Catena: Preventing Lies with
|
|
- Bennett Boyd
- 6 years ago
- Views:
Transcription
1 November 28th, 2016 Catena: Preventing Lies with Alin Tomescu MIT CSAIL Srinivas Devadas MIT CSAIL New England Security Day (NESD), Fall '16
2 The problem: Equivocation
3 The problem: Equivocation Good: "Stating the same thing to all people." Statement S Bob Public-key directory PKA PKB Alice
4 The problem: Equivocation Bad: "Stating different things to different people.'" Statement S PK'A Public-key directory PKB Bob
5 The problem: Equivocation Bad: "Stating different things to different people.'" Statement S PK'A PKB Bob Statement S' Public-key directory PKA PK'B Alice
6 The problem: Equivocation Bad: "Stating different things to different people.'" Statement S PK'A PKB Bob MITM Statement S' Public-key directory PKA PK'B Alice
7 Why is non-equivocation important?
8 Why is non-equivocation important? Public-key distribution - HTTPS - Secure messaging - Security research often assumes a PKI
9 Why is non-equivocation important? Public-key distribution - HTTPS - Secure messaging - Security research often assumes a PKI Tor Directory Servers
10 Why is non-equivocation important? Public-key distribution - HTTPS - Secure messaging - Security research often assumes a PKI Tor Directory Servers Software transparency schemes - Apple vs. FBI
11 Previous work
12 Previous work Can detect, but not prevent equivocation with gossip.
13 Previous work Can detect, but not prevent equivocation with gossip. Must download 90 GB of blockchain data.
14 Previous work Can detect, but not prevent equivocation with gossip. Must download 90 GB of blockchain data. CoSi (S&P '16) Requires a large, diverse, trustworthy set of witnesses.
15 Previous work Can detect, but not prevent equivocation with gossip. Must download 90 GB of blockchain data. CoSi (S&P '16) "Liar, liar, coins on fire!" (CCS '15) Requires a large, diverse, trustworthy set of witnesses. Only disincentivizes equivocation. Vulnerable to malicious outsiders.
16 Key idea
17 Key idea Efficiently use Bitcoin's mechanism that prevents double spends as a proof of non-equivocation.
18 Key idea Efficiently use Bitcoin's mechanism that prevents double spends as a proof of non-equivocation. TX2 TX1 TX'2
19 Key idea Efficiently use Bitcoin's mechanism that prevents double spends as a proof of non-equivocation. TX1 s 1 TX2 s 2 TX'2 s' 2
20 Results - Bitcoin-based tamper-evident log
21 Results - Bitcoin-based tamper-evident log - As hard-to-fork as the Bitcoin blockchain
22 Results - Bitcoin-based tamper-evident log - As hard-to-fork as the Bitcoin blockchain - Efficient to audit: 620 bytes / statement + 80 bytes / block
23 Results tion a t en m ple SLOC m i Java n 3500 i - Bitcoin-based tamper-evident log - As hard-to-fork as the Bitcoin blockchain - Efficient to audit: 620 bytes / statement + 80 bytes / block
24 Bitcoin transactions
25 Bitcoin transactions 1. Generate coins (assigns them to a PK) TXa
26 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2Ƀ, PK TXa
27 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2. Transfer coins (reassign to a new PK via a signature under old PK) 2Ƀ, PK TXa TXb
28 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2. Transfer coins (reassign to a new PK via a signature under old PK) 2Ƀ, PK TXa SigPK(TXa:0, TXb) TXb
29 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2. Transfer coins (reassign to a new PK via a signature under old PK) 2Ƀ, PK TXa SigPK(TXa:0, TXb) TXb 1Ƀ, PK'
30 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2. Transfer coins (reassign to a new PK via a signature under old PK) 2Ƀ, PK TXa SigPK(TXa:0, TXb) TXb 1Ƀ TX fee! 1Ƀ, PK'
31 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2. Transfer coins (reassign to a new PK via a signature under old PK) TXa TXb TXi
32 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2. Transfer coins (reassign to a new PK via a signature under old PK) TXa TXb TXi
33 Bitcoin transactions 1. Generate coins (assigns them to a PK) 2. Transfer coins (reassign to a new PK via a signature under old PK) TXa TXb TXi
34 Bitcoin blockchain
35 Bitcoin blockchain 1. The time-ordered log of valid transactions (PoW consensus) Block i Block j Block n
36 Bitcoin blockchain 1. The time-ordered log of valid transactions (PoW consensus) Block j Block i txa txb txi Block n txj
37 Bitcoin blockchain 1. The time-ordered log of valid transactions (PoW consensus) 2. No double spends: A transaction output can only be referred to by a single transaction input. Block j Block i txa txb txi Block n txj
38 Bitcoin blockchain 1. The time-ordered log of valid transactions (PoW consensus) 2. No double spends: A transaction output can only be referred to by a single transaction input. Block j Block i txa txb txi Block n txj txk
39 Bitcoin blockchain 1. The time-ordered log of valid transactions (PoW consensus) 2. No double spends: A transaction output can only be referred to by a single transaction input. Blockchain forks Double-spent coins Block n' Block j Block i txa txb txi Block n txj txk
40 Catena transaction format
41 Catena transaction format txi <data>
42 Catena transaction format Coins from server for paying TX fees (digital signature) txi <data>
43 Catena transaction format Coins from server for paying TX fees (digital signature) "Change" coins back to server (public key) txi <data>
44 Catena transaction format Coins from server for paying TX fees (digital signature) "Change" coins back to server (public key) txi <data> Unspendable OP_RETURN output with arbitrary data
45 Catena transaction format Coins from server for paying TX fees (digital signature) "Change" coins back to server (public key) txi <data> A single spendable output No forks Unspendable OP_RETURN output with arbitrary data txi txj txk
46 Catena design Transaction fee funds Catena log server
47 Catena design Block i GTX Catena log server Genesis TXN n
48 Catena design Block i GTX Catena log server Block j n TX1 s 1
49 Catena design Block i GTX Catena log server Block j n TX1 s 1 Block n TX2 s 2
50 Catena design Block i Block j Block n Next, unique s3 GTX Catena log server n TX1 s 1 TX2 s 2
51 Catena design Block i Block j Block n Next, unique s3 GTX Catena log server n Advantages: (1) Hard to fork (2) Efficient to verify TX1 s 1 TX2 s 2
52 Catena design Block i Block j Block n Next, unique s3 GTX Catena log server n Advantages: (1) Hard to fork (2) Efficient to verify TX1 s 1 TX2 s 2 Disadvantages: (1) 6-block confirmation delay (2) 1 statement every 10 minutes
53 Client bandwidth
54 Client bandwidth n block headers (80 bytes each) + k statements (around 600 bytes each)
55 Client bandwidth e.g., 440K block headers + 10K statements = ~41 MB (80 bytes each) (around 600 bytes each)
56 Conclusions - Efficient Bitcoin witnessing is possible! - ~40 MB instead of 90 GB bandwidth overhead
57 Conclusions - Efficient Bitcoin witnessing is possible! - ~40 MB instead of 90 GB bandwidth overhead - Important applications - Public-key directories - Tor Consensus Transparency - Software transparency schemes
58 Conclusions - Efficient Bitcoin witnessing is possible! - ~40 MB instead of 90 GB bandwidth overhead - Important applications - Public-key directories - Tor Consensus Transparency - Software transparency schemes - Publicly-verifiable consensus like Bitcoin should be leveraged by applications, efficiently.
59 The end.
60 Extra slides...just in case.
61 Catena: Preventing forks Attacker has to create an invalid block n to fork the log Attacker has to fork Bitcoin. Block i TX Catena log server Block j s0 TX Invalid block: Breaks miner-enforced TXO invariant. Block n TX s2 TX s'2 s1
62 Malicious blockchain fork. Catena: Preventing forks Attacker has to fork Bitcoin. Attacker needs to mine at least 6 blocks on one of the forks. Block i Block j Block n TX s2 Block n' TX Catena log server s0 TX s1 TX s'2
63 Key idea Q: How can we prove to a thin client that there's no s'2? Block k Block i TX Block j s0 TX TX s2 TX s'2 s1
64 Key idea Q: How can we prove to a thin client that there's no s'2? A: Leverage Bitcoin's mechanism against double-spends! Block i TX Catena log server Violates Bitcoin's security against double spends. Block j s0 TX TX s2 TX s'2 s1
65 Graveyard...where old slides rest in peace.
66 Bitcoin background genesis block1 block2 block3 null txns: H( merkle1 ) H( block1 ) txns: H( merkle2 ) H( block2 ) txns: H( merkle3 ) prev: prev: prev: TX output: Coins and PKs tx1 e.g., 2Ƀ for PKDan tx1 Membership proof for tx1
67 Bitcoin background genesis block1 block2 block3 null txns: H( merkle1 ) H( block1 ) txns: H( merkle2 ) H( block2 ) txns: H( merkle3 ) prev: prev: prev: TX inputs: Signatures txa txb txd tx2 tx2 txc PKCarol Carol's signature under her PK 3Ƀ for PKEva (unspent) 2Ƀ for PKDan (spent) Membership proof for tx2
Keychat: Secure Messaging via Bitcoin. Robert Chen, John Kuszmaul, Yiming Zheng Mentored By Alin Tomescu
Keychat: Secure Messaging via Bitcoin Robert Chen, John Kuszmaul, Yiming Zheng Mentored By Alin Tomescu 1 Motivation We want to secure communications. Alice Bob Sensitive Financial Information Yay, Money!
More informationCatena: Efficient Non-equivocation via Bitcoin
Catena: Efficient Non-equivocation via Bitcoin Alin Tomescu MIT CSAIL Srinivas Devadas MIT CSAIL Abstract We present Catena, an efficiently-verifiable Bitcoin witnessing scheme. Catena enables any number
More informationBlockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini
Blockchain CS 240: Computing Systems and Concurrency Lecture 20 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Bitcoin: 10,000 foot view New bitcoins
More informationProblem: Equivocation!
Bitcoin: 10,000 foot view Bitcoin and the Blockchain New bitcoins are created every ~10 min, owned by miner (more on this later) Thereafter, just keep record of transfers e.g., Alice pays Bob 1 BTC COS
More informationBitcoin and Blockchain
Bitcoin and Blockchain COS 418: Distributed Systems Lecture 18 Zhenyu Song [Credit: Selected content adapted from Michael Freedman. Slides refined by Chris Hodsdon and Theano Stavrinos] Why Bitcoin? All
More informationENEE 457: E-Cash and Bitcoin
ENEE 457: E-Cash and Bitcoin Charalampos (Babis) Papamanthou cpap@umd.edu Money today Any problems? Cash is cumbersome and can be forged Credit card transactions require centralized online bank are not
More informationComputer Security. 14. Blockchain & Bitcoin. Paul Krzyzanowski. Rutgers University. Spring 2019
Computer Security 14. Blockchain & Bitcoin Paul Krzyzanowski Rutgers University Spring 2019 April 15, 2019 CS 419 2019 Paul Krzyzanowski 1 Bitcoin & Blockchain Bitcoin cryptocurrency system Introduced
More informationAlternatives to Blockchains. Sarah Meiklejohn (University College London)
Alternatives to Blockchains Sarah Meiklejohn (University College London) fully decentralized cryptocurrencies 2 fully decentralized cryptocurrencies tx tx(addra addrb) 2 fully decentralized cryptocurrencies
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University March 30 2017 Outline Digital currencies Advantages over paper cash
More informationICS 421 & ICS 690. Bitcoin & Blockchain. Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa
ICS 421 & ICS 690 Bitcoin & Blockchain Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa Accepted by: Overstock.com Expedia.com Newegg.com Tigerdirect.com
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University April 9 2018 Schedule HW 4 Due on Thu 04/12 Programming project 3 Due
More informationSpaceMint Overcoming Bitcoin s waste of energy
Bitcoin Overcoming Bitcoin s waste of energy Georg Fuchsbauer joint work with S Park, A Kwon, K Pietrzak, J Alwen and P Gaži Digital currency Decentralized (no bank issuing coins) Pseudonymous Controled
More informationIntroducing. Bitcoin. A dilettante s guide to Bitcoin scalability. BIP-9000 (self-assigned) Quote It s kind of fun to do the impossible.
Introducing Bitcoin 9000 A dilettante s guide to Bitcoin scalability. BIP-9000 (self-assigned) Quote It s kind of fun to do the impossible. Walt Disney Goal Safely scale Bitcoin to process over 9000 transactions.
More informationErgo platform. Dmitry Meshkov
Ergo platform Dmitry Meshkov Prehistory Motivation Theory Practice Provably secure 1000 currencies New features Ad-hoc solutions Impractical Security issues Motivation Theory Provably secure New features
More informationHyperledger Fabric v1:
Marko Vukolić, IBM Research - Zurich May 4, 2017 Hyperledger Fabric v1: Rethinking Permissioned Blockchains Blockchain: du Bitcoin au Smart Contract 4 Mai 2017 2017 IBM Corporation What is a Blockchain?
More informationREM: Resource Efficient Mining for Blockchains
REM: Resource Efficient Mining for Blockchains Fan Zhang, Ittay Eyal, Robert Escriva, Ari Juels, Robbert van Renesse Vancouver, Canada 13 September 2017 USENIX Security 2017 1 The Cryptocurrency Vision
More informationBitcoin. CS6450: Distributed Systems Lecture 20 Ryan Stutsman
Bitcoin CS6450: Distributed Systems Lecture 20 Ryan Stutsman Material taken/derived from Princeton COS-418 materials created by Michael Freedman and Kyle Jamieson at Princeton University. Licensed for
More informationMicropayments, Now! Probabilistic Micropayments in Bitcoin
Micropayments, Now! Probabilistic Micropayments in Bitcoin Jeremy Rubin November 26, 2015 In this paper, I introduce a probabilistic micropayments scheme which works without any modification to the Bitcoin
More informationUsing Chains for what They re Good For
Using Chains for what They re Good For Andrew Poelstra usingchainsfor@wpsoftware.net Scaling Bitcoin, November 5, 2017 1 / 14 On-Chain Smart Contracting Bitcoin (and Ethereum, etc.) uses a scripting language
More informationSCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains
SCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains Loi Luu, Viswesh Narayanan, Kunal Baweja, Chaodong Zheng, Seth Gilbert, Prateek Saxena National University of Singapore Bitcoin
More informationChainFS: Blockchain-Secured Cloud Storage
ChainFS: Blockchain-Secured Cloud Storage Qiwu Zou 1, Yuzhe Tang 1, Ju Chen 1, Kai Li 1, Charles A. Kamhoua 2, Kevin Kwiat 3, Laurent Njilla 3 1 Department of EECS, Syracuse University, New York 2 Army
More informationMechanics of Bitcoin
Mechanics of Bitcoin Minsoo Ryu Hanyang University Outline Bitcoin Transactions Bitcoin Scripts Bitcoin Blocks Bitcoin Network Limitations and Improvements For more information, visit https://bitcoin.org/en/developer-reference#
More informationBigchainDB: A Scalable Blockchain Database. Trent McConaghy
BigchainDB: A Scalable Blockchain Database Trent McConaghy Communications The Elements of Computing Processing Storage Communications Modern Application Stacks Applications Processing File System: Hierarchy
More informationBLOCKCHAIN Blockchains and Transactions Part II A Deeper Dive
BLOCKCHAIN Blockchains and Transactions Part II A Deeper Dive www.blockchaintrainingalliance.com Blockchain Page 3 Blockchain is NOT Bitcoin Page 4 Transactions Page 5 Multi-Signature Addresses An Address
More informationConsensus & Blockchain
Consensus & Blockchain S P Suresh Chennai Mathematical Institute Formal Methods Update Meeting IIT Mandi July 17, 2017 The Bitcoin revolution is upon us What is Bitcoin? Bitcoin: an exciting new currency
More informationEECS 498 Introduction to Distributed Systems
EECS 498 Introduction to Distributed Systems Fall 2017 Harsha V. Madhyastha Today Bitcoin: A peer-to-peer digital currency Spark: In-memory big data processing December 4, 2017 EECS 498 Lecture 21 2 December
More informationBlockchain, Cryptocurrency, Smart Contracts and Initial Coin Offerings: A Technical Perspective
SESSION ID: LAB3-R09 Blockchain, Cryptocurrency, Smart Contracts and Initial Coin Offerings: A Technical Perspective Tom Plunkett Consulting Solutions Director Oracle Captain Brittany Snelgrove United
More informationIntroduction to Bitcoin I
Introduction to Bitcoin I P Peterlongo 1 A Tomasi 1 1 University of Trento Department of Mathematics June 10, 2013 Outline 1 Fiat and online payments Functions of Online payments and cost of clearing 2
More informationIntroduction to Cryptoeconomics
Introduction to Cryptoeconomics What is cryptoeconomics? Cryptoeconomics is about... Building systems that have certain desired properties Use cryptography to prove properties about messages that happened
More informationP2P BitCoin: Technical details
ELT-53206 Peer-to-Peer Networks P2P BitCoin: Technical details Mathieu Devos Tampere University of Technology Department of Electronics & Communications Engineering mathieu.devos@tut.fi TG406 2 Outline
More informationThe power of Blockchain: Smart Contracts. Foteini Baldimtsi
The power of Blockchain: Smart Contracts Foteini Baldimtsi The Blockchain at the heart of a cryptocurrency Alice sends 2 John sends 1 Dave sends 5 to Bob to Eve to Alice Bob sends 1 Eve sends 4 to Dave
More informationLecture 6. Mechanics of Bitcoin
Lecture 6 Mechanics of Bitcoin Bitcoin transactions time An account-based ledger (not Bitcoin) Create 25 coins and credit to Alice ASSERTED BY MINERS SIMPLIFICATION: only one transaction per block time
More informationBlockchain Certification Protocol (BCP)
Blockchain Certification Protocol (BCP) Fu Yong Quah fuyong@fyquah.me www.fyquah.me Abstract. A semi-decentralized certification system built above the existing 1 Bitcoin network, an innovative peer-to-peer
More informationHow Bitcoin achieves Decentralization. How Bitcoin achieves Decentralization
Centralization vs. Decentralization Distributed Consensus Consensus without Identity, using a Block Chain Incentives and Proof of Work Putting it all together Centralization vs. Decentralization Distributed
More informationWhat is Proof of Work?
What is Proof of Work? Educational Series September 18, 2018 Overview There are many protocols that regulate how nodes on a blockchain achieve consensus, and currently the most popular is proof-of-work.
More informationBiomedical and Healthcare Applications for Blockchain. Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs
Biomedical and Healthcare Applications for Blockchain Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs Network Analysis Working Group 01.25.2018 Outline Introduction to bitcoin + blockchain
More informationLecture 3. Introduction to Cryptocurrencies
Lecture 3 Introduction to Cryptocurrencies Public Keys as Identities public key := an identity if you see sig such that verify(pk, msg, sig)=true, think of it as: pk says, [msg] to speak for pk, you must
More informationCONIKS BRINGING KEY TRANSPARENCY TO END USERS. Marcela Melara. Aaron Blankstein, Joseph Bonneau*, Edward W. Felten, Michael J.
CONIKS BRINGING KEY TRANSPARENCY TO END USERS Marcela Melara Aaron Blankstein, Joseph Bonneau*, Edward W. Felten, Michael J. Freedman Princeton University, *Stanford University/EFF E2E Encrypted Communication
More informationSoftware Security. Final Exam Preparation. Be aware, there is no guarantee for the correctness of the answers!
Software Security Final Exam Preparation Note: This document contains the questions from the final exam on 09.06.2017. Additionally potential questions about Combinatorial Web Security Testing and Decentralized
More informationThe Technology behind Smart Contracts
The Technology behind Smart Contracts Florian Glaser, Chair of E-Finance, Information Systems Department Goethe University 01.09.2016 > Agenda Transactions in detail
More informationBCH-SV Professional Stress Test
BCH-SV Professional Stress Test After the successful creation of the first blocks larger than 32MB, the stress test team identified a number of changes to the architecture of the Satoshi Shotgun to better
More informationBitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January Keeping Current 1
Bitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January 2014 2014.01.22 Keeping Current 1 Questions What problem is Bitcoin solving? Where did it come from? How does the system work? What makes
More informationUpgrading Bitcoin: Segregated Witness. Dr. Johnson Lau Bitcoin Core Contributor Co-author of Segregated Witness BIPs March-2016
Upgrading Bitcoin: Segregated Witness Dr. Johnson Lau Bitcoin Core Contributor Co-author of Segregated Witness BIPs 141-143 16-March-2016 Topics A short introduction to Bitcoin transactions What is transaction
More informationCryptography and Cryptocurrencies. Intro to Cryptography and Cryptocurrencies
Intro to Cryptographic Hash Functions Hash Pointers and Data Structures Block Chains Merkle Trees Digital Signatures Public Keys and Identities Let s design us some Digital Cash! Intro to Cryptographic
More informationKey Security Issues for implementation of Digital Currency, including ITU-T SG17 activities
ITU Workshop on FG DFC Workshop on Standards for Digital Fiat Currency (DFC) () Key Issues for implementation of Digital Currency, including ITU-T SG17 activities Heung Youl Youm, PhD. Chairman of ITU-T
More informationSecurity, Privacy and Interoperability in Payment- Channel Networks
FAKULTÄT FÜR!NFORMATIK Faculty of Informatics & PRIVACY SECURITY GROUP Security, Privacy and Interoperability in Payment- Channel Networks Pedro Moreno-Sanchez (@pedrorechez) Joint work with Giulio Malavolta,
More informationBitcoin, Security for Cloud & Big Data
Bitcoin, Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 18, 2013 Bitcoin Public, distributed, peer-to-peer, hash-chained audit log of all transactions ( block chain ).
More informationZero-Knowledge proof of knowledge transfer. Perm summer school on blockchain 2018
Zero-Knowledge proof of knowledge transfer Teleport Teleport was born in 2016 from the idea to bring the power of peer-to-peer traffic distribution technology like BitTorrent to the solution of traffic
More informationZEN: Technical notes on a financial engine
ZEN: Technical notes on a financial engine Nathan Cook July 18th 2017 Summary We describe the Zen Protocol, the basis for a decentralized financial platform. This paper assumes more technical knowledge
More informationCrypto tricks: Proof of work, Hash chaining
Crypto tricks: Proof of work, Hash chaining CS 161: Computer Security Prof. David Wagner April 13, 2016 A Tangent: How Can I Prove I Am Rich? Math Puzzle Proof of Work Problem. To prove to Bob I m not
More informationDistributed Algorithms Bitcoin
Distributed Algorithms Bitcoin Alberto Montresor Università di Trento 2018/12/18 Acknowledgment: Joseph Bonneau, Ed Felten, Arvind Narayanan This work is licensed under a Creative Commons Attribution-ShareAlike
More informationBBc-1 : Beyond Blockchain One - An Architecture for Promise-Fixation Device in the Air -
BBc-1 : Beyond Blockchain One - An Architecture for Promise-Fixation Device in the Air - Kenji Saito and Takeshi Kubo {ks91 t-kubo}@beyond-blockchain.org Revision 0.1 October 31, 2017 1 Introduction Blockchain
More informationEVALUATION OF PROOF OF WORK (POW) BLOCKCHAINS SECURITY NETWORK ON SELFISH MINING
EVALUATION OF PROOF OF WORK (POW) BLOCKCHAINS SECURITY NETWORK ON SELFISH MINING I Gusti Ayu Kusdiah Gemeliarana Department of Electrical Engineering University of Indonesia Depok, Indonesia i.gusti79@ui.ac.id
More informationThe Blockchain. Josh Vorick
The Blockchain Josh Vorick Bitcoin is a currency. Blockchain is a technology. What is a blockchain? A decentralized database that anyone can add to and no one can delete from The Bitcoin blockchain Agenda
More informationEnsimag - 4MMSR Network Security Student Seminar. Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto
Ensimag - 4MMSR Network Security Student Seminar Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto wafa.mbarek@ensimag.fr halima.myesser@ensimag.fr 1 Table of contents: I- Introduction: Classic
More informationChapter 13. Digital Cash. Information Security/System Security p. 570/626
Chapter 13 Digital Cash Information Security/System Security p. 570/626 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not
More informationSmalltalk 3/30/15. The Mathematics of Bitcoin Brian Heinold
Smalltalk 3/30/15 The Mathematics of Bitcoin Brian Heinold What is Bitcoin? Created by Satoshi Nakamoto in 2008 What is Bitcoin? Created by Satoshi Nakamoto in 2008 Digital currency (though not the first)
More informationCONIKS: Bringing Key Transparency to End Users
CONIKS: Bringing Key Transparency to End Users Morris Yau 1 Introduction Public keys must be distributed securely even in the presence of attackers. This is known as the Public Key Infrastructure problem
More informationErgo platform: from prototypes to a survivable cryptocurrency
January 2019 Dmitry Meshkov Ergo platform: from prototypes to a survivable cryptocurrency Outline Ergo Consensus Light Storage vision protocol clients fee Voting Smart Monetary Roadmap system contracts
More informationDistributed Ledger With Secure Data Deletion
Distributed Ledger With Secure Data Deletion Vitalii Demianets (norbloc AB), Astyanax Kanakakis (norbloc AB) Revision 1.4, November 2016 Abstract One of the core attributes of distributed ledgers, the
More informationBitcoin, a decentralized and trustless protocol
Bitcoin, a decentralized and trustless protocol Thomas Sibut-Pinote Inria Saclay February 12, 2015 Thomas Sibut-Pinote Bitcoin, a decentralized and trustless protocol 1 / 42 Introduction Questions 1 Introduction
More informationReliability, distributed consensus and blockchain COSC412
Reliability, distributed consensus and blockchain COSC412 Learning objectives Encourage you to always design for failure Appreciate how decentralised consensus is useful to support principles of security
More informationAn analysis of the applicability of blockchain to secure IP addresses allocation, delegation and bindings draft-paillisse-sidrops-blockchain-01
An analysis of the applicability of blockchain to secure IP addresses allocation, delegation and bindings draft-paillisse-sidrops-blockchain-01 OPSEC - IETF 101 - London March 2018 Jordi Paillissé, Albert
More informationTOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN
TOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN ABSTRACT A PEER-TO-PEER CRYPTO-CURRENCY DESIGN DERIVED FROM SATOSHI NAKAMOTO S BITCOIN. PROOF- OF-STAKE REPLACES PROOF-OF- WORK TO PROVIDE
More informationLecture 15 Public Key Distribution (certification)
0 < i < 2 n = N X i,y i random secret keys index i = random (secret) value Merkle s Puzzles (1974) Puzzle P i = {index i,x i,s} Y i S fixed string, e.g., " Alice to Bob" { P 0 < i < 2 i n } Pick random
More informationBITCOIN MECHANICS AND OPTIMIZATIONS. Max Fang Philip Hayes
1 BITCOIN MECHNICS ND OPTIMIZTIONS Max Fang Philip Hayes 1 Cryptocurrency Mining: Proof-of-Work Consensus Nadir khtar LECTURE OUTLINE 2 1 Intro and Terminology 2 Bitcoin and Consensus 3 Bitcoin Concepts
More informationBITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW
BITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW Rustie Lin Wang Move the area1 over the image a little inside and then right click, replace image to change the background. (and delete this box while
More informationDecentralizing Authorities into Scalable Strongest-Link Cothorities
Decentralizing Authorities into Scalable Strongest-Link Cothorities Ewa Syta, Iulia Tamas, Dylan Visher, David Wolinsky Yale University Bryan Ford, Linus Gasser, Nicolas Gailly Swiss Federal Institute
More informationBitcoin Mining. A high-level technical introduction. Konstantinos Karasavvas
Bitcoin Mining A high-level technical introduction Konstantinos Karasavvas Outline PoW / Hashcash Transaction propagation Block mining Block propagation Mining Profitability Proof of Work From wikipedia:
More informationLet's build a blockchain!
I'm Haseeb. That's me. Let's build a blockchain! A mini-cryptocurrency in Ruby I'm Haseeb Qureshi. I'm a software engineer. I'm working at a blockchain company called 21.co. Unless something terrible has
More informationPublic Key Infrastructures
Public Key Infrastructures Certcoin Cryptography and Computer Algebra Prof. Johannes Buchmann Dr. Johannes Braun Background Blockchain Distributed database, consisting of a list of blocks Decentralized
More informationEmulation of Hash-Time-Locked Contracts of the Lightning network by a trusted, but publically auditable escrow service
Emulation of Hash-Time-Locked Contracts of the Lightning network by a trusted, but publically auditable escrow service C. J. Plooy (cjp@ultimatestunts.nl) April 19, 2015 Contents 1 Introduction 2 2 Bi-directional
More informationWOLFCOIN MASTERNODE MANUAL
WOLFCOIN MASTERNODE MANUAL Contents Introduction... 3 About Wolfcoin Blockchain... 3 Download the Wolfcoin Wallet... 4 Installation of your Wallet... 5 Make a receiving address... 12 Closing the Wolfcoin
More informationLecture 13. Public Key Distribution (certification) PK-based Needham-Schroeder TTP. 3. [N a, A] PKb 6. [N a, N b ] PKa. 7.
Lecture 13 Public Key Distribution (certification) 1 PK-based Needham-Schroeder TTP 1. A, B 4. B, A 2. {PKb, B}SKT B}SKs 5. {PK a, A} SKT SKs A 3. [N a, A] PKb 6. [N a, N b ] PKa B 7. [N b ] PKb Here,
More informationECC: Peer-to-Peer Electronic Cash with Trustless Network Services
ECC: Peer-to-Peer Electronic Cash with Trustless Network Services Greg Griffith October 2017 (griffith@cryptounited.io) https://www.ecc.network ECC: Peer-to-Peer Electronic Cash with Trustless Network
More informationUniversity of Duisburg-Essen Bismarckstr Duisburg Germany HOW BITCOIN WORKS. Matthäus Wander. June 29, 2011
University of Duisburg-Essen Bismarckstr. 90 47057 Duisburg Germany HOW BITCOIN WORKS June 29, 2011 Overview Electronic currency system Decentralized No trusted third party involved Unstructured peer-to-peer
More informationConcurrency and Privacy with Payment Channel Networks
Concurrency and Privacy with Payment Channel Networks Giulio Malavolta, Pedro Moreno-Sanchez, Aniket Kate, Matteo Maffei*, and Srivatsan Ravi Friedrich-Alexander-University Purdue University *TU Vienna
More informationAlgorand: Scaling Byzantine Agreements for Cryptocurrencies
Algorand: Scaling Byzantine Agreements for Cryptocurrencies Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, Nickolai Zeldovich Presented by: Preet Patel and Umang Lathia Outline Overview of Distributed
More informationBringing secure Bitcoin transactions to your smartphone
Bringing secure Bitcoin transactions to your smartphone Davide Frey, Marc X. Makkes, Pierre-Louis Roman, François Taïani, Spyros Voulgaris To cite this version: Davide Frey, Marc X. Makkes, Pierre-Louis
More informationA Lightweight Blockchain Consensus Protocol
A Lightweight Blockchain Consensus Protocol Keir Finlow-Bates keir@chainfrog.com Abstract A lightweight yet deterministic and objective consensus protocol would allow blockchain systems to be maintained
More informationXSN coin. TPoS Setup Guide. https://discord.gg/cyf5yca. https://xsncoin.io
XSN coin TPoS Setup Guide https://discord.gg/cyf5yca https://xsncoin.io Contents Introduction... 3 What is TPoS?... 3 DISCLAIMER:... 4 How to be an Owner... 4 How to be a merchant... 5 Step 1. Controller
More informationJan Møller Co-founder, CTO Chainalysis
Jan Møller Co-founder, CTO Chainalysis How Does Bitcoin Actually Work? This talk is not about the poli:cal or economical impact of Bitcoin. This talk is not about how to buy, sell, spend, or secure your
More informationEthereum. Campbell R. Harvey* Duke University and NBER. Ashwin Ramachandran Duke University. Brent Xu ConsenSys. Innovation and Cryptoventures
Innovation and Cryptoventures Ethereum Campbell R. Harvey* Duke University and NBER Ashwin Ramachandran Duke University Brent Xu ConsenSys February 12, 2018 1 2 Overview Ethereum Basics Under the hood
More informationOUROBOROS PRAOS: AN ADAPTIVELY-SECURE, SEMI-SYNCHRONOUS
OUROBOROS PRAOS: AN ADAPTIVELY-SECURE, SEMI-SYNCHRONOUS PROOF-OF-STAKE BLOCKCHAIN Bernardo David Tokyo Tech & IOHK Peter Gaži IOHK Aggelos Kiayias U. Edinburgh & IOHK Eurocrypt 2018 Alexander Russell U.
More informationA Proof-of-Stake protocol for consensus on Bitcoin subchains
A Proof-of-Stake protocol for consensus on Bitcoin subchains Massimo Bartoletti, Stefano Lande, and Alessandro Sebastian Podda Università degli Studi di Cagliari, Italy Abstract. Although the transactions
More informationBitcoin and Blockchain Technology: Addresses, Transactions, and Blocks. Ferdinando M. Ametrano
Bitcoin and Blockchain Technology: Addresses, Transactions, and Blocks Ferdinando M. Ametrano https://www.ametrano.net/about/ Table of Contents 1. Addresses and Wallet Import Formats 2. TxIns, TxOs, UTxOs
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationSecuring Bitcoin-like Backbone Protocols against a Malicious Majority of Computing Power
Securing Bitcoin-like Backbone Protocols against a Malicious Majority of Computing Power Tuyet Duong * Lei Fan Thomas Veale Hong-Sheng Zhou July 21, 2016 Abstract Cryptocurrencies like Bitcoin have proven
More informationBlockchains & Cryptocurrencies
1 Blockchains & Cryptocurrencies A Technical Introduction Lorenz Breidenbach ETH Zürich Cornell Tech The Initiative for CryptoCurrencies & Contracts (IC3) 2 Cryptocurrency Mania Market cap as of yesterday:
More informationDIGITAL ASSET RESEARCH
Our Digital Assets Primer is a more in-depth look at the underlying technology behind digital assets, using two of the largest cryptocurrencies, in terms of network values, Bitcoin and Ethereum, as examples.
More informationWill Martino (me) Kadena
Background Will Martino (me) Focus mostly on consensus + formal verification At JPM: Juno Lead SEC: Founding Tech Lead for the Distributed Ledger Technology Working Group Kadena Founded in 2016 by the
More informationCollective Edwards-Curve Digital Signature Algorithm
Collective Edwards-Curve Digital Signature Algorithm draft-ford-cfrg-cosi-00 Nicolas Gailly, Phillip Jovanovic, Linus Gasser, Bryan Ford Decentralized/Distributed Systems (DEDIS) IETF 99 Prague July 18,
More informationProof-of-Stake Protocol v3.0
Proof-of-Stake Protocol v3.0 Abstract Proof of Stake's security has proven itself reliable & effective over years of testing while at the same time solving Bitcoin s issues caused by the Proof of Work
More informationPrivacy Enhancing Technologies CSE 701 Fall 2017
Privacy Enhancing Technologies Lecture 2: Anonymity Applications Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Anonymous communication mixes, anonymizing proxies,
More informationPrivacy- Preserving Smart Contracts
Privacy- Preserving Smart Contracts Ranjit Kumaresan Microso8 Research Joint work with Iddo Bentov, Tal Moran, Vinod Vaikuntanathan, Prashant Vasudevan, Melissa Chase Smart Contracts [Szabo 94] Automate
More informationBlockchain (a.k.a. the slowest, most fascinating database you ll ever see)
Blockchain (a.k.a. the slowest, most fascinating database you ll ever see) GOTO Amsterdam 13 June, 2017 Stefan Tilkov, @stilkov I don t know Blockchain and so can you 1. Bitcoin > Practical application
More informationProof-of-Work & Bitcoin
CS 220: Introduction to Parallel Computing Proof-of-Work & Bitcoin Lecture 19 Bitcoin: Mining for Heat https://qz.com/1117836/bitcoin-mining-heatshomes-for-free-in-siberia/ 4/25/18 CS 220: Parallel Computing
More informationHyperledger fabric: towards scalable blockchain for business
Marko Vukolić, IBM Research - Zurich Hyperledger fabric: towards scalable blockchain for business Trust in Digital Life The Hague, Netherlands, June 17 2016 Blockchain shared, replicated, ledger Consensus
More informationBitcoin/Namecoin/*coin: On Bitcoin like protocols and their relation to other IT-Security issues
: On Bitcoin like protocols and their relation to other IT-Security issues Aljosha Judmayer ajudmayer@sba-research.org 2014-11-07 SBA Research Area 1 (GRC): Governance, Risk and Compliance P1.1: Risk Management
More informationSecurity Analysis of Bitcoin. Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula
Security Analysis of Bitcoin Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula Security Analysis of Bitcoin Introduction How Bitcoin works? Similar peer-to-peer systems Vulnerabilities and solutions
More information