SlideShare a Scribd company logo
Some Thoughts On Bitcoin Dan Kaminsky
If You’re Smart Leave the room right now “Bitcoin turns nerd forums into libertarian forums” This is true Bitcoin is a particularly effective DoS against security professionals Why?
Security Inversion Normal Code Looks like it might be OK up front Scratch the surface, it’s actually really bad BitCoin Looks really bad up front Scratch the surface, it’s actually surprisingly good We aren’t used to systems with these characteristics This code has the mark of having been audited by People Like Us And quants
The basic summary BitCoin is absolutely not anonymous BitCoin clearly does not scale In the long term It does work for now though This isn’t 0day stuff, this is basically declared almost entirely up front
What Is BitCoin A really strange use of cryptography “Strange” is not a sufficient, interesting, or even vaguely competent way to mark a system as insecure It’s a decent way to say “this is not the normal way things are put together” Two systems mated together A peer to peer network that does a best case effort to synchronize data (loose “transactions” and solved “blocks”) across as many nodes as possible A Chinese Lottery that canonicalizes subsets of synchronized data, using the difficulty of finding partial hash collisions
The Basic Idea (In A Nutshell) 1) I’m hearing about all these transactions going on – Alice is paying Bob, Bob is paying Charlie, etc 2) I hash all the transactions I’ve heard about, with some random information, and the hash of the last time someone did that, until there’s a partial collision First n bits equals 0 N is automatically determined based on how hard it has to be for one block to be found about every 10 minutes This is a block 3) I send everyone my “block” – transactions plus hash of previous block plus random data.  This gives me 50 bitcoins (for now). 4) I can now “sign over” those bitcoins, from my private key, to other people’s (or my) public key. 5) Repeat until there’s lots of people with lots of BitCoins Possibly purchased instead of “mined”
Interesting Traits The basic concept is actually relatively solid Assuming partial collisions are predictably hard to find Assuming ECDSA works Basic Idea 1:  Money can’t be created from nothing – hashing is needed Basic Idea 2:  Transactions can’t be blocked or reversed by a central entity – “is none” It makes security engineers talk like monetary scientists That’s sort of OK, economists pretend to do that too… Seriously, that’s silly– lets just talk tech, OK?
Epic Scalability Quote 1(https://en.bitcoin.it/wiki/Scalability) “The core BitCoin network can scale to very high transaction rates assuming a distributed version of the node software is built. This would not be very complicated.” Because there’s nothing easier to do, than make a system distributed This is totally not one of the Hard Problems Of Computer Science By “Distributed” they mean “Centralized” WhyBitCoin is uniquely hard to audit It claims the advantages of its present architecture, and its future architecture, while rebutting the disadvantages of one with the advantages of the other Instead of saying, “We don’t do that”, they say “Something else could do that”
Scalability Costs:  Network Bandwidth “Let's assume an average rate of 2000tps, so just VISA…. Shifting 60 gigabytes of data in, say, 60 seconds means an average rate of 1 gigabyte per second, or 8 gigabits per second.” :O
Up and Down Going up “Let's take 4,000 tps as starting goal. Obviously if we want BitCoin to scale to all economic transactions worldwide, including cash, it'd be a lot higher than that, perhaps more in the region of a few hundred thousand transactions/sec.”  And the need to be able to withstand DoS attacks (which VISA does not have to deal with) implies we would want to scale far beyond the standard peak rates. TB/sec Going down Even at 1/100th of VISA, that’s still 10MB/sec
Are There Future Optimizations? “Because nodes are very likely to have already seen a transaction when it was first broadcast, this means the size of a block to download would be trivial (80 bytes + 32 bytes per transaction). If a node didn't see a transaction broadcast, it can ask the connected node to provide it.” Potential 50% savings! Could go from 1GB to 500MB/sec
What About Storage? In order to validate a transaction, you need all blocks up to the present one Joining BitCoin today == downloading 200+MB history all the way to the start of time That only increases “ A 3 terabyte hard disk costs less than $200 today and will be cheaper still in future, so you'd need one such disk for every 21 days of operation (at 1gb per block).” So you get to participate directly in BitCoin, at the low low cost of $200 a month Assuming zero costs of running a storage array
CPU?  ”A network node capable of keeping up with VISA would need roughly 50 cores + whatever is used for mining (done by separate machines/GPUs).” In the long run, that’s what it takes to participate (assuming no DoS, which would take 5000 cores) (You actually need to validate all historical transactions too)
OK, so you end up with supernodes and normal nodes What are the characteristics of supernodes? They’re banks “Welcome to the new boss, who looks suspiciously like the old boss” I’m not saying banks are bad or anything The “peer to peer” model of BitCoin eventually goes away; as soon as the thing gets big, the entire thing switches to a banking model
Reality of Banking As the network gets bigger, fewer and fewer nodes can be banks Only so many parties can exchange a gigabyte a second. The 50% threshold is inevitable BitCoin banks still can’t gin up money BitCoin banks can’t forcibly take money Unless they hold the private keys for the user, which they might BitCoin banks can refuse to accept blocks with “undesirable” transactions Don’t need 50% -- just need enough to inconvenience 50% to accept your opinion Can block undesirable transactions Can recompute blocks w/o certain transactions (reversal) This offers a host of ugly semantics
Already Suffering This BitCoin’s security model is base on the idea that nobody can control more than 50% of the network Exact PetaFlop count unclear, but >40 and <200 Weird metric, given that crypto uses integer operations when FLOPS are floating point Several times more than largest supercomputer Pools are breaking this #1 pool has 41% #2 pool has 30% “Security through ostracism” to Pitchfork Security DDoS against #1 pool
Bad Choice Of Hash Standard Existing model can be accelerated massively with GPUs Just 2x SHA-256 Could have been bcrypt or the like, in which performance does not scale with pure processing speed Basically adds memory and serialization dependencies Wasn’t implemented, so now we have shortages of GPUs…
What About Anonymity? The full worldwide transaction history is stored and shared, forever and ever Everyone has names like: 1MQbbWUi2scKdZ4KtMMSUSvVmxi6XtEeaC How do you know who you’re paying?  You don’t Everyone is encouraged to make up new names for every transaction Actually how you can tell why someone is paying you Out of band, you tell someone “to pay me, pay this address” When that address is paid, you can dereference to your own private transaction Do lots of random names equal anonymity?
Names Are Linkable (see blockexplorer.com) All FROM sources are effectively the same person (or linked IDs) Almost all TO destinations are payee and payor
Reality of Anonymity As BitCoin “fights fragmentation”, it merges identities As it merges identities, it…well, merges identities There are other models of using BitCoin in which money goes in, stays, and then presumably goes back out Again, it’s amazing how much this looks like a bank. Not saying banks are bad, just don’t tell me BitCoin doesn’t morph into the banking system
So, with this all being said BitCoin is working, today That counts for a lot It will not work this way forever It will not have today’s security properties forever If you define the loss of today’s properties a serious loss of value, then there are Ponzi-ish characteristics in plain view I’m not going to make that claim, however
Conclusion This was just a quick summary BitCoin is actually well designed, if you accept that anonymity and scaling forces the entire present model to be shifted into something that effectively looks like banking I’ll talk about more another time

More Related Content

What's hot

Crypto currency
Crypto currencyCrypto currency
Crypto currencyHemon Dey
 
Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Dan Kaminsky
 
Crypto currencies presentation by Dr. Andre Gholam
Crypto currencies presentation by Dr. Andre GholamCrypto currencies presentation by Dr. Andre Gholam
Crypto currencies presentation by Dr. Andre GholamPMILebanonChapter
 
Bitcoin crypto currency
Bitcoin crypto currencyBitcoin crypto currency
Bitcoin crypto currencyJithil Jishad
 
Overview of Blockchain Consensus Mechanisms
Overview of Blockchain Consensus MechanismsOverview of Blockchain Consensus Mechanisms
Overview of Blockchain Consensus MechanismsJohannes Ahlmann
 
Advantages and Disadvantages of Cryptocurrencies such as OneCoin
Advantages and Disadvantages of Cryptocurrencies such as OneCoinAdvantages and Disadvantages of Cryptocurrencies such as OneCoin
Advantages and Disadvantages of Cryptocurrencies such as OneCoinOne Coin
 
What Are Crypto Tokens & How Crypto Tokens Work?
What Are Crypto Tokens & How Crypto Tokens Work?What Are Crypto Tokens & How Crypto Tokens Work?
What Are Crypto Tokens & How Crypto Tokens Work?Blockchain Council
 
Ethereum in a nutshell
Ethereum in a nutshellEthereum in a nutshell
Ethereum in a nutshellDaniel Chan
 
Digital Banking - Industry Trends for Customer Service
Digital Banking - Industry Trends for Customer ServiceDigital Banking - Industry Trends for Customer Service
Digital Banking - Industry Trends for Customer ServiceGianluca Ferranti
 
Introduction to Cryptocurrency (Bitcoin)
Introduction to Cryptocurrency (Bitcoin)Introduction to Cryptocurrency (Bitcoin)
Introduction to Cryptocurrency (Bitcoin)Kashif Khans
 
Cyber Fraud
Cyber Fraud Cyber Fraud
Cyber Fraud Dixita S
 
Advantages,disadvantages,applications and economic aspects of bitcoin
Advantages,disadvantages,applications and economic aspects of bitcoinAdvantages,disadvantages,applications and economic aspects of bitcoin
Advantages,disadvantages,applications and economic aspects of bitcoinTabish Ansar
 
Crypto currency
Crypto currencyCrypto currency
Crypto currencyAmit RJ
 
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...Simplilearn
 

What's hot (20)

Crypto currency
Crypto currencyCrypto currency
Crypto currency
 
Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
Crypto currencies presentation by Dr. Andre Gholam
Crypto currencies presentation by Dr. Andre GholamCrypto currencies presentation by Dr. Andre Gholam
Crypto currencies presentation by Dr. Andre Gholam
 
Cryptocurrency
CryptocurrencyCryptocurrency
Cryptocurrency
 
Bitcoin crypto currency
Bitcoin crypto currencyBitcoin crypto currency
Bitcoin crypto currency
 
Blockchain - blockchain
Blockchain - blockchainBlockchain - blockchain
Blockchain - blockchain
 
Overview of Blockchain Consensus Mechanisms
Overview of Blockchain Consensus MechanismsOverview of Blockchain Consensus Mechanisms
Overview of Blockchain Consensus Mechanisms
 
Advantages and Disadvantages of Cryptocurrencies such as OneCoin
Advantages and Disadvantages of Cryptocurrencies such as OneCoinAdvantages and Disadvantages of Cryptocurrencies such as OneCoin
Advantages and Disadvantages of Cryptocurrencies such as OneCoin
 
What Are Crypto Tokens & How Crypto Tokens Work?
What Are Crypto Tokens & How Crypto Tokens Work?What Are Crypto Tokens & How Crypto Tokens Work?
What Are Crypto Tokens & How Crypto Tokens Work?
 
Ethereum in a nutshell
Ethereum in a nutshellEthereum in a nutshell
Ethereum in a nutshell
 
Digital Banking - Industry Trends for Customer Service
Digital Banking - Industry Trends for Customer ServiceDigital Banking - Industry Trends for Customer Service
Digital Banking - Industry Trends for Customer Service
 
Introduction to Cryptocurrency (Bitcoin)
Introduction to Cryptocurrency (Bitcoin)Introduction to Cryptocurrency (Bitcoin)
Introduction to Cryptocurrency (Bitcoin)
 
All about Bitcoins!
All about Bitcoins!All about Bitcoins!
All about Bitcoins!
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
Cyber Fraud
Cyber Fraud Cyber Fraud
Cyber Fraud
 
Advantages,disadvantages,applications and economic aspects of bitcoin
Advantages,disadvantages,applications and economic aspects of bitcoinAdvantages,disadvantages,applications and economic aspects of bitcoin
Advantages,disadvantages,applications and economic aspects of bitcoin
 
Crypto currency
Crypto currencyCrypto currency
Crypto currency
 
Bitcoin history
Bitcoin historyBitcoin history
Bitcoin history
 
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...
Blockchain Explained | How Does A Blockchain Work | Blockchain Explained Simp...
 

Similar to Some Thoughts On Bitcoin

Bitcoin story of programable currency
Bitcoin story of programable currencyBitcoin story of programable currency
Bitcoin story of programable currencyHossam Soffar
 
Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0Salih Cenap Baydar
 
Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.KepharsKunda
 
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...Bitcoin Wallet Canada
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad SarangNinad Sarang
 
What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin? What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin? Muhammad Mansha
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfShreeharshaHegde7
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfLeokas123
 
Bitcoin the_insider_guide_to_cryptocurrency_
Bitcoin  the_insider_guide_to_cryptocurrency_Bitcoin  the_insider_guide_to_cryptocurrency_
Bitcoin the_insider_guide_to_cryptocurrency_waseem nawaz
 
A beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdfA beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdfAkash Agrawal
 
Blockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchainsBlockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchainsBrett Colbert
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the BankerBohdan Szymanik
 
Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16Sam Wouters
 
BlockChain BreakDown
BlockChain BreakDownBlockChain BreakDown
BlockChain BreakDownChris Black
 
Bitcoin All The Way
Bitcoin All The WayBitcoin All The Way
Bitcoin All The WayAdmin SBS
 
Bitcoin breakthrough training guide
Bitcoin breakthrough training guideBitcoin breakthrough training guide
Bitcoin breakthrough training guideIsabella
 

Similar to Some Thoughts On Bitcoin (20)

Bitcoin story of programable currency
Bitcoin story of programable currencyBitcoin story of programable currency
Bitcoin story of programable currency
 
Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0
 
Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.
 
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
 
Cryptocurrency
CryptocurrencyCryptocurrency
Cryptocurrency
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
 
Bitcoins introduction
Bitcoins introduction Bitcoins introduction
Bitcoins introduction
 
Bitcoin cash
Bitcoin cashBitcoin cash
Bitcoin cash
 
What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin? What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin?
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
 
Bitcoin the_insider_guide_to_cryptocurrency_
Bitcoin  the_insider_guide_to_cryptocurrency_Bitcoin  the_insider_guide_to_cryptocurrency_
Bitcoin the_insider_guide_to_cryptocurrency_
 
MythsandMisnomers
MythsandMisnomersMythsandMisnomers
MythsandMisnomers
 
A beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdfA beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdf
 
Blockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchainsBlockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchains
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the Banker
 
Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16
 
BlockChain BreakDown
BlockChain BreakDownBlockChain BreakDown
BlockChain BreakDown
 
Bitcoin All The Way
Bitcoin All The WayBitcoin All The Way
Bitcoin All The Way
 
Bitcoin breakthrough training guide
Bitcoin breakthrough training guideBitcoin breakthrough training guide
Bitcoin breakthrough training guide
 

More from Dan Kaminsky

Bugs Aren't Random
Bugs Aren't RandomBugs Aren't Random
Bugs Aren't RandomDan Kaminsky
 
Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Dan Kaminsky
 
Move Fast and Fix Things
Move Fast and Fix ThingsMove Fast and Fix Things
Move Fast and Fix ThingsDan Kaminsky
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
I Want These * Bugs Off My * Internet
I Want These * Bugs Off My * InternetI Want These * Bugs Off My * Internet
I Want These * Bugs Off My * InternetDan Kaminsky
 
Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Dan Kaminsky
 
Chicken Chicken Chicken Chicken
Chicken Chicken Chicken ChickenChicken Chicken Chicken Chicken
Chicken Chicken Chicken ChickenDan Kaminsky
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingDan Kaminsky
 
Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)Dan Kaminsky
 
232 md5-considered-harmful-slides
232 md5-considered-harmful-slides232 md5-considered-harmful-slides
232 md5-considered-harmful-slidesDan Kaminsky
 
Dmk sb2010 web_defense
Dmk sb2010 web_defenseDmk sb2010 web_defense
Dmk sb2010 web_defenseDan Kaminsky
 
Bh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackopsBh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackopsDan Kaminsky
 

More from Dan Kaminsky (20)

Bugs Aren't Random
Bugs Aren't RandomBugs Aren't Random
Bugs Aren't Random
 
Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017
 
Move Fast and Fix Things
Move Fast and Fix ThingsMove Fast and Fix Things
Move Fast and Fix Things
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive Trickery
 
Chicken
ChickenChicken
Chicken
 
I Want These * Bugs Off My * Internet
I Want These * Bugs Off My * InternetI Want These * Bugs Off My * Internet
I Want These * Bugs Off My * Internet
 
Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)
 
Chicken Chicken Chicken Chicken
Chicken Chicken Chicken ChickenChicken Chicken Chicken Chicken
Chicken Chicken Chicken Chicken
 
Black ops 2012
Black ops 2012Black ops 2012
Black ops 2012
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
 
Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)
 
Interpolique
InterpoliqueInterpolique
Interpolique
 
232 md5-considered-harmful-slides
232 md5-considered-harmful-slides232 md5-considered-harmful-slides
232 md5-considered-harmful-slides
 
Confidence web
Confidence webConfidence web
Confidence web
 
Dmk sb2010 web_defense
Dmk sb2010 web_defenseDmk sb2010 web_defense
Dmk sb2010 web_defense
 
Interpolique
InterpoliqueInterpolique
Interpolique
 
Black opspki 2
Black opspki 2Black opspki 2
Black opspki 2
 
Bh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackopsBh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackops
 
Bh eu 05-kaminsky
Bh eu 05-kaminskyBh eu 05-kaminsky
Bh eu 05-kaminsky
 
Bh eu 05-kaminsky
Bh eu 05-kaminskyBh eu 05-kaminsky
Bh eu 05-kaminsky
 

Recently uploaded

A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKUXDXConf
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfFIDO Alliance
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsUXDXConf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityScyllaDB
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxDavid Michel
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsStefano
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...CzechDreamin
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfFIDO Alliance
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FIDO Alliance
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationZilliz
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCzechDreamin
 

Recently uploaded (20)

A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 

Some Thoughts On Bitcoin

  • 1. Some Thoughts On Bitcoin Dan Kaminsky
  • 2. If You’re Smart Leave the room right now “Bitcoin turns nerd forums into libertarian forums” This is true Bitcoin is a particularly effective DoS against security professionals Why?
  • 3. Security Inversion Normal Code Looks like it might be OK up front Scratch the surface, it’s actually really bad BitCoin Looks really bad up front Scratch the surface, it’s actually surprisingly good We aren’t used to systems with these characteristics This code has the mark of having been audited by People Like Us And quants
  • 4. The basic summary BitCoin is absolutely not anonymous BitCoin clearly does not scale In the long term It does work for now though This isn’t 0day stuff, this is basically declared almost entirely up front
  • 5. What Is BitCoin A really strange use of cryptography “Strange” is not a sufficient, interesting, or even vaguely competent way to mark a system as insecure It’s a decent way to say “this is not the normal way things are put together” Two systems mated together A peer to peer network that does a best case effort to synchronize data (loose “transactions” and solved “blocks”) across as many nodes as possible A Chinese Lottery that canonicalizes subsets of synchronized data, using the difficulty of finding partial hash collisions
  • 6. The Basic Idea (In A Nutshell) 1) I’m hearing about all these transactions going on – Alice is paying Bob, Bob is paying Charlie, etc 2) I hash all the transactions I’ve heard about, with some random information, and the hash of the last time someone did that, until there’s a partial collision First n bits equals 0 N is automatically determined based on how hard it has to be for one block to be found about every 10 minutes This is a block 3) I send everyone my “block” – transactions plus hash of previous block plus random data. This gives me 50 bitcoins (for now). 4) I can now “sign over” those bitcoins, from my private key, to other people’s (or my) public key. 5) Repeat until there’s lots of people with lots of BitCoins Possibly purchased instead of “mined”
  • 7. Interesting Traits The basic concept is actually relatively solid Assuming partial collisions are predictably hard to find Assuming ECDSA works Basic Idea 1: Money can’t be created from nothing – hashing is needed Basic Idea 2: Transactions can’t be blocked or reversed by a central entity – “is none” It makes security engineers talk like monetary scientists That’s sort of OK, economists pretend to do that too… Seriously, that’s silly– lets just talk tech, OK?
  • 8. Epic Scalability Quote 1(https://en.bitcoin.it/wiki/Scalability) “The core BitCoin network can scale to very high transaction rates assuming a distributed version of the node software is built. This would not be very complicated.” Because there’s nothing easier to do, than make a system distributed This is totally not one of the Hard Problems Of Computer Science By “Distributed” they mean “Centralized” WhyBitCoin is uniquely hard to audit It claims the advantages of its present architecture, and its future architecture, while rebutting the disadvantages of one with the advantages of the other Instead of saying, “We don’t do that”, they say “Something else could do that”
  • 9. Scalability Costs: Network Bandwidth “Let's assume an average rate of 2000tps, so just VISA…. Shifting 60 gigabytes of data in, say, 60 seconds means an average rate of 1 gigabyte per second, or 8 gigabits per second.” :O
  • 10. Up and Down Going up “Let's take 4,000 tps as starting goal. Obviously if we want BitCoin to scale to all economic transactions worldwide, including cash, it'd be a lot higher than that, perhaps more in the region of a few hundred thousand transactions/sec.”  And the need to be able to withstand DoS attacks (which VISA does not have to deal with) implies we would want to scale far beyond the standard peak rates. TB/sec Going down Even at 1/100th of VISA, that’s still 10MB/sec
  • 11. Are There Future Optimizations? “Because nodes are very likely to have already seen a transaction when it was first broadcast, this means the size of a block to download would be trivial (80 bytes + 32 bytes per transaction). If a node didn't see a transaction broadcast, it can ask the connected node to provide it.” Potential 50% savings! Could go from 1GB to 500MB/sec
  • 12. What About Storage? In order to validate a transaction, you need all blocks up to the present one Joining BitCoin today == downloading 200+MB history all the way to the start of time That only increases “ A 3 terabyte hard disk costs less than $200 today and will be cheaper still in future, so you'd need one such disk for every 21 days of operation (at 1gb per block).” So you get to participate directly in BitCoin, at the low low cost of $200 a month Assuming zero costs of running a storage array
  • 13. CPU?  ”A network node capable of keeping up with VISA would need roughly 50 cores + whatever is used for mining (done by separate machines/GPUs).” In the long run, that’s what it takes to participate (assuming no DoS, which would take 5000 cores) (You actually need to validate all historical transactions too)
  • 14. OK, so you end up with supernodes and normal nodes What are the characteristics of supernodes? They’re banks “Welcome to the new boss, who looks suspiciously like the old boss” I’m not saying banks are bad or anything The “peer to peer” model of BitCoin eventually goes away; as soon as the thing gets big, the entire thing switches to a banking model
  • 15. Reality of Banking As the network gets bigger, fewer and fewer nodes can be banks Only so many parties can exchange a gigabyte a second. The 50% threshold is inevitable BitCoin banks still can’t gin up money BitCoin banks can’t forcibly take money Unless they hold the private keys for the user, which they might BitCoin banks can refuse to accept blocks with “undesirable” transactions Don’t need 50% -- just need enough to inconvenience 50% to accept your opinion Can block undesirable transactions Can recompute blocks w/o certain transactions (reversal) This offers a host of ugly semantics
  • 16. Already Suffering This BitCoin’s security model is base on the idea that nobody can control more than 50% of the network Exact PetaFlop count unclear, but >40 and <200 Weird metric, given that crypto uses integer operations when FLOPS are floating point Several times more than largest supercomputer Pools are breaking this #1 pool has 41% #2 pool has 30% “Security through ostracism” to Pitchfork Security DDoS against #1 pool
  • 17. Bad Choice Of Hash Standard Existing model can be accelerated massively with GPUs Just 2x SHA-256 Could have been bcrypt or the like, in which performance does not scale with pure processing speed Basically adds memory and serialization dependencies Wasn’t implemented, so now we have shortages of GPUs…
  • 18. What About Anonymity? The full worldwide transaction history is stored and shared, forever and ever Everyone has names like: 1MQbbWUi2scKdZ4KtMMSUSvVmxi6XtEeaC How do you know who you’re paying? You don’t Everyone is encouraged to make up new names for every transaction Actually how you can tell why someone is paying you Out of band, you tell someone “to pay me, pay this address” When that address is paid, you can dereference to your own private transaction Do lots of random names equal anonymity?
  • 19. Names Are Linkable (see blockexplorer.com) All FROM sources are effectively the same person (or linked IDs) Almost all TO destinations are payee and payor
  • 20. Reality of Anonymity As BitCoin “fights fragmentation”, it merges identities As it merges identities, it…well, merges identities There are other models of using BitCoin in which money goes in, stays, and then presumably goes back out Again, it’s amazing how much this looks like a bank. Not saying banks are bad, just don’t tell me BitCoin doesn’t morph into the banking system
  • 21. So, with this all being said BitCoin is working, today That counts for a lot It will not work this way forever It will not have today’s security properties forever If you define the loss of today’s properties a serious loss of value, then there are Ponzi-ish characteristics in plain view I’m not going to make that claim, however
  • 22. Conclusion This was just a quick summary BitCoin is actually well designed, if you accept that anonymity and scaling forces the entire present model to be shifted into something that effectively looks like banking I’ll talk about more another time