04_Bitcoin.pdf
91
TOR, OTR & BITCOIN Π. Αγγελάτος, Δ. Ζήνδρος
-
Upload
dimitris-lamprinos -
Category
Documents
-
view
213 -
download
1
Transcript of 04_Bitcoin.pdf
-
TOR, OTR & BITCOIN. , .
-
browsing Tor
Onion routing
chat OTR
Forward secrecy
Deniability
bitcoin
-
...
OTR :
Linux Windows, Pidgin & OTR:
https://www.pidgin.im/
https://otr.cypherpunks.ca
Mac, Adium:
https://adium.im/
-
Tor
https://www.torproject.org/
-
IP ...
Internet
( )
IP
...
-
Demo IP
http://wtfismyip.com/
-
Tor
IP
-
Tor Browser Bundle
Tor browser
https://panopticlick.eff.org/
features
Javascript, Flash, Java, Silverlight
browser
Tor Browser Bundle
browser
HTTPS everywhere
Javascript!
-
Onion routing
server 3tor nodes
node
, 3 tor
-
Tor nodes
node public key
encrypt public key 3 nodes
-
Exit & Relay nodes
nodes
/ HTTPS
node exit node
by default
traffic
node relay node
-
Relay node
-
Exit node
-
Demo
http://wtfismyip.com Tor
-
Tor: browsing
Tor
SOCKS proxy
Application (Firefox)
Onion routing (Tor)
Internet (IP)
Transport (TCP)
-
!
Tor
.. Torrents
IP
DNS leaks: resolve IP DNS Tor
Tails: Linux Tor
-
Hidden services
client, server
Internet
Clearnet: browser
Darknet Deep web: Tor
6 Tor relay hops
Tor
, exit node
-
OTR: Off-the-record
-
chat
chat
Facebook
Skype
Google Talk
MSN
-
chat
Alice Facebook
Facebook
Facebook Bob
Bob
AliceBOB
HTTPS HTTPS
-
chat
To Facebook chat !
man-in-the-middle
,
AliceBOB
HTTPS HTTPS
-
end-to-end
Alice Bob
Facebook
AliceBOB
-
OTR client
DSA
client
-
...
-
Perfect Forward Secrecy
Diffie-Hellman
.. 2
2 DSA , !
-
Deniability
O Bob Alice
Bob Alice
-
OTR
GPG
OTR GPG
http://petrosagg.com/otr.txt
https://dionyziz.com/otr
-
OTR
OTR chat GPG OTR
GPG
GPG
-
OTR demo
-
Ima
ge
ca
rbo
nis
m
-
...
& multibit
https://multibit.org/
-
bitcoin?
Online
(?) $
-
Wei Dai, 1998: Bmoney (cypherpunks)
Nick Szabo, 2005: Bit gold
Satoshi Nakamoto, 2008: Bitcoin: A Peer-to-Peer Electronic Cash System"
2009: bitcoind open source C++
Casper Paramount
-
Satoshi Nakamoto?
bitcoin
;
bitcoin paper
bitcoin
IRC bitcoin
bitcointalk forum
bitcoin
...
...
-
Satoshi ?
bitcoin
;
bitcoin paper
bitcoin
IRC bitcoin
bitcointalk forum
bitcoin
...
...
-
Satoshi ?
...
;
Nick Szabo?
Wei Dai?
Dr Vili Lehdonvirta & Michael Clear?
Neal King, Vladimir Oksman & Charles Bry?
Shinichi Mochizuki?
Jed McCaleb?
Dread Pirate Roberts?
, , .
-
: Online
.. Visa, MasterCard
.. PayPal ...
-
:
...
-
$
Federal Reserve Bank ( )
:
100
1
100
1
;
-
bitcoin
Peer-to-peer
-
1 second
10
-
!
$
-
:
;
-
... ;
Ima
ge
F
L1
P5
1D
3
-
Peer-to-peer bitcoin
-
/
broadcast
-
Hash functions
One-way
H( x ) = y
y x
x y
x y
y x?
-
Collision resistance
y, x :
H(x) = y
, :
H() = H()
d c, n :
H(c || n) < d
d
hash
-
Bob Alice
12mBTC
m 12mBTC Aliceh H ( m )s signBs( h )
s
0BTCverifyBp( m, s )
12mBTC
0BTC
Bo
b
Nic
ke
lod
eo
n; A
lice
D
isn
ey
-
;
-
Bob
Alice
Bob
-
Broadcasting
,
-
#137 #152 #312
5BTC 5BTC
#111 #222 #555
2BTC 2BTC
;
-
Bp, Bs
Ap, As
verBp( m1, s1 )
m2 12mBTC PCh2 H( m2 )
Cp, Cs
verAp( m2, s2 )m1 12mBTC Aph1 H( m1 )
s1 signBs( h1 ) s2 signAs( h2 )
Bo
b
Nic
ke
lod
eo
n; A
lice
D
isn
ey
-
(.) .
(.) .
-
=
coin1 signS0( H( coin0 || P1 ) )
coin2 signS1( H( coin1 || P2 ) )
coin3 signS2( H( coin2 || P3 ) )
Ima
ge
1
Dysle
xia
1
-
Ima
ge
S
ato
sh
i N
aka
mo
to
-
{"hash":"96f5e5394726ca5","ver":1,"in":[{
"prev_out":{"hash":"87750ccbebf71042d","n":0
},"scriptSig":"30440397d0c2 49d0c04a7e52"
}],"out":[{
"value":"0.71430000","scriptPubKey":"OP_DUP OP_HASH160
99fa78c49d99f58c8dd OP_EQUALVERIFY OP_CHECKSIG"
}]}
-
;
=
>= ;
!
-
;
-
Blocks
block
hash block
block hash
block
block
hash
-
Ima
ge
S
ato
sh
i N
aka
mo
to
-
blocks?
-
...
blocks
-
Proof-of-work
blocks nodes broadcast
block
block
-
Ima
ge
S
ato
sh
i N
aka
mo
to
-
nonce 000000
while H( block || nonce ) < 100000:
nonce nonce + 1
broadcast( block )
Difficulty
-
block
blocks
blocks genesis
genesis
(2009)
Ima
ge
th
eym
os
-
block
block
-
block
blocks
block
blocks
-
CPU
-
bitcoin
block = bitcoin
: 25BTC / block
-
Difficulty
CPU
block 10
: 3,129,573,175
-
Ima
ge
th
eym
os
-
Elgamal (DSA)
Hash function
SHA256( SHA256( _ ) )
SHA256( _ )
-
bitcoin 17 2012: 167,000 blocks
1BTC = 3.27 8.3 BTC 27,000,000 hashing = 9THz
9 2013: 1BTC = 73
19 2014: 286,000 blocks
1BTC = 450 12.4 BTC 5,600,000,000 hashing = 30,000Thz
-
Litecoin
Scrypt SHA
Dogecoin
Namecoin
Decentralized DNS
Twister
Decentralized Twitter
Bitmessage
Decentralized SMS
Zerocoin
-
browsing Tor
Onion routing
chat OTR
Forward secrecy
Deniability
bitcoin
-
!
Internet
chat
bitcoin
-
! ;
bitcoin.org
Twitter: @dionyziz, @petrosagg
:CreativeCommons 3.0 Attribution
