Documente Academic
Documente Profesional
Documente Cultură
3. Digital Signatures
$ du -h Bitcoin_book.pdf
18M Bitcoin_book.pdf
$ time shasum -a 256 Bitcoin_book.pdf
4371b745c56c9c71e6876234c0d37881204507465ac0fed0da35a753150bbcc7
0.19s user 0.05s system 93% cpu 0.261 total
Property 1: Collision Resistance
H(“heads”)
H(“tails”)
easy to find x!
Property 2: Hiding
API:
• (com, key) := commit(msg)
• match := verify(com, key, msg)
512 bits
Message Message Message
(block n)
(block 1) (block 2)
c c c
IV Hash
2.1. Blockchain
2.2. Merkle Tree
Hash pointer
H( )
(data) will draw hash pointers
like this
Linked list with hash pointers = “block chain”
H( )
H( )
H( ) H( )
H( ) H( ) H( ) H( )
H( ) H( ) H( ) H( ) H( ) H( ) H( ) H( )
H( ) H( )
H( ) H( )
show O(log n) items
H( ) H( )
(data)
Advantages of Merkle trees
3.1. Definition
3.2. Security
3.3. Public key as Identities
Digital signature
Properties:
• only you can make your signature, but anyone
who sees it can verify that it’s valid.
• the signature to be tied to a particular document
API:
• (sk, pk) := generateKeys(keysize)
• sig := sign(sk, message)
• isValid := verify(pk, message, sig)
Requirements for signatures
challenger attacker
m0
sign(sk, m0)
m1
sign(sk, m1)
...
M, sig
5.1. Goofycoin
5.2. Scroogecoin
GoofyCoin
Goofy can create new coins
New coins belong to
me.
signed by pkGoofy
CreateCoin [uniqueCoinID]
A coin’s owner can spend it
signed by pkGoofy
Pay to pkAlice : H( )
signed by pkGoofy
CreateCoin [uniqueCoinID]
The recipient can pass on the coin again
Pay to pkBob : H( )
signed by pkGoofy
Pay to pkAlice : H( )
signed by pkGoofy
CreateCoin [uniqueCoinID]
Double-spending attack
signed by pkGoofy
Pay to pkAlice : H( )
signed by pkGoofy
CreateCoin [uniqueCoinID]
ScroogeCoin
Scrooge publishes a history of all transactions
(a block chain, signed by Scrooge)
H( )
coins created
num value recipient
0 3.2 0x... coinID 73(0)
coinID 73(1)
1 1.4 0x...
coinID 73(2)
2 7.1 0x...
PayCoins transaction consumes (and destroys) some coins,
and creates new coins of the same total value
transID: 73 type:PayCoins
consumed coinIDs:
Valid if:
68(1), 42(0), 72(3)
-- consumed coins valid,
coins created -- not already consumed,
-- total value out = total value in,
num value recipient and
-- signed by owners of all consum
0 3.2 0x... ed coins
1 1.4 0x...
2 7.1 0x...
signatures
Immutable coins
Example
Answer 2
Feedback
Quiz Number 2 Quiz Type
Quiz 2
If you generate numerous identities (public keys) for yourself
and interact online using those different identities, what might
happen? (there is more than one correct answer )
1. Others might be able to take over your identities if your
Question randomness is bad
2. Others may be able to link your identities because public
keys generated on the same computer look similar
3. Others may be able to de-anonymize you by analyzing
your activity patterns
Example
Answer 1,3
Feedback
Summary
References
Book:
1. Arvind Narayanan et al. (2016). Bitcoin and Cryptocurrency Technologies:
A Comprehensive Introduction, Princeton University Press.
1. Satoshi Nakamoto (2009), Bitcoin: A Peer-to-Peer Electronic Cash System.
Online Course:
• “Bitcoin and Cryptocurrency Technologies” on Coursera.org.
Link: https://www.coursera.org/learn/cryptocurrency