程序代写代做代考 scheme algorithm chain 17crypto_L12

17crypto_L12

Bitcoin Practicalities

Crypto & SecDev 2017 © Ron Poet: Lecture 12 1

Managing Keys

� The public key is a user’s ID.

�Contracts giving him bitcoins use a hash of the public
key. The hash makes it shorter.

� The secret key is necessary in order to spend the bitcoin.� The secret key is necessary in order to spend the bitcoin.

�The relevant transaction must be signed with the secret
key.

� It is usual to have a different key pair for each bitcoin or
fraction of a bitcoin.

�So that anonymity cannot be breached by matching
transactions.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 2

Key Aspects of Keys

� Availability: can use them when required.

� Security: no one can steal them.

� Convenience: easy to use.

� These requirements are contradictory.� These requirements are contradictory.

�Tradeoffs have to be made.

� Hot storage: available immediately but more at risk

� Cold storage: available off line.

� It must be possible to transfer between the two.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 3

Representing Keys

� A textual representation of a key uses base 58 arithmetic.

�Upper and lower case letter + digits, omitting I, l, 0,
and O, which can cause confusion.

�This is suitable for copying and pasting between �This is suitable for copying and pasting between
documents as well as writing down.

� A QR code.

�In common use with smartphone apps.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 4

Types of Wallet

� Wallets are apps contain bitcoins.

� They can be used for hot and cold storage.

� A user will typically have a hot and a cold wallet.

�The hot wallet for some money that is ready to spend.�The hot wallet for some money that is ready to spend.

�The cold wallet for the bulk of the money, to be kept
safely.

� One task of wallets is creating public and secret key pairs.

� An algorithm called Hierarchical Deterministic Wallets
can transfer keys between wallets in a safe manner.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 5

Brain Wallets

� Use a predictable algorithm to turn a pass-phrase into a key
pair.

�It generates the secret key and then the public key can
be derived from it using information that is kept secret.be derived from it using information that is kept secret.

� It is vulnerable to an offline pass-phrase guessing attack.

�Don’t use a pass-phrase that can be guessed.

� If you forget the pass-phrase your coins are lost forever.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 6

Other Wallets

� Paper wallet

�Print the keys out and keep the printout securely.

�If you lose the piece of paper . . .

� Tamper resistant device.� Tamper resistant device.

�Only you can open it.

� Online wallet

�You have to trust the company managing it.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 7

Composite Keys

� Sometimes it is useful to split a key into more than one
part.

� This makes it harder for a thief to steal it.

� Standard secret sharing and slitting algorithms can be used.� Standard secret sharing and slitting algorithms can be used.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 8

Bitcoin Exchanges

� You need to provide real money to buy your first bitcoin.

�Unless you are lucky enough to mine one.

� A bitcoin exchange will convert money to bitcoins.

�They will have another customer who wants to convert �They will have another customer who wants to convert
bitcoins to money.

� There will be no transfers on the blockchain.

�The exchange owns the bitcoins, and just allocates
them to different customers.

�There will need to be an initial blockchain transaction
to get started, and other transactions to keep a balance.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 9

Risks of Bitcoin Exchanges

� They are unregulated banks, with similar risks.

� A run on the bank.

�The value of bitcoin falls and everyone wants to cash
out at the same time.out at the same time.

�The value of the exchange’s bitcoins no longer covers
their real money liabilities.

� The owners might be crooks running a Ponzi scheme.

� The exchange might be hacked.

� In 2013 18 out of 40 exchanges failed for one of these
reasons.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 10

Payment Services

� Most merchants who accept bitcoins as payment want
them to be quickly converted into real money.

�Typically at the end of each day.

� This is handled by payment services, for a fee.

�The payment service absorbs all the risk.

�They will typically use bitcoin exchanges.

� There are currently about 15 million bitcoins in circulation.

Crypto & SecDev 2017 © Ron Poet: Lecture 12 11