Transcript Bitcoin - Digitale Stad Eindhoven

Spelen met Bitcoins
Digitale Stad Eindhoven lezing
Nov 2016
Egbert-Jan Sol
[email protected]
Voorzitter Stichting Digitale Stad Eindhoven
1
Start
• We kiezen een Bitcoin-wallet (bitcoin – portemonnee)
– Copay is beschikbaar voor o.a. iOS, Andriod, Windows)
• Download+installeer
– Maak bij Copay backup ->er komen 12 woorden: opschrijven!!!!!
• Laad je wallet voor 5 Euro micro bitcoins
– Let eens op bitcoin type adressen:
• Lezing
– Discussie
• Zelf proberen
– Betaal Uw consumptie met bitcoin bij de penningmeester
2
Bitcoin
•
•
•
•
•
•
•
Demo Copay
Historie
Mechanisme
Keys (Digitale Sleutels)
Wallet (Bitcoin portemonnee met sleutels (tot je geld))
Mining/Blockchain etc
Slot
3
Copay demo & uitleg
• Setting Euro en bits
• Send/Receive
• Backup (Passphrase)
4
Bitcoin History
Distributed databases technologies
e.g. version control for software sources in at group server 1990
e.g. version control for software sources world wide: GitHub 2010
Crypto currencies
e.g. single server on the internet - Digicash, David Shaum, A’dam 1997
Bitcoin = 2008 – publication Satoshi Nakamoto – nobel prize worthly
Bitcoin – a peer to peer electronic cash system that
combined distributed database technologies with crypto currencies
Bitcoin core software 2009-2011: 2011 start bitcoins
2013 no one breaks it, why – underlying blockchain protocol works
2016 distributed ledger technologies
(ranging from version control, via trusted simple miners to public bitcoins with heavy mining)
Stond op computer thuis
6
Bitcoin price
4 july 2012:
6,35$
3 july 2013:
66,34$
16 nov 2017: 710$
7
Mechanisme van Papier Geld
Wallet van Tini
Wallet van Willem
3
4
Pin pW
Bank nr
W
Pin pT
Bank nr T
5 6
1 2
Bank
geld
1: Willem (W) pint
2: 10 euro biljet
3: T vraagt 10 euro aan W
4: W geeft 10 E biljet
5: T stort 10 E biljet
6: T kan stand zien
Bank
geld
Goud
overheid
8
Mechanisme van Papier Geld
Wallet van Tini
Wallet van Willem
4
Pin pW
Bank nr
W
Pin pT
Bank nr T
Bank
geld
Bank
geld
4: W geeft 10 E biljet aan T
Goud
overheid
9
Mechanisme van Bitcoin
Wallet van Tini
Wallet van Willem
3
4
Pin W
Bank nr W
bank rekening nr T
W b5, b6, T
Pin T
Bank nr T
Begin
3: W krijgt nr van T
4: W geeft 2 bitcoins aan T
Bitcoin Tabel
(blockchain):
Na 10 min ziet Tini dat er 2 bitcoins bij zijn
10 min later
Bit
coin
Owner
Bit
coin
Owner
1
nr Y
1
nr Y
2
nr T
2
nr T
3
nr W
3
nr W
4
nr Z
4
nr Z
5
nr W
5
nr T
6
nr W
6
10nr
T
Mechanisme van Bitcoin
Wallet van Tini
Wallet van Willem
3
4
Pin W
Bank nr W
3: W krijgt nr van T
4: W geeft 2 bitcoins aan T
bank rekening nr T
W b5, b6, T
e.g. Copay
Pin T
Bank nr T
Begin
1 sec later
Bit
coin
Owner
Bit
coin
Owner
1
nr Y
1
nr Y
2
nr T
2
nr T
3
nr P
3
nr P
4
nr Z
4
nr Z
5
nr P
5
nr T
6
nr P
6
nr
11
T
Bitcoin Tabel (blockchain):
Mechanisme van Bitcoin
Wallet van Tini
Wallet van Willem
bank rekening nr T
3
4
W b5, b6, T
Pin W
Bank nr W
1 2
Pin T
Bank nr T
5 6
Begin
1: nr W
2: b3, b5, b6
3: T vraagt 2 bitcoins
4: W geeft 2 bitcoins aan T
(10 min of later)
5: nr T
6: b2, b5, b6
10 min later
Bit
coin
Owner
Bit
coin
Owner
1
nr Y
1
nr Y
2
nr T
2
nr T
3
nr W
3
nr W
nr Z
4
nr Z
nr W
5
nr T
nr W
6
nr
12
Bitcoin Tabel 4
(blockchain): 5
6
T
Encryptie Sleutels
12 (or 24) Wallet words are the seed for a key generation:
witch collapse practice feed shame open despair creek road again ice least
DIT IS FEITELIJK DE SLEUTEL TOT JE GELD
- VERLIES HEM NIET
- LAAT ANDEREN HEM OOK NIET STELEN/COPIEREN
In Bitcoin portemonnee (wallet) zitten je publieke K en geheime P digitale sleutel
Met publieke sleutel van andere (X) Kx kun jij tekst versleutelen die alleen X met
de geheime Px kan ontcijferen.
13
Publiek
Mechanisme van Bitcoin
Pin
Wallet van Tini
Wallet van Willem
W
( Pin PW )
Bank nr KT T
3
T
4
( Pin PT )
Bank KW
W
T
1 2
Bank KT
T
5 6
W
T
W
1: W vraagt met KW
2: KW(b3),
3: T sent KT naar P
T
4: W ontcijfers met pin PW
b3 = PW( KW( b3 ) )
W
versleutel b3 met KT en
update tabel op 3 met KT(b3)
5: T vraagt met KT
6: KT(b3)
T b3 = T
Begin
T
W
W
W
b3
10 min later
Bit
coin
Owner
Bit
coin
Owner
1
KY(b1)
1
KY(b1)
2
T
b2
2
T
b2
3
W
b3
3
T
b3
4
KZ(b4)
4
KZ(b4)
Bitcoin Tabel (blockchain):
Mechanisme van Papier Geld
Wallet van Tini
Wallet van Willem
4
Pin pW
Bank nr
W
Pin pT
Bank nr T
Bank
geld
Bank
geld
4: W geeft 10 E biljet aan T
Goud
overheid
15
Publiek
Mechanisme van Bitcoin
Pin
Wallet van Willem
Wallet van Tini
( Pin PW )
T
3
W
T
( Pin PT )
T
W
b3
W
Bank KW
W
=> T
Bank KT
b3
T
4
T
W
T
W
T
W
Bitcoin’s Blockchain
1 transaction: 250 byte,
1 block 1 MB large
Average 400 transaction in 1 block
And 1 block around every 10 min
=> 7 transactions per second.
Bitcoin blockchain: 50G, 2 days on PC
You can not change previous blocks,
but you can trace back every transaction
to the beginning
Distributed Database
From: Mastering Bitcoin,
O’Reilly pubisher
Bitcoin is an ecosystem
Enabling anonymous transactions worldwide
•
•
•
•
•
•
Users: buyer, vendors, marketplaces
Webwallet services:
Cryptocurrency exchanges: e.g. www.bitonics.nl
Wallet software developers: e.g www.copay.com
Developer community: bitcoin core software (bitcoin.org)
Mining community: full nodes, hashing pools
Miners, competing to determine
The Proof of work (hash, CRC)
of a block
Around ever 10 min a new block
Bitcoin
•
•
•
•
•
•
History
Mechanism
Keys (Digitale Sleutels)
Wallet (Bitcoin portemonnee met sleutels (tot je geld))
Mining/Blockchain etc
Slot
20
Hash value explained simple (1)
•
Hash is not
•
A hash value is a “data” fingerprint.
•
Example
but more like
H(...)
03b38f16fb0ef99b63d8aca76e7942a9c
2b3f74631b56ea92aa2385e6ddfe97e
=
00000011111101010101010010101010
10101001010 …… 101010101010101
The example given here is that a color picture of size 2048x2048 » 10 million numbers is identified by one number consisting of
only 256 bits (here represented by symbols that represent groups of 4 bits). This is only 0.001% of the original size of the picture!
This and the next 6 slides on hashes are from Johan Pouwelse van de TUDelft
Hash value explained simple (2)
03b38f16fb0ef99b63d8aca76e7942a9c2b
3f74631b56ea92aa2385e6ddfe97e
=
0000001111110101010101001010101010
101001010 …… 101010101010101
256 zeroes and ones
Number of items to represent is
1077 = 100,000 x billion x billion x billion x billion x billion x billion x billion x billion
•
•
The same data always gives the same hash value.
Everyone can compute the hash value.
•
•
The likelihood that two different data yield the same hash value is negligibly small.
A small change in the data gives an enormous change in hash value.
Nevertheless, the number of data items that can be represented in this way is very large, a one followed by 77 zeroes (that is
100,000 x billion x billion x billion x billion x billion x billion x billion x billion). This is enough to number (one-by-one) all the
particles in the entire universe. The example used here is the SHA-256 hash, used in block chain. Many others exist.
Hash value explained simple (3)
•
A small change in the data gives an enormous change in hash value.
Data
Hello World
Hello World!
Hollo World
•
Hash value
a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e
7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069
736439f028c4382953e018af9d6962be7ad3ce6875f6e2d628565acea32237f9
The reverse operation – from hash to data – is impossible
4d82e738672955b8e68d95c9777ab2c121f8a20faa24e8fec3b6eb1f021f9293 è ?? original data ??
•
But if we know that the data has a certain length, for instance 2 letters, we can try all
combinations and see which one matches. This is called “brute forcing”.
This example illustrates that a small change in data produces an enormous change in the hash value. It is impossible to
compute from the hash the original data. But if we length of the original data is known, we can try all combinations and see
which one gives the right hash value.
Hash value explained simple (4)
• We seek a two-letter input whose hash is “501bdc4f8cb2ded40f4a8bdd4c452602322c7bae5db48131dbe17124c5bf769c”
Try
Computed hash value (SHA-256)
aa
d9cd8155764c3543f10fad8a480d743137466f8d55213c8eaefcd12f06d43a80
ab
a63d8014dba891345b30174df2b2a57efbb65b4f9f09b98f245d1b3192277ece
ac
e65e57cd580d50b5773636697fa5230e967c2d1ec7f4d13f2794a42401d9b1cf
ad
2e0ff40abbeb08e9762bd4ceddd29be047d60d4b315b538fe12a21fe4ed1d359
…
rv
6c0728db04b8641d63c70912286821ab572710257a747d0a98238d9c97b09895
rw
590acea881f16c26cb58d48a2fd9320f323c42ada113a5e54e28fdbbad3d62aa
rx
501bdc4f8cb2ded40f4a8bdd4c452602322c7bae5db48131dbe17124c5bf769c
ry
f2eab56402640f0758c34ab153fdb898e0a2c95fe69eeb5e2319abf64bfa7bb2
rz
9a56d2abba2f84cd935d3d07c7725dad17720247659407e63db832097a6e2c0a
…
zx
92f3129d4adbe17fdefea678b21488b6524b53658081ad6334eedb9f02a4ddd6
zy
49aabdaa1b0f6c3506f54521ef81fe5b5fe835d268f1f86e1021a342b59d43bc
zz
dc5e6f7cab235dd4b0f3882320de1d3c090a2ab202fc2514b86346a4681b0000
This example shows brute forcing: trying all 26x26 =676 combinations, we can find the data belonging to the hash value. But
the number of combinations to try grows very (exponentially) fast. For instance, for a 10-letter combination we already need
100 billion tries. Imagine what it takes to find the 2048x2028 picture belonging to a given hash value.
The nonce and hashes puzzle
•
We extend the hash calculation (e.g. SHA-256) from
“Hello World”
=
a591a6d40bf420404a011
733cfb7b190d62c65bf0bc
da32b57b277d9ad9f146e
SHA-256
48656c6c6f20576f726c64
to the quest (or puzzle) finding a number N (for “nonce”) such that
48656c6c6f20576f726c64
+
SHA-256
0000000000f420404a011
733cfb7b190d62c65bf0bc
da32b57b277d9ad9f146e
N
•
The value N should be found so that added to the input and the result subsequently
hashed, gives an hash value that starts with a prescribed number of zeroes.
The puzzle is to find a value N that – in combination (=binary addition) with the input of the hash function – gives an output
value with a certain number of leading zeroes. In this particular case 10 zeroes (out of 64 characters). Since we cannot
compute N from the input and output hash value, we need to brute force try values for N. How many to try in this example?
The nonce and hashes puzzle (2)
48656c6c6f20576f726c64
+
SHA-256
N
00000000000000000000
0000000000000000000fb
cda32b57b277d9ad9f146
e
0?????????????????
??????????????????
??????????????????
?????????
•
Simpler example: 1 leading zero:
•
•
Hence, 63 arbitrary characters.
On the average one out of every 16 hash values will start with a zero. Easy to find N,
on the average need to try 16 different values.
•
•
Next: 2 leading zeroes.
Need to try 16x16 values for N.
•
For 10 leading zeroes, need to try 16 x 16 x 16 x …x 16 = 1000 billion attempts.
00????????????????
??????????????????
??????????????????
?????????
The cryptographic puzzle becomes exponentially complex. For the case of 1 leading (hexadecimal) zero (4 zero bits), the
complexity is 24. For 2 leading hexadecimal zeroes (8 bits) 28 = 256. For 10 leading hexadecimal zeroes (40 bits) 240. We see
that the complexity of the puzzle can be controlled by setting the required number of leading zeroes.
China dominates Bitcoin mining
A future security risk to other governments?
Bitcoin
•
•
•
•
•
•
History
Mechanism
Keys (Digitale Sleutels)
Wallet (Bitcoin portemonnee met sleutels (tot je geld))
Mining/Blockchain etc
Slot
29
Bitcoin is used for crime
•
•
•
Darkmarkets,
illegal trade,
drugs,
weapons, illegal
content, murder
contracts, …
Tax evasion,
fraud, money
laundering
Ransomware
Bitcoin used for terrorism?
Bitcoin used for beer
Betaal Uw consumptie met
Uw bitcoins bij
- de penningmeester Wim of
- de secretaris Eric
32