Vulnerability of Blockchain Technologies to Quantum Attacks

Total Page:16

File Type:pdf, Size:1020Kb

Vulnerability of Blockchain Technologies to Quantum Attacks Vulnerability of Blockchain Technologies to Quantum Attacks Joseph J. Kearneya, Carlos A. Perez-Delgado a,∗ aSchool of Computing, University of Kent, Canterbury, Kent CT2 7NF United Kingdom Abstract Quantum computation represents a threat to many cryptographic protocols in operation today. It has been estimated that by 2035, there will exist a quantum computer capable of breaking the vital cryptographic scheme RSA2048. Blockchain technologies rely on cryptographic protocols for many of their essential sub- routines. Some of these protocols, but not all, are open to quantum attacks. Here we analyze the major blockchain-based cryptocurrencies deployed today—including Bitcoin, Ethereum, Litecoin and ZCash, and determine their risk exposure to quantum attacks. We finish with a comparative analysis of the studied cryptocurrencies and their underlying blockchain technologies and their relative levels of vulnerability to quantum attacks. Introduction exist to allow the legitimate owner to recover this account. Blockchain systems are unlike other cryptosys- tems in that they are not just meant to protect an By contrast, in a blockchain system, there is no information asset. A blockchain is a ledger, and as central authority to manage users’ access keys. The such it is the asset. owner of a resource is by definition the one hold- A blockchain is secured through the use of cryp- ing the private encryption keys. There are no of- tographic techniques. Notably, asymmetric encryp- fline backups. The blockchain, an always online tion schemes such as RSA or Elliptic Curve (EC) cryptographic system, is considered the resource— cryptography are used to generate private/public or at least the authoritative description of it. If a key pairs that protect data assets stored on key is lost, this invariably means that the secured blockchains. The associated security relies on the data asset is irrevocably lost. If the key, or the de- difficulty of factoring, when using RSA, or of the vice on which it is stored is compromised, or if a discrete logarithm problem with EC. vulnerability can be exploited, then the data asset In a traditional banking system, public- and can be irrevocably stolen. In short, in blockchains private-key cryptosystems are used to impose data the protected resources cannot easily be decoupled confidentiality, integrity, and access rules. However, from the encryption system being used. This makes the data itself is decoupled from the key-pair. For blockchain technologies particularly vulnerable to instance, if a cryptographic key is lost or compro- advances in quantum technology. arXiv:2105.01815v1 [quant-ph] 5 May 2021 mised, its validity can easily be revoked by a central It is infeasible to predict the progress and devel- authority. A new key-pair can be issued and asso- opment of future technology with perfect accuracy. ciated to the data. Revoking the key in a timely That said, it is possible to extrapolate current and manner ensures the continued integrity and con- past trends in quantum technology advancement— fidentiality of the data. If a data-breach occurs, including all the essential components such as num- servers can be taken offline, and/or backups used. ber of qubits, fidelity of gates, error-correction and If an account is compromised, often mechanisms fault-tolerance[1]. Doing this, we can confidently conclude that by the year 2035 it is more likely ∗ than not that quantum technology will have ad- Corresponding author vanced sufficiently to be able to break RSA2048 Email addresses: [email protected] (Joseph J. Kearney ), [email protected] (Carlos A. Perez-Delgado efficiently. This conclusion is shared by well es- ) tablished researchers (see, e.g.[2, 3]), to the point Preprint submitted to Elsevier May 6, 2021 that the US National Institute of Standards and is considered the ‘gold standard’ for security at the Technology (NIST) has begun the process of stan- time of writing. A simple calculation shows that it dardizing and deploying quantum-safe public-key would take a classical computer with a 5Ghz CPU cryptography[4]. roughly 13.7 billion years to break an RSA 2048 Given the strong coupling between data and cipher using current best techniques. A quantum cryptosystems in blockchains, the potential vulner- computer operating at 10Mhz would be able to do ability of these cryptosystems to quantum attacks, it in roughly 42 minutes1. In order to do so, how- the likely introduction of capable quantum com- ever, a device needs to be able to hold in quantum puters in the mid-term future—not to mention the memory a state large enough to represent (at least) usual high monetary value of the assets secured by both the input to the problem, and the output. As blockchains—it is important to more deeply under- discussed earlier, it can be estimated that a quan- stand their current level of vulnerability. tum computer large enough to break RSA-2048 will In this paper we analyze some of the most pop- likely be ready by the year 2035 (see e.g.[2, 3]). ular blockchain technologies—Bitcoin, Ethereum, The second class of algorithm—amplitude Litecoin, Monero and ZCash— with a particular eye amplification[6, 7]—consists of generalizations of towards their vulnerability to attacks from upcom- Grover’s search algorithm[8]. These algorithms al- ing quantum technologies. We finish with a com- low for a solution to be found in any search space parative analysis of these blockchain technologies, √ of cardinality N in time O N. In short, this al- in terms of their relative vulnerability to quantum lows for any NP-Complete problem to be solved attacks. quadratically faster than any known classical al- gorithm. While the speed-up is a lot less dra- Background matic than in the previous case, the importance of these algorithms rests in their general applicabil- We begin by giving some relevant background in- ity. In short, any problem whose solution can be formation. verified efficiently (i.e. any problem in NP) ad- mits a quadratic quantum speed-up. Amplitude Quantum Cybersecurity Threats amplification algorithms are particularly relevant Quantum computers work by exploiting quan- here because many, if not all, consensus algorithms tum physical effects to decrease the time required to for blockchain technologies rely on solving NP- solve (certain) computational problems by creating Complete problems (more details below). and utilizing quantum superpositions. There are two main families of quantum algo- Blockchain Technologies rithms that are relevant to the current discussion: Blockchain and Distributed Ledger Technology subgroup-finding algorithms, and amplitude ampli- (DLT) markets are predicted to be valued at $7.59 fication. billion by 2024 [9]. Industries that have strong The first class of algorithms is best repre- use cases include finance[10], logistics[11], and le- sented by Shor’s algorithm[5]. This algorithm gal fields [12], with many large global corporations can both factor large integers and solve the dis- getting on board and integrating the technology: crete logarithm in polynomial time. In par- for example IBM [13], JP Morgan[14] and Amazon ticular, it can factor an integer N in time [15], with Facebook also announcing their own cryp- O log2 N log log N log log log N (or more suc- tocurrency Libra[16]. This technology removes the cinctly O log3 N ) and space O (log N). Or, as need for a trusted third-party to enable the transfer a function of the input size (in bits) n = log N, of data and assets. Shor’s algorithm runs in time O n2 log n log log n Blockchains work on group consensus; the va- (or more succinctly O n3 ), using space O (n). lidity of a transaction is determined by a group This is particularly relevant because most public- of nodes that need not trust one another. The key cryptosystems deployed today—including RSA, blockchain is managed by independent nodes that EC, ElGamal and Diffie–Hellman—rely on the com- putational hardness of either one of these two prob- 1 We calculate this by taking the number of quantum lems. In order to understand the magnitude of the gates—counting error-correction—needed to factor an RSA issue, one can take RSA 2048 as an example. This 2048 public-key. 2 must reach consensus before updating the ledger nancial resources to solve a problem. This incen- with newly validated transactions. There are tivizes the miner to generate a valid block contain- many mechanisms that enable a network to gain ing only valid transactions. This work is also easily consensus, the most popular being Proof-of-Work verified by a any node connected to the network. (PoW)[17]. This consensus mechanism and under- This expended energy guarantees that a cost is as- lying cryptographical techniques give blockchains sociated with creating a block. Careless or mali- their trustless ability. In general, blockchains work cious miners that expend the energy to complete through the linkage of blocks in chronological order. a PoW algorithm but have created a bad block (a These blocks are groups of transactions of informa- block that includes at least one transaction that if tion or cryptocurrency that nodes have broadcast included into the chain would create a wrong state, to the network. This forms an immutable series of e.g. spending over a user’s balance) will be dis- information, or a chain. Each block in the chain will covered by other nodes in the network. The block contain a group of transactions and their informa- will be invalid and this would not be considered by tion that has been declared to the network. This other miners as part of the main chain, leaving the is generally through the transfer of tokens (cryp- miner financially worse off, as they would receive tocurrency).
Recommended publications
  • Auditing Wallets in Cryptonote
    Auditing wallets in CryptoNote sowle <[email protected]> ​ ​ Zano project, https://zano.org ​ Cryptocurrency wallet auditing is the ability for a third party (the "auditor") to watch the transactions and to be able to calculate the correct balance without an ability to spend a coin. This article explores several possible implementations of expansion cryptocurrency protocol CryptoNote 2.0 [1] with such ability. In the original CryptoNote protocol auditing is only partially possible with the help of the tracking ​ ​ key, namely, an auditor is able to distinguish incoming transactions in the blockchain, but the full set of secret keys is required to filter out outgoing transactions. This article is intended for readers familiar with the general blockchain technology and “classic” cryptocurrencies, as well as with the basics of cryptography on elliptic curves. 1. Introduction What is CryptoNote? Surprisingly, most people interested in blockchain technology have never heard anything about CryptoNote, in spite of the fact that the technology has more than 300 forks, including Monero as the most famous. Back in 2014 in the cryptocurrency community there were mentions [2] about a project, titled Bytecoin. That project did not originate as a Bitcoin or other known project fork, having its own original codebase. It was very unusual at the time. Bytecoin general conception was to be an implementation of a privacy-technology named CryptoNote. There were two main privacy mechanisms: stealth-addresses and inputs` mixing-in with the ​ ​ help of ring signatures (at the time it was called "blockchain mixer"). Since Zcash existed only on paper / in theory at that time, CryptoNote became a competitive technology and has provoked much controversy in the cryptocurrency community.
    [Show full text]
  • Linking Wallets and Deanonymizing Transactions in the Ripple Network
    Proceedings on Privacy Enhancing Technologies ; 2016 (4):436–453 Pedro Moreno-Sanchez*, Muhammad Bilal Zafar, and Aniket Kate* Listening to Whispers of Ripple: Linking Wallets and Deanonymizing Transactions in the Ripple Network Abstract: The decentralized I owe you (IOU) transac- 1 Introduction tion network Ripple is gaining prominence as a fast, low- cost and efficient method for performing same and cross- In recent years, we have observed a rather unexpected currency payments. Ripple keeps track of IOU credit its growth of IOU transaction networks such as Ripple [36, users have granted to their business partners or friends, 40]. Its pseudonymous nature, ability to perform multi- and settles transactions between two connected Ripple currency transactions across the globe in a matter of wallets by appropriately changing credit values on the seconds, and potential to monetize everything [15] re- connecting paths. Similar to cryptocurrencies such as gardless of jurisdiction have been pivotal to their suc- Bitcoin, while the ownership of the wallets is implicitly cess so far. In a transaction network [54, 55, 59] such as pseudonymous in Ripple, IOU credit links and transac- Ripple [10], users express trust in each other in terms tion flows between wallets are publicly available in an on- of I Owe You (IOU) credit they are willing to extend line ledger. In this paper, we present the first thorough each other. This online approach allows transactions in study that analyzes this globally visible log and charac- fiat money, cryptocurrencies (e.g., bitcoin1) and user- terizes the privacy issues with the current Ripple net- defined currencies, and improves on some of the cur- work.
    [Show full text]
  • On the Relationship of Cryptocurrency Price with US Stock and Gold Price Using Copula Models
    mathematics Article On the Relationship of Cryptocurrency Price with US Stock and Gold Price Using Copula Models Jong-Min Kim 1 , Seong-Tae Kim 2 and Sangjin Kim 3,* 1 Statistics Discipline, University of Minnesota at Morris, Morris, MN 56267, USA; [email protected] 2 Department of Mathematics, North Carolina A&T State University, Greensboro, NC 27411, USA; [email protected] 3 Department of Management and Information Systems, Dong-A University, Busan 49236, Korea * Correspondence: [email protected] Received: 15 September 2020; Accepted: 20 October 2020; Published: 23 October 2020 Abstract: This paper examines the relationship of the leading financial assets, Bitcoin, Gold, and S&P 500 with GARCH-Dynamic Conditional Correlation (DCC), Nonlinear Asymmetric GARCH DCC (NA-DCC), Gaussian copula-based GARCH-DCC (GC-DCC), and Gaussian copula-based Nonlinear Asymmetric-DCC (GCNA-DCC). Under the high volatility financial situation such as the COVID-19 pandemic occurrence, there exist a computation difficulty to use the traditional DCC method to the selected cryptocurrencies. To solve this limitation, GC-DCC and GCNA-DCC are applied to investigate the time-varying relationship among Bitcoin, Gold, and S&P 500. In terms of log-likelihood, we show that GC-DCC and GCNA-DCC are better models than DCC and NA-DCC to show relationship of Bitcoin with Gold and S&P 500. We also consider the relationships among time-varying conditional correlation with Bitcoin volatility, and S&P 500 volatility by a Gaussian Copula Marginal Regression (GCMR) model. The empirical findings show that S&P 500 and Gold price are statistically significant to Bitcoin in terms of log-return and volatility.
    [Show full text]
  • Proof of 'X' and Hash Functions Used
    Top 20 Cryptocurrencies on Aggregate market value - Proof of ‘X’ and Hash functions used - 1 ISI Kolkata BlockChain Workshop, Nov 30th, 2017 CRYPTOGRAPHY with BlockChain - Hash Functions, Signatures and Anonymization - Hiroaki ANADA*1, Kouichi SAKURAI*2 *1: University of Nagasaki, *2: Kyushu University Acknowledgements: This work is supported by: Grants-in-Aid for Scientific Research of Japan Society for the Promotion of Science; Research Project Number: JP15H02711 Top 20 Cryptocurrencies on Aggregate market value - Proof of ‘X’ and Hash functions used - 3 Table of Contents 1. Cryptographic Primitives in Blockchains 2. Hash Functions a. Roles b. Various Hash functions used for Proof of ‘X’ 3. Signatures a. Standard Signatures (ECDSA) b. Ring Signatures c. One-Time Signatures (Winternitz) 4. Anonymization Techniques a. Mixing (CoinJoin) b. Zero-Knowledge proofs (zk-SNARK) 5. Conclusion 4 Brief History of Proof of ‘X’ 1992: “Pricing via Processing or Combatting Junk Mail” Dwork, C. and Naor, M., CRYPTO ’92 Pricing Functions 2003: “Moderately Hard Functions: From Complexity to Spam Fighting” Naor, M., Foundations of Soft. Tech. and Theoretical Comp. Sci. 2008: “Bitcoin: A peer-to-peer electronic cash system” Nakamoto, S. Proof of Work 5 Brief History of Proof of ‘X’ 2008: “Bitcoin: A peer-to-peer electronic cash system” Nakamoto, S. Proof of Work 2012: “Peercoin” Proof of Stake (& Proof of Work) ~ : Delegated Proof of Stake, Proof of Storage, Proof of Importance, Proof of Reserves, Proof of Consensus, ... 6 Proofs of ‘X’ 1. Proof of Work 2. Proof of Stake Hash-based Proof of ‘X’ 3. Delegated Proof of Stake 4. Proof of Importance 5.
    [Show full text]
  • Using Blockchain Technology to Secure the Internet of Things
    Using Blockchain Technology to Secure the Internet of Things Presented by the Blockchain/ Distributed Ledger Working Group © 2018 Cloud Security Alliance – All Rights Reserved. You may download, store, display on your computer, view, print, and link to Using Blockchain Technology to Secure the Internet of Things subject to the following: (a) the Document may be used solely for your personal, informational, non- commercial use; (b) the Report may not be modified or altered in any way; (c) the Document may not be redistributed; and (d) the trademark, copyright or other notices may not be removed. You may quote portions of the Document as permitted by the Fair Use provisions of the United States Copyright Act, provided that you attribute the portions to the Using Blockchain Technology to Secure the Internet of Things paper. Blockchain/Distributed Ledger Technology Working Group | Using Blockchain Technology to Secure the Internet of Things 2 © Copyright 2018, Cloud Security Alliance. All rights reserved. ABOUT CSA The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org and follow us on Twitter @cloudsa. Blockchain/Distributed Ledger Technology Working Group | Using Blockchain Technology to Secure the Internet of Things 3 © Copyright 2018, Cloud Security Alliance. All rights reserved.
    [Show full text]
  • Hybrid Public/Anonymous Transactions on Monero, Cryptonote X-Cash
    Hybrid public/anonymous transactions on Monero, Cryptonote X-Cash Zach Hildreth October 7, 2019 Abstract This yellow paper details the technical concepts and implementation of hybrid transactions (also known as FlexPrivacy c ), a feature enabling public and private transactions on the X- Cash public blockchain. In the first part, the paper aims at detailing how the hybrid transactions operate from a user’s perspective with some real-world use cases. A parallel is made between the digital money system and the economic behaviors associated with the current FIAT system. Secondly, a deeper understanding of the technology is given, explaining the implication on a blockchain perspective, as well as the edge cases and their approaches. Lastly, the last part consists in an in-depth approach of the mathematical concepts and technical implementation of the hybrid transaction in the X-Cash blockchain. Contents 1 Public transactions in the ringCT 4 2 Privacy in the inputs 4 3 A brief understanding of cryptonote transactions 4 4 Creation of a public address 6 5 How stealth addresses/outputs are decoded 6 6 How public transactions are created 7 1 Summary of the public transaction feature The hybrid transaction feature allows users to send and receive public or private transactions on the X-Network Blockchain X-Cash, which is based on the CryptoNote protocol. This feature is implemented on a per transaction basis where users can directly switch the privacy type by choosing the setting before attempting to send a transaction. In a public transaction, the following additional information is made public: • Sender’s address • Receiver’s address • Amount sent • Change amount sent back to the sender’s address However, the public transaction does not compromise the sender’s or receiver’s wallet full bal- ances nor the real mixin (number of signatures in the ring signature that authorizes the transaction) that provided the X-Cash balance.
    [Show full text]
  • A Survey on Volatility Fluctuations in the Decentralized Cryptocurrency Financial Assets
    Journal of Risk and Financial Management Review A Survey on Volatility Fluctuations in the Decentralized Cryptocurrency Financial Assets Nikolaos A. Kyriazis Department of Economics, University of Thessaly, 38333 Volos, Greece; [email protected] Abstract: This study is an integrated survey of GARCH methodologies applications on 67 empirical papers that focus on cryptocurrencies. More sophisticated GARCH models are found to better explain the fluctuations in the volatility of cryptocurrencies. The main characteristics and the optimal approaches for modeling returns and volatility of cryptocurrencies are under scrutiny. Moreover, emphasis is placed on interconnectedness and hedging and/or diversifying abilities, measurement of profit-making and risk, efficiency and herding behavior. This leads to fruitful results and sheds light on a broad spectrum of aspects. In-depth analysis is provided of the speculative character of digital currencies and the possibility of improvement of the risk–return trade-off in investors’ portfolios. Overall, it is found that the inclusion of Bitcoin in portfolios with conventional assets could significantly improve the risk–return trade-off of investors’ decisions. Results on whether Bitcoin resembles gold are split. The same is true about whether Bitcoins volatility presents larger reactions to positive or negative shocks. Cryptocurrency markets are found not to be efficient. This study provides a roadmap for researchers and investors as well as authorities. Keywords: decentralized cryptocurrency; Bitcoin; survey; volatility modelling Citation: Kyriazis, Nikolaos A. 2021. A Survey on Volatility Fluctuations in the Decentralized Cryptocurrency Financial Assets. Journal of Risk and 1. Introduction Financial Management 14: 293. The continuing evolution of cryptocurrency markets and exchanges during the last few https://doi.org/10.3390/jrfm years has aroused sparkling interest amid academic researchers, monetary policymakers, 14070293 regulators, investors and the financial press.
    [Show full text]
  • Ethereum Classic Price Prediction 2030
    1 Ethereum Classic Price Prediction 2030 Update [06-08-2021] There are various cryptocurrencies out now in the bitcoin market, and people worldwide and mostly in the countries like United States , are investing in these digital currencies. 00000001 Ethereum max 7d low Emax 7d high- 0. And this particular blockchain allows to grants investors security and also control for all of their digital assets. Firstly, we have to be sure about the amount of ETH in our wallet to cover our transaction fees. Once OKExChain supports EVM, developers can use the development tools and languages of Ethereum to develop smart contracts on OKExChain. The contract launched the Beacon Chain, the first stage in the ETH 2. Most are confident that Ethereum 2. Ethereum s Growing Transaction Fees Shouldn t Stop Users. Is Cardano or Ethereum a Better Investment. It was developed in 2017 by Charles Hoskinson, who was previously involved in creating Ethereum itself. In other words, we have defined proof, in the per-coin values of both Bitcoin and Ethereum, that increases of 500 , 1,000 and more are not unprecedented or wildly unreasonable in this market , especially for coins that started out at a few cents. And this has given the latter a significant advantage over the former. At the same time, it is also going to take many other alts with it to new highs. A 10k price is definitely on the cards with so many Decentralized finance apps shifting to their protocols. If Ethereum could hit 10k by the end of 2021 then it would cross the 1 trillion market cap and might become the 2nd cryptocurrency to do so.
    [Show full text]
  • Impossibility of Full Decentralization in Permissionless Blockchains
    Impossibility of Full Decentralization in Permissionless Blockchains Yujin Kwon*, Jian Liuy, Minjeong Kim*, Dawn Songy, Yongdae Kim* *KAIST {dbwls8724,mjkim9394,yongdaek}@kaist.ac.kr yUC Berkeley [email protected],[email protected] ABSTRACT between achieving good decentralization in the consensus protocol Bitcoin uses the proof-of-work (PoW) mechanism where nodes earn and not relying on a TTP exists. rewards in return for the use of their computing resources. Although this incentive system has attracted many participants, power has, CCS CONCEPTS at the same time, been significantly biased towards a few nodes, • Security and privacy → Economics of security and privacy; called mining pools. In addition, poor decentralization appears not Distributed systems security; only in PoW-based coins but also in coins that adopt proof-of-stake (PoS) and delegated proof-of-stake (DPoS) mechanisms. KEYWORDS In this paper, we address the issue of centralization in the consen- Blockchain; Consensus Protocol; Decentralization sus protocol. To this end, we first define ¹m; ε; δº-decentralization as a state satisfying that 1) there are at least m participants running 1 INTRODUCTION a node, and 2) the ratio between the total resource power of nodes Traditional currencies have a centralized structure, and thus there run by the richest and the δ-th percentile participants is less than exist several problems such as a single point of failure and corrup- or equal to 1 + ε. Therefore, when m is sufficiently large, and ε and tion. For example, the global financial crisis in 2008 was aggravated δ are 0, ¹m; ε; δº-decentralization represents full decentralization, by the flawed policies of banks that eventually led to many bank which is an ideal state.
    [Show full text]
  • Exploring the Interconnectedness of Cryptocurrencies Using Correlation Networks
    Exploring the Interconnectedness of Cryptocurrencies using Correlation Networks Andrew Burnie UCL Computer Science Doctoral Student at The Alan Turing Institute [email protected] Conference Paper presented at The Cryptocurrency Research Conference 2018, 24 May 2018, Anglia Ruskin University Lord Ashcroft International Business School Centre for Financial Research, Cambridge, UK. Abstract Correlation networks were used to detect characteristics which, although fixed over time, have an important influence on the evolution of prices over time. Potentially important features were identified using the websites and whitepapers of cryptocurrencies with the largest userbases. These were assessed using two datasets to enhance robustness: one with fourteen cryptocurrencies beginning from 9 November 2017, and a subset with nine cryptocurrencies starting 9 September 2016, both ending 6 March 2018. Separately analysing the subset of cryptocurrencies raised the number of data points from 115 to 537, and improved robustness to changes in relationships over time. Excluding USD Tether, the results showed a positive association between different cryptocurrencies that was statistically significant. Robust, strong positive associations were observed for six cryptocurrencies where one was a fork of the other; Bitcoin / Bitcoin Cash was an exception. There was evidence for the existence of a group of cryptocurrencies particularly associated with Cardano, and a separate group correlated with Ethereum. The data was not consistent with a token’s functionality or creation mechanism being the dominant determinants of the evolution of prices over time but did suggest that factors other than speculation contributed to the price. Keywords: Correlation Networks; Interconnectedness; Contagion; Speculation 1 1. Introduction The year 2017 saw the start of a rapid diversification in cryptocurrencies.
    [Show full text]
  • Cryptonote Coin
    CryptoNote Coin Michael Davis University of Miami April 2019 Proof of Work \scrypt" (used by Litecoin) has a uniform distribution of dependent lookups. Given a fast enough processor, it can be faster to only keep a small scratch-pad in memory and compute other dependencies on the fly. CryptoNight ensures that new blocks depend on all previous blocks, so CPU speed trades off with memory exponentially. Terminology I l = 2252 + 27742317777372353535851937790883648493 4 I A base point G = (x; − 5 ) I Hs a cryptographic hash function I Hp a deterministic hash function I Private keys are numbers a 2 [1; l − 1] I Public keys are points A = aG. I Private user keys are pairs (a; b) of private ec-keys I A standard address is a pair (A; B) derived from the private user key (a; b) Table of Contents Unlinkability Untraceability Alice ! Bob: Step 1 Alice reads Bob's public address (A; B). Alice ! Bob: Step 2 Alice generates r 2 [1; l − 1] and then computes P = Hs (rA)G + B. Alice ! Bob: Step 3 Alice generates the transaction. The transaction contains: I The transaction public key R = rG I The amount being transferred I The destination key P = Hs (rA)G + B Alice ! Bob: Step 4 Alice sends the transaction. Alice ! Bob: Step 5 Bob is listening on the stream of transactions. For each transaction, using R, the public key of the transaction, and a, one 0 of Bob's private ec-keys, Bob computes P = Hs (aR)G + B. If P0 = P (the destination key), then aR = arG = rA.
    [Show full text]
  • The Relationship Between the Popularity of Cryptocurrencies and Their Prices, Returns and Trading Volumes: a Structural Break An
    İstanbul İktisat Dergisi - Istanbul Journal of Economics 69, 2019/2, s. 133-157 ISSN: 2602-4152 E-ISSN: 2602-3954 RESEARCH ARTICLE / ARAŞTIRMA MAKALESİ The Relationship Between the Popularity of Cryptocurrencies and their Prices, Returns and Trading Volumes: A Structural Break and Comparative Analysis Kripto Paraların Bilinirliği ile Fiyat, Getiri ve İşlem Hacimleri Arasındaki İlişki: Yapısal Kırılmalı ve Karşılaştırmalı Bir Analiz Mustafa ÖZYEŞİL1 ABSTRACT In this study, the relationship between the popularity of cryptocurrencies and their price, return and trading volumes are examined through time series analysis. The popularity variable is determined according the frequency of cryptocurrencies being DOI: 10.26650/ISTJECON2019-0017 searched on the internet. Stationarity of series is examined by Vogelsang and Perron (1998) structural breaks ADF unit root test. According to the test results, all series are found to be stationary at level values. VAR analyses and impulse-response functions are performed to reveal dynamic interaction between the series. 1Assist. Prof. Dr., Istanbul Aydın University, According to impulse - response test results, returns of BITCOIN Anadolu BIL Vocational School, Department of Business Administration, Istanbul, Turkey decreased against a decreasing shock in the number searches on the internet and its price and trading volume followed a ORCID: M.Ö. 0000-0002-4442-7087 fluctuating course. In order to see the causality relationship Corresponding author/Sorumlu yazar: between variables the Granger causality test
    [Show full text]