Chapter 13. Digital Cash. Information Security/System Security p. 570/626
|
|
- Ashley Patterson
- 5 years ago
- Views:
Transcription
1 Chapter 13 Digital Cash Information Security/System Security p. 570/626
2 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not everyone needs to know about your payments for transportation and accommodation pharmaceuticals books and magazines religious and political contributions Information Security/System Security p. 571/626
3 Introduction (2) In the physical world, cash is an anonymous, untraceable way to transfer money Currently, we are missing an electronic counterpart Everytime we pay using online banking credit cards or services like PayPal we leave a trace Information Security/System Security p. 572/626
4 Introduction (3) Liberty Reserve (based in Costa Rica) offered a service to transfer money in an anonymous way All you needed was a name, address, and birth date However, the identity was never checked The U.S. government eventually filed a case against Liberty Reserve The service was used for criminal activities as well When it was shut down in 2013, legitimate users also lost money Information Security/System Security p. 573/626
5 Not So Serious Attempt Simple procedure to create digital cash: 1. Create new file and type in This file is worthe Take file with you to buy things Now you just have to find someone who accepts this... Information Security/System Security p. 574/626
6 First Attempt Let s try to come up with a cryptographic protocol for digital cash Paper money started out as a promise by a bank: I promise to pay the bearer on demand the sum of... Information Security/System Security p. 575/626
7 First Attempt (2) Can we have a digital equivalent of this? 1. Alice goes to bank, handing overe Bank creates message m: pay bearere Bank signs m with its private key d B 4. Bank gives E db (m) to Alice Alice can now spend it A merchant can check the validity (assuming the public key e B of the bank is known) Merchant gets cash from bank for E db (m) Information Security/System Security p. 576/626
8 Double Spending Now we have a problem: What prevents Alice from spending it multiple times? Or someone showing up with the same message multiple times to cash it in? This is a serious problem: copying physical bank notes is difficult, copying bits and bytes not Bank could add a serial number to the message m Each digital bank note is allowed to be cashed in only once Everything fine now? Information Security/System Security p. 577/626
9 Anonymity We lose the anonymity The bank knows which messages were spent by Alice it generated the serial number We need a so-called blind signature Let s illustrate this with paper documents Information Security/System Security p. 578/626
10 Blind Signatures 1. Alice creates x messages fore 10 each 2. Puts each one in a separate envelope lined with carbon paper and gives them to the bank 3. Bank randomly opens x 1 of them, verifying that each is fore Bank signs the last envelope blindly without opening it, deductse 10 from Alice s bank account 5. Bank hands unopened envelope to Alice Payment and cashing in as before Information Security/System Security p. 579/626
11 Blind Signatures (2) Bank never sees what it signs Assume Alice wants to cheat (by putting different amounts in the envelopes): Bank opens envelopes randomly With a probability of x 1 x bank can detect this fraud This is anonymous, but we have re-introduced the double spending Information Security/System Security p. 580/626
12 Adding Anonymity Alice can add the serial number herself Every message is appended by a different long random string Probability of a collision should be really, really small By opening x 1 envelopes bank can see those serial numbers but not the one it actually signs However, if someone tries to cash in a message twice, bank can detect it Information Security/System Security p. 581/626
13 Cryptography What do blind signatures look like in terms of cryptography? Both, Alice and the bank, have a pair of keys (public and private): e A and d A for Alice and e B and d B for the bank Alice blinds x messages: she encrypts them with e A She sends them to the bank, which signs them with d B The bank asks Alice to unblind x 1 of the messages: she decrypts them with d A and sends them to the bank The bank then verifies that messages are well-formed Alice unblinds final message, which she spends Information Security/System Security p. 582/626
14 Further Issues The bank is protected from cheaters, but we cannot identify them When double-spending is detected, we don t know whether someone tried to cheat a merchant a merchant tried to cheat the bank There are more complicated versions of the protocol that try to identify cheater Another solution is for the merchant to check with the bank before accepting a message Information Security/System Security p. 583/626
15 Further Issues (2) However, all of these protocols assume a trusted third party (the bank) We would like to have a decentralized, self-enforcing protocol Enter Bitcoin: Information Security/System Security p. 584/626
16 Bitcoin Bitcoin eliminates the trusted third party in the protocol Two parties can directly interact with each other As we have seen, digital signatures are part of the solution The problem is double-spending Bitcoin replaces the trusted third party with a peer-to-peer network The protocol is based on cryptographic proof rather than trust Information Security/System Security p. 585/626
17 A Basic Simplified Protocol We start by describing a very simplified view Every user participating in the scheme is identified by a public key A user can have more than one key (to obfuscate their identity) Every digital coin has an ID, a value, and is associated with a public/private key pair Coin is signed with private key of owner d A ID: 5873, value: 10 Information Security/System Security p. 586/626
18 Transfer of Ownership To transfer a coin, the current owner takes a hash of the previous transaction (or original coin) the public key of the new owner and signs them with their private key A payee can check signatures to verify chain of ownership d B e C d A e H( ) B d A H( ) ID: 5873, value: 10 Information Security/System Security p. 587/626
19 Issues Anonymity is ok as long as owners of key pairs are not identified Nevertheless, there are still problems Who creates the initial coins? How do we prevent double-spending Information Security/System Security p. 588/626
20 Trusted Third Party These issues could be solved with a trusted third party (Trent) Initial coins are issued by Trent, who is signing them Trent would also keep a complete record of all transactions in a public ledger Before accepting a transaction, ledger is checked for double-spending How do we make sure that Trent (or someone else) does not manipulate the ledger? Information Security/System Security p. 589/626
21 Blockchain A block chain is a series of data blocks Each contains a transaction consisting of an ID, its content and a hash pointer to the previous block In practice, each block contains more than one transaction to not waste space Trent signs the final hash pointer Information Security/System Security p. 590/626
22 Blockchain (2) Why does Trent not just sign individual transactions? Blockchain is an unmodifiable append-only data structure Any attempts to modify or remove an earlier transaction will affect the whole chain (one-way hash function) and therefore be easy to catch Anyone can now verify the validity of a transaction in the chain and see the same order of events Information Security/System Security p. 591/626
23 Issues Trusted third party is a single point of failure Trent cannot create fake transactions (he does not have any private keys of users) However, he could reject transactions of certain users, basically denying them service create as many coins as he wants, causing inflation hike up transaction costs significantly abandon the whole scheme Information Security/System Security p. 592/626
24 Decentralized Scheme In the ideal case, we would like to run the scheme without a trusted third party In a decentralized scheme, users need to agree on how to maintain a single official blockchain on which transactions are valid and actually happened on how to create new coins The following scheme will work if the majority of the nodes are honest Information Security/System Security p. 593/626
25 From Third Party to Peer-to-Peer Let s assume that we have n nodes in a network Nodes can join and leave while the system is running 1. Each node collects new transactions in a block (all transactions are broadcast widely in the network) 2. Each round a random node gets to broadcast its new block 3. Other nodes accept the block if all transactions are valid (unspent coins; valid signatures) 4. When a node accepts a block, it includes its hash in the next block it creates Information Security/System Security p. 594/626
26 Attacking the Scheme Let s assume Mallory operates a node in the scheme and wants to subvert it Possible attack vectors: Stealing coins Denial-of-Service Double Spending Information Security/System Security p. 595/626
27 Stealing Coins Mallory wants to transfer ownership of a coin to himself He would need the private key of a user to forge a transaction If he just makes up things, the other nodes would notice an invalid signature and not accept his block Information Security/System Security p. 596/626
28 Denial-of-Service Mallory dislikes Alice and will not include any of her transactions in his blocks He cannot prevent other nodes from processing Alice s transactions The only effect is that Alice may have to wait a little bit longer for her transactions to be included in a block Information Security/System Security p. 597/626
29 Double Spending Mallory buys something (online) from Bob and transfers a coin to Bob He and/or Bob broadcast this transaction to the network and an (honest) node includes it in its block Mallory, who runs a node in the network, creates a block without this transaction Instead he transfers the coin to another public key that he owns and includes this transaction in the block he creates He then broadcasts this block to the network Information Security/System Security p. 598/626
30 Double Spending (2) Now we have a conflict: There is one version of the blockchain with the transaction Mallory Bob and one with the transaction Mallory Mallory How do we resolve this conflict? A node cannot distinguish which one is the correct one: both look valid The second, fraudulent block may even arrive first at a node Information Security/System Security p. 599/626
31 Double Spending (3) A node will always extend the longer blockchain (and discard shorter ones) In case of a tie, it is not clear which block will make it However, there is something Bob can do Not immediately delivering the service/product Wait until the transaction transferring a coin to him is embedded deeper in the blockchain Usually sufficient to wait until five to six new blocks have been added to the chain containing his transaction Information Security/System Security p. 600/626
32 Random Selection There is still an open issue: how do we select the random node to broadcast their block? We are in a peer-to-peer network with no central authority We use a concept called proof-of-work Information Security/System Security p. 601/626
33 Proof-of-Work We select nodes in proportion to their computing power Assuming that the computing power is not monopolized Roughly speaking, the amount of computing power spent by a node will determine their chance of being picked Information Security/System Security p. 602/626
34 Proof-of-Work (2) A node cannot just add a block to the chain It has to solve a hash puzzle to do so: It has to find a nonce (number used only once) that hashed together with the hash of the previous block and the transactions has certain properties E.g, H( nonce H(prev block) TA 1 TA 2... ) has 20 leading zeroes Information Security/System Security p. 603/626
35 Proof-of-Work (3) As we are using cryptographic one-way hash functions, we can find a nonce only by trying out a (large) range of values Once a node finds a nonce, it can broadcast the new block Finding the nonce takes some time, verifying it is very fast Solving these hash puzzles is called bitcoin mining Nodes are called miners Information Security/System Security p. 604/626
36 Incentives Why would you want to run a miner? As a reward for solving the hash puzzle for a block you are allowed to add a special transaction to the block This special transaction creates a new bitcoin that belongs to you Information Security/System Security p. 605/626
37 Incentives (2) The hardness of the hash puzzles is readjusted from time to time E.g. by requiring more leading zeroes Otherwise the mining time would become shorter and shorter As hardware is getting faster and faster Information Security/System Security p. 606/626
38 Incentives (3) The total number of bitcoins is fixed Miners are allowed to create a total of 21 million At some point, Bitcoin will have to switch to transaction fees Actually, this is already possible The creator of a transaction allows the miner to take a small part of the money in the transaction as a fee Information Security/System Security p. 607/626
39 Optimizations There are a couple of optimizations that are not covered here There are schemes for saving disk space by getting rid of some (old) transactions A simplified payment verification without running a full P2P network node A technique for combining and splitting the value of coins Information Security/System Security p. 608/626
40 Issues with Bitcoin The bitcoin protocol is not perfect, there are some issues Scalability Throughput of transactions per second is not particularly high The size of the blockchain is also a problem There is no service infrastructure (when things go wrong) Is bitcoin really anonymous? No authentication necessary, but full transaction history available Is that enough? Open research questions Various political issues Information Security/System Security p. 609/626
41 The Future of Bitcoin It s very hard to say what the future will bring For example, the exchange rate is quite volatile: Information Security/System Security p. 610/626
42 The Future of Bitcoin (2) The opinions about bitcoin range from: It s dead (has been proclaimed dead a couple of times) It will revolutionize the world, bringing an end to banks and also causing problems for financial regulators The truth is probably somewhere in between Even if it fails, it has come up with new ideas If it continues, it probably has to switch to a transaction fee model (new coins will be harder and harder to find) Information Security/System Security p. 611/626
43 Summary Coming up with a digital currency that has properties similar to cash, being decentralized anonymous hard to copy is a challenging task Bitcoin is one of the first approaches that seems practicable Information Security/System Security p. 612/626
Smalltalk 3/30/15. The Mathematics of Bitcoin Brian Heinold
Smalltalk 3/30/15 The Mathematics of Bitcoin Brian Heinold What is Bitcoin? Created by Satoshi Nakamoto in 2008 What is Bitcoin? Created by Satoshi Nakamoto in 2008 Digital currency (though not the first)
More informationENEE 457: E-Cash and Bitcoin
ENEE 457: E-Cash and Bitcoin Charalampos (Babis) Papamanthou cpap@umd.edu Money today Any problems? Cash is cumbersome and can be forged Credit card transactions require centralized online bank are not
More informationComputer Security. 14. Blockchain & Bitcoin. Paul Krzyzanowski. Rutgers University. Spring 2019
Computer Security 14. Blockchain & Bitcoin Paul Krzyzanowski Rutgers University Spring 2019 April 15, 2019 CS 419 2019 Paul Krzyzanowski 1 Bitcoin & Blockchain Bitcoin cryptocurrency system Introduced
More informationBitcoin, Security for Cloud & Big Data
Bitcoin, Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 18, 2013 Bitcoin Public, distributed, peer-to-peer, hash-chained audit log of all transactions ( block chain ).
More informationHow Bitcoin achieves Decentralization. How Bitcoin achieves Decentralization
Centralization vs. Decentralization Distributed Consensus Consensus without Identity, using a Block Chain Incentives and Proof of Work Putting it all together Centralization vs. Decentralization Distributed
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University March 30 2017 Outline Digital currencies Advantages over paper cash
More informationBitcoin. CS6450: Distributed Systems Lecture 20 Ryan Stutsman
Bitcoin CS6450: Distributed Systems Lecture 20 Ryan Stutsman Material taken/derived from Princeton COS-418 materials created by Michael Freedman and Kyle Jamieson at Princeton University. Licensed for
More informationEnsimag - 4MMSR Network Security Student Seminar. Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto
Ensimag - 4MMSR Network Security Student Seminar Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto wafa.mbarek@ensimag.fr halima.myesser@ensimag.fr 1 Table of contents: I- Introduction: Classic
More informationP2P BitCoin: Technical details
ELT-53206 Peer-to-Peer Networks P2P BitCoin: Technical details Mathieu Devos Tampere University of Technology Department of Electronics & Communications Engineering mathieu.devos@tut.fi TG406 2 Outline
More informationBitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January Keeping Current 1
Bitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January 2014 2014.01.22 Keeping Current 1 Questions What problem is Bitcoin solving? Where did it come from? How does the system work? What makes
More informationSecurity Analysis of Bitcoin. Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula
Security Analysis of Bitcoin Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula Security Analysis of Bitcoin Introduction How Bitcoin works? Similar peer-to-peer systems Vulnerabilities and solutions
More informationEECS 498 Introduction to Distributed Systems
EECS 498 Introduction to Distributed Systems Fall 2017 Harsha V. Madhyastha Today Bitcoin: A peer-to-peer digital currency Spark: In-memory big data processing December 4, 2017 EECS 498 Lecture 21 2 December
More informationE-cash. Cryptography. Professor: Marius Zimand. e-cash. Benefits of cash: anonymous. difficult to copy. divisible (you can get change)
Cryptography E-cash Professor: Marius Zimand e-cash Benefits of cash: anonymous difficult to copy divisible (you can get change) easily transferable There are several protocols for e-cash. We will discuss
More informationApplied cryptography
Applied cryptography Electronic Cash Andreas Hülsing 29 November 2016 1 / 61 Classical Cash - Life Cycle Mint produces money (coins / bank notes) Sent to bank User withdraws money (reduces account balance)
More informationDigital Cash Systems
Digital Cash Systems Xiang Yin Department of Computer Science McMaster University December 1, 2010 Outline 1 Digital Cash 2 3 4 5 Digital Cash Overview Properties Digital Cash Systems Digital Cash Digital
More informationProblem: Equivocation!
Bitcoin: 10,000 foot view Bitcoin and the Blockchain New bitcoins are created every ~10 min, owned by miner (more on this later) Thereafter, just keep record of transfers e.g., Alice pays Bob 1 BTC COS
More informationUniversity of Duisburg-Essen Bismarckstr Duisburg Germany HOW BITCOIN WORKS. Matthäus Wander. June 29, 2011
University of Duisburg-Essen Bismarckstr. 90 47057 Duisburg Germany HOW BITCOIN WORKS June 29, 2011 Overview Electronic currency system Decentralized No trusted third party involved Unstructured peer-to-peer
More informationTransactions as Proof-of-Stake! by Daniel Larimer!
Transactions as Proof-of-Stake by Daniel Larimer dlarimer@invictus-innovations.com November, 28 th 2013 Abstract The concept behind Proof-of-Stake is that a block chain should be secured by those with
More informationBitcoin and Blockchain
Bitcoin and Blockchain COS 418: Distributed Systems Lecture 18 Zhenyu Song [Credit: Selected content adapted from Michael Freedman. Slides refined by Chris Hodsdon and Theano Stavrinos] Why Bitcoin? All
More informationIntroduction to Bitcoin I
Introduction to Bitcoin I P Peterlongo 1 A Tomasi 1 1 University of Trento Department of Mathematics June 10, 2013 Outline 1 Fiat and online payments Functions of Online payments and cost of clearing 2
More informationSpaceMint Overcoming Bitcoin s waste of energy
Bitcoin Overcoming Bitcoin s waste of energy Georg Fuchsbauer joint work with S Park, A Kwon, K Pietrzak, J Alwen and P Gaži Digital currency Decentralized (no bank issuing coins) Pseudonymous Controled
More informationSecurity (and finale) Dan Ports, CSEP 552
Security (and finale) Dan Ports, CSEP 552 Today Security: what if parts of your distributed system are malicious? BFT: state machine replication Bitcoin: peer-to-peer currency Course wrap-up Security Too
More informationA simple approach of Peer-to-Peer E-Cash system
A simple approach of Peer-to-Peer E-Cash system Mr. Dharamvir, Mr. Rabinarayan Panda Asst. Professor, Dept. of MCA, The Oxford College of Engineering Bangalore, India. Abstract-With the popularization
More informationIntroduction to Cryptography in Blockchain Technology. December 23, 2018
Introduction to Cryptography in Blockchain Technology December 23, 2018 What is cryptography? The practice of developing protocols that prevent third parties from viewing private data. Modern cryptography
More informationConsensus & Blockchain
Consensus & Blockchain S P Suresh Chennai Mathematical Institute Formal Methods Update Meeting IIT Mandi July 17, 2017 The Bitcoin revolution is upon us What is Bitcoin? Bitcoin: an exciting new currency
More informationBITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW
BITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW Rustie Lin Wang Move the area1 over the image a little inside and then right click, replace image to change the background. (and delete this box while
More informationBlockchain Certification Protocol (BCP)
Blockchain Certification Protocol (BCP) Fu Yong Quah fuyong@fyquah.me www.fyquah.me Abstract. A semi-decentralized certification system built above the existing 1 Bitcoin network, an innovative peer-to-peer
More informationBLOCKCHAIN Blockchains and Transactions Part II A Deeper Dive
BLOCKCHAIN Blockchains and Transactions Part II A Deeper Dive www.blockchaintrainingalliance.com Blockchain Page 3 Blockchain is NOT Bitcoin Page 4 Transactions Page 5 Multi-Signature Addresses An Address
More informationThe Design of an Anonymous and a Fair Novel E-cash System
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 2, Number 2 (2012), pp. 103-109 International Research Publications House http://www. ripublication.com The Design of
More informationTOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN
TOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN ABSTRACT A PEER-TO-PEER CRYPTO-CURRENCY DESIGN DERIVED FROM SATOSHI NAKAMOTO S BITCOIN. PROOF- OF-STAKE REPLACES PROOF-OF- WORK TO PROVIDE
More informationCS 251: Bitcoin and Crypto Currencies Fall 2015
CS 251: Bitcoin and Crypto Currencies Fall 2015 Final Exam The exam is open book and open notes. You have 2 hours. Please answer all five questions. All questions are weighted equally. You may use course
More informationPrivacy Enhancing Technologies CSE 701 Fall 2017
Privacy Enhancing Technologies Lecture 2: Anonymity Applications Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Anonymous communication mixes, anonymizing proxies,
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University April 9 2018 Schedule HW 4 Due on Thu 04/12 Programming project 3 Due
More informationAs a 3rd generation currency, not only are transactions secured, private and fast, you actually get paid for holding DigitalPrice coins.
Introduction With the circulation of cryptocurrency becoming common, there is a need for additional information. The scope of this white paper is to provide that information. If you are under the impression
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationLecture 3. Introduction to Cryptocurrencies
Lecture 3 Introduction to Cryptocurrencies Public Keys as Identities public key := an identity if you see sig such that verify(pk, msg, sig)=true, think of it as: pk says, [msg] to speak for pk, you must
More informationBiomedical Security. Cipher Block Chaining and Applications
1 Biomedical Security Erwin M. Bakker 2 Cipher Block Chaining and Applications Slides and figures are adapted from: W. Stallings, Cryptography and Network Security 4 th Edition and 7 th Edition 1 3 Block
More informationBiomedical Security. Some Security News 10/5/2018. Erwin M. Bakker
Biomedical Security Erwin M. Bakker Some Security News October 03, 2018 - Hackers attacking healthcare through remote access systems and disrupting operations is the number one patient safety risk, according
More informationBlockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini
Blockchain CS 240: Computing Systems and Concurrency Lecture 20 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Bitcoin: 10,000 foot view New bitcoins
More informationWhitepaper Rcoin Global
Whitepaper Rcoin Global SUMMARY 1. Introduction 2. What is Rcoin Global? 3. Transactions 4. Hybrid Network Concept 5. Keepers 6. Incentive 7. Smart Contract Token 8. Token Distribution 9. Rcoin Global
More informationICS 421 & ICS 690. Bitcoin & Blockchain. Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa
ICS 421 & ICS 690 Bitcoin & Blockchain Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa Accepted by: Overstock.com Expedia.com Newegg.com Tigerdirect.com
More informationAnonymity in Bitcoin. Presenter: Muhammad Anas Imtiaz
Anonymity in Bitcoin Presenter: Muhammad Anas Imtiaz Based on: An analysis of anonymity in the Bitcoin System [1], and Tracking digital footprints: anonymity within the bitcoin system [4] Introduction
More informationBitcoin, a decentralized and trustless protocol
Bitcoin, a decentralized and trustless protocol Thomas Sibut-Pinote Inria Saclay February 12, 2015 Thomas Sibut-Pinote Bitcoin, a decentralized and trustless protocol 1 / 42 Introduction Questions 1 Introduction
More informationBlockchain, Cryptocurrency, Smart Contracts and Initial Coin Offerings: A Technical Perspective
SESSION ID: LAB3-R09 Blockchain, Cryptocurrency, Smart Contracts and Initial Coin Offerings: A Technical Perspective Tom Plunkett Consulting Solutions Director Oracle Captain Brittany Snelgrove United
More informationRadix - Public Node Incentives
Radix - Public Node Incentives Dan Hughes Piers Ridyard www.radix.global December 2017 Abstract In this paper we present a novel method for implementing a mechanism to reward work carried out across a
More informationBitcoin: A Peer-to-Peer Electronic Cash System
Bitcoin: A Peer-to-Peer Electronic Cash System Satoshi Nakamoto satoshin@gmx.com www.bitcoin.org Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly
More informationIntroduction to Cryptocurrency Ecosystem. By Raj Thimmiah
Introduction to Cryptocurrency Ecosystem By Raj Thimmiah How does a normal payment system work? Normal payment systems (generally) use ledgers Easy for servers to then check if someone is committing double
More informationIntroduction to Cryptoeconomics
Introduction to Cryptoeconomics What is cryptoeconomics? Cryptoeconomics is about... Building systems that have certain desired properties Use cryptography to prove properties about messages that happened
More informationBitcoin and Cryptocurrency Technologies. Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Steven Goldfeder
Bitcoin and Cryptocurrency Technologies Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Steven Goldfeder Draft Oct 6, 2015 Chapter 2: How Bitcoin Achieves Decentralization In this chapter,
More informationHow Bitcoin Achieves Decentralization
Copyright, Princeton University Press. No part of this book may be CHAPTER 2 How Bitcoin Achieves Decentralization In this chapter, we discuss decentralization in Bitcoin. In Chapter 1, we looked at the
More informationBiomedical and Healthcare Applications for Blockchain. Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs
Biomedical and Healthcare Applications for Blockchain Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs Network Analysis Working Group 01.25.2018 Outline Introduction to bitcoin + blockchain
More informationLEOcoin Private Chat wallet FAQ V 1
LEOcoin Private Chat wallet F V 1 Staking. With the old LEOcoin wallet, I was staking twice a day and getting my rewards within the hour. New wallet says staking opportunities will be every 30 days. Do
More informationBitcoin: A Peer-to-Peer Electronic Cash System
Bitcoin: A Peer-to-Peer Electronic Cash System Satoshi Nakamoto satoshi@vistomail.com www.bitcoin.org Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly
More informationSecurity: Focus of Control
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationBYZANTINE CONSENSUS THROUGH BITCOIN S PROOF- OF-WORK
Informatiemanagement: BYZANTINE CONSENSUS THROUGH BITCOIN S PROOF- OF-WORK The aim of this paper is to elucidate how Byzantine consensus is achieved through Bitcoin s novel proof-of-work system without
More informationUpgrading Bitcoin: Segregated Witness. Dr. Johnson Lau Bitcoin Core Contributor Co-author of Segregated Witness BIPs March-2016
Upgrading Bitcoin: Segregated Witness Dr. Johnson Lau Bitcoin Core Contributor Co-author of Segregated Witness BIPs 141-143 16-March-2016 Topics A short introduction to Bitcoin transactions What is transaction
More informationZero-Knowledge proof of knowledge transfer. Perm summer school on blockchain 2018
Zero-Knowledge proof of knowledge transfer Teleport Teleport was born in 2016 from the idea to bring the power of peer-to-peer traffic distribution technology like BitTorrent to the solution of traffic
More informationJan Møller Co-founder, CTO Chainalysis
Jan Møller Co-founder, CTO Chainalysis How Does Bitcoin Actually Work? This talk is not about the poli:cal or economical impact of Bitcoin. This talk is not about how to buy, sell, spend, or secure your
More informationDEV. Deviant Coin, Innovative Anonymity. A PoS/Masternode cr yptocurrency developed with POS proof of stake.
DEV Deviant Coin, Innovative Anonymity A PoS/Masternode cr yptocurrency developed with POS proof of stake. CONTENTS 03 Overview 06 Pre-mine phase 07 Privacy 08 Basic parameters 09 Proof-of-stake The benefits
More informationPayment systems. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014
Payment systems Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 1. Card payments Outline 2. Anonymous payments and BitCoin 2 CARD PAYMENT 3 Bank cards Credit or debit card Card
More informationAnupam Datta CMU. Fall 2015
Anupam Datta CMU Fall 2015 A rational reconstruction of Bitcoin 1. Start with straw man design 2. Identify weaknesses 3. Augment design and iterate Alice: I, Alice, am giving Bob one coin Alice digitally
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 8: Protocols for public-key management Ion Petre Department of IT, Åbo Akademi University 1 Key management two problems
More informationBlockchains & Cryptocurrencies
1 Blockchains & Cryptocurrencies A Technical Introduction Lorenz Breidenbach ETH Zürich Cornell Tech The Initiative for CryptoCurrencies & Contracts (IC3) 2 Cryptocurrency Mania Market cap as of yesterday:
More informationBitcoin. Tom Anderson
Bitcoin Tom Anderson Admin Course evals My office hours next week are cancelled Bitcoin Goal Electronic money without trust $34B market value Created out of thin air, from a paper + some code Pros/cons
More informationOn the impact of propogation delay on mining rewards in Bitcoin. Xuan Wen 1. Abstract
On the impact of propogation delay on mining rewards in Bitcoin Xuan Wen 1 Abstract Bitcoin 2 is a decentralized digital currency that is rapidly gaining in popularity. The Bitcoin system relies on miners
More informationElphyrecoin (ELPH) a Private, Untraceable, ASIC-Resistant CryptoCurrency Based on CryptoNote
Elphyrecoin (ELPH) a Private, Untraceable, ASIC-Resistant CryptoCurrency Based on CryptoNote This is the First Version of the Elphyrecoin s White Paper Please Check the Website for Future Updates White
More informationLet's build a blockchain!
I'm Haseeb. That's me. Let's build a blockchain! A mini-cryptocurrency in Ruby I'm Haseeb Qureshi. I'm a software engineer. I'm working at a blockchain company called 21.co. Unless something terrible has
More informationMultiparty Computation (MPC) protocols
Multiparty Computation (MPC) protocols Protocols where the users of the protocol don t trust each other, but nevertheless they want to achieve a common goal I don t trust Bob I don t trust Alice Alice
More informationCRUDE COINS. https://crudecoins.net
CRUDE COINS https://crudecoins.net In this whitepaper we have presented Crude Coins is a brand new technology for securely transferring money between anonymous peers. Introduction: Launch story: CrudeCoins
More informationCryptography and Cryptocurrencies. Intro to Cryptography and Cryptocurrencies
Intro to Cryptographic Hash Functions Hash Pointers and Data Structures Block Chains Merkle Trees Digital Signatures Public Keys and Identities Let s design us some Digital Cash! Intro to Cryptographic
More informationComputer Security Spring 2010 Paxson/Wagner HW 4. Due Thursday April 15, 5:00pm
CS 161 Computer Security Spring 2010 Paxson/Wagner HW 4 Due Thursday April 15, 5:00pm Instructions: Submit your solution by Thursday, April 15, 5:00pm electronically. Write up your answers in either PDF
More informationWHITEPAPER 1.0 Boostx, Lead Developer BoxyCoin
WHITEPAPER 1.0 Boostx, Lead Developer BoxyCoin Author Note: No Grant or Funding has been sought for the BoxyCoin Project. ABSTRACT Bitcoin and Litecoin are highly regarded as the first successful digital
More informationPayment systems. Tuomas Aura T Information security technology. Aalto University, autumn 2013
Payment systems Tuomas Aura T-110.4206 Information security technology Aalto University, autumn 2013 Outline 1. Money transfer 2. Card payments 3. Anonymous payments and BitCoin 2 MONEY TRANSFER 3 Common
More informationkey distribution requirements for public key algorithms asymmetric (or public) key algorithms
topics: cis3.2 electronic commerce 24 april 2006 lecture # 22 internet security (part 2) finish from last time: symmetric (single key) and asymmetric (public key) methods different cryptographic systems
More informationECE596C: Handout #9. Authentication Using Shared Secrets. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #9 Authentication Using Shared Secrets Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we introduce the concept of authentication and
More informationCrypto tricks: Proof of work, Hash chaining
Crypto tricks: Proof of work, Hash chaining CS 161: Computer Security Prof. David Wagner April 13, 2016 A Tangent: How Can I Prove I Am Rich? Math Puzzle Proof of Work Problem. To prove to Bob I m not
More informationProof-of-Stake Protocol v3.0
Proof-of-Stake Protocol v3.0 Abstract Proof of Stake's security has proven itself reliable & effective over years of testing while at the same time solving Bitcoin s issues caused by the Proof of Work
More informationKey Security Issues for implementation of Digital Currency, including ITU-T SG17 activities
ITU Workshop on FG DFC Workshop on Standards for Digital Fiat Currency (DFC) () Key Issues for implementation of Digital Currency, including ITU-T SG17 activities Heung Youl Youm, PhD. Chairman of ITU-T
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationApplied Cryptography Protocol Building Blocks
Applied Cryptography Protocol Building Blocks Sape J. Mullender Huygens Systems Research Laboratory Universiteit Twente Enschede 1 Protocols An algorithm describes a series of steps carried out by a process
More informationBBc-1 : Beyond Blockchain One - An Architecture for Promise-Fixation Device in the Air -
BBc-1 : Beyond Blockchain One - An Architecture for Promise-Fixation Device in the Air - Kenji Saito and Takeshi Kubo {ks91 t-kubo}@beyond-blockchain.org Revision 0.1 October 31, 2017 1 Introduction Blockchain
More informationThe Blockchain. Josh Vorick
The Blockchain Josh Vorick Bitcoin is a currency. Blockchain is a technology. What is a blockchain? A decentralized database that anyone can add to and no one can delete from The Bitcoin blockchain Agenda
More informationUsing Chains for what They re Good For
Using Chains for what They re Good For Andrew Poelstra usingchainsfor@wpsoftware.net Scaling Bitcoin, November 5, 2017 1 / 14 On-Chain Smart Contracting Bitcoin (and Ethereum, etc.) uses a scripting language
More information11:1 Anonymous Internet Access Method for Wireless Systems
11:1 Anonymous Internet Access Method for Wireless Systems Petri Jokela Juha-Petri Kärnä NomadicLab, Ericsson Research FIN-02420 Jorvas Finland {petri.jokela, juha-petri.karna}@ericsson.com 1 Introduction
More informationThe power of Blockchain: Smart Contracts. Foteini Baldimtsi
The power of Blockchain: Smart Contracts Foteini Baldimtsi The Blockchain at the heart of a cryptocurrency Alice sends 2 John sends 1 Dave sends 5 to Bob to Eve to Alice Bob sends 1 Eve sends 4 to Dave
More informationBitcoin. Arni Par ov. December 17, 2013
Bitcoin Arni Par ov December 17, 2013 Abstract Bitcoin is a distributed, peer-to-peer cryptocurrency that functions without any central authority and in recent years has gained large popularity. This paper
More informationPart 2. Use Cases (40 points). Consider examples of such signed records R (as in Part 1) from systems we discussed.
CPS 512 midterm exam #1, 10/5/17 Your name please: NetID: Sign for your honor: Part 1. Digital Signatures (25 points). Suppose that a principal Alice (A) signs a message/record (R) that is received by
More informationAlternative Consensus Algorithms. Murat Osmanoglu
Alternative Consensus Algorithms Murat Osmanoglu Bitcoin Block i-1 Block i Block i+1 Hash i-2 Nonce i-1 Hash i-1 Nonce i Hash i Nonce i+1 tx tx tx tx tx tx tx tx tx tx tx tx Do you really need a Blockchain?
More informationCCP: Conflicts Check Protocol for Bitcoin Block Security 1
CCP: Conflicts Check Protocol for Bitcoin Block Security Chen Yang Peking University, China yc900@pku.edu.cn Abstract In this work, we present our early stage results on a Conflicts Check Protocol (CCP)
More informationYada. A blockchain-based social graph
Yada A blockchain-based social graph January 2018 Abstract The goal of Yada is to achieve an acceptable level anonymity, privacy, and freedom of expression while making available to the public a structure
More information===============================================================================
We have looked at how to use public key crypto (mixed with just the right amount of trust) for a website to authenticate itself to a user's browser. What about when Alice needs to authenticate herself
More informationA Gentle Introduction To Bitcoin Mining
A Gentle Introduction To Bitcoin Mining Table of Contents Title...3 How Do Bitcoin Transactions Work?...4 Why Is Mining Needed In Bitcoin?...5 Why Do Miners Mine?...6 What Is This Computationally Expensive
More informationReliability, distributed consensus and blockchain COSC412
Reliability, distributed consensus and blockchain COSC412 Learning objectives Encourage you to always design for failure Appreciate how decentralised consensus is useful to support principles of security
More informationP2_L8 - Hashes Page 1
P2_L8 - Hashes Page 1 Reference: Computer Security by Stallings and Brown, Chapter 21 In this lesson, we will first introduce the birthday paradox and apply it to decide the length of hash, in order to
More informationI. Introduction. II. Security, Coinage and Attacks
Abstract Proof of Stake's security has proven itself over years of testing. Advances in this technology in Blackcoin's Proof-of-Stake 3.0 have solved the issues faced with Coin-Age, Block Reward and Blockchain
More informationIntroduc)on to Bitcoin
Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin work? The characteris5cs of Bitcoin WHAT IS BITCOIN Bitcoin is a form of digital currency, created and held
More informationSecurity protocols and their verification. Mark Ryan University of Birmingham
Security protocols and their verification Mark Ryan University of Birmingham Contents 1. Authentication protocols (this lecture) 2. Electronic voting protocols 3. Fair exchange protocols 4. Digital cash
More informationCS 251: Bitcoin and Cryptocurrencies Fall 2016
CS 251: Bitcoin and Cryptocurrencies Fall 2016 Homework 3 due : 2016-11-28, 23:59 via Gradescope (entry code M4YJ69 ) 1. Idioms of use: Consider the transaction graph in the figure below: rectangles represent
More informationLecture 41 Blockchain in Government III (Digital Identity)
Blockchains Architecture, Design and Use Cases Prof. Sandip Chakraborty Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture 41 Blockchain in Government III
More informationAnalyzing Bitcoin Security. Philippe Camacho
Analyzing Bitcoin Security Philippe Camacho philippe.camacho@dreamlab.net Universidad Católica, Santiago de Chile 15 of June 2016 Bitcoin matters Map Blockchain Design Known Attacks Security Models Double
More information