Bitcoin Miner Optimization
|
|
- Elvin Sharp
- 7 years ago
- Views:
Transcription
1 Bitcoin Miner Optimization Nicolas T. Courtois - University College London, UK
2 Bitcoin Mining Bottom Line Bitcoin Mining = a high tech race to determine who will own the currency of the 21 century 2 Nicolas T. Courtois 2013
3 Bitcoin Mining Roadmap What is Bitcoin Mining Improvements 3 Nicolas T. Courtois 2013
4 Crypto Research at UCL 1. cryptologist and codebreaker Dr. Nicolas T. Courtois 4
5 Crypto Currencies Mining Bitcoin In A Nutshell bitocoins are cryptographic tokens, strings of bits stored by people on their PCs or mobile phones ownership is achieved through digital signatures: you have a certain cryptographic key, you have the money. publicly verifiable, only one entity can sign consensus-driven, a distributed system which has no central authority but I will not claim it is decentralized, this is simply not true! a major innovation is that financial transactions CAN be executed and policed without trusted authorities. Bitcoin is a sort of financial cooperative or a distributed business. based on self-interest: a group of some 100 K people called bitcoin miners own the bitcoin infrastructure they make money from newly created bitcoins and fees at the same time they approve and check the transactions. a distributed electronic notary system 5 Nicolas T. Courtois
6 Crypto Currencies Mining In Practice 6 Nicolas T. Courtois
7 Crypto Currencies Mining Money Transfer 7 Nicolas T. Courtois
8 Crypto Currencies Mining Is Bitcoin Money? We will NOT claim it has all the characteristics of money. it definitely has some! they are traded against traditional currencies at a number of exchanges. bitcoins are legal by default, there were some attempts to regulate them and even ban them by governments. 8 Nicolas T. Courtois
9 Who Accepts Bitcoin? 9 Nicolas T. Courtois
10 Bitcoin Mining Bitcoin Bitcoin = the most popular peer-to-peer payment and virtual currency system as of today belongs to no one, anarchy => 10 Nicolas T. Courtois 2013
11 Crypto Currencies Mining Crypto Currencies Mining 11 Nicolas T. Courtois
12 Crypto Currencies Mining Bitcoin Based on cryptography and network effects. 12 Nicolas T. Courtois
13 Crypto Currencies Mining Jan 2013-Jan => 1000 USD April 2013 MtGox 24h shutdown 13 April 2013 Digital Gold The Economist 13 Nicolas T. Courtois
14 Crypto Currencies Mining Flash Crash 10 Feb 2014 before 6AM 600 => 102 USD in a blink of an eye 14 Nicolas T. Courtois
15 Crypto Currencies Mining P2P Payment 15 Nicolas T. Courtois
16 Crypto Currencies Mining Bitcoin Network Satoshi original idea: homogenous nodes: they do the same job everybody participates equally everybody is mining a random graph 16 Nicolas T. Courtois
17 Crypto Currencies Mining The Reality is VERY Different! In violation of the original idea of Satoshi Bitcoin network has now 4 sorts of VERY DIFFERENT ENTITIES only rich people are mining upfront investment of >3000 USD. 100K active miners as of today? some full nodes : they trust no one Satoshi client a.k.a. bitcoind, version for PC, 14 Gbytes of disk space, takes 1 day to synchronize many nodes do minimal work and minimal storage, they need to trust some other network nodes many network nodes are community services and/or businesses which we need to trust, e.g. analytic tools, exchanges, lotteries, mining pools, etc. 17 Nicolas T. Courtois
18 Crypto Currencies Mining Digital Currency 18 Nicolas T. Courtois
19 Crypto Currencies Mining Digital Currency in bitcoin bank account = a certain private ECDSA key =>PK-based Currency, an important modern application of Digital Signatures! 19 Nicolas T. Courtois
20 Crypto Currencies Mining Main Problem: Avoiding this Double Spending 20 Nicolas T. Courtois
21 Crypto Currencies Mining In the Press THIS IS WRONG: SHA-256 is a cipher and provides confidentiality. Not it is a hash function and provides integrity of everything [hard to modify./cheat] "Bitcoins are encrypted": WRONG ONLY if you encrypt your wallet, not everybody does. Also can use SSL in P2P connections communications are encrypted if you use TOR 21 Nicolas T. Courtois
22 Crypto Currencies Mining Block Chain and Mining 22 Nicolas T. Courtois
23 Crypto Currencies Mining Bitcoin Mining Minting: creation of new currency. Creation+re-confirmation of older transactions data from previous transactions miner s public key RNG Ownership: policed by majority of miners : only the owner can transfer [a part of] 25 BTC produced. HASH must start with 64 zeros 23 Nicolas T. Courtois
24 Crypto Currencies Mining Block Chain Def: A transaction database shared by everyone. Also a ledger. Every transaction since ever is public. Each bitcoin piece is a union of things uniquely traced to their origin in time (cf. same as for several banknotes due to SN) 24 Nicolas T. Courtois
25 Crypto Currencies Mining Can Sb. Cancel His Transaction? Yes if he produces a longer chain with another version of the history. Very expensive, race against the whole network (the whole planet). In practice transactions cannot be reversed. 25 Nicolas T. Courtois
26 Crypto Currencies Mining Bitcoin Address 26 Nicolas T. Courtois
27 Crypto Currencies Mining A Bitcoin Address = a sort of equivalent of a bank account. 27 Nicolas T. Courtois
28 Crypto Currencies Mining H(PublicKey) +checksum 28 Nicolas T. Courtois
29 Crypto Currencies Mining Bitcoin Ownership Amounts of money are attributed to public keys. Owner of a certain Attribution to PK can at any moment transfer it to some other PK addresses. Destructive, cannot spend twice: not spent
30 Crypto Currencies Mining Fees => Miner
31 What If / Answer My private key or password is lost. I have an older backup for my wallet Password is easy guess RNG is faulty. 31 Nicolas T. Courtois
32 What If / Answer My private key or password is lost. I have an older backup for my wallet Password is easy guess RNG is faulty All money is lost, NOBODY can recover it Some money will be recovered, not all. 32 Nicolas T. Courtois
33 What If / Answer My private key or password is lost. I have an older backup for my wallet All money is lost, NOBODY can recover it Some money will be recovered, not all. Password is easy guess RNG is faulty My money will be stolen by an anonymous thief 33 Nicolas T. Courtois
34 Bitcoin Mining 34 Nicolas T. Courtois
35 Bitcoin Mining Minting: creation of new currency. Creation+re-confirmation of older transactions data from previous transactions miner s public key RNG HASH must start with 60 zeros 35 Nicolas T. Courtois
36 Bitcoin Randomization Nonce = def? Which arrow? data from previous transactions miner s public key RNG HASH must start with 60 zeros 36 Nicolas T. Courtois
37 Bitcoin Mining Minting: creation of new currency. Creation+re-confirmation of older transactions data from previous transactions miner s public key RNG Random Oracle like mechanism. What???????????????? HASH must start with 60 zeros 37 Nicolas T. Courtois
38 Bitcoin Mining Minting: creation of new currency. Creation+re-confirmation of older transactions data from previous transactions miner s public key RNG Random Oracle like mechanism Means: treat as a DETERMINISTIC black box which answers at random. HASH YES it is must start with 60 zeros 38 Nicolas T. Courtois
39 Bitcoin Mining Minting: creation of new currency. Creation+re-confirmation of older transactions data from previous transactions miner s public key RNG Random Oracle like mechanism Means: treat as a DETERMINISTIC black box which answers at random. HASH YES it is, However now I m going to show it isn t. Marginal improvement (a constant factor). 39 Nicolas T. Courtois must start with 60 zeros
40 1. CPU Mining Five Generations of Miners Example: Core i5 2600K, 17.3 Mh/s, 8threads, 75W CPU = about 4000 W / Gh/s 40 Nicolas T. Courtois
41 2. GPU Mining Five Generations of Miners Example: NVIDIA Quadro NVS 3100M, 16 cores, 3.6 Mh/s, 14W CPU = about 4000 W / Gh/s, in this case GPU = about 4000 W / Gh/s, in this case Who said GPU was better than CPU? Not always. 41 Nicolas T. Courtois
42 3. FPGA Mining Five Generations of Miners Example: ModMiner Quad, 4 FPGA chips, 800 Mh/s, 40W CPU,GPU = about 4000 W / Gh/s FPGA = about 50 W / Gh/s, in this case 42 Nicolas T. Courtois
43 3. FPGA Mining Five Generations of Miners Example: ModMiner Quad, 4 FPGA chips, 800 Mh/s, 40W CPU,GPU = about 4000 W / Gh/s FPGA = about 50 W / Gh/s 100x less energy. 43 Nicolas T. Courtois
44 FPGA: 100x less energy. Five Generations of Miners Still much less with ASIC: Good points: asynchronous logic, arbitrary gates, etc.. Drawback: hard to update! Another times improvement. (100x is cheating: I was comparing one 28 nm ASIC to one 45 nm FPGA) 44 Nicolas T. Courtois
45 4. ASIC Miners Five Generations of Miners CPU,GPU = about 4000 W / Gh/s FPGA = about 50 W / Gh/s ASIC = now down to 0.35 W / Gh/s Overall we have improved the efficiency 10,000 times since Satoshi started mining in early Nicolas T. Courtois
46 5. Quantum Miners???? Five Generations of Miners? 46 Nicolas T. Courtois
47 ASICs Comparison 3.2 W By power / Gh/s 0.35 W low power mode 1 W cf. 47 Nicolas T. Courtois W
48 Criminal Scams See bitcoinscammers.com
49 Bitcoin And Hash Functions 49 Nicolas T. Courtois
50 Crypto Currencies Mining arxiv.org/abs/ Our Paper: 50
51 hashed data from previous transactions Mining Overview 3x SHA-256 compression Goal: find a valid pair (merkle_root, nonce) which gives 60 bits at 0 in H2 CISO Problem: Constrained Input Small Output 51 Nicolas T. Courtois
52 hashed data from previous transactions Mining Internals
53 Bitcoin Hash Functions And Block Ciphers (!) 53 Nicolas T. Courtois
54 SHA-256 Compression Function block cipher Davies-Meyer cf. Pieprzyk, Matusiewicz et al.
55 Fact: The process of BitCoin Mining is no different than a brute force attack on a block cipher: Apply the same box many times, with different keys Here the block cipher is a part of a hash function but it does NOT matter. 98% of computational effort is evaluating this block cipher box with various keys and various inputs Like a random oracle. PLAIN BLOCK KEY 55 Nicolas T. Courtois CIPHER
56 Davies-Meyer Transforms a block cipher into a hash function. In SHA-256 we have: block size=256, 64 rounds, key size=256 expanded 4x. IV or last hash message block M_i PLAIN CIPHER KEY 56 Nicolas T. Courtois HASH
57 ***One Round of SHA-256 cf. Pieprzyk, Matusiewicz et al.
58 Optimising Mining (38% gain) 58 Nicolas T. Courtois
59 Hashing Block of 300+ Bits padding added cf. Pieprzyk, Matusiewicz et al.
60 Hashing Block of 300+ Bits padding added cf. Pieprzyk, Matusiewicz et al.
61 Padding
62 + Second Hash
63 Inputs
64 Davies-Meyer
65 hashed data from previous transactions Mining Internals
66 Improvement 1 Amortized Cost(H0)=0
67 Improvement 2 Gains 3 Rounds At the End
68 Improvement 3 Gains 3 Rounds At the Beginning they do NOT depend on the nonce
69 Improvement 4 Incremental Computation
70 Improvement 4 - contd Incremental Computation 1 increment instead of 400 gates.
71 Improvement 5 Gains 18 Additions 3600 gates
72 Improvement 6 Saving 2 More Additions 400 gates with Hard Coding AND SAVE LIKE HALF of the next addition! (addition with a constant = cheaper, depends on the constant, needs a sort of compiler, slowly changing)
73 Crypto Currencies Mining Message Schedule => just copy for 16 R non-trivial part
74 Message Schedule
75 Improvement 7 - Fact: Some early values do NOT yet depend on the nonce. In H1 computation only (left column).
76 Improvement 7 3 more 2 more 32-bit additions are saved by hard coding, and more for the next addition (again, adding a constant, depends on the constant, average cost maybe saving another 1? addition). Some 600 extra gates saved.
77 Improvement 8 1 More Incremental nonce We have:
78 Optimising The Mining
79 Future Dan Kaminsky 79 Nicolas T. Courtois
80 San Diego Bitcoin Conference May 2013 Earlier he said that he has no stakes in this game. Then at minute 40 he claims that the current Bitcoin Proof of Work function based on SHA-256 will not survive the year (to be replaced before end of 2013). He says that assigns zero percent probability that we will continue with the present POW function. Back to CPU mining.
81 SHA-256 to be phased out? HOWEVER: NOBODY OWNS BITCOIN We claim the contrary: any attempt to change the POW is close to impossible to enforce AND if mandated by some group of people, it will lead to a SPLIT IN THE BITCOIN COMMUNITY. An organised divorce of people and software developers who will be running two separate block chain versions.
82 Crypto Currencies Mining Mining In Pools 82 Nicolas T. Courtois
83 Crypto Currencies Mining Why Pools? Reason 1. To smooth the gains: Instead of waiting 1 year to get 25 BTC, why not get a little money every day? Reason 2. Huge Incertitudes: Law Of Bitcoin Minining: It follows the Poisson Distribution. VERY STRESSFUL. Cannot sleep at night.
84 Crypto Currencies Mining Major Pools In Existence Miners tend to flock to the largest pools.
85 Crypto Currencies Mining Pools Operation Question: but is there a fair and secure implementation? Answer: Probably There Isn t. Typically miners with a private key not known to individual miners!. In theory the pool manager could steal the money. Must be trusted. risk is mitigated by frequent pay-outs
86 Crypto Currencies Mining Bitcoin Share A proof of effort: allows one to be paid. =def= A hash starting with 32 zeros (one in 2 32 hashes). B0 64 zeros 32 zeros reward paid
87 Crypto Currencies Mining Bitcoin Share A proof of effort: allows one to be paid. =def= A hash starting with 32 zeros (one in 2 32 hashes). B0 64 zeros 32 zeros reward paid much later, after 2 41 shares have been found B0 64 zeros B1 64 zeros new block
88 Crypto Currencies Mining Attacks: Pool Hopping Attack 88 Nicolas T. Courtois
89 Crypto Currencies Mining Pool Hopping Main Idea If a miner mines in a pool in which a lot of shares have already been submitted and no block has yet been found, he will gain less in expectation because the reward will be shared with the miners who have contributed to this pool. Therefore at a certain moment it may be profitable to stop Therefore at a certain moment it may be profitable to stop mining in this pool and contribute elsewhere (reward will be shared with less people).
90 Crypto Currencies Mining Selfish Mining and Block Discarding Attacks [2013] 90 Nicolas T. Courtois
91 Crypto Currencies Mining Selfish Mining Attacks Proposed independently by Eyal-Sirer [Cornell] and also by Bahack [Open Univ. of Israel] in Very famous, bitcoin is broken etc In fact this is a very theoretical attack, most probably without a lot of practical importance It relies entirely on rare events, most of the time there is no advantage to the attacker.
92 Crypto Currencies Mining Selfish Mining Attacks Assumption 1: If there is the longest chain in the bitcoin blockchain, everybody mines on it. Called consensus Doing otherwise would be really stupid.
93 Crypto Currencies Mining Assumption 2: Selfish Mining Attacks At any moment during the attack there are up to two competitive public branches one of which can have a secret extension. we have either just one branch (with possibly a secret extension by the attacker s) or a public fork with two branches of equal depth k in the case of a fork one branch is composed solely of honest miner's blocks and the other is composed solely of attacker's blocks (which at moments can have a secret extension).
94 Crypto Currencies Mining Selective Disclosure Attackers keep their blocks secret for some time, in order to make the honest majority lose energy mining on obsolete blocks. However when other find a block, subversive miners disclose their ASAP. Known to them A BIT earlier. Small advantage.
95 Crypto Currencies Mining Overall Result Subversive miners can earn a bit more. Not a big deal. later wasted e.g. Remark[Courtois] this attack is all about events which almost never happen in the current bitcoin network. Unlikely to get very significant
96 Crypto Currencies Mining Our New Paper [2014] 96 Nicolas T. Courtois
97 Crypto Currencies Mining Block Withholding Attacks Cf. Nicolas Courtois, Lear Bahack: On Subversive Miner Strategies and Block Withholding Attack in Bitcoin Digital Currency
98 Crypto Currencies Mining Main Result We revisit a known idea: block withholding. The miners mine in pools, they report shares but in (very rare) case when they find the winning tickets. We show that this attack cannot be detected, not even in theory. We show that for very large pools, it will be visible, but nobody can say who is responsible. This attack was known [Rosenfeld] and in the initial version the subversive miners gained nothing: everybody lost.
99 Crypto Currencies Mining Our Block Withholding Attack We propose a better version, in which subversive miners DO get more than their fair share. It is very simple: 50 % of subversive miners withhold blocks they fin 50 % mine solo normally (or in other pools). We show that: split maximizes the gain. We claim that this simple attack is by far more practical and more realistic than the Cornell attack [1000s of press reports].
Distributed Public Key Infrastructure via the Blockchain. Sean Pearl smp1697@cs.rit.edu April 28, 2015
Distributed Public Key Infrastructure via the Blockchain Sean Pearl smp1697@cs.rit.edu April 28, 2015 Overview Motivation: Electronic Money Example TTP: PayPal Bitcoin (BTC) Background Structure Other
More informationBitIodine: extracting intelligence from the Bitcoin network
BitIodine: extracting intelligence from the Bitcoin network Michele Spagnuolo http://miki.it michele@spagnuolo.me @mikispag Bitcoin BitIodine About Bitcoin Decentralized, global digital currency A global
More informationBitcoin Thief Tutorial
The complete Bitcoin Thief Tutorial SESSION ID: HTA-R02 Uri Rivner Head of Cyber Strategy BioCatch Etay Maor PMM Cyber Trusteer, an IBM Company The first few things you should know about Bitcoin Most people
More informationCryptographic aspects of Bitcoin
Cryptographic aspects of Bitcoin Stefan Dziembowski University of Warsaw Digital vs. paper currencies Paper: Digital: 16fab13fc6890 Very useful if is also digital. A tradi@onal ways of paying digitally
More informationBitcoin Storage Security Survey:
Bitcoin Storage Security Survey: Wallets Cold Storage BIP032 Nicolas T. Courtois - University College London, UK Security of Bitcoin 1. cryptologist and codebreaker Dr. Nicolas T. Courtois 2. payment and
More information2. Elections We define an electronic vote as a chain of digital signatures. Each owner transfers the vote to the candidate or legislation by digitally
Abstract A purely peer to peer version of electronic vote would allow online votes to be sent directly from one party to another without going through a central voting register. Digital signatures provide
More informationOrwell. From Bitcoin to secure Domain Name System
Orwell. From Bitcoin to secure Domain Name System Michał Jabczyński, Michał Szychowiak Poznań University of Technology Piotrowo 2, 60-965 Poznań, Poland {Michal.Jabczynski, Michal.Szychowiak}@put.poznan.pl
More informationChristoph Sorge. February 12th, 2014 Bitcoin minisymposium at KNAW
Bitcoin s Peer-to-Peer network Christoph Sorge February 12th, 2014 Bitcoin minisymposium at KNAW Clipart source: http://openclipart.org, users Machovka and Keistutis Department of Computer Science What
More informationIntroduction to Bitcoin Mining
A Guide For Gamers, Geeks, and Everyone Else by David R. Sterry If you find this ebook useful and would like to see it extended, send donations to 1i2mRogbNByFLxuhD7HtjxDut8GDPnmYj For the most recent
More informationBitcoin: Concepts, Practice, and Research Directions
Bitcoin: Concepts, Practice, and Research Directions Ittay Eyal, Emin Gün Sirer Computer Science, Cornell University DISC Bitcoin Tutorial, October 2014 Barter Gold Fiat 2 Barter Gold Fiat Bitcoin 2008:
More informationAuthentication requirement Authentication function MAC Hash function Security of
UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy
More informationMore information >>> HERE <<<
More information >>> HERE http://urlzz.org/bitcoinwa/pdx/ftpl1585/ Tags: review bitcoin wealth alliance, ## download, buy
More informationBitcoin: Regulations and Legal Risks for a New Virtual Currency
Bitcoin: Regulations and Legal Risks for a New Virtual Currency Presented by: John Casey and Adam Holbrook Copyright 2014 by K&L Gates LLP. All rights reserved. GOALS Learn to speak the Bitcoin language:
More informationNetwork Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering
Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:
More informationAn Analysis of the Bitcoin Electronic Cash System
An Analysis of the Bitcoin Electronic Cash System Danielle Drainville University of Waterloo December 21, 2012 1 Abstract In a world that relies heavily on technology, privacy is sought by many. Privacy,
More informationAsicBoost A Speedup for Bitcoin Mining
AsicBoost A Speedup for Bitcoin Mining Dr. Timo Hanke March 31, 2016 (rev. 5) Abstract. AsicBoost is a method to speed up Bitcoin mining by a factor of approximately 20%. The performance gain is achieved
More informationBuilding an Anonymous Public Storage Utility Wesley Leggette Cleversafe
Building an Anonymous Public Storage Utility Wesley Leggette Cleversafe Utility Storage r Many different target audiences r Business r Content distribution r Off-site backup r Archival r Consumer r Content
More informationAuditing a Web Application. Brad Ruppert. SANS Technology Institute GWAS Presentation 1
Auditing a Web Application Brad Ruppert SANS Technology Institute GWAS Presentation 1 Objectives Define why application vulnerabilities exist Address Auditing Approach Discuss Information Interfaces Walk
More informationLecture 9 - Message Authentication Codes
Lecture 9 - Message Authentication Codes Boaz Barak March 1, 2010 Reading: Boneh-Shoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,
More informationThe Dark Web. Steven M. Bellovin March 21, 2016 1
The Dark Web Steven M. Bellovin March 21, 2016 1 Tor and the Dark Web There are ways to use the Internet (almost) untraceably This can be used for good purposes or bad purposes Two technologies are necessary,
More informationBitcoin: A Peer-to-Peer Electronic Cash System
Bitcoin: A Peer-to-Peer Electronic Cash System Satoshi Nakamoto satoshin@gmx.com www.bitcoin.org Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly
More informationConnected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
More informationLecture 2: Complexity Theory Review and Interactive Proofs
600.641 Special Topics in Theoretical Cryptography January 23, 2007 Lecture 2: Complexity Theory Review and Interactive Proofs Instructor: Susan Hohenberger Scribe: Karyn Benson 1 Introduction to Cryptography
More informationCryptography & Digital Signatures
Cryptography & Digital Signatures CS 594 Special Topics/Kent Law School: Computer and Network Privacy and Security: Ethical, Legal, and Technical Consideration Prof. Sloan s Slides, 2007, 2008 Robert H.
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationmsigna Getting Started
msigna Getting Started Thank you for deciding to try msigna, the most powerful secure cryptocoin storage solution available. We think you will enjoy using msigna as it is, but it is still a product under
More informationPayment systems. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2015
Payment systems Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2015 Outline 1. Card payment 2. (Anonymous digital cash) 3. Bitcoin 2 CARD PAYMENT 3 Bank cards Credit or debit card
More informationRecipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory
Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Tom Olzak October 2007 If your business is like mine, laptops regularly disappear. Until recently, centrally managed
More informationIPsec Details 1 / 43. IPsec Details
Header (AH) AH Layout Other AH Fields Mutable Parts of the IP Header What is an SPI? What s an SA? Encapsulating Security Payload (ESP) ESP Layout Padding Using ESP IPsec and Firewalls IPsec and the DNS
More informationEnova X-Wall LX Frequently Asked Questions
Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)
More informationSia: Simple Decentralized Storage
Sia: Simple Decentralized Storage David Vorick Nebulous Inc. david@nebulouslabs.com Luke Champine Nebulous Inc. luke@nebulouslabs.com November 29, 2014 Abstract The authors introduce Sia, a platform for
More informationWIRELESS LAN SECURITY FUNDAMENTALS
WIRELESS LAN SECURITY FUNDAMENTALS Jone Ostebo November 2015 #ATM15ANZ @ArubaANZ Learning Goals Authentication with 802.1X But first: We need to understand some PKI And before that, we need a cryptography
More informationMOMENTUM - A MEMORY-HARD PROOF-OF-WORK VIA FINDING BIRTHDAY COLLISIONS. DANIEL LARIMER dlarimer@invictus-innovations.com Invictus Innovations, Inc
MOMENTUM - A MEMORY-HARD PROOF-OF-WORK VIA FINDING BIRTHDAY COLLISIONS DANIEL LARIMER dlarimer@invictus-innovations.com Invictus Innovations, Inc ABSTRACT. We introduce the concept of memory-hard proof-of-work
More informationPrinceton University Computer Science COS 432: Information Security (Fall 2013)
Princeton University Computer Science COS 432: Information Security (Fall 2013) This test has 13 questions worth a total of 50 points. That s a lot of questions. Work through the ones you re comfortable
More informationOutline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg
Outline CSc 466/566 Computer Security 8 : Cryptography Digital Signatures Version: 2012/02/27 16:07:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationUsing the Bitcoin Blockchain for secure, independently verifiable, electronic votes. Pierre Noizat - July 2014
Using the Bitcoin Blockchain for secure, independently verifiable, electronic votes. Pierre Noizat - July 2014 The problem with proprietary voting systems Existing electronic voting systems all suffer
More informationA Probabilistic Quantum Key Transfer Protocol
A Probabilistic Quantum Key Transfer Protocol Abhishek Parakh Nebraska University Center for Information Assurance University of Nebraska at Omaha Omaha, NE 6818 Email: aparakh@unomaha.edu August 9, 01
More informationNetwork Security (2) CPSC 441 Department of Computer Science University of Calgary
Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate
More informationBitsquare arbitration system
Bitsquare arbitration system Version 1.0 (last edited: January 03 2016) Arbitrator selection 1 The user must select at least one arbitrator when doing a trade. He can only select among arbitrators with
More informationElectronic Payments. EITN40 - Advanced Web Security
Electronic Payments EITN40 - Advanced Web Security 1 Card transactions Card-Present Smart Cards Card-Not-Present SET 3D Secure Untraceable E-Cash Micropayments Payword Electronic Lottery Tickets Peppercoin
More informationHigh Security Online Backup. A Cyphertite White Paper February, 2013. Cloud-Based Backup Storage Threat Models
A Cyphertite White Paper February, 2013 Cloud-Based Backup Storage Threat Models PG. 1 Definition of Terms Secrets Passphrase: The secrets passphrase is the passphrase used to decrypt the 2 encrypted 256-bit
More informationWhy Cryptosystems Fail. By Ahmed HajYasien
Why Cryptosystems Fail By Ahmed HajYasien CS755 Introduction and Motivation Cryptography was originally a preserve of governments; military and diplomatic organisations used it to keep messages secret.
More informationLab 11. Simulations. The Concept
Lab 11 Simulations In this lab you ll learn how to create simulations to provide approximate answers to probability questions. We ll make use of a particular kind of structure, called a box model, that
More informationVictor Shoup Avi Rubin. fshoup,rubing@bellcore.com. Abstract
Session Key Distribution Using Smart Cards Victor Shoup Avi Rubin Bellcore, 445 South St., Morristown, NJ 07960 fshoup,rubing@bellcore.com Abstract In this paper, we investigate a method by which smart
More informationThe Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems
More informationWhy buy when you can rent? Bribery attacks on Bitcoin-style consensus
Why buy when you can rent? Bribery attacks on Bitcoin-style consensus Joseph Bonneau Stanford University & Electronic Frontier Foundation Abstract. The Bitcoin cryptocurrency introduced a novel distributed
More informationSECURE USB FLASH DRIVE. Non-Proprietary Security Policy
SECURE USB FLASH DRIVE Non-Proprietary Security Policy FIPS 140-2 SECURITY POLICY VERSION 9 Page 1 of 10 Definitions and Acronyms AES Advanced Encryption Standard CBC Cipher Block Chaining CRC Cyclic Redundancy
More informationCryptography and Key Management Basics
Cryptography and Key Management Basics Erik Zenner Technical University Denmark (DTU) Institute for Mathematics e.zenner@mat.dtu.dk DTU, Oct. 23, 2007 Erik Zenner (DTU-MAT) Cryptography and Key Management
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More information101 Roulette Winning tips
101 Roulette Winning tips The truth about the most popular roulette systems sold online and which ones to avoid... I have been playing and buying roulette systems for many years and I am often asked for
More informationFIPS 140 2 Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive
FIPS 140 2 Non Proprietary Security Policy Kingston Technology Company, Inc. DataTraveler DT4000 G2 Series USB Flash Drive Document Version 1.8 December 3, 2014 Document Version 1.8 Kingston Technology
More informationHash Function JH and the NIST SHA3 Hash Competition
Hash Function JH and the NIST SHA3 Hash Competition Hongjun Wu Nanyang Technological University Presented at ACNS 2012 1 Introduction to Hash Function Hash Function Design Basics Hash function JH Design
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationBitcoin and Beyond: The Possibilities and Pitfalls of Virtual Currencies
Bitcoin and Beyond: The Possibilities and Pitfalls of Virtual Currencies David Andolfatto* Vice President Federal Reserve Bank of St. Louis March 31, 2014 *The views and opinions expressed here are my
More informationKarsten Nohl, karsten@srlabs.de. Breaking GSM phone privacy
arsten Nohl, karsten@srlabs.de Breaking GSM phone privacy GSM is global, omnipresent and wants to be hacked 80% of mobile phone market 200+ countries 5 billion users! GSM encryption introduced in 1987
More informationSecureCom Mobile s mission is to help people keep their private communication private.
About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationFull Drive Encryption Security Problem Definition - Encryption Engine
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 Full Drive Encryption Security Problem Definition - Encryption Engine Introduction for the FDE Collaborative Protection Profiles
More informationRecoverable Encryption through Noised Secret over Large Cloud
Recoverable Encryption through Noised Secret over Large Cloud Sushil Jajodia 1, W. Litwin 2 & Th. Schwarz 3 1 George Mason University, Fairfax, VA {jajodia@gmu.edu} 2 Université Paris Dauphine, Lamsade
More informationCryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur
Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Module No. # 01 Lecture No. # 05 Classic Cryptosystems (Refer Slide Time: 00:42)
More informationSubmitedBy: Name Reg No Email Address. Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se
SubmitedBy: Name Reg No Email Address Mirza Kashif Abrar 790604-T079 kasmir07 (at) student.hh.se Abid Hussain 780927-T039 abihus07 (at) student.hh.se Imran Ahmad Khan 770630-T053 imrakh07 (at) student.hh.se
More informationSPINS: Security Protocols for Sensor Networks
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, J.D. Tygar, Victor Wen, and David Culler Department of Electrical Engineering & Computer Sciences, University of California
More informationBlockchain, Throughput, and Big Data Trent McConaghy
Blockchain, Throughput, and Big Data Trent McConaghy Bitcoin Startups Berlin Oct 28, 2014 Conclusion Outline Throughput numbers Big data Consensus algorithms ACID Blockchain Big data? Throughput numbers
More informationCryptographic Hash Functions Message Authentication Digital Signatures
Cryptographic Hash Functions Message Authentication Digital Signatures Abstract We will discuss Cryptographic hash functions Message authentication codes HMAC and CBC-MAC Digital signatures 2 Encryption/Decryption
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure Email
CS 393 Network Security Nasir Memon Polytechnic University Module 11 Secure Email Course Logistics HW 5 due Thursday Graded exams returned and discussed. Read Chapter 5 of text 4/2/02 Module 11 - Secure
More informationSecurity in Electronic Payment Systems
Security in Electronic Payment Systems Jan L. Camenisch, Jean-Marc Piveteau, Markus A. Stadler Institute for Theoretical Computer Science, ETH Zurich, CH-8092 Zurich e-mail: {camenisch, stadler}@inf.ethz.ch
More information10 Hidden IT Risks That Might Threaten Your Law Firm
(Plus 1 Fast Way to Find Them) Your law firm depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 13
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 13 Some More Secure Channel Issues Outline In the course we have yet only seen catastrophic
More informationPeer-to-peer Cooperative Backup System
Peer-to-peer Cooperative Backup System Sameh Elnikety Mark Lillibridge Mike Burrows Rice University Compaq SRC Microsoft Research Abstract This paper presents the design and implementation of a novel backup
More informationThe World of Emerging Payment Systems A Brief Introduction
The World of Emerging Payment Systems A Brief Introduction Joseph M. Vincent Director of Regulatory & Legal Affairs Washington State Department of Financial Institutions Presentation to Financial Management
More informationCoinAMI Coin-Application Mediator Interface
Bilkent University Department of Computer Engineering CoinAMI Coin-Application Mediator Interface Supervisor Can Alkan Members Ahmet Kerim Şenol Alper Gündoğdu Halil İbrahim Özercan Muhammed Yusuf Özkaya
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationAuthentication and Security in Mobile Phones
Authentication and Security in Mobile Phones Greg Rose QUALCOMM Australia ggr@qualcomm.com ABSTRACT Mobile telephone systems have a checkered reputation regarding security and authentication features after
More informationCOINSPARK ASSET ISSUE AGREEMENT. Issuer An example retailer Legal name of the issuer.
COINSPARK ASSET ISSUE AGREEMENT ISSUE DETAILS Variable Name Value Explanation CoinSpark Asset Coupons for CoinSpark Asset Demonstration Full display name of the CoinSpark Asset. Issuer An example retailer
More informationSecurity Mechanisms in Bitcoin
Security Mechanisms in Bitcoin Henrik Lovén Joakim Valberg Email: {henlo585, joava054}@student.liu.se Supervisor: Ulf Kargén, {ulf.kargen@liu.se} Project Report for Information Security Course Linköpings
More information1.2 Using the GPG Gen key Command
Creating Your Personal Key Pair GPG uses public key cryptography for encrypting and signing messages. Public key cryptography involves your public key which is distributed to the public and is used to
More informationSSL A discussion of the Secure Socket Layer
www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record
More informationFilecoin: A Cryptocurrency Operated File Storage Network
Filecoin: A Cryptocurrency Operated File Storage Network 1e96a1b27a6cb85df68d728cf3695b0c46dbd44d filecoin.io July 15, 2014 Abstract Filecoin is a distributed electronic currency similar to Bitcoin. Unlike
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationIronKey Data Encryption Methods
IronKey Data Encryption Methods An IronKey Technical Brief November 2007 Information Depth:Technical Introduction IronKey is dedicated to building the world s most secure fl ash drives. Our dedication
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationName: 1. CS372H: Spring 2009 Final Exam
Name: 1 Instructions CS372H: Spring 2009 Final Exam This exam is closed book and notes with one exception: you may bring and refer to a 1-sided 8.5x11- inch piece of paper printed with a 10-point or larger
More informationNetwork Security: Secret Key Cryptography
1 Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York schulzrinne@cs.columbia.edu Columbia University, Fall 2000 c 1999-2000, Henning Schulzrinne Last modified September
More informationHacking Mifare Classic Cards. Márcio Almeida (marcioalma@gmail.com)
Hacking Mifare Classic Cards Márcio Almeida (marcioalma@gmail.com) !! DISCLAIMERS!! Disclaimer 1: The content of this presentation results from independent research conducted by me on my own time and of
More informationAuthentication. Computer Security. Authentication of People. High Quality Key. process of reliably verifying identity verification techniques
Computer Security process of reliably verifying identity verification techniques what you know (eg., passwords, crypto key) what you have (eg., keycards, embedded crypto) what you are (eg., biometric information)
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationTerms of Service and Use
Terms of Service and Use This Website and its related services are owned and operated by Pipchain South Africa You acknowledge that any use of this Website and any use of our Services (except for API services
More informationSecure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really?
Secure Password Managers and Military-Grade Encryption on Smartphones: Oh, Really? Andrey Belenko and Dmitry Sklyarov Elcomsoft Co. Ltd. {a.belenko,d.sklyarov} @ elcomsoft.com 1 Agenda Authentication:
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationCryptography and Network Security Chapter 12
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 12 Message Authentication Codes At cats' green on the Sunday he
More informationEECS 588: Computer and Network Security. Introduction
EECS 588: Computer and Network Security Introduction January 13, 2014 Today s Cass Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade
More informationTHE ROULETTE BIAS SYSTEM
1 THE ROULETTE BIAS SYSTEM Please note that all information is provided as is and no guarantees are given whatsoever as to the amount of profit you will make if you use this system. Neither the seller
More informationAdopting Agile Testing
Adopting Agile Testing A Borland Agile Testing White Paper August 2012 Executive Summary More and more companies are adopting Agile methods as a flexible way to introduce new software products. An important
More informationLab 7. Answer. Figure 1
Lab 7 1. For each of the first 8 Ethernet frames, specify the source of the frame (client or server), determine the number of SSL records that are included in the frame, and list the SSL record types that
More informationUNDERSTANDING COMPUTER FORENSICS. Doug White, PhD, CISSP, CCE Security Assurance Studies Roger Williams University
UNDERSTANDING COMPUTER FORENSICS Doug White, PhD, CISSP, CCE Security Assurance Studies Roger Williams University 2008 Secure Tec chnology, LLC. LET S TALK ABOUT SERIAL KILLERS BTK A serial killer who
More informationscalability for Bitcoin Jeremy Clark Concordia Institute for Information Systems Engineering
user scalability for Bitcoin Jeremy Clark Concordia Institute for Information Systems Engineering Time Stamping Prediction Markets Anonymity Solvency Usability History & SoK Time Stamping Prediction Markets
More informationHash Functions. Integrity checks
Hash Functions EJ Jung slide 1 Integrity checks Integrity vs. Confidentiality! Integrity: attacker cannot tamper with message! Encryption may not guarantee integrity! Intuition: attacker may able to modify
More information