Ensimag - 4MMSR Network Security Student Seminar

panelgameSecurity

Dec 3, 2013 (3 years and 10 months ago)

82 views

Ensimag
-

4MMSR


Network Security Student Seminar


Bitcoin: A peer
-
to
-
peer Electronic Cash System

Satoshi Nakamoto






wafa.mbarek@ensimag.fr

halima.myesser@ensimag.fr

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012


1

2

I
-

Introduction:
Classic

electronic

payement
systems


II
-

Bitcoin
, an alternative for the
traditional


electronic

payment








III
-

Optimizations

of the system














IV
-

Vulnerabilities

&
Counter
-
measures


V
-

Limitations &
Critics


VI
-

Conclusion


Table of contents:

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Classic electronic payment systems

3

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Introduction

http://www.electronicpaymentscoalition.org/what
-
is
-
interchange/

Disadvantages

of
going

through

the
banking

system


Additional cost : About 1% for each transaction




limits the possibility of small transactions.



Slow system : Checking services take days to complete.



No anonymity.



Accounts can be frozen (ex:
Wikileaks
)



If fraudulent use of credit card, the seller has to pay
a fee charged by the banking company.




4

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Introduction


Bitcoin:


Digital currency created by
Satoshi Nakamoto

in
2009.



Peer
-
to
-
peer system :
no central authority



Creation of money and transactions are


managed collectively by the network.

Advantages
:


No third party

can

prevent or control

your transactions


Transactions fees are much lower



Bitcoin

is free software


No inflation risk, coin’s creation is limited


5

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Bitcoin
, an alternative for the
traditional

electronic

payment

Transferring a coin

Alice wants to send coins to Bob.

6

Bitcoin
, an alternative for the
traditional

electronic

payment

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012


public key = Bitcoin address.


Bob’s public key

Hash

Alice’s signature

Alice’s
private key

Transaction that provides

these coins to Alice

Transaction

Alice’s public key

Hash

Charlie’s signature

Charlie’s
private key

Hash of
previous
transaction

7

-
keypairs for each address

-
transactions from/to your addresses

-
user preferences




Wallet

Transferring a coin

Bitcoin
, an alternative for the
traditional

electronic

payment

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

1 Coin = A chain of digital signatures

Owner 0’s
signature

Owner 1’s
signature



Owner n’s
signature

To maintain the privacy of users involved in a payment, the public keys

are anonymous.

8

New transactions are broadcast to all nodes.

Alice

Bob

Bitcoin : A peer
-
to
-
peer Electronic Cash System

M'BAREK Wafa
-

MYESSER Halima 18
-
04
-
2012

Bitcoin
, an alternative for the
traditional

electronic

payment

Double
-
Spending

Protection

New transactions is broadcasted to all nodes

1

Each node collect new transactions into a block


Transactions are accepted if their block is validated.


The chain contains all the transactions done by the network.


Each node has a full copy of the growing chain of blocks.


It is called a timestamp server.



9

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

2

Bitcoin
, an alternative for the
traditional

electronic

payment

Double
-
Spending

Protection

Block 1

Block 2

Tx

Tx

Tx



Tx

Tx

Tx



To validate a block, each node works on resolving a difficult
proof
-
of
-
work

Block

Previous Hash

Nonce

Tx

Tx

Tx



10

Bitcoin
, an alternative for the
traditional

electronic

payment

Double
-
Spending

Protection

3

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012


Use
the CPU power to calculate the “right” nonce
.


Proof
-
of
-
work = Finding the
nonce that enables to
calculate a
block’s hash beginning with the
required number of zero bits.

Hash(Transactions hash &Nonce)=
0.....0xxxxxxxxxxxxxxxx

Target

The first node that finds the proof
-
of
-
work sends the block to the rest of
the network.

11

I have solved
the proof
-
of
-
work !!!

+ 50 coins !

Bitcoin
, an alternative for the
traditional

electronic

payment

Double
-
Spending

Protection

4

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Acceptance of a block


-
Is
the transaction’s signature valid?

-
Does the nonce verify the proof
-
of
-
work?



If
the block is accepted, the node starts building the next



block
of the chain.



If
not, the node continues working with the longest chain
.




If
multiple blocks arrive simultaneously


Two versions of chain
of blocks


only the
longest one is selected.




12

Bitcoin, an alternative for the traditional electronic payment

Double
-
Spending

Protection

5

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012












13

Bitcoin
, an alternative for the
traditional

electronic

payment

Double
-
Spending

Protection

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

1
-

Modify a previous transaction

2
-

Redo the proof
-
of
-
work of the block

3
-

Redo the proof
-
of
-
work of all the next blocks


The double
-
spending attack:

An attacker can’t create money or take the money that never belonged to him



He can only try to change his own previous transactions.


Block 1

Block 2

Block 3

Block 4

Block 3

Block 4

Tx

Block 5

z blocks to catch up

Tx


Block 5



CPU power’s attacker
>

CPU of all the honest nodes combined

Probability of success :


p
= probability an honest node finds the next block

q
= probability the attacker finds the next block

qz

= probability the attacker will ever catch up from z blocks behind


If p>q :

qz

follows a Poisson distribution with :





λ
=
z * q/p





The probability of success decreases exponentially with the number of blocks
that have to be re
-
worked.


Example:
q=0,3

z= 2 =>
qz
=5%

z= 5 =>
qz
=0,09%



14

Bitcoin
, an alternative for the
traditional

electronic

payment

Double
-
Spending

Protection

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Bitcoin Mining


2 ways to encourage people to spend their CPU time and electricity :


1
-

Be the first to resolve the proof
-
of
-
work




It is the only way to create bitcoins.



One block can be generated every 10 minutes => Limit inflation.



The amount of bitcoins in circulation is fixed at 21millions
.

2
-

The block producer benefits from the fees of the transactions
included in this block.

15

Bitcoin
, an alternative for the
traditional

electronic

payment

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

System’s optimization



Merkle trees : Binary trees of transactions hashes.


Use Double

SHA
-
256.

-

1 block header = 80 bytes

-

1 block generated every 10min



Chain of blocks = 4,2 MB per year



16

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Disk space optimization

System’s optimization



Check a transaction without being a mining node

17

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

-

Is the transaction in a block header?

=> By verifying the header hash

-

Has another block been added after this block?



If yes, payment verified

Simplified payment verification

18

Vulnerabilities & Counter
-
measures



M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

Vulnerability

The

wallet

stored
unencrypted


Connect identities to
addresses

Fill the network

by
cancer

node
s

Example


A virus recovers

the file
wallet.data

and sends it
to the attacker

Google a

Bitcoin

address to see if
anyone used it to sign
(ex: in
Bitcoin

forum)

C
onnect
100,000 IP
addresses to the IRC
bootstrap channel


Impact

The

attacker c
ollects
the
keypairs



卩杮S⁴桥

瑲慮a慣ai潮o⁢礠瑨攠
user’s name

Tr慣a湧 愠a潩渧n
桩Ut潲礠


䱯獥

慮潮祭楴y


䉥⁣潮湥ct敤 潮汹oto

att慣a敲潤敳⸠䡥.c慮a
re晵獥 t漠r敬e礠y潵爠扬潣k猠
潲oy潵爠瑲慮a慣ai潮o


䉥灥渠n漠摯畢le

獰敮摩湧datt慣as

Counter
-
measures


Wallet

e
ncryption in
new
Bitcoin

versions

-
Use
eWallet

services

-
Don’t leave personal
inf潲浡瑩潮


䱩浩m 瑨攠湵浢m爠潦⁉P

addresses that is
possible
to

connect to one

IRC
channel

19



Bitcoins

are not widely accepted.



No
physical form.



Transactions are
irreversible
.



Bitcoin

valuation fluctuates.




Built in
Deflation

: Maximal number of
bitcoins

is fixed at 21
million.



Difficulty to associate
Bitcoin

addresses with real
-
life identities
=>
E
ncourage illegal traffic.



Limitations & Critics


M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

20


Bitcoin

is an emerging technical and economic phenomenon.



Bitcoin's

future is uncertain:














High level of volatility



Various security incidents :



-
Theft of half million dollars in
Bitcoin

in
june

2011

¹

-
An attacker

has gained access

to

the

Bitcoin’s

database and
modified

the

number of

Bitcoin

available

on the
market(2

million

false

bitcoins

added)
²
.


1
:
http
://
www.h
-
online.com/security/news/item/Bitcoin
-
theft
-
half
-
a
-
million
-
dollars
-
gone
-
1261306.html

2
:
http
://bit
-
coin.fr/crash
-
de
-
la
-
valeur
-
du
-
bitcoin
-
piratage
-
de
-
mtgox/




Conclusion

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012

21

References:

M‘
barek

Wafa

-

Myesser

Halima
Bitcoin

: A
peer
-
to
-
peer

Electronic

Cash System

18
-
04
-
2012


http://bitcoin.org/bitcoin.pdf



http://www
-
cs
-
faculty.stanford.edu/~eroberts/cs181/projects/2010
-
11/DigitalCurrencies/index.html



http://www.weusecoins.com
/



https://
en.bitcoin.it/wiki/Main_Page


Thank you for your attention