Bitcoin

What is Bitcoin?

• • A P2P network for electronic payments Benefits: – Low fees – No middlemen – No central authority – Can be anonymous – Each payment goes through, no censorship

How Does it Work?

• • • Does not rely on real currency but one can buy bitcoins for money – Valuable because they are useful and limited in supply New coins are ”mined” by performing cryptographic operations that take lots of CPU A user can package the new coin together with a block containing new transactions of others – “Verifying a block” brings the user 25 BTC reward – Reward is halved every 4 years

How Does it Work?

• • • • Each transaction is signed by the sender’s private key – So no one can spend others’ money Transaction = bitcoins, public key of recipient Each transaction is broadcast in the P2P network Recipients collect and verify transactions in a block – On the average 6 blocks per hour are generated

How Does it Work?

• • • Blocks are chained together so that latter blocks depend on previous ones If multiple chains appear only the longest and fastest-growing chain is accepted as true – This prevents double-spending Anonymity can be achieved by using a new public/private key pair for each receiving transaction

Field

Version In-counter List of inputs Out-counter List of outputs Lock_time

Transaction Format

Description

1 Int>0 Txin Int>0 Txout When is the transaction final, only valid if sequence_no < 0xFFFFFFFF

Txin Format

Field

Previous Transaction hash Previous Txout-index Txin-script length Txin-script/scriptSig Sequence_no

Description

Which output of prev Tx is used Int >= 0 normally 0xFFFFFFFF

Txout Format

Field

Value

Description

number of BTC*10 8 to be transferred Txout-script length Txout-xcript/scriptPubKey Int >= 0

Sample Transaction

• • • Input 50 bitcoins from transaction with hash f5d… then send them to a Bitcoin address 4043 ..

If the input was greater than the amount you want to spend create another output to yourself with the rest Any part of input not redeemed is the transaction fee and belongs to whoever generates a block

Transaction Verification

• • • • Use a scripting system – describes how the transaction amount can be redeemed Input’s scriptSig is evaluated first – this leaves some state on the stack Output’s scriptPubKey is evaluated second Through scripting system one can create different sorts of payments with different conditions

Types of Transactions

• Transfer to IP address • Transfer to Bitcoin address • Generation

Blocks

• • • • A block is a record of some or all transactions that have not been recorded so far Each block contains: – A reference to the block immediately before it – chaining (roughly one block is added each 10 min) – A solution to a cryptographic puzzle – A generation transaction so fee can be claimed for generating the block Transactions are broadcast and peers compete in trying to generate new blocks More about block rules https://en.bitcoin.it/wiki/Protocol_rules#Blocks

Puzzles

• • • • A puzzle is finding an input to a hash algorithm that, when combined with the block’s hash results in output with many zeros The difficulty of the puzzle is automatically adjusted so that roughly 6 puzzles per hour can be solved Every two weeks all clients compare how much off target they were and adjust puzzle difficulty Clients accept the chain with the highest combined difficulty of puzzles as valid

Double-Spending

• Could one spend the same coin twice?

– Bitcoin peers verify all transactions they add to the block to ensure that the same coin wasn’t spent elsewhere – There are some race conditions that may lead to double-spending before transactions are verified – As the confirmations increase no double-spending is possible

Some Statistics

Some Statistics

Some Statistics

Some Statistics

Some Statistics

Some Statistics

Some Statistics

Drive-By Downloads

What are Drive-By Downloads

Are These Just Exploits?

• • • If my computer is well-protected should I worry?

Drive-by downloads occur in two ways: – There’s a pop-up that a user clicks on or sometimes even closes. This is interpreted as permission to download and install malware onto your machine – There’s a script on the page a user visited that initiates file download. Some browsers may run such files automatically, infecting the machine Some browsers will force downloads and warn on downloads of executable software

What If I Visit Well-Known Sites?

• • • Even such sites can have vulnerable servers that get infected by attackers Or they may serve ads that distribute malware Exploit kits for Web servers proliferate on black markets – They are also very versatile and customizable

Are There Any Defenses?

• • Lots of research in the area from top security experts BLADE http://www.youtube.com/watch?v=9emHejh8 hW “all executable files delivered through browser downloads must result from explicit user consent”