What are the weakest cryptographic guarantees in Bitcoin?

1

It is actually surprisingly difficult for a layperson to find out precisely what cryptography Bitcoin uses, without consulting the source of Bitcoin directly. For example, the opcode OP_CHECKSIG, ostensibly checks the signature of something... but there is no indication what kind of signature it checks! (What are opcodes in Bitcoin? Well it turns out that the protocol has a really neat scripting system built in for building transactions. You can read more about it here.) So in fact, I managed to get some factual details wrong on my post Bitcoin is not decentralized, which I realized when commenter cruzer claimed that a break in the cryptographic hash would only reduce mining difficulty, and not allow fake transactions.

So I did my research and cracked open the Bitcoin client source code. The short story is that the thrust of my argument remains the same, but the details of a hypothetical attack against the cryptographic function are a bit more complicated—a simple...

0 0
2
...
0 0
3

Find answers to recurring questions and myths about Bitcoin.

Table of contents

General

What is Bitcoin?

Bitcoin is a consensus network that enables a new payment system and a completely digital money. It is the first decentralized peer-to-peer payment network that is powered by its users with no central authority or middlemen. From a user perspective, Bitcoin is pretty much like cash for the Internet. Bitcoin can also be seen as the most prominent triple entry bookkeeping system in existence.

Bitcoin is the first implementation of a concept called "cryptocurrency", which was first described in 1998 by Wei Dai on the cypherpunks mailing list, suggesting the idea of a new form of money that uses cryptography to control its creation and transactions, rather than a central authority. The first Bitcoin specification and proof of concept was published in 2009 in a cryptography mailing list by Satoshi Nakamoto. Satoshi left the project in late 2010...

0 0
4

Zerocash, the protocol that succeeded Zerocoin, is being developed into a full-fledged digital currency,

Zcash

.

What is Zerocoin?

Zerocoin is a project to fix a major weakness in Bitcoin: the lack of privacy guarantees we take for granted in using credit cards and cash. Our goal is to build a cryptocurrency where your neighbors, friends and enemies can’t see what you bought or for how much.

This project began with a proposed extension, called “Zerocoin”, to the Bitcoin protocol that allowed users to mix their own coin. A collaboration between the the original Zerocoin project members and cryptographers at MIT, The Technion, and Tel Aviv University, has produced a far more efficient protocol that allows for direct private payments to otherusers of hidden value. For disambiguation, we refer to this new protocol as Zerocash, and detail its technical underpinnings here.

The problem: Bitcoin is not private

The Bitcoin payment network offers a...

0 0
5

Since my last posts explaining how Bitcoin works were a bit of a success, I figured I would continue the series. So far we’ve discussed Bitcoin mining, the incentives and the cryptography used in the protocol. However, I glossed over a key element in the Bitcoin ecosystem — digital signatures. This was partly because my goal in the previous posts was only to introduce you to mining, but also because digital signatures are important enough that they deserve their own post. If you’re reading this, I’m going to assume you have limited knowledge of cryptography. So instead of jumping right into digital signatures, I’m going to start by providing a broad introduction to cryptography. Hopefully you’ll learn not just how Bitcoin works, but also how to stay safe on the internet by keeping your private information away from prying eyes.

The Basics

“There are two kinds of cryptography in this world: cryptography that will stop your
kid sister from reading your files, and...

0 0
6
...
0 0
7

Symmetric is the oldest form but not the most secure as it implies both the sender and the receiver are in control of the cipher – or the coding and decoding key. One of the most common & simplest forms of Cipher – similar to the one that Caesar used to communicate with his generals – is just shifting the message to be sent by a number of letters in the alphabet.

In the picture above the message, cryptocompare.com, is shifted by one letter in the alphabet – then sent across the insecure channel to the receiver who decrypts it using the same key – i.e. moving the letters one space to the start of the alphabet to decipher the text and reveal cryptocompare.com. These can be relatively easy to decode.

Symmetric cryptography has a problem - How to tell the other person what the code is? This has been dealt with somewhat by public key cryptography or essentially where the receiver generates a key pair and then sends the public key to the message sender. The...

0 0
8
...
0 0
9

Video transcript

Voiceover: Cryptographic hash functions are basically fundamental building blocks that are used within many cryptographic algorithms and protocols, and they have a number of very important applications in the context of information security as a whole. Now, some of the more common algorithms in this category that are known as cryptographic has functions include: things like MD5, and also, it has some predecessors like MD4 and others, as well as algorithms like SHA-256, and actually, SHA-256 is preceded by other algorithms like SHA-1 and so on, and also there are some algorithms that maybe you've heard of, or maybe that are a bit lesser known, but things like RIPEMD, and BLAKE, and Skein, and others. Now, cryptographic hash functions are basically used as critical building blocks in many applications, and really the first motivating application, the first historical application of these types of hash functions was in the context of what's known as a digital...

0 0
10
...
0 0
11

Bitcoin relies on cryptography to function, which is why it is sometimes called a cryptocurrency. But what role does cryptography play in Bitcoin, and why is it needed? We'll begin with a short introduction to some necessary cryptography concepts (if they are familiar to you, you can just skip to "The Reasons Bitcoin Needs Cryptography" on page 137), and then we'll explore the specific cryptographic methods used in Bitcoin.

If you flipped to this chapter only because you wanted to know whether the cryptography used by Bitcoin is safe, you can rest easy knowing that Bitcoin uses only tried-and-tested cryptographic techniques: All of the cryptographic methods used by Bitcoin have been widely used in the past by governments and major corporations to secure financial, medical, and other sensitive information, as well as personal identification data.

In fact, the cryptography in Bitcoin could be described as boring, simply because it relies on very conservative...

0 0
12

Around eight months ago a group called “Large Bitcoin Collider” (LBC) was formed aimed at cracking bitcoin wallets with hopes of finding a cryptographic collision within the protocol. The LBC server lets anyone download the software and attempt to take a crack at Bitcoin’s underlying cryptography.

Also read: NSA Exploits Reveal the World of 1984 Is Here

Meet the Large Bitcoin Collider

Announced last year on Bitcointalk.org a ‘hero member’ from the forum named Rico revealed an unusual project. Rico detailed the formation of a new group of cryptography proponents looking to brute-force bitcoin addresses and hopefully find a cryptographic collision along the way. The group’s project is a homage to the Large Hadron Collider, the world’s strongest particle collider.

A computational collision or clash occurs when two different inputs from a cryptographic function such as a digest, checksum, or hash value produce the same output. LBC considers itself a...

0 0
13

That the block chain cannot be easily forked represents one of the central security mechanisms of Bitcoin. Given the choice between two block chains, a Bitcoin miner always chooses the longer one - that is to say, the one with the more complex hash. Thusly, it ensures that each user can only spend their bitcoins once, and that no user gets ripped off.

As a consequence of the block chain structure, there may at any time be many different sub-branches, and the possibility always exists of a transaction being over-written by the longest branch, if it has been recorded in a shorter one. The older a transaction is though, the lower its chances of being over-written, and the higher of becoming permanent. Although the block chain prevents one from spending more Bitcoins than one has, it means that transactions can be accidentally nullified.

A new block chain would leave the network...

0 0
14
...
0 0
15

If you’ve heard of bitcoins, it may have been in the context of people using the digital currency to pay off ransom demands for the contents of their hacked computers or buy drugs on the dark web. But the underlying cryptographic technology, a growing chain of time-stamped records or “blocks” that is shared between many computers, forming a “blockchain,” could also be used to help save the environment, according to a commentary published today in Nature by Guillaume Chapron, an ecologist at the Swedish University of Agricultural Sciences in Riddarhyttan. Science spoke with him about the future of money, the government, and trust. This interview has been edited for brevity and clarity.

Q: What is a blockchain?

A: The blockchain—by which I mean the technology underlying all blockchains—is a protocol to build an immutable ledger, a database of transactions. You could say it’s a kind of decentralized supercomputer that creates trust.

Q: How can it help the...

0 0
16

Cryptography is the art of creating mathematical / information theoretic guarantees for who can do what with data, including but not limited to the classical example of making a message readable only to those who hold the secret key.

This subreddit is intended for links and discussions surrounding the theory and practice of strong cryptography, which lives at an intersection of math, programming, and computer science.

Please note that this is a technical subreddit, not a political one!

Cryptography wishlist threads!

Rules (along with normal reddiquette)

Don't forget to read our RULES PAGE! The list on that page is also the one used as this sub's report reasons. The quick version;

Assume good faith and be kind. This is a friendly subreddit. Codes, ciphers, ARGs, and other such "weak crypto" don't belong here. (Rule of thumb: If a desktop computer can break a code in less than an hour, it's not strong crypto.) You're probably looking for...
0 0
17
...
0 0
18

So many times we have learned about cryptography and security the hard way. One of the key problems is ignoring the advice and warnings, which are plainly written in the current crypto literature. This without the slightest ambiguity, so that there is very little doubt about what a reasonable and professional security practice is.

The Story of Dual_EC_DRBG

Everybody in crypto community knew that the Dual_EC_DRBG was a true disgrace, a monster ignoring almost everything which it is reasonably possible to know about security. Basically well-known crypto experts have for a long time made very clear that Dual_EC_DRBG:

was “just plain bad random number generator all the way back in 2006”, it was “dodgy in 2007, and still dodgy now”, already in 2007, Shumow and Ferguson “raised the possibility of a backdoor”, it was “hilariously slow”, RNGs are usually made with symmetric crypto which is much faster (however it would be much harder to embed a backdoor in a symmetric...
0 0
19

Wow, what the heck is going on with Bitcoin?

When I started this post, the value of a single bitcoin had surged upwards of $250. It’s corrected a bit since then (down $100 or so), but it’s pretty clear that we live in a very different world than we did two weeks ago.

And I’m not sure I really like this world. It’s a world where I have to listen to CNBC reporters try to understand Bitcoin. Ouch. I think we can all agree that we were better off before this happened.

The explosion of interest in Bitcoin is both wonderful and terrible. It’s wonderful because Bitcoin is an amazing technical innovation — the first decentralized electronic currency to actually make something of itself. It’s terrible because Bitcoin has some technical rough edges that really need to be filed off before we start using it for anything.

The rough edge that particularly interests me is user privacy. Or rather, Bitcoin’s troubling lack of it.

In this post I’m going to describe...

0 0
20

Bitcoin might be the name on everyone’s lips right now, but did you know that Bitcoin is merely the tip of the cryptocurrency iceberg? For those not in the know, cryptocurrencies are basically decentralized and anonymous (or, at least, pseudonymous) peer-to-peer digital currencies that implement cryptography as a central security feature. Cryptocurrency coins are “mined” with computers by solving complex mathematical equations called “hashes”.

The success of Bitcoin has led to the development of many alternative cryptocurrencies, often called “altcoins”. Most of these altcoins offer their own take on the Bitcoin protocol, and are interesting in their own right. It helps, too, that most of these are still cheap and much easier to buy or mine.

Of course, there’s no guarantee that any of these altcoins will ever be as successful or as valuable as Bitcoin, but if you’ve been kicking yourself for missing the Bitcoin boat, you could do worse than check out one (or more) of...

0 0
21

Perhaps no element of the bitcoin universe is both more critical and more confusing than the process known as "bitcoin mining". This overview will give a broad summary of what bitcoin mining is, and illustrate just why it's so important.

How can we trust bitcoin payments?

Today, when you send a friend $20, there is a step in the middle of that transaction where your bank and their bank talk to each other to make sure that your account actually has the $20 you're sending.

Bitcoin payments are a little different, in that there is no bank; there are just the two people sending and receiving money from one another.

As explained in our bitcoin introduction, bitcoin payments are "peer-to-peer", meaning that that they do not require a bank or credit card company to be processed. This is a great feature for enabling free, real-time money transfers, and would work well "as-is" if you only ever needed to receive bitcoins from people you know and trust. However,...

0 0
22
...
0 0