Virtual Currency Myth and Reality (Ver. 3.0 (182 pages) : Extended Version of Seoul National Univ. China AMP Seminar, Jan 24, 2018) @ NAVER Corp., Feb 21, 2018
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPThomas Graf
This talk will start with a deep dive and hands on examples of BPF, possibly the most promising low level technology to address challenges in application and network security, tracing, and visibility. We will discuss how BPF evolved from a simple bytecode language to filter raw sockets for tcpdump to the a JITable virtual machine capable of universally extending and instrumenting both the Linux kernel and user space applications. The introduction is followed by a concrete example of how the Cilium open source project applies BPF to solve networking, security, and load balancing for highly distributed applications. We will discuss and demonstrate how Cilium with the help of BPF can be combined with distributed system orchestration such as Docker to simplify security, operations, and troubleshooting of distributed applications.
In this talk Jiří Pírko discusses the design and evolution of the VLAN implementation in Linux, the challenges and pitfalls as well as hardware acceleration and alternative implementations.
Jiří Pírko is a major contributor to kernel networking and the creator of libteam for link aggregation.
Next Generation Nexus 9000 ArchitectureCisco Canada
In the upcoming year, 2016, the industry will see a significant capacity, capability and cost point shift in Data Center switching. The introduction of 25/100G supplementing the previous standard of 10/40G at the same cost points and power efficiency which represents a 250% increase in capacity for roughly the same capital costs is just one example of the scope of the change. These changes are occurring due to the introduction of new generations of ASICs leveraging improvements in semiconductor fabrication combined with innovative developments in network algorithms, SerDes capabilities and ASIC design approaches. This session will take a deep dive look at the technology changes enabling this shift and the architecture of the next generation nexus 9000 Data Center switches enabled due to these changes. Topics will include a discussion of the introduction of 25/50/100G to compliment existing 10/40G, why next generation fabrication techniques enable much larger forwarding scale, more intelligent buffering and queuing algorithms and embedded telemetry enabling big data analytics based on network traffic
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPThomas Graf
This talk will start with a deep dive and hands on examples of BPF, possibly the most promising low level technology to address challenges in application and network security, tracing, and visibility. We will discuss how BPF evolved from a simple bytecode language to filter raw sockets for tcpdump to the a JITable virtual machine capable of universally extending and instrumenting both the Linux kernel and user space applications. The introduction is followed by a concrete example of how the Cilium open source project applies BPF to solve networking, security, and load balancing for highly distributed applications. We will discuss and demonstrate how Cilium with the help of BPF can be combined with distributed system orchestration such as Docker to simplify security, operations, and troubleshooting of distributed applications.
In this talk Jiří Pírko discusses the design and evolution of the VLAN implementation in Linux, the challenges and pitfalls as well as hardware acceleration and alternative implementations.
Jiří Pírko is a major contributor to kernel networking and the creator of libteam for link aggregation.
Next Generation Nexus 9000 ArchitectureCisco Canada
In the upcoming year, 2016, the industry will see a significant capacity, capability and cost point shift in Data Center switching. The introduction of 25/100G supplementing the previous standard of 10/40G at the same cost points and power efficiency which represents a 250% increase in capacity for roughly the same capital costs is just one example of the scope of the change. These changes are occurring due to the introduction of new generations of ASICs leveraging improvements in semiconductor fabrication combined with innovative developments in network algorithms, SerDes capabilities and ASIC design approaches. This session will take a deep dive look at the technology changes enabling this shift and the architecture of the next generation nexus 9000 Data Center switches enabled due to these changes. Topics will include a discussion of the introduction of 25/50/100G to compliment existing 10/40G, why next generation fabrication techniques enable much larger forwarding scale, more intelligent buffering and queuing algorithms and embedded telemetry enabling big data analytics based on network traffic
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
The session specifically covers the requirements and approaches for deploying the Underlay, Overlay as well as the inter-Fabric connectivity of Data Center Networks or Fabrics. Within the VXLAN BGP-EVPN based Overlay, we focus on the insights like forwarding and control plane functions which are critical to the simplicity operation of the architecture in achieving scale, small failure domains and consistent configuration. To complete the overlay view on VXLAN BGP-EVPN, we are going to the insides of BGP and its EVPN address-familiy and extend to about how multiple DC Fabric can be interconnected within, either as stretched Fabrics or with true DCI. The session concludes with a brief overview of manageability functions, network orchestration capabilities and multi-tenancy details. This Advanced session is intended for network, design and operation engineers from Enterprises to Service Providers.
Using eBPF for High-Performance Networking in CiliumScyllaDB
The Cilium project is a popular networking solution for Kubernetes, based on eBPF. This talk uses eBPF code and demos to explore the basics of how Cilium makes network connections, and manipulates packets so that they can avoid traversing the kernel's built-in networking stack. You'll see how eBPF enables high-performance networking as well as deep network observability and security.
Understanding Wireguard, TLS and Workload IdentityChristian Posta
Zero Trust Networking has become a standard marketing buzzword but the underlying principles are critical for modern microservice-style architectures. Authentication, authorizations, policy, etc. can be difficult to implement between services and do so in a maintainable way. Google invented their own transparent encryption and authorization protocol called "ALTS" back in 2007 to serve the application layer of Google's Borg workload scheduler, but we don't see others using it outside Google.
In this webinar we look at existing technology like TLS and newcomer Wireguard and see how these technologies come together to provide a secure foundation for workload identity and modern service-to-service networking.
Observability: Beyond the Three Pillars with SpringVMware Tanzu
In this presentation, we’ll explore the basics of the three pillars and what Spring has to offer to implement them for logging (SLF4J), metrics (Micrometer), and distributed tracing (Spring Cloud Sleuth, Zipkin/Brave, OpenTelemetry).
I’ll also talk about how to take your system to the next level, and what else you can find in Spring and related technologies to look under the hood of your running system (Spring Boot Actuator, Logbook, Eureka, Spring Boot Admin, Swagger, Spring HATEOAS) and what our future plans are.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Following the previous talk on kernel locks it is now the time to talk about lock-free data structures. We will cover the implementation and usage of the RCU mechanism in the kernel.
Speaker:
Mark Veltzer - CTO of Hinbit and a senior instructor at John Bryce. Mark is also a member of the Free Source Foundation and contributes to many free projects.
https://github.com/veltzer
NFV Orchestration for Telcos using OpenStack TackerSridhar Ramaswamy
ETSI MANO NFV Orchestration for Telco Service Providers using OpenStack Tacker project. Showcases integration of Tacker to orchestrate Brocade VNFs like 5600 Virtual Router and Connectem vEPC.
Details about Softirq, Tasklet and workqueue in Linux kernel. Difference between all these. All activation finction such as initialization, activation and mask.
My talk at IDNOG5 (ID Network Operators Group) Conference, Jakarta, 2018, covers a short overview of fintech, cryptocurrency & blockchain + a networking perspective/use cases at the end
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
The session specifically covers the requirements and approaches for deploying the Underlay, Overlay as well as the inter-Fabric connectivity of Data Center Networks or Fabrics. Within the VXLAN BGP-EVPN based Overlay, we focus on the insights like forwarding and control plane functions which are critical to the simplicity operation of the architecture in achieving scale, small failure domains and consistent configuration. To complete the overlay view on VXLAN BGP-EVPN, we are going to the insides of BGP and its EVPN address-familiy and extend to about how multiple DC Fabric can be interconnected within, either as stretched Fabrics or with true DCI. The session concludes with a brief overview of manageability functions, network orchestration capabilities and multi-tenancy details. This Advanced session is intended for network, design and operation engineers from Enterprises to Service Providers.
Using eBPF for High-Performance Networking in CiliumScyllaDB
The Cilium project is a popular networking solution for Kubernetes, based on eBPF. This talk uses eBPF code and demos to explore the basics of how Cilium makes network connections, and manipulates packets so that they can avoid traversing the kernel's built-in networking stack. You'll see how eBPF enables high-performance networking as well as deep network observability and security.
Understanding Wireguard, TLS and Workload IdentityChristian Posta
Zero Trust Networking has become a standard marketing buzzword but the underlying principles are critical for modern microservice-style architectures. Authentication, authorizations, policy, etc. can be difficult to implement between services and do so in a maintainable way. Google invented their own transparent encryption and authorization protocol called "ALTS" back in 2007 to serve the application layer of Google's Borg workload scheduler, but we don't see others using it outside Google.
In this webinar we look at existing technology like TLS and newcomer Wireguard and see how these technologies come together to provide a secure foundation for workload identity and modern service-to-service networking.
Observability: Beyond the Three Pillars with SpringVMware Tanzu
In this presentation, we’ll explore the basics of the three pillars and what Spring has to offer to implement them for logging (SLF4J), metrics (Micrometer), and distributed tracing (Spring Cloud Sleuth, Zipkin/Brave, OpenTelemetry).
I’ll also talk about how to take your system to the next level, and what else you can find in Spring and related technologies to look under the hood of your running system (Spring Boot Actuator, Logbook, Eureka, Spring Boot Admin, Swagger, Spring HATEOAS) and what our future plans are.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Following the previous talk on kernel locks it is now the time to talk about lock-free data structures. We will cover the implementation and usage of the RCU mechanism in the kernel.
Speaker:
Mark Veltzer - CTO of Hinbit and a senior instructor at John Bryce. Mark is also a member of the Free Source Foundation and contributes to many free projects.
https://github.com/veltzer
NFV Orchestration for Telcos using OpenStack TackerSridhar Ramaswamy
ETSI MANO NFV Orchestration for Telco Service Providers using OpenStack Tacker project. Showcases integration of Tacker to orchestrate Brocade VNFs like 5600 Virtual Router and Connectem vEPC.
Details about Softirq, Tasklet and workqueue in Linux kernel. Difference between all these. All activation finction such as initialization, activation and mask.
My talk at IDNOG5 (ID Network Operators Group) Conference, Jakarta, 2018, covers a short overview of fintech, cryptocurrency & blockchain + a networking perspective/use cases at the end
Do a research and make a PowerPoint about Insulation for architectDustiBuckner14
Do a research and make a PowerPoint about Insulation for architecture
· What is Insulation?
· units of measurement and formulas
· Types of insulation and location of use
· Dew point
· Show examples for each type with pros and cons
· Sketch wall and detail sections and show each layer
· Provide some Research with links
Creative Commons Non Commercial CC-BY-NC: This article is distributed under the terms of the Creative Commons Attribution-
NonCommercial 3.0 License (http://www.creativecommons.org/licenses/by-nc/3.0/) which permits non-commercial use,
reproduction and distribution of the work without further permission provided the original work is attributed as specified on the SAGE and
Open Access pages (https://us.sagepub.com/en-us/nam/open-access-at-sage).
VikalPa • VolUMe 44 • iSSUe 1 • JanUaRY-MaRch 2019 1
Blockchain in Finance
Jayanth Rama Varma
P E R S P E C T I V E S
KEY WORDS
Blockchain
Distributed Ledger
DLT
Crypto Currency
includes research articles
that focus on the analysis and
resolution of managerial and
academic issues based on
analytical and empirical or
case research
B
lockchain—the decentralized replicated ledger technology that underlies
Bitcoin and other cryptocurrencies—provides a potentially attractive alterna-
tive way to organize modern finance. Currently, the financial system depends
on a number of centralized trusted intermediaries: central counter parties (CCPs)
guarantee trades in exchanges; central securities depositories (CSDs) provide secu-
rities settlement; the Society for Worldwide Interbank Financial Telecommunication
(SWIFT) intermediates global transfer of money; CLS Bank handles the settlement
of foreign exchange transactions, a handful of banks dominate correspondent
banking, and an even smaller number provide custodial services to large invest-
ment institutions. Until a decade ago, it was commonly assumed that the finan-
cial strength and sound management of these central hubs ensured that they were
extremely unlikely to fail. More importantly, it was assumed that they were too big to
fail (TBTF), so that the government would step in and bail them out if they did fail.
The Global Financial Crisis of 2007–2008 shattered these assumptions as many large
banks in the most advanced economies of the world either failed or were very reluc-
tantly bailed out. The Eurozone Crisis of 2010–2012 stoked the fear that even rich
country sovereigns could potentially default on their obligations. Finally, repeated
instances of hacking of the computers of large financial institutions is another factor
that has destroyed trust. When trust in the central hubs of finance is being increas-
ingly questioned, decentralized systems like the blockchain that reduce the need for
such trust become attractive.
It is no coincidence that Bitcoin was launched shortly after the failure of Lehman
that marked the peak of the global financial crisis. Over the subsequent decade,
cryptocurrenc ...
Running head BLOCKCHAIN TECHNOLOGY BEYOND CRYPTOCURRENCY1B.docxtoddr4
Running head: BLOCKCHAIN TECHNOLOGY: BEYOND CRYPTOCURRENCY
1
BLOCKCHAIN TECHNOLOGY: BEYOND CRYPTOCURRENCY
7
Block-chain Technology: Beyond Crypto-currency
Christophe Bassono
University of Nebraska Omaha
CYBR-4360-860-Foundation of IA
Assignment: Semester Project Presentation
Block-chain Technology: Beyond the Crypto-currency
Contents
Contents
2
Abstract
3
Introduction
3
Fundamentals of Block-chain Technology
4
Application of Block-chain Beyond Crypto-currency
5
Future of Block-chain
8
Conclusion
8
Abstract
Block-chain is relatively new; therefore, a representative research sample is presented that spans over the last couple of years from the earlier literature addressing the field. The different usage types of Block-chain, as well as the digital ledger methods, applications, challenges privacy, and security issues, are examined. The technology constitutes two distinct components including block and transaction. Block refers to the collection of data, transaction recording, as well as other related details such as the creation of timestamp, correct sequence, et cetera. Blockchain which is the digital technology fundamental for crypto-currency has managed to bring forth a novel revolution through the provision of a mechanism that can be used for peer-to-peer transactions (P2P). The blockchain is a globally accepted ledger that is capable of achieving numerous new applications beyond transaction verification. Bitcoin that is progressively gaining awareness around the world is a vital example of Blockchain in practice. The block-chain technology is still at the stage of building up and is expected to be full-blown in the next few years. Introduction
The predominant goal of this proposal is to outline the literature on the functionality of Block-chain and other techniques of the digital ledger in several different spheres of influence beyond its use to crypto-currency and to come up with an appropriate conclusion. The technology of block-chain is relatively new; therefore, a representative research sample is presented that spans over the last couple of years from the earlier literature addressing the field. The different usage types of Block-chain, as well as the digital ledger methods, applications, challenges privacy, and security issues, are examined. However, the main focus of this proposal is to determine the most auspicious for future application of Block-chain beyond crypto-currency.
Block-chain is the technology that facilitates the system of Bitcoin crypto-currency, which is also regarded to be important in the formation of the backbone that guarantees privacy and security of several applications in different areas such as the eco-system of the Internet of Things. The block-chain technology has also been successfully applied in the industrial and the educational sectors (Pilkington, 2016). A Proof-of-Work, which is a mathematical challenge, guarantees the security of the chain-block by maintaining the transactions of the digital le.
Blockchain-Based Internet of Things: Review, Current Trends, Applications, an...AlAtfat
Advances in technology always had an impact on our lives. Several emerging technologies, most notably the Internet of Things (IoT) and blockchain, present transformative opportunities. The blockchain is a decentralized, transparent ledger for storing transaction data. By effectively establishing trust between nodes, it has the remarkable potential to design unique architectures for most enterprise applications. When it first appeared as a platform for anonymous cryptocurrency trading, such as Bitcoin, on a public network platform, blockchain piqued the interest of researchers. The chain is completed when each block connects to the previous block. The Internet of Things (IoT) is a network of networked devices that can exchange data and be managed and controlled via unique identifiers. Automation, wireless sensor networks, embedded systems, and control systems are just a few of the well-known technologies that power the IoT. Converging advancements in real-time analytics, machine learning, commodity sensors, and embedded systems demonstrate the rapid expansion of the IoT paradigm. The Internet of Things refers to the global networking of millions of networked smart gadgets that gather and exchange data. Integrating the IoT and blockchain technology would be a significant step toward developing a reliable, secure, and comprehensive method of storing data collected by smart devices. Internet-enabled devices in the IoT can send data to private blockchain networks, creating immutable records of all transaction history. As a result, these networks produce unchangeable logs of all transactions. This research looks at how blockchain technology and the Internet of Things interact to understand better how devices can communicate with one another. The blockchain-enabled Internet of Things architecture proposed in this article is a useful framework for integrating blockchain technology and the Internet of Things using the most cutting-edge tools and methods currently available. This article discusses the principles of blockchain-based IoT, consensus methods, reviews, difficulties, prospects, applications, trends, and communication between IoT nodes in an integrated framework.
Blockchain-Based Internet of Things: Review, Current Trends, Applications, an...AlAtfat
Advances in technology always had an impact on our lives. Several emerging technologies, most notably the Internet of Things (IoT) and blockchain, present transformative opportunities. The blockchain is a decentralized, transparent ledger for storing transaction data. By effectively establishing trust between nodes, it has the remarkable potential to design unique architectures for most enterprise applications. When it first appeared as a platform for anonymous cryptocurrency trading, such as Bitcoin, on a public network platform, blockchain piqued the interest of researchers. The chain is completed when each block connects to the previous block. The Internet of Things (IoT) is a network of networked devices that can exchange data and be managed and controlled via unique identifiers. Automation, wireless sensor networks, embedded systems, and control systems are just a few of the well-known technologies that power the IoT. Converging advancements in real-time analytics, machine learning, commodity sensors, and embedded systems demonstrate the rapid expansion of the IoT paradigm. The Internet of Things refers to the global networking of millions of networked smart gadgets that gather and exchange data. Integrating the IoT and blockchain technology would be a significant step toward developing a reliable, secure, and comprehensive method of storing data collected by smart devices. Internet-enabled devices in the IoT can send data to private blockchain networks, creating immutable records of all transaction history. As a result, these networks produce unchangeable logs of all transactions. This research looks at how blockchain technology and the Internet of Things interact to understand better how devices can communicate with one another. The blockchain-enabled Internet of Things architecture proposed in this article is a useful framework for integrating blockchain technology and the Internet of Things using the most cutting-edge tools and methods currently available. This article discusses the principles of blockchain-based IoT, consensus methods, reviews, difficulties, prospects, applications, trends, and communication between IoT nodes in an integrated framework.
Log Standards & Future Trends by Dr. Anton ChuvakinAnton Chuvakin
The presentation will discuss how to bring order (in the form of standards!) to the chaotic world of logging.
It will give a brief introduction to logs and logging and explain how and why logs grew so chaotic and disorganized.
Next it will cover why log standards are sorely needed.
It will offer a walk-through that highlights the critical areas of log standardization. Current standard efforts will be discussion.
Finally, the presentation will cover a few of the emerging and yet-to-emerge trends related to logging and log management.
Bitcoin has been a hot topic in the technology industry since its boom in 2017. The underlying technology of bitcoin is the blockchain that has impressed many of the onlookers due to its transparency and usability in this globalized world. In cryptocurrencies, a ledger is operated which contains all the data regarding the transactions and contracts that are to be executed. These ledgers are maintained on multiple nodes around the world. Every node has to maintain a full copy of the ledger which currently is 15 GB for bitcoin. As more and more transactions are carried on the blockchain, this approach becomes slow. Scaling is the only solution to counter this problem, that's where the sharding technology comes into play. In sharding, rather than each node maintaining the full ledger, the ledger is divided or sharded into multiple fragments. So, in short, each node consists of a small part of the ledger rather than the whole ledger which is easy to maintain and in turn helps in scaling the blockchain. So rather than a full blockchain, we have shard chains that consist of multiple node or validator networks which are then assigned multiple tasks like verifying transactions or operations.
AN EVALUATION OF SECURITY IN BLOCKCHAIN-BASED SHARING OF STUDENT RECORDS IN H...IJNSA Journal
Blockchain has recently taken off as a disruptive technology, from its initial use in cryptocurrencies to wider applications in areas such as property registration and insurance due to its characteristic as a distributed ledger which can remove the need for a trusted third party to facilitate transactions. This spread of the technology to new application areas has been driven by the development of smart contracts – blockchain-based protocols which can automatically enforce a contract by executing code based on the logic expressed in the contract. One exciting area for blockchain is higher education. Students in higher education are ever more mobile, and in an ever more agile world, the friction and delays caused by multiple levels of administration in higher education can cause many anxieties and hardships for students as well as potential employers who need to examine and evaluate student credentials. Distance learning as a primary platform for higher education promises to open up higher education to a wider range of learners than ever before. Blockchain-based storage of academic credentials is being widely studied due to the advantages it can bring. As with any network-based system, blockchain comes with a number of security and privacy concerns. Blockchain needs to meet several security-related requirements to be widely accepted: decentralization; confidentiality; integrity; transparency; and immutability. Researchers have been busy devising schemes to ensure that such requirements can be met in blockchain-based systems. Several types of blockchain-specific attacks have been identified: 51% attacks; malicious contracts; spam attacks; mining pools; targeted DDoS attacks; and others. Real-world attacks on blockchain-based systems have been seen on cryptocurrency sites. In this paper, we will evaluate the specific privacy and security concerns for blockchain-based systems used for academic credentials as well as suggested solutions. We also examine the issues for academic credentials which are stored “off-chain” in such systems (as is often the case). In this case, a Distributed File System (DFS) implemented with a peer-to-peer (P2P) architecture is often the choice for the storage of the academic credentials since it matches the decentralized nature of blockchain. Blockchain then contributes much to the usefulness of such a DFS, making it in turn a good match for a P2P DFS such as IPFS.
Scaling is one of the most interesting areas of innovation for blockchain. In this survey we took a first pass at a market landscape survey. We would love any edits/suggestions you may nave.
Making Lemonade out of Lemons: Squeezing utility from a proof-of-work experimentTim Swanson
[Note: references and citations can be found in the notes section of the slides]
First presented at the R3 Cryptocurrency Round Table on December 11, 2014 in Palo Alto. Covers "Bitcoin 2.0" ideas including alternative consensus mechanisms, costs of operating decentralized ledgers, use-cases for these new ledgers within existing financial institutions and potential hurdles including disproportional rewards.
Exploring blockchain technology and its potential applications for educationeraser Juan José Calderón
Exploring blockchain technology and its potential applications for education
Guang Chen1,2, Bing Xu1
, Manli Lu1 and Nian-Shing Chen3*
Abstract
Blockchain is the core technology used to create the cryptocurrencies, like bitcoin. As part of the fourth industrial revolution since the invention of steam engine, electricity, and information technology, blockchain technology has been
applied in many areas such as finance, judiciary, and commerce. The current paper focused on its potential educational applications and explored how blockchain technology can be used to solve some education problems. This article first introduced the features and advantages of blockchain technology following by exploring some of the current blockchain applications for education. Some innovative applications of using blockchain technology were proposed, and the benefits and challenges of using blockchain technology for education were also discussed.
Keywords: Blockchain, Educational evaluation, Instructional design, Learning is earning
Keynote for the "Connecting Erasmus+ Mobility Participants in Open Language Learning Environments that Promote Linguistic and Cultural Awareness"
https://www.openlangnet.eu/events/connecting-erasmus-mobility-participants-in-open-language-learning-environments-that-promote-linguistic-and-cultural-awareness/
This presentation is about blockchain.
When Thomas Edison invented the electric lamp in 1879, he did not make a market analysis. The market did not have an identified need for a lamp but for light. This is a kind of disruptive original ideas.
Satoshi Nakamoto (a person or a group) did not do a market analysis neither . The blockchain was born after the financial crisis of 2008 as people lost trust in banks.
Satoshi Nakamoto introduced a new model of trust based on cryptographic proof in a decentralised & distributed ledger.
What is bloackchain technology ? Why blockchain is disruptive? And what are the main blockchain technologies ?
Similar to Virtual Currency Myth and Reality (Ver. 3.0 (182 pages) : Extended Version of Seoul National Univ. China AMP Seminar, Jan 24, 2018) (20)
[Blockchain and Cryptocurrency] 01. SyllabusSeungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 02. Blockchain Overview and Introduction - Te...Seungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 03. Blockchain's Theoretical Foundation, Cryp...Seungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 04. Bitcoin and Nakamoto BlockchainSeungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 05. Ethereum and Smart ContractSeungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 06. NFT and MetaverseSeungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 07. Cardano(ADA) and Other AltcoinsSeungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 08. Dark CoinsSeungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
[Blockchain and Cryptocurrency] 09. Blockchain Usage Beyond Currency - Way to...Seungjoo Kim
'Blockchain and Cryptocurrency' Subject @ Korea University, 2021
01. Syllabus
02. Blockchain Overview and Introduction - Technical Concepts of Blockchain Systems -
03. Blockchain's Theoretical Foundation, Cryptography
04. Bitcoin and Nakamoto Blockchain
05. Ethereum and Smart Contract
06. NFT and Metaverse
07. Cardano(ADA) and Other Altcoins
08. Dark Coins
09. Blockchain Usage Beyond Currency - Way to Design Good Blockchain Business Models -
Why is it getting harder to train the cybersecurity workforce? (ExtendedVersion)Seungjoo Kim
Even in this pandemic situation, thank you for making and running the HITCON 2021 so well. Thank you for giving me the chance to talk!
This presentation is revised by reinforcing Q&A. Look forward to seeing you offline next year!
Kid Blockchain - Everything You Need to Know - (Part 1)Seungjoo Kim
Kid Blockchain - Everything You Need to Know - (Part 1)
01. 화폐의 역사 : 금에서부터 간편결제에 이르기까지 ... 4P
02. 비트코인의 탄생 ... 27P
03. 비트코인과 블록체인의 세부 동작원리 ... 85P
04. 작업증명(PoW)이란? ... 158P
05. 비트코인과 블록체인이 당면한 기술적 문제 ... 171P
Application of the Common Criteria to Building Trustworthy Automotive SDLCSeungjoo Kim
Seungyeon Jeong, Sooyoung Kang, and Seungjoo Kim, "Application of the Common Criteria to Building Trustworthy Automotive SDLC", Proc. of The 19th ICCC 2020, The 19th International Common Criteria Conference, Virtual (online) Conference, November 16-18, 2020.
Assurance-Level Driven Method for Integrating Security into SDLC ProcessSeungjoo Kim
Sooyoung Kang, Seungyeon Jeong, and Seungjoo Kim, "Assurance-Level Driven Method for Integrating Security into SDLC Process”, Proc. of The 18th CCUF Workshop 2020, The 18th Common Criteria Users Forum Workshop, Virtual (online) Conference, November 12, 2020.
How South Korea Is Fighting North Korea's Cyber ThreatsSeungjoo Kim
Seungjoo Kim, "How South Korea Is Fighting North Korea's Cyber Threats", Asia Transnational Threats Forum - Virtual Roundtable on North Korean Cyber Threats, Center for East Asia Policy Studies at BROOKINGS, October 15, 2020.
o 행 사 명 : 포스트코로나 시대의 ICT산업 미래전략포럼
o 일시/장소 : ‘20.5.22.(금) 10:00~16:30 / 에스팩토리(서울 성수동 소재)
o 주최/후원 : KAIT, KCA, IITP / SKT, KT, LGU+, LG전자 등
o 참 석 자 : 과기정통부 2차관, 정보통신산업정책관 및 ICT산업분야별 전문가 등
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...Seungjoo Kim
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common Criteria @ ICCC 2019 (International Common Criteria Conference), which is a major conference for the community of experts involved in security evaluation
Verification of IVI Over-The-Air using UML/OCLSeungjoo Kim
Verification of IVI Over-The-Air using UML/OCL @ ICCC 2019 (International Common Criteria Conference), which is a major conference for the community of experts involved in security evaluation
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...
Virtual Currency Myth and Reality (Ver. 3.0 (182 pages) : Extended Version of Seoul National Univ. China AMP Seminar, Jan 24, 2018)
1. 고려대학교정보보호대학원
마스터 제목 스타일 편집
고려대학교정보보호대학원
Virtual Currency
Myth and Reality(Ver. 3.0 : Extended Version of Seoul National Univ. CHAMP Seminar, Jan 24, 2018)
(Feb 21, 2018)
2. 보안성분석평가연구실
김승주 교수 (skim71@korea.ac.kr)
로봇융합관 306호
- Security Engineering : (1) Threat-Risk Modeling
(2) Provably Secure Design (3) Automated Verification of
Security Implementations (4) (Structured) Penetration
Testing (5) Secure Over-The-Air Software Updates
- Security Evaluation & Certification (including CMVP, CC,
C&A, SSE-CMM)
- SDL (Security Development Lifecycle)
연구분야
Security Analysis aNd Evaluation Lab
www.KimLab.net / gss.korea.ac.kr
주요 경력 :
1990.3~1999.2) 성균관대학교 공학 학사·석사·박사
1998.12~2004.2) KISA 암호기술팀장 및 CC평가1팀장
2004.3~2011.2) 성균관대학교 정보통신공학부 부교수
2011.3~현재) 고려대학교 사이버국방학과∙정보보호대학원 정교수
Founder of (사)HARU & SECUINSIDE
2017.4~현재) 고려대학교 사이버무기시험평가연구센터 부센터장
前) 육군사관학교 초빙교수
前) 선관위 DDoS 특별검사팀 자문위원
前) 개인정보분쟁조정위원회 위원
前) KBS ‘명견만리’, ‘장영실쇼’ 및 EBS ‘과학다큐 비욘드’ 출연
現) 카카오뱅크 정보보호부문 자문교수
現) 한국블록체인협회 정보보호 소위원회 위원
- ’96: Convertible Group Signatures (AsiaCrypt)
- ’97: Proxy Signatures, Revisited (ICICS): 700회이상 피인용
* 100회 이상 피인용 논문 건수: 6건
- ’06: 국가정보원 암호학술논문공모전 우수상
- ’07: 국가정보원장 국가사이버안전업무 유공자 표창
- ’12,’16: 고려대학교 석탑강의상
- ’13,’17: Smart TV Security (Black Hat USA 및 Hack In Paris): 삼성 및 LG 스마트TV 해킹(도청∙도촬) 및 해적방송 송출 시연
주요 R&D 성과
삼성전자와 공동으로
국내 최초 프린터복합기 보안 인증 획득 (2008년)
LG전자와 공동으로
세계 최초 스마트TV 보안 인증 획득 (2015년)
3. 고려대학교 정보보호대학원
마스터 제목 스타일 편집
[1] “Smart TV Security - #1984 in 21st century”, SeungJin (beist) Lee et al., CanSecWest 2013
[2] “Hacking, Surveilling, and Deceiving Victims on Smart TV”,
SeungJin (beist) Lee et al., Black Hat USA 2013
[3] “Developing a Protection Profile for Smart TV”,
Minsu Park et al., International Common Criteria Conference 2014
[4] "(The First Experimental) Study on Smart TV Forensics”,
Heesoo Kang et al., Journal of the KIISC, 2014 (in Korean)
2013.3
2013.7
2014.9
2014.10
[5] (R&D with LG electronics) we got TTA-verified
security certification for Smart TV from TTA
2015.12
[6] ”Further Analysis on Smart TV Forensics",
Minsu Park et al., Journal of Internet Technology (SCI-Indexed Journal),
2016.11 (Accepted for Publication)
2016.11
[7] (R&D with LG electronics) We received 'world-first' Common Criteria EAL2 certification
for home appliances (Smart TV). 2017.4
[8] “Are you watching TV now? Is it real?: Hacking of smart TV with 0-day”
JongHo Lee et al., Hack in Paris 2017 2017.6
[10] “LG vs. Samsung Smart TV: Which Is Better for Tracking You?”
Sangmin Lee et al., CODE BLUE 2017
2017.11
[9] “How to Obtain Common Criteria Certification of Smart TV for Home IoT
Security and Reliability”, Sooyoung Kang et al., Symmetry-Basel (SCI-Indexed Journal)
2017.10
대표 연구 실적 – Smart TV
8. 고려대학교 정보보호대학원
마스터 제목 스타일 편집
Contents – Part I –
Virtual Currency
Bitcoin
Blockchain & Fork
Classical Consensus Mechanisms
Blockchain Consensus Mechanism
Soft Fork vs. Hard Fork
Main Challenges with PoW Blockchain
Decentralized
Scalability
Consensus(or Security)
Anonymity & Privacy
Programming Errors
Other Challenges with PoW Blockchain
9. 고려대학교 정보보호대학원
마스터 제목 스타일 편집
Contents – Part II –
Ethereum & Smart Contracts
Ethereum
Smart Contracts
Main Challenges with Smart Contracts
DAO, ICO, and DApp
IOTA & Tangle
IOTA
Tangle(Not a Blockchain!)
Main Challenges with Tangle
Others : Litecoin, Cardano, NEO
What Happens in Korea Now!
Conclusions
10. 고려대학교 정보보호대학원
마스터 제목 스타일 편집
Contents – FAQs –
정부의 '거래소 폐쇄'에 대한 의견은?
가상화폐는 화폐인가?
블록체인과 가상화폐, 분리가 가능한가?
바람직한 투자 환경이 조성되려면?
17. 고려대학교정보보호대학원
마스터 제목 스타일 편집
17
Anonymity (익명성)
Transferability (양도성)
Prevent copy & double-spending
(재사용 방지)
Decentralized (분산 처리)
DigiCash (1988) vs. Bitcoin (2008)
18. 고려대학교정보보호대학원
마스터 제목 스타일 편집
18
Anonymity (익명성)
Transferability (양도성)
Prevent copy & double-spending
(재사용 방지)
Decentralized (분산 처리)
by Blockchain
DigiCash (1988) vs. Bitcoin (2008)
Bitcoin is often called the first cryptocurrency,
although prior systems existed and it is more
correctly described as ‘the first decentralized
digital currency’. – Wikipedia –
19. 고려대학교정보보호대학원
마스터 제목 스타일 편집
DigiCash
(Jannik Dreier et al., "Formal Analysis of E-Cash Protocols", SECRYPT 2015)
Client
Seller
1. Withdrawal 3. Deposit
4. If a client spends a coin twice
(a.k.a. double-spending),
his identity is revealed. (by
online/offline)
2. Payment
20. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Client
Seller
1. Withdrawal 3. Deposit
2. Payment
Bitcoin 4. Prevent double-spending by
blockchain consensus
mechanism
(Jannik Dreier et al., "Formal Analysis of E-Cash Protocols", SECRYPT 2015)
21. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Client
Seller
1. Withdrawal 3. Deposit
2. Payment
Bitcoin 4. Prevent double-spending by
blockchain consensus
mechanism
(Jannik Dreier et al., "Formal Analysis of E-Cash Protocols", SECRYPT 2015)
“Whereas most technologies tend to automate
workers on the periphery doing menial tasks,
blockchains automate away the center. Instead
of putting the taxi driver out of a job, blockchain
puts Uber out of a job and lets the taxi drivers
work with the customer directly.”
22. 고려대학교정보보호대학원
마스터 제목 스타일 편집
22
[Note] Altcoin
Aside from bitcoin, there are hundreds of
other digital currencies out there. These are
known as “altcoins,” or alternatives to
bitcoin.
(e.g.) Ether, Ripple, Zcash, Monero and Dash, to
name just a few.
However, Most altcoins offer no benefit
over Bitcoin at all. Plus, they have less hash
power securing them.
This means that altcoins are typically riskier
than Bitcoin!
23. 고려대학교정보보호대학원
마스터 제목 스타일 편집
23
[Note] Altcoin (Source: CoinMarketCap, Note: As of midday Feb 17, 2018)
24. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Consensus Mechanism
Agreement in the presence of faults
Coping with failures in computer systems
Very well-studied since 1980 in distributed
computing, starting with Leslie Lamport et al.
Failures (a.k.a. Byzantine failures) can be
non-malicious (due to random SW/HW errors) or
malicious (as a result of being attacked and
compromised)
???
Replicated data
But replication is
expensive! (consistency,
malicious attack etc.)
25. 고려대학교정보보호대학원
마스터 제목 스타일 편집[Note] Byzantine Generals Problem (1982)
(ACM Transactions on Programming Languages and Systems (TOPLAS), July 1982)
27. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Classical Consensus Mechanisms
Crash failure model (Honest nodes that
may fail, but not deliberate act maliciously)
2PC (Two Phase Commit)
Paxos
Quorum
Chubby : Google File System (GFS), BigTable
Byzantine failure model
PBFT (Practical Byzantine Fault Tolerance)
XFT (Cross Fault Tolerance)
Honey Badger
Hybster (Hybrids on Steroids : SGX-based high
performance BFT)
(Bano et al., "SoK: Consensus in The Age of Blockchains", arXiv 2017)
28. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Classical Consensus Mechanisms
Crash failure model (Honest nodes that
may fail, but not deliberate act maliciously)
2PC (Two Phase Commit)
Paxos
Quorum
Chubby : Google File System
Byzantine failure model
PBFT (Practical Byzantine Fault Tolerance)
XFT (Cross Fault Tolerance)
Honey Badger
Hybster (Hybrids on Steroids : SGX-based high
performance BFT)
(Bano et al., "SoK: Consensus in The Age of Blockchains", arXiv 2017)
???
Classical BFT protocols works well in centralized
setting where nodes are controlled by the same
entity or federation (e.g., Google, Naver). However,
decentralized networks that rely on volunteer
nodes need to provide incentives for participation.
29. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Blockchain (a.k.a Distributed Append-Only Ledger)
‘Practical’ distributed trustless
consensus mechanism
Everyone is the bank!
That is, every participant keeps a copy of the
record which would classically be stored at the
central bank.
Type : Public / Consortium / Private
(Nick Szabo, "The God Protocols", 1997)
31. 고려대학교정보보호대학원
마스터 제목 스타일 편집
(Michele D'Aliessi, "How Does the Blockchain Work? Blockchain Technology Explained in Simple Words", Jun 2, 2016)
(Bitcoin address)
Blockchain (a.k.a Distributed Append-Only Ledger)
35. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Property
Public
blockchain
Consortium
blockchain
Private
Blockchain
Consensus
determination
All miners
Selected set of
nodes
One organization
Read permission Public
Could be public or
restricted
Could be public or
restricted
Immutability
Nearly impossible
to tamper
Could be
tampered
Could be
tampered
Efficiency Low High High
Centralized No Partial Yes
Consensus process Permissionless Permissioned Permissioned
(An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends, 2017 IEEE International
Congress on Big Data)
Blockchain (a.k.a Distributed Append-Only Ledger)
36. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Property
Public
blockchain
Consortium
blockchain
Private
Blockchain
Consensus
determination
All miners
Selected set of
nodes
One organization
Read permission Public
Could be public or
restricted
Could be public or
restricted
Immutability
Nearly impossible
to tamper
Could be
tampered
Could be
tampered
Efficiency Low High High
Centralized No Partial Yes
Consensus process Permissionless Permissioned Permissioned
Consensus Core
algorithm
PoW, PoS
DPoS, PBFT, Raft
Ripple,
Tendermint(DPoS+PBFT)
DPoS, PBFT, Raft
Ripple,
Tendermint(DPoS+PBFT)
Blockchain Consensus Core Algorithms
※PoW : Proof of Useful Work / PoS : Proof of Stake / DPoS : Delegated Proof
of Stake / PBFT : Practical Byzantine Fault Tolerance
37. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Blockchain Consensus Core Algorithms
Property PoW PoS PBFT DPoS Ripple
Tender
mint
Node
identity
manage-
ment
open open
Permission-
ed
open open
Permission-
ed
Energy
saving
no partial yes partial yes yes
Tolerated
power of
adversary
<25%
computing
power
<51% stake
<33.3% fault
replicas
<51%
validators
<20%
faulty node
in UNL
<33.3%
byzantine
voting
power
Example
Bitcoin,
Ethereum
(Ethash)
Peercoin,
PPCoin, Nxt,
BlackCoin,
(Ethereum
(Slasher))
Hyperledger
Fabric
Bitshares Ripple Tendermint
※PoUW(Proof of Useful Work) : Primecoin, Gridcoin / PoB(Proof of Burn) /
PoET(Proof of Elapsed Time)
(Unique Node List)
38. 고려대학교정보보호대학원
마스터 제목 스타일 편집
38
Basically the PoW(Proof of Work)
demonstrates that a participant has done
some work and gets a reward.
First? Not!
39. 고려대학교정보보호대학원
마스터 제목 스타일 편집
39
The Bitcoin protocol makes use of PoW to
prevent Sybil attacks (single user
pretends many fake/sybil identities), and to
synchronize the network loosely (i.e., to
ensure for block to reach every corner of
the network).
Idea : User solve moderately hard puzzle
First? Not!
Hard to find solution Easy to verify
40. 고려대학교정보보호대학원
마스터 제목 스타일 편집
40
First? Not!
fake IDA fake IDB fake IDC
The cumulative computing power from all the miners,
secures the network against potential attacks from a hacker!
41. 고려대학교정보보호대학원
마스터 제목 스타일 편집
41
Now new!
C.Dwork and M.Naor, “Pricing via Processing
or Combating Junk Mail”, CRYPTO 1992.
For combating email spam
A.Back, “Hashcash - A Denial of Service
Counter-Measure”, TR, August 2002.
For limiting Denial-of-Service attacks
First? Not!
42. 고려대학교정보보호대학원
마스터 제목 스타일 편집
42
Block 78A…
prev block:
#497…
hash of transactions:
txn a78… ‖ signature
txn ffe… ‖ signature
txn 111… ‖ signature
txn 223… ‖ signature
…
random nonce (guess):
9758…
Block 087…
prev block:
#78A…
hash of transactions:
txn 839… ‖ signature
txn a76… ‖ signature
txn 91c… ‖ signature
txn 383… ‖ signature
…
random nonce (guess):
3004…
Hash output of
prev block
43. 고려대학교정보보호대학원
마스터 제목 스타일 편집
43
Block 78A…
prev block:
#497…
hash of transactions:
txn a78… ‖ signature
txn ffe… ‖ signature
txn 111… ‖ signature
txn 223… ‖ signature
…
random nonce (guess):
9758…
Block 087…
prev block:
#78A…
hash of transactions:
txn 839… ‖ signature
txn a76… ‖ signature
txn 91c… ‖ signature
txn 383… ‖ signature
…
random nonce (guess):
3004…
Hash output of
prev block
Proof of Work
When 1 zero added, work will be doubled
Because 25 = 24 * 2
depends on D leading zero bits
45. 고려대학교정보보호대학원
마스터 제목 스타일 편집
45
[Note] Bitcoin Block Structure
(Kiran Vaidya, "Bitcoin's Implementation of Blockchain", Dec 7, 2016)
46. 고려대학교정보보호대학원
마스터 제목 스타일 편집
46
Merkle Tree
Patented by Ralph Merkle in 1979
Saves memory
Only the root (top) hash added to the
blockchain
Only own branch of the tree relevant
[Note] Bitcoin Block Structure
47. 고려대학교정보보호대학원
마스터 제목 스타일 편집
47
For preventing inflation, the rewarding
price halves approximately every 4 years.
The initial reward was 50 Bitcoins in 2009,
then 25 Bitcoins in 2013, 12.5 Bitcoins in
2016 and it will happen again in the future.
With the constant halving, eventually there
will only be about 21 million Bitcoins.
At around year 2140, all Bitcoins will have
been generated.
Block rewards → Transaction fees
Bitcoin Mining Block Reward
(* But, in ACM CCS 2016, Miles Carlsten et al. showed that the stability of bitcoin is
NOT guaranteed as mining rewards decline.)
48. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Soft Fork vs. Hard Fork
(Image : Invetopedia)
Follows
Old
Rules
Follows
Old
Rules
Follows Old Rules
But Violates
New Rules
Follows
Old & New
Rules
Follows
Old & New
Rules
Follows
Old
Rules
Blocks From
Non-Upgraded
Nodes
Blocks From
Upgraded
Nodes
A Soft Fork : Blocks Violating New Rules Are Made Stale By Upgraded Mining Majority
A Hard Fork : Non-Upgraded Nodes Reject The New Rules, Diverging The Chain
Follows
Old
Rules
Follows
Old
Rules
Blocks From
Non-Upgraded
Nodes
Blocks From
Upgraded
Nodes
Follows
Old
Rules
Follows
Old
Rules
Follows
New
Rules
Follows
New
Rules
Follows
New
Rules
Follows
New
Rules
49. 고려대학교정보보호대학원
마스터 제목 스타일 편집
49
Main Challenges with PoW Blockchain
Bitcoin has worked surprisingly
well in practice so far...
Will Bitcoin ‘still’ work in practice
in the future?
50. 고려대학교정보보호대학원
마스터 제목 스타일 편집
50
Decentralized
Scale Consensus
Main Challenges with PoW Blockchain
51. 고려대학교정보보호대학원
마스터 제목 스타일 편집
51
In the initial design stage of Bitcoin,
Satoshi Nakamoto hoped that all the
participants can use the CPU to mine.
So the hashing power can match the nodes
and each node has the opportunity to
participate in the decision-making of the
blockchain.
Q) Decentralized?
52. 고려대학교정보보호대학원
마스터 제목 스타일 편집
52
However, with the development of
technology and the appreciation of Bitcoin,
the machines that are specially designed
for mining are invented.
CPU → GPU → FPGA → ASIC
And the hashing power is grouped in the
participants that have large numbers of
mining machines.
The mining pools are operated centrally or are
designed in a P2P way.
Q) Decentralized?
55. 고려대학교정보보호대학원
마스터 제목 스타일 편집
55
Q) Decentralized?
(Financial Cryptography and Data Security 2018)
56. 고려대학교정보보호대학원
마스터 제목 스타일 편집
56
Q) Decentralized?
Neither are all that decentralized!
Both Bitcoin and Ethereum mining are very centralized,
with the top four miners in Bitcoin and the top three
miners in Ethereum controlling more than 50% of the
hash rate.
(Financial Cryptography and Data Security 2018)
57. 고려대학교정보보호대학원
마스터 제목 스타일 편집
57
Mining pools are groups of cooperating
miners who agree to share block
rewards in proportion to their
contributed mining hash power.
[Note] What is a Mining Pool?
(Jordan Tuwiner, "Bitcoin Mining Pools", July 13, 2017)
58. 고려대학교정보보호대학원
마스터 제목 스타일 편집
58
‘Decentralization’ means that every
participating node on the network
processes every transaction and maintains a
copy of the entire state. Possible?
Bitcoin's security heavily depends on the
assumption that the block propagation time
<< block generation time.
Bitcoin blockchain can only process nearly 7
transactions / 1 second (10 minutes / 1 block) to
ensure for block to reach every corner of the network.
VISA system can process 1700 transaction / 1 second.
In fact, the blockchain actually gets weaker
as more nodes are added to its network.
Q) Scalability?
(Preethi Kasireddy, "Blockchains Don’t Scale. Not Today, at Least. But There's Hope", Aug 23, 2017)
59. 고려대학교정보보호대학원
마스터 제목 스타일 편집[Note] Bitcoin vs. P2P File Sharing
The Bitcoin network has aims which
differ from those of peer-to-peer file
sharing systems.
In Bitcoin, the aim is not to find specific
files or data items, but to distribute
information as fast as possible to reach
consensus on the block chain.
(Florian Tschorsch Björn Scheuermann, "Bitcoin and Beyond: A Technical Survey on Decentralized Digital
Currencies", IEEE Communications Surveys & Tutorials (COMST), Mar 2, 2016)
60. 고려대학교정보보호대학원
마스터 제목 스타일 편집
60
In a traditional database system, the
solution to scalability is to add more
servers to handle the added transactions.
But in the decentralized blockchain world…
Increasing the block size
SegWit (Segregated Witness)
Off-chain state channels : Lightning Network,
Raiden Network
DB Sharding
Plasma
Off-chain computations : TrueBit
Q) Scalability?
61. 고려대학교정보보호대학원
마스터 제목 스타일 편집
61
Q) Scalability?
실험에서 9301건의 지급지시 처리에 기존 9시간보다 2시
간 33분이 추가로 소요됐다. 시스템 장애시 복구에도 어려
움을 겪었다.
62. 고려대학교정보보호대학원
마스터 제목 스타일 편집
62
[Note] Increasing Block Size (2017)
("Bitcoin Cash is Bitcoin", Oct 2017, www.bitcoin.com)
(SegWit Chain)
63. 고려대학교정보보호대학원
마스터 제목 스타일 편집
63
[Note] SegWit (2017)
Signatures are an integral part of the chain
Signatures are outside of the chain.
(Peter Rizun, “SegWit Coins Are Not Bitcoins”, The Future of Bitcoin Conference 2017)
66. 고려대학교정보보호대학원
마스터 제목 스타일 편집
66
[Note] Off-Chain State Channels
via
multi-signature
or some sort
of smart
contract
67. 고려대학교정보보호대학원
마스터 제목 스타일 편집
67
Consensus in asynchronous distributed
computing has been known to be
unsolvable since 1985.
Q) Security? – Algorithms
Short delay
Long delay
68. 고려대학교정보보호대학원
마스터 제목 스타일 편집
68
Blockchain consensus algorithms meet the
theoretical fault tolerance under the
assumptions of a fully synchronous
network (i.e. messages are instantly delivered without delays).
Juan Garay, Aggelos Kiayias, and Nikos
Leonardos, “The Bitcoin Backbone Protocol:
Analysis and Applications”, EUROCRYPT 2015.
It remains unclear what are the guarantees
offered by blockchain consensus algorithms
and what are the necessary conditions for
these guarantees to be satisfied.
Q) Security? – Algorithms
(* Asynchronous setting is even more complex and analyzed in 2016 under a-priori bounded adversarial
delays and random oracle model)
69. 고려대학교정보보호대학원
마스터 제목 스타일 편집
69
Finney attack or Zero-confirmation attack (2011)
Vector 76 or One-confirmation attack (2011)
Block withholding (BWH) attack (2011, 2016)
Time jacking (2011)
Double spending or Race attack (2012)
Brute force attack (2013)
>50% hashpower or Goldfinger (because it will probably destroy the Bitcoin
network) (2013)
Block discarding (2013, 2014) or Selfish mining (2014)
Punitive and Feather forking (2013, 2016)
Transaction malleability (2014, 2015)
Wallet theft (2014)
DDoS (2014)
Eclipse Attack or Netsplit (2015)
Tampering (2015)
Bribery attacks (2016)
Fork after withholding (FAW) attack (2017)
Refund attacks (2017)
Bitcoin Hijacking (2017), etc.
Q) Security? – Algorithms
70. 고려대학교정보보호대학원
마스터 제목 스타일 편집
70
(e.g.) Blockchain is vulnerable even if
only a small portion of the hashing
power is used to cheat.
Up to now, the top 5 mining pools together
owns larger than 51% of the total hash
power in the Bitcoin network.
Apart from that, selfish mining strategy
showed that pools with over 25% of total
computing power could get more revenue
than fair share.
Q) Security? – Algorithms
[1] "The Biggest Mining Pools," https://bitcoinworldwide.com/mining/pools/
[2] I.Eyal and E.G.Sirer, "Majority Is Not Enough: Bitcoin Mining Is Vulnerable", Financial Cryptography
and Data Security 2014.
71. 고려대학교정보보호대학원
마스터 제목 스타일 편집
71
[Note] Double Spending Attack
Idea : Since Bitcoin is basically a digital
file, it's easier to copy than actual
money. This means some people can
manipulate their way to paying more
than once with the same bitcoin.
Variants : Finney attack / Zero-confirmation
attack (2011), Vector 76 / One-confirmation
attack (2011), Brute force attack (2013), etc.
If a miner (or mining pool) is able to mine
blocks with a faster rate than the rest of the
Bitcoin network, the possibility of a successful
double spending attack is high.
72. 고려대학교정보보호대학원
마스터 제목 스타일 편집
72
[Note] Double Spending Attack
For now, there is NO solution that
guarantees the complete protection from
double spending in Bitcoin.
The most effective way to prevent them
is to wait for multiple numbers of
confirmations (e.g., 6 blocks x 10
minutes) before delivering goods or
services.
Not appropriate for fast payment scenarios!
73. 고려대학교정보보호대학원
마스터 제목 스타일 편집
73
[Note] Selfish Mining Attack (2014)
Idea : The attacker will mine his blocks
privately and release them at the right
time so that honest miners waste their
computational power.
Called ‘selfish mining’ or ‘block
discarding(or withholding)’
‘Block withholding’ is also sometimes used in the
context of mining pools - submitting shares but
withholding valid blocks
74. 고려대학교정보보호대학원
마스터 제목 스타일 편집
74
[Note] Selfish Mining Attack (2014)
…
State 0 : Only a single public chain.
(Philippe Camacho, "Analyzing Bitcoin Security", Jun 15, 2016)
75. 고려대학교정보보호대학원
마스터 제목 스타일 편집
75
[Note] Selfish Mining Attack (2014)
State 1 : Adversary manages to mine a
block. The block is kept private.
…
(Philippe Camacho, "Analyzing Bitcoin Security", Jun 15, 2016)
76. 고려대학교정보보호대학원
마스터 제목 스타일 편집
76
[Note] Selfish Mining Attack (2014)
State 2 : Adversary manages to mine a
block. The block is kept private.
…
(Philippe Camacho, "Analyzing Bitcoin Security", Jun 15, 2016)
77. 고려대학교정보보호대학원
마스터 제목 스타일 편집
77
[Note] Selfish Mining Attack (2014)
State 3 : Honest miners find a block.
…
In this
situation the
private
chain is
published
and the
honest
miners loose
their block.
(Philippe Camacho, "Analyzing Bitcoin Security", Jun 15, 2016)
78. 고려대학교정보보호대학원
마스터 제목 스타일 편집
78
[Note] Selfish Mining Attack (2014)
State 3 : After releasing the private chain,
back to state 0.
…
New head of
the public
chain.
(Philippe Camacho, "Analyzing Bitcoin Security", Jun 15, 2016)
79. 고려대학교정보보호대학원
마스터 제목 스타일 편집
79
[Note] Block Withholding Attack (2011)
☞ Partial PoW (or Share) : Nonce making hash value with d(<D) leading zeros
(e.g. (D=4)) Partial PoWs : Nonces making 0011X, 0010X, 0001X, etc.
Full PoWs : Nonces making 0000X
(by PPS(Pay-Per-Share), PPLNS, etc.)
80. 고려대학교정보보호대학원
마스터 제목 스타일 편집
80
[Note] Block Withholding Attack (2011)
Idea : Withholding certain blocks.
Sabotage Attack on Mining Pools : Not
submitting correct PoWs at all (but
submitting only the dud PoWs) to cause
financial harm to the pool or its participants.
Purely destructive! (i.e., Don't make any financial
sense. It just makes everybody loose!)
Lie-in-Wait Attack on Mining Pools : Delay
submitting of a correct PoW, and uses the
knowledge of the imminent block to focus
his mining on where it is most rewarding.
Profitable!
81. 고려대학교정보보호대학원
마스터 제목 스타일 편집
81
Sabotage Attack on Mining Pools
Results :
The pool looses money.
The dishonest miner doesn't earn anything (also
looses a very small amount).
Thus ‘purely destructive’!
[Note] Block Withholding Attack (2011)
Dishonest Miner Mining Pool Operator
Dud PoW
Money
Correct PoW
(excessively
rare case)
(Stefan Dziembowski, "Mining Pools and Attacks", Workshop on Bitcoin, Introduction to Cryptocurrencies, Jun 6-7, 2016)
82. 고려대학교정보보호대학원
마스터 제목 스타일 편집
82
Sabotage Attack on Mining Pools
Adversary's goal : Make the mining pool
bankrupt (e.g. he owns a competing pool).
It is rumored that in June 2014 such an attack
was executed against the mining pool Eligius.
Estimated loses : 300 BTC.
[Note] Block Withholding Attack (2011)
Dishonest Miner Mining Pool Operator
Dud PoW
Money
Correct PoW
(excessively
rare case)
(Stefan Dziembowski, "Mining Pools and Attacks", Workshop on Bitcoin, Introduction to Cryptocurrencies, Jun 6-7, 2016)
83. 고려대학교정보보호대학원
마스터 제목 스타일 편집
83
Lie-in-Wait Attack on Mining Pools
Mining for several mining pools and
strategically calculating the time to
submit his correct blocks.
[Note] Block Withholding Attack (2011)
Dishonest Miner
1/3 Computing Power
Mining Pool P1
Mining Pool P2
Mining Pool P3
(Stefan Dziembowski, "Mining Pools and Attacks", Workshop on Bitcoin, Introduction to Cryptocurrencies, Jun 6-7, 2016)
84. 고려대학교정보보호대학원
마스터 제목 스타일 편집
84
Lie-in-Wait Attack on Mining Pools
Once you find a correct PoW for P2 (say) :
1. Wait with submitting it.
2. Directs all mining capacity to P2.
3. Submit the solution to P2 after sometime.
It can be formally shown that this is
profitable. (Rosenfeld, 2011)
[Note] Block Withholding Attack (2011)
Intuition :
P2 is a very
likely winner
(Stefan Dziembowski, "Mining Pools and Attacks", Workshop on Bitcoin, Introduction to Cryptocurrencies, Jun 6-7, 2016)
85. 고려대학교정보보호대학원
마스터 제목 스타일 편집
85
[Note] The Miner’s Dilemma (2015)
If two pools attack each other with
block withholding attack, they arrive at a
Nash Equilibrium in which each earns
less than they would have if neither of
them attacked.
86. 고려대학교정보보호대학원
마스터 제목 스타일 편집
86
[Note] Eclipse Attack (2015)
Idea : The attacker surrounds the victim
in the P2P network so that it can filter
his view on the events.
(E.Heilman, A.Kendler, A.Zohar, and S.Goldberg, "Eclipse Attacks on Bitcoin’s Peer-to-Peer Network", USENIX Security 2015)
87. 고려대학교정보보호대학원
마스터 제목 스타일 편집
87
[Note] Transaction Malleability (2014)
txID (Transaction Identifier) : A SHA-256
hash of all the fields of the transaction data
Transaction Malleability : Changing the
txID without invalidating the signature
Actual Damage from Malleability :
A problem arises particularly with wallets that
use only txID to identify transactions.
If a tampered transaction is captured and confirmed
in the block before the correct transaction, the
balance in Wallet will be mismatched. Then the
correct transaction is considered double payment
from the node and it will be processed as an invalid
transaction.
88. 고려대학교정보보호대학원
마스터 제목 스타일 편집
88
[Note] Transaction Malleability (2014)
Bitcoin Transaction Message
91. 고려대학교정보보호대학원
마스터 제목 스타일 편집
91
[Note] Transaction Malleability (2014)
txID
(Ken Shirriff, "Bitcoin Transaction Malleability: Looking at The Bytes", Feb 13, 2014)
93. 고려대학교정보보호대학원
마스터 제목 스타일 편집
93
[Note] Transaction Malleability (2014)
We store some funds on Mt. Gox. We do a withdrawal. We find the
transaction and change it. We submit the changed transaction faster
than Mt. Gox. The new transaction sometimes wins and we have our
money. We wait 2 days and complain to Mt Gox that our money
hasn't arrived. They search with the old txID and see that the original
transaction wasn't processed (they think you weren't paid yet). They
pay you again with different money. Yay!!
96. 고려대학교정보보호대학원
마스터 제목 스타일 편집
96
Storing in plaintext on the PC - bad idea
(malware attacks)
Encrypting with a password - susceptible to the
dictionary attacks
Better : Split the key between several devices.
Two options :
Use the multi-signature feature of Bitcoin
Use secret sharing and the multi-party
computations
Store on the USB memory - also susceptible to
malware (once connected to the PC).
Use a smarter device - more secure, especially if
it has a display.
Q) Security? – Wallet Theft
(Stefan Dziembowski, "Mining Pools and Attacks", Workshop on Bitcoin, Introduction to Cryptocurrencies, Jun 6-7, 2016)
98. 고려대학교정보보호대학원
마스터 제목 스타일 편집
98
Recent studies have demonstrated that
about 40% of Bitcoin users are able to
be identified through these public
transaction logs. This is due, in part, to
Bitcoin’s increased reliance on a few
large accounts.
(Preston Miller, "Virtual Currencies and their Relevance to
Digital Forensics“, Apr 9, 2017)
Q) Anonymity & Privacy?
99. 고려대학교정보보호대학원
마스터 제목 스타일 편집
99
Q) Anonymity & Privacy?
Anonymity = Pseudonymity + Unlinkability
100. 고려대학교정보보호대학원
마스터 제목 스타일 편집
100
Pseudonymity of Bitcoin Transactions
Q) Anonymity & Privacy?
101. 고려대학교정보보호대학원
마스터 제목 스타일 편집
101
Unlinkability of Bitcoin Transactions
Q) Anonymity & Privacy?
If Alice conducts two bitcoin transactions
using different bitcoin addresses
("pseudonyms"), how hard is it for those
transactions to be linked?
103. 고려대학교정보보호대학원
마스터 제목 스타일 편집
103
Q) Anonymity & Privacy?
Trust Problem with Mixing Services! : From Bitcoin's
perspective, transferring coins means changing the
ownership in a irreversible way. At this point, the mix
(who might be malicious) is the legitimate owner of the
coins. Thus, he could spend them for whatever he likes.
This monetary aspect should not be underestimated, as
it amplifies the trust problem with mixing services.
104. 고려대학교정보보호대학원
마스터 제목 스타일 편집
104
Q) Anonymity & Privacy?
(√: zk-STARKs)
[1] Bitcoin Beginner, “Privacy Coin Comparison”, December 30, 2017
[2] Felix Küster, "Privacy Coins Guide: Comparison of Anonymous Cryptocurrencies", Aug 23, 2017
105. 고려대학교정보보호대학원
마스터 제목 스타일 편집
105
Q) Anonymity & Privacy?
(√: zk-STARKs)
Increasing privacy level at the price of a bloated
block chain and more complex operations!
[1] Bitcoin Beginner, “Privacy Coin Comparison”, December 30, 2017
[2] Felix Küster, "Privacy Coins Guide: Comparison of Anonymous Cryptocurrencies", Aug 23, 2017
111. 고려대학교정보보호대학원
마스터 제목 스타일 편집
111
[Note] zk-SNARKs (2012)
Zero-Knowledge Succinct Non-interactive
ARgument of Knowledge
Cryptographic method for proving/verifying, in
zero-knowledge, the integrity of computations.
In Bitcoin, transactions are validated by linking the
sender address, receiver address, and input and
output values on the public blockchain.
Zcash uses zk-SNARKs to prove that the conditions
for a valid transaction have been satisfied without
revealing any crucial information about the
addresses or values involved.
However, requires a trusted setup.
112. 고려대학교정보보호대학원
마스터 제목 스타일 편집
112
A block 74638 (Aug 2010) contained a
transaction with two output summing to
over 184 billion BTC - this was because of
an integer overflow in Bitcoin software.
Solved by a software update and a "manual
fork". One double spending observed (worth
10,000 USD).
A fork at block 225430 (March 2013)
caused by an error in the software update
of Bitcoin Core.
Lasted 6 hours, solved by reverting to an older
version of the software.
Q) Programming Errors
(Stefan Dziembowski, "Mining Pools and Attacks", Workshop on Bitcoin, Introduction to Cryptocurrencies,
Jun 6-7, 2016)
114. 고려대학교정보보호대학원
마스터 제목 스타일 편집
114
Decentralized unlicensed exchanges
(DEXs) vs. Centralized licensed exchanges
(e.g.) EtherDelta
Storage constraints
Lack of governance and standards
Quantum computing threat
… and more.
Other Challenges with PoW Blockchain
115. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
Distributed Turing Machine with
Blockchain Protection (by Vitalik Buterin)
Distributed Turing Machine
A smart contract program is executed by a
network of miners who reach consensus on the
outcome of the execution,
Turing Machine with Blockchain Protection
and update the contract’s state on the
blockchain accordingly.
116. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
Distributed Turing Machine with
Blockchain Protection (by Vitalik Buterin)
Distributed Turing Machine
A smart contract program is executed by a
network of miners who reach consensus on the
outcome of the execution,
Turing Machine with Blockchain Protection
and update the contract’s state on the
blockchain accordingly.
117. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
Distributed Turing Machine with
Blockchain Protection (by Vitalik Buterin)
Distributed Turing Machine
A smart contract program is executed by a
network of miners who reach consensus on the
outcome of the execution,
Turing Machine with Blockchain Protection
and update the contract’s state on the
blockchain accordingly.
118. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
Distributed Turing Machine
(https://bytescout.com/blog/ethereum-turing-blockchain.html)
119. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
Distributed Turing Machine
It is better to think of smart contracts not as signing
a contract but as executing pieces of simple code
(executed inside of the virtual machine).
(https://bytescout.com/blog/ethereum-turing-blockchain.html)
120. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
Distributed Turing Machine
The one who calls the contract must pay. To do this,
Ethereum uses the so-called Gas – this is a small
piece of Ether (ETH) – the domestic currency.
(https://bytescout.com/blog/ethereum-turing-blockchain.html)
121. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
Distributed Turing Machine
(https://bytescout.com/blog/ethereum-turing-blockchain.html)
122. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
TM (= Transaction-based State Machine)
with Blockchain Protection
In computer science, a state machine refers
to something that will read a series of
inputs and, based on those inputs, will
transition to a new state.
123. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
TM (= Transaction-based State Machine)
with Blockchain Protection
State instead of History!
(https://bytescout.com/blog/ethereum-turing-blockchain.html)
124. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
(very similar to Javascript)
(Ethereum VM is Turing-complete)
(Note : Bitcoin has a ad-hoc, non-Turing-complete stack-based
scripting language with fewer than 200 commands called 'opcodes'.)
Solidity
(very similar to Javascript)
Ethereum Bytecodes
Ethereum VM
(Ethereum VM is Turing-complete)
compiles to
executed by
125. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
(very similar to Javascript)
(Ethereum VM is Turing-complete)
Solidity
(very similar to Javascript)
Ethereum Bytecodes
Ethereum VM
(Ethereum VM is Turing-complete)
compiles to
executed by
This makes Ethereum susceptible to the halting problem. If there were no fees, a malicious
actor could easily try to disrupt the network by executing an infinite loop within a transaction,
without any repercussions. Thus, fees protect the network from deliberate attacks.
126. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum (2013)
(https://bytescout.com/blog/ethereum-turing-blockchain.html)
128. 고려대학교정보보호대학원
마스터 제목 스타일 편집
128
[Note] Smart Contracts (1996)
Smart Contract : A set of promises, specified in digital
form, including protocols within which the parties
perform on these promises.
- Observability
- Verifiability
- Privity
- Enforceability
129. 고려대학교정보보호대학원
마스터 제목 스타일 편집
129
[Note] Smart Contracts (1996)
“Smart contracts often involve trusted third parties,
exemplified by an intermediary, who is involved in the
performance, and an arbitrator, who is invoked to
resolve disputes arising out of performance (or lack
thereof).”
130. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Mining Ether = Securing the network =
Verify computation
Ethereum’s PoW algorithm is called
Ethash
A modified version of Dagger-Hashimoto
Memory hard, making it basically ASIC-
resistant
Will be switched to PoS
Blocks are mined on average every 15
seconds.
Thus Ethereum’s blockchain can process
around 25 transactions / 1 second.
Ether Mining
131. 고려대학교정보보호대학원
마스터 제목 스타일 편집
131
Computing a valid proof of work should
require not only a large number of
computations, but also a large amount
of memory.
[Note] Memory Hardness
134. 고려대학교정보보호대학원
마스터 제목 스타일 편집
134
Idea : (Consensus by Bet) Someone
who has a lot of stake will not do
anything to endanger this stake, such as
cheating, because then it would become
less valuable.
However, PoS has not been as successful as
Proof-of-Work.
[Note] PoS (Proof of Stake)
135. 고려대학교정보보호대학원
마스터 제목 스타일 편집
135
Casper PoS Algorithm
1. The validators stake a portion of their Ethers as
stake.
2. After that, they will start validating the blocks.
Meaning, when they discover a block which
they think can be added to the chain, they will
validate it by placing a bet on it.
3. If the block gets appended, then the validators
will get a reward proportionate to their bets.
4. However, if a validator acts in a malicious
manner and tries to do a "nothing at stake",
they will immediately be reprimanded, and all
of their stake is going to get slashed.
[Note] PoS (Proof of Stake)
136. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum’s GHOST Protocol
Because of the way Ethereum is built,
block times are much lower (~15
seconds) than those of other blockchains,
like Bitcoin (~10 minutes).
This enables faster transaction
processing. However, one of the
downsides of shorter block times is that
more competing block solutions are
found by miners.
137. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum’s GHOST(Greedy Heaviest
Observed Subtree) was introduced in
2013 to solve this problem by rewarding
also to ommer/uncle block (i.e., inviting the entire
tree structure of transactions).
An ommer/uncle is a smaller reward than a
full block. And the reward rapidly diminishes,
ending at zero after seven blocks later.
You reward miners to "confirm" that they
are uncles, and this helps securing the
network by making the chain "heavier".
Ethereum’s GHOST Protocol
138. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Ethereum’s GHOST(Greedy Heaviest
Observed Subtree) was introduced in
2013 to solve this problem by rewarding
also to ommer/uncle block (i.e., inviting the entire
tree structure of transactions).
An ommer/uncle is a smaller reward than a
full block. And the reward rapidly diminishes,
ending at zero after seven blocks later.
You reward miners to "confirm" that they
are uncles, and this helps securing the
network by making the chain "heavier".
Ethereum’s GHOST Protocol
139. 고려대학교정보보호대학원
마스터 제목 스타일 편집
139
Lack of formal contract verification!
(e.g.) The launch of The DAO was anticipated
by almost everyone so immediately after the
launch, about $165 million was sent to the
fund. This was a great event in the community.
A week after the launch, an error was found in the
code of the smart contract in the very place where
the logic was implemented "to get out and take your
share out of the fund."
The essence of the bug was that instead of the address of
the recipient of the share, it was possible to use the
address of another smart contract.
So the hackers brought to their accounts more than
$65 million!
Main Challenges with Smart Contracts
140. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Decentralized Autonomous Organization
Launched on 30 April 2016
Crowdfunding using smart contracts
A smart contract was a guarantee that no one
will deceive anyone and there will be absolute
democracy in all aspects. It even took into
account the option that some participants will
want to leave the DAO and take their shares
out of the fund.
(e.g.) If they do not agree with the choice of projects
or just want to play for investors themselves
[Note] DAO (2016)
141. 고려대학교정보보호대학원
마스터 제목 스타일 편집
ICO
(Classic) Initial Coin Offering
Similar to an IPO, but here investor got
nothing other than the digital tokens
Investors
Company
New
Crypto
Currency
142. 고려대학교정보보호대학원
마스터 제목 스타일 편집
DApp
Decentralized Application
App
Frontend Code & UI : make calls to its
backend
Backend Code : runs on centralized servers
DApp
Frontend Code & UI : make calls to its
backend
Backend Code : runs on a decentralized
P2P network (i.e., Ethereum Contracts)
144. 고려대학교정보보호대학원
마스터 제목 스타일 편집
IOTA & Tangle (2015)
IOTA : Cryptocurrency for the IoT
Tangle : DAG for storing transactions
(Directed Acyclic Graph) (Sequential List)
145. 고려대학교정보보호대학원
마스터 제목 스타일 편집
IOTA & Tangle (2015)
IOTA : Cryptocurrency for the IoT
Tangle : DAG for storing transactions
(Directed Acyclic Graph) (Sequential List)
Our world is currently
entangled. The tangle with
bind it together.
146. 고려대학교정보보호대학원
마스터 제목 스타일 편집
IOTA & Tangle (2015)
Main focus of the IOTA is on the IOT
and M2M micropayment transactions.
IOTA scales almost infinitely, unlike
Blockchains.
IOTA is free in the sense that zero
transaction fee.
Essentially the transaction fee is verifying
other transactions.
IOTA has an integrated quantum-
resistant algorithm, the WOTS(Winternitz
One-Time Signature) scheme.
148. 고려대학교정보보호대학원
마스터 제목 스타일 편집
IOTA & Tangle (2015)
In order to issue a transaction, do the following:
1. Choose two other transactions (that you will verify)
according to a ’Transaction Selection Algorithm’.
2. If you find that there is a transaction conflicting
with the tangle history, you should not approve
the conflicting transaction in either a direct or
indirect manner.
3. When issuing a valid transaction, you must solve a
cryptographic puzzle similar to those in the
Bitcoin blockchain (On average, it is around 38).
Basic Idea: A newly issued transaction is obligated
to approve TWO old transactions.
Propagation Incentive for Users: You will be dropped by your neighbor, when you show
laziness toward propagating transactions (i.e., always approve a pair of very old
transactions, therefore not contributing to the approval of more recent transactions).
(Serguei Popov, “The Tangle”, Oct 1, 2017, Version 1.3)
149. 고려대학교정보보호대학원
마스터 제목 스타일 편집
149
[Note] Transaction Selection Algorithm
Random : Not good, for it does not
encourage approving tips.
Random among the top section
(section near tips) : Good. Tips have a
much higher probability to be selected
and approved.
MCMC(Markov Chain Monte Carlo)-based
algorithm
(Jeff Hu, "IOTA Tangle: Introductory Overview of White paper for Beginners", Sep 28, 2017)
150. 고려대학교정보보호대학원
마스터 제목 스타일 편집
IOTA & Tangle (2015)
(Tangle Visualization : https://simulation1.tangle.works/)
151. 고려대학교정보보호대학원
마스터 제목 스타일 편집
IOTA & Tangle (2015)
(Tangle Visualization : https://simulation1.tangle.works/)
Genesis transaction : approved either directly or indirectly by all other transactions
Tips : Unapproved transactions
152. 고려대학교정보보호대학원
마스터 제목 스타일 편집
IOTA & Tangle (2015)
(Tangle Visualization : https://simulation1.tangle.works/)
Here, each transaction has a cumulative weight that changes over time. It is defined as the number of subsequent transactions
that have approved it directly or indirectly. Morally, an honest transaction has a much greater weight than a fraudulent transaction.
153. 고려대학교정보보호대학원
마스터 제목 스타일 편집
153
34% Attacks
Blockchain is vulnerable if one party has 51% of
the computing power on the network.
Since IOTA uses the Tangle to verify its
transactions, it's theoretically vulnerable if one
party controls only 34% (greater than 1/3) of
the network's computing power.
Early in IOTA's implementation is when it's most
vulnerable to such an attack. Since the early network
is small, with fewer nodes, it's easier for an attacker
to accumulate a 34% share of the network. To
combat this threat, IOTA is using a "Coordinator" in
its implementation.
Main Challenges with Tangle
154. 고려대학교정보보호대학원
마스터 제목 스타일 편집
154
Centralization
Coordinator : Run by Iota Foundation and is not
open-source. Its main purpose is to protect the network
until it grows strong enough to sustain against a large
scale attack from those who own GPUs.
Milestone : A special transaction issued by a Coordinator.
Milestones set general direction for the tangle growth and do
some kind of checkpointing. Transactions (in)directly
referenced by milestones are considered as confirmed.
This means that IOTA in its current form does not
provide any censorship resistance, since the path of
the tree is centrally directed through a Coordinator node
run by the IOTA Foundation.
Even if the Coordinator is planned to become optional
someday, we currently have no way to verify that the
technology will ever actually work safely without it.
Main Challenges with Tangle
(Eric Wall, "IOTA Is Centralized", Jun 14, 2017)
155. 고려대학교정보보호대학원
마스터 제목 스타일 편집
155
Lack of Testing and Peer Review
A number of crypto experts have
questioned IOTA's viability as a platform. The
technology behind IOTA simply hasn't been
tested enough to know how it will work at
scale, and how it will hold up to attacks.
IOTA's developers chose their own homemade
cryptography instead of using established
standards.
Main Challenges with Tangle
156. 고려대학교정보보호대학원
마스터 제목 스타일 편집
156
Lack of Testing and Peer Review
Main Challenges with Tangle
(Note) On Aug 7 2017 IOTA deployed a hardfork to their system to stop using Curl for signature message hashing. The
signature forgery vulnerability was fixed in IOTA Reference Implementation (IRI) version 1.3, IOTA wallet version 2.4.0.
(July 14, 2017)
157. 고려대학교정보보호대학원
마스터 제목 스타일 편집
157
Lack of Testing and Peer Review
Main Challenges with Tangle
(IOTA Foundation, "Official IOTA Foundation Response to the Digital Currency Initiative at the MIT Media Lab — Part
4/4", Jan 7, 2018)
158. 고려대학교정보보호대학원
마스터 제목 스타일 편집
158
Lack of Testing and Peer Review
Main Challenges with Tangle
(IOTA Foundation, "Official IOTA Foundation Response to the Digital Currency Initiative at the MIT Media Lab — Part
4/4", Jan 7, 2018)
IOTA's Curl-P function is not a cryptographic
function nor was it intended to be. With Coordinator
IOTA's security depends on one-wayness of Curl-P,
without Coordinator the security depends on collision
resistance.
Curl-P was indeed deployed in the open-source IOTA
protocol code as a copy-protection mechanism to
prevent bad actors cloning the protocol and using it
for nefarious purposes.
159. 고려대학교정보보호대학원
마스터 제목 스타일 편집
Litecoin (2011)
Released on October 7, 2011 by Charlie Lee.
It was inspired by, and in technical details is
nearly identical to, Bitcoin.
The Litecoin Network aims to process a
block every 2.5 minutes, rather than
Bitcoin's 10 minutes.
Due to Litecoin's use of the scrypt
algorithm, FPGA and ASIC devices made for
mining Litecoin are more complicated to
create and more expensive to produce than
they are for Bitcoin, which uses SHA-256.
161. 고려대학교정보보호대학원
마스터 제목 스타일 편집
NEO (2015)
Released in June 2015 by Da Hongfei.
Formerly known as ‘AntShares’. Often
referred to as Chinese Ethereum.
162. 고려대학교정보보호대학원
마스터 제목 스타일 편집
162
What Happens in Korea Now!
recipe( )
(Satoshi
Nakamoto)
(Bitcoin) .
,
.
.
166. 고려대학교정보보호대학원
마스터 제목 스타일 편집
166
Conclusions
(Karl Wüst and Arthur Gervais, "Do You Need a Blockchain?", Cryptology ePrint Archive: Report 2017/375)
167. 고려대학교정보보호대학원
마스터 제목 스타일 편집
167
Steven Bellovin : “A lab experiment that
escaped into the wild.”
Matt Blaze : “Cryptocurrency somehow
combines everything we love about
religious fanatics with everything we love
about Ponzi schemes.”
Joseph Bonneau : ”Bitcoin works in
practice, but not in theory.”
Seungjoo Kim : ”Blockchain technology is
like stem cells. Promising but still many
challenges remain...”
Conclusions
179. 고려대학교정보보호대학원
마스터 제목 스타일 편집
179
바람직한 투자 환경이 조성되려면?
' (mining & reward)'
.
.
' '
,
ACM CCS 2016
.
(1)
(2)
.
180. 고려대학교정보보호대학원
마스터 제목 스타일 편집
180
.
:
.
showing .
: white paper
' ' ,
' ' .
.
:
,
,
.
바람직한 투자 환경이 조성되려면?
181. 고려대학교정보보호대학원
마스터 제목 스타일 편집
References
[경제금융협력연구위원회(GFIN) 세미나]
비트코인, 돌멩이인가? 신화폐인가?
https://youtu.be/OGgtyDrYHAs
[암호인의 보안이야기 블로그] Blockchain
and Crytocurrency 101 (Part 1)
http://amhoin.blog.me/221197974174
[암호인의 보안이야기 블로그] 블록체인
recipe와 비트코인 쿠폰 사이에는 무슨 일이
있었을까?
http://amhoin.blog.me/221189662029
182. 고려대학교정보보호대학원
마스터 제목 스타일 편집
고려대학교정보보호대학원
Virtual Currency
Myth and Reality(Ver. 3.0 : Extended Version of Seoul National Univ. CHAMP Seminar, Jan 24, 2018)
(Feb 21, 2018)