) = 42885424e75b1c367bef442ed398c46cdb4f57e7ea93240dde279f082d9ef77b |

R = H((H1234)||(H5678)) = 8b80cda3f604e6406501a427e4ee699a2b33bd30a0ee0c05e3c406cee667c570 |

**Task 1:** Check whether the values 24 and 593 belong in the files' numbers.

**Task 2:** Compute the value H5678.

**Task 3:** Signature Generation:

Assume a simplified signature generation scheme using Merkle trees and One Time Signatures, where a signature on a message m has the following format:

Sig(m) = (H(m)|| pub_key || auth_path)

with pub_key = H_i, i={1,...,8} the leave node and auth_path is the authentication path of sibling nodes starting from the chosen public key. Generate the signature of the message {ECSC2019 challenges are fun} using H1 as public key.