DOCSLIB.ORG

An NP-Hard Proof of Useful Work

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
An NP-Hard Proof of Useful Work Conquering Generals: an NP-Hard Proof of Useful Work Angelique Faye Loe Elizabeth A. Quaglia Royal Holloway, University of London Royal Holloway, University of London Information Security Group Information Security Group [email protected] [email protected] ABSTRACT on a candidate block header, consisting of unconfirmed transactions Proof of Work systems are used in cryptocurrencies to obtain con- taken from a memory pool and concatenating a nonce until the de- 1 sensus in distributed peer-to-peer systems that share no trust. Min- sired output of several leading zero’s is obtained . ers of cryptocurrency compete by engaging in the Proof of Work to Mining is a competitive process in which miners race each other to solve a cryptographic challenge. The first to successfully provide be the first to find a solution to the computational challenge. The a solution to the challenge wins by minting new currency. The process of mining also simultaneously ensures consensus by gener- process of mining also simultaneously prevents double-spending ating the immutable distributed ledger data structure, commonly through the creation of an append-only distributed database known referred to as the blockchain. The blockchain is append-only and it as the blockchain. The most widely adopted Proof of Work is the contains the transaction history between the peers on the network. Hashcash scheme and the most widely deployed miners are ASIC- It provides cryptographic assurance that every entry is irrevocably based. Despite the popularity of Hashcash, two issues are com- scribed in its publicly viewable data structure. It is precisely because monly identified its use. Firstly, the high energy consumption of the blockchain provides a non-repudiatable, publicly distributed the scheme is perceived as wasteful because the solutions found pro- database of all historical transactions that fraudulent transactions vide no useful output, and secondly, the computational complexity known as double-spending are broadly mitigated. class of the scheme is not formally known. Based on these deficien- Since the Genesis Block of Bitcoin was mined, the aggregated hash cies, we propose a novel Proof of Work system which achieves the rate of the participating miners has grown exponentially [5]. As following goals: a result of this growth, cryptocurrency mining has been the fo- - to provide a fiscally incentivized platform for algorithm research cus of debate in relation to the energy consumption requirements that aims to optimize an NP-Hard computational problem. This to perform the underlying Proof of Work. The “Bitcoin Energy provides indirect insight into the P Versus NP Clay Institute Mil- Consumption Index” estimates the energy consumption of Bitcoin lennium problem, thus providing useful output. miners and compares this to various nation states and performs a - to construct a challenge within a known hard computational com- comparison on a per-transaction-basis to other payment systems, plexity class. such as VISA [14]. In Table1 we present a sample of cryptocurren- - to ensure the Proof of Work created is inclusive of ASIC hardware. cies and notable academic proposals based on the classification of Our proposal is a hybrid Proof of Work system that initially uses the their underlying Proof of Work schemes, and their current market Hashcash scheme and which subsequently constructs an instance capitalization in BTC. Rows 3 - 7 outline systems which address the of the NP-Hard Travelling Salesman Problem. We build on the am- energy waste issue by establishing Proofs of Useful Work, whilst bitions of others to develop Proofs of Useful Work. We differentiate rows 6 - 7 additionally address the issue of heuristic hardness as- our paper from related work as the first to consider the current sociated with the Hashcash Proof of Work [3]. Enumerating each capital investment into ASIC hardware, thus including them in our altcoin goes beyond the scope of this paper and [7] provides an proposal. exhaustive list of all currently traded cryptocurrencies, including those with Proofs of Useful Work. The largest difference our proposal incorporates when compared to 1 INTRODUCTION other Proof of Useful Work systems is the inclusion of ASIC mining The Hashcash-based [2] Proof of Work exists in Bitcoin, and sev- hardware. If we consider one of the top end ASIC miners on the eral other cryptocurrencies, to serve the two main purposes of market as of March 2018, it claims a hash rate of 14 TH/s and a minting new currency and providing consensus in a peer-to-peer hardware cost of 3000 USD [6]. Based on this data we develop the d TH/s network. Peers on the network mint new currency through a pro- following formula ¹ 14 TH/s º¹3000 USDº = λ USD, where λ is the es- cess known as mining. Mining can be described as expending elec- timated capital expenditure on ASIC hardware and d is the average tric energy by iteratively running the SHA256 hashing algorithm daily hash rate. Table2 and Figure1 summarize our findings 2. Clearly, the capital investment into ASIC hardware runs into the Permission to make digital or hard copies of all or part of this work for personal or billions of USD. If we consider the estimated 4.3 billion USD cur- classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation rently invested in ASIC hardware, this is equivalent to the Arkansas on the first page. Copyrights for components of this work owned by others than ACM 2018 state budget for education and transportation [8]. must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a 1For a detailed view of this process and clarification of definitions refer to[1]. History fee. Request permissions from [email protected]. of Proof of Work algorithm development prior to the landmark paper [23] can be found CRYBLOCK ’18, June 15, 2018, Munich, Germany most notably in [2, 15, 19]. History of digital cash and “pre-Nakamoto” cryptocurrency © 2018 Association for Computing Machinery. papers can be found in [9, 12, 16, 25]. ACM ISBN 978-1-4503-5838-5/18/06...$15.00 2We export the “Hash Rate” data from [5] for our calculations of average daily hash https://doi.org/10.1145/3211933.3211943 rate. Table 1: Current Proof of Work Variants Market Proof Proof of Work Sub- Cap Row of Work Use Case Perceived Benefits Perceived Limitations Variant (BTC) Variant [7] SHA256 output less Bitcoin original cryptocurrency Proof of computational complexity hardness 1 Hash Based 17,067,359 than target value [23] Work, widely used, matured heuristic, energy consumption Litecoin computational complexity hardness 2 Hash Based Scrypt key derivation widely used, matured 1,144,753 [27] heuristic only, energy consumption Number Cunningham Chain, Bi- Primecoin low market cap, alienates ASIC min- 3 academic application of solutions 1,367 Theoretic Twin Chain search [21] ers Number Gapcoin very low market cap, alienates ASIC 4 Prime gap search academic application of solutions 55 Theoretic [17] miners Resource trustworthy reporting currently only academic, possible academic fractional percentage Hash Based 5 Efficient on inherently useful implications of Spectre bug, alien- 0 only [28] energy waste Mining CPU workloads ates ASIC miners academic application, constructed Graph The- Cycle and structure academic currently only academic, alienates 6 problems have strongly conjectured 0 oretic search in large graphs only [26] ASIC miners computational complexity classes Linear academic application, verbose fine- Orthogonal Vector Prob- academic currently only academic, alienates 7 Algebra grained computational complexity 0 lem only [3] ASIC miners Based class conjecture provided We thus reason that Proof of Useful Work systems that do not 2 BACKGROUND, ASSUMPTIONS AND consider the use of ASIC hardware to be quixotic, and likely to PREREQUISITES face opposition in adoption. They additionally risk industrial scale waste of purpose-built physical hardware, that by design, cannot be 2.1 Background repurposed. It is specifically for this reason that we do not consider As we aim to construct instances of the Euclidean TSP, the subse- Proof of Stake or Proof of Space systems in our proposal as these quent claims attest to the computational hardness associated with schemes purposely exclude ASIC miners. seeking optimal solutions: We therefore propose a hybrid two-round Proof of Useful Work Claim 1: There is a polynomial time reduction from the Hamilton- scheme with a deterministic time interval which continues the use ian Cycle Problem to the TSP, Figure2[11, 20]. of ASIC hardware in the first round and subsequently constructs Claim 2: The Travelling Salesman Decision Problem is NP-Complete an instance of the NP-Hard Travelling Salesman Problem. Our hy- in the Strong Sense [18]. brid approach ensures the current use of ASIC miners that have Claim 3: It is possible to construct the NP-Hard Travelling Sales- already been purchased and deployed, thus avoiding the latter noted man Optimization Problem from the Travelling Salesman Decision waste scenario. Additionally, a hybrid approach addresses ASIC Problem [18] 3. mining energy usage by limiting the Hashcash-stage to a single round, bound by a deterministic time interval. Furthermore, by 2.2 Assumptions including an NP-Hard computational problem we build upon the Our construction of the TSP is on a Euclidean plane, therefore we ideas presented in [3] by offering a challenge within a well-known recall the following: computational complexity class whilst presenting an incentive to Definition 1 The TSP (Optimization) [18]. Input: Set Ω of n cities + enhance research into algorithm design, rather than the current sole ω1;:::; ωn , distance d¹ωi ; ωj º 2 R , where 1 ≤ i; j ≤ n and i , j, ambition of increasing brute force hashing power.
Load more

Recommended publications
  • Asymmetric Proof-Of-Work Based on the Generalized Birthday Problem
    Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem Alex Biryukov Dmitry Khovratovich University of Luxembourg University of Luxembourg [email protected] [email protected] Abstract—The proof-of-work is a central concept in modern Long before the rise of Bitcoin it was realized [20] that cryptocurrencies and denial-of-service protection tools, but the the dedicated hardware can produce a proof-of-work much requirement for fast verification so far made it an easy prey for faster and cheaper than a regular desktop or laptop. Thus the GPU-, ASIC-, and botnet-equipped users. The attempts to rely on users equipped with such hardware have an advantage over memory-intensive computations in order to remedy the disparity others, which eventually led the Bitcoin mining to concentrate between architectures have resulted in slow or broken schemes. in a few hardware farms of enormous size and high electricity In this paper we solve this open problem and show how to consumption. An advantage of the same order of magnitude construct an asymmetric proof-of-work (PoW) based on a compu- is given to “owners” of large botnets, which nowadays often tationally hard problem, which requires a lot of memory to gen- accommodate hundreds of thousands of machines. For prac- erate a proof (called ”memory-hardness” feature) but is instant tical DoS protection, this means that the early TLS puzzle to verify. Our primary proposal Equihash is a PoW based on the schemes [8], [17] are no longer effective against the most generalized birthday problem and enhanced Wagner’s algorithm powerful adversaries.
    [Show full text]
  • Implementation and Analysis of Key Reinstallation Attack
    International Journal of Innovations in Engineering and Technology (IJIET) http://dx.doi.org/10.21172/ijiet.133.21 Implementation and Analysis of Key Reinstallation Attack Saba Khanum1, Ishita kalra2 1Department of Information Technology, MSIT, Janakpuri, New Delhi, India 2Department of Computer Science and Engineering, MSIT, Janakpuri, New Delhi, India Abstract- The objective of the paper is to implement and analyzed the impact of Key Reinstallation Attack (popularly dubbed as KRACK) on debian based machines. The paper elucidates on the capture of packets through the attack without being a part of the network and affecting the target machines with the help of an attack machine placed inside the network. It basically exploits the nonce of the network which ultimately paves way to the execution of the attack. The issue tends to gather more eyeballs as it affects all devices using Wi-Fi through WPA2 protocol. Hence, the catastrophe complimented along the attack is severe. The analysis of the impact is carried on by analyzing the type of packets visible as well as captured during the course of the implementation. Here, we have created a python script which identifies whether the targeted machine is vulnerable to KRACK or not and corresponding to that the packet capture starts and ultimately, the impact is measured. Keywords – KRACK, weakness, WPA2, attack, security I. INTRODUCTION The presence of the bug has been detected in the cryptographic nonce of the WPA2 and can be used to clone a connected party to reinstall a used key. The presence of the nonce is specifically intended to prevent reuse, but in this particular case, it gives malicious users the opportunity to replay, decrypt, or forge packets, ultimately enabling them to access all previously considered encrypted information without actually being part of the network.
    [Show full text]
  • Authenticated Encryption Mode IAPM Using SHA-3'S Public Random
    Authenticated Encryption Mode IAPM using SHA-3’s Public Random Permutation Charanjit Jutla IBM T. J. Watson Research Center New York 10598 Abstract. We study instantiating the random permutation of the block- cipher mode of operation IAPM (Integrity-Aware Parallelizable Mode) with the public random permutation of Keccak, on which the draft stan- dard SHA-3 is built. IAPM and the related mode OCB are single-pass highly parallelizable authenticated-encryption modes, and while they were originally proven secure in the private random permutation model, Kurosawa has shown that they are also secure in the public random per- mutation model assuming the whitening keys are uniformly chosen with double the usual entropy. In this paper, we show a general composabil- ity result that shows that the whitening key can be obtained from the usual entropy source by a key-derivation function which is itself built on Keccak. We stress that this does not follow directly from the usual indifferentiability of key-derivation function constructions from Random Oracles. We also show that a simple and general construction, again employing Keccak, can also be used to make the IAPM scheme key- dependent-message secure. Finally, implementations on modern AMD-64 architecture supporting 128-bit SIMD instructions, and not supporting the native AES instructions, show that IAPM with Keccak runs three times faster than IAPM with AES. 1 Introduction Symmetric key encryption of bulk data is usually performed using either a stream cipher or a block cipher. A long message is divided into small fixed-size blocks and encryption is performed by either a stream-cipher mode or a block-cipher mode employing a cryptographic primitive that operates on blocks.
    [Show full text]
  • OCB: a Bock-Cipher Mode of Operation for Efficient Authenticated Encryption
    OCB: A Bock-Cipher Mode of Operation for Efficient Authenticated Encryption Phillip Rogaway UC Davis This work done at Chiang Mai University [email protected] http://www.cs.ucdavis.edu/~rogaway Mihir Bellare John Black Ted Krovetz UC San Diego University of Nevada UC Davis CCS-8 — Philadelphia, USA — November 8, 2001 Slide 1 Principal Goals of Symmetric Cryptography Privacy What the Adversary sees tells her nothing of significance about the underlying message M that the Sender sent Authenticity The Receiver is sure that the string he receives was sent (in exactly this form) by the Sender Authenticated Encryption Achieves both privacy and authenticity C C* Nonce M M K Adversary K or invalid K K Sender Receiver Slide 2 Why Authenticated Encryption? • Efficiency By merging privacy and authenticity one can achieve efficiency difficult to achieve if handling them separately. • Easier-to-correctly-use abstraction By delivering strong security properties one may minimize encryption-scheme misuse. Slide 3 Easier to correctly use because stronger security properties Idealized encryption OCB Authenticated encryption [Bellare, Rogaway] IND-CPA + auth of ciphertexts [Katz,Yung] [Bellare, Namprempre] IND-CCA = NM-CCA CTR, CBC$ [Goldwasser, Micali] IND-CPA [Bellare, Desai, Jokipii, Rogaway] ECB Slide 4 Right or Wrong? It depends on what definition E satisfies K A . R K A A B EK (A . B . RA . RB .sk) EK (RB) Slide 5 Folklore approach. See Generic Composition [Bellare, Namprempre] and [Krawczyk] Traditional approach to authenticated encryption for
    [Show full text]
  • Global Journal of Engineering Science And
    [Arslan, 6(3): March 2019] ISSN 2348 – 8034 DOI- 10.5281/zenodo.2599921 Impact Factor- 5.070 GLOBAL JOURNAL OF ENGINEERING SCIENCE AND RESEARCHES PRIVACY PRESERVING SECURITY MECHANISM FOR IOT BASED DISTRIBUTED SMART HEALTHCARE SYSTEM Farrukh Arslan School of Electrical and Computer Engineering, Purdue University, USA ABSTRACT Data security and privacy are one of the key concerns in the Internet of Things (IoT). Usage of IOT is increasing in the society day-by-day, and security challenges are becoming more and more severe. From a data perspective, IOT data security plays a major role. Some of the sensitive data such as criminal record, military information, the medical record of the patients, etc. Due to the size and other features of IOT, it is almost impossible to create an efficient centralized authentication system. The proposed system focused on IoT security for distributed medical record to provide perimeter security to the patient. Building trust in distributed environments without the need for authorities is a technological advance that has the potential to change many industries, the IOT is one among them. Furthermore, it protects data integrity and availability. It improves the accessibility of data by using the indexing method along with the blockchain. Moreover, it facilitate the utility of tracking the previous history of the patient record using the hyper ledger with authorization. Keywords: security, Internet of Things, Health-care, Block chain, Hyper ledger. I. INTRODUCTION Amount of information grows day by day but the security of the data is not maintained properly. Nowadays blockchain technology is very useful in IOT field such as smart cities, smart home system as well as it provides security [1].
    [Show full text]
  • CMU-CS-17-118 July 2017
    Secure Large-Scale Outsourced Services Founded on Trustworthy Code Executions Bruno Vavala CMU-CS-17-118 July 2017 School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 Faculty of Sciences University of Lisbon 1749-16 Lisbon, Portugal Thesis Committee: Peter Steenkiste, Co-Chair Nuno Neves, University of Lisbon, Co-Chair Anupam Datta Vyas Sekar Antonia Lopes, University of Lisbon Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science Copyright c 2017 Bruno Vavala This research was sponsored by Fundac¸ao˜ para a Cienciaˆ e Tecnologia (Portuguese Foundation for Science and Technology) through the Carnegie Mellon Portugal Program under grant SFRH/BD/51562/2011 (until August 2016) and the Information and Communication Technology Institute at Carnegie Mellon University, by FCT through project UID/CEC/00408/2013 (LaSIGE), by the EC through project FP7-607109 (SEGRID) and project H2020-643964 (SUPERCLOUD). The views and conclusions contained in this document are those of the author and should not be interpreted as representing the official policies, either expressed or implied, of any sponsoring institution, the Portuguese government, the U.S. government or any other entity. Keywords: Trusted Computing, Cloud Security, Trusted Execution Abstraction, Execution Integrity, Code Identity, Large-scale Data, TPM, Intel SGX, Efficient Execution Verification, Passive Replication, Service Availability This work was partially supported by the Fundac¸ao˜ para a Cienciaˆ e Tecnologia (FCT) through research grant SFRH/BD/51562/2011 (until August 2016) and through project UID/CEC/00408/2013 (LaSIGE), by the Informa- tion and Communication Technology Institute at Carnegie Mellon University, by the EC through project FP7-607109 (SEGRID) and project H2020-643964 (SUPERCLOUD).
    [Show full text]
  • The Evolution of Authenticated Encryption
    The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA Those who’ve worked with me on AE: Mihir Bellare Workshop on Real-World Cryptography John Black Thursday, 10 January 2013 Ted Krovetz Stanford, California, USA Chanathip Namprempre Tom Shrimpton David Wagner 1/40 Traditional View (~2000) Of Symmetric Goals K K Sender Receiver Privacy Authenticity (confidentiality) (data-origin authentication) Encryption Authenticated Encryption Message scheme Achieve both of these aims Authentication Code (MAC) IND-CPA [Goldwasser, Micali 1982] Existential-unforgeability under ACMA [Bellare, Desai, Jokipii, R 1997] [Goldwasser, Micali, Rivest 1984, 1988], [Bellare, Kilian, R 1994], [Bellare, Guerin, R 1995] 2/40 Needham-Schroeder Protocol (1978) Attacked by Denning-Saco (1981) Practioners never saw a b IND-CPA as S encryption’s goal A . B . NA {N . B . s . {s . A} } 1 A b a 2 a b {s . A} A 3 b B 4 {NB}s 5 {NB -1 }s 3/40 Add redundancy No authenticity for any S = f (P) CBC ~ 1980 Doesn’t work Beyond CBC MAC: regardless of how you compute unkeyed checksums don’t work even the (unkeyed) checksum S = R(P1, …, Pn) with IND-CCA or NM-CPA schemes (Wagner) [An, Bellare 2001] 4/40 Add more arrows PCBC 1982 Doesn’t work See [Yu, Hartman, Raeburn 2004] The Perils of Unauthenticated Encryption: Kerberos Version 4 for real-world attacks 5/40 Add yet more stuff iaPCBC [Gligor, Donescu 1999] Doesn’t work Promptly broken by Jutla (1999) & Ferguson, Whiting, Kelsey, Wagner (1999) 6/40 Emerging understanding that: - We’d like
    [Show full text]
  • Bitcoin: Technical Background and Data Analysis
    Finance and Economics Discussion Series Divisions of Research & Statistics and Monetary Affairs Federal Reserve Board, Washington, D.C. Bitcoin: Technical Background and Data Analysis Anton Badev and Matthew Chen 2014-104 NOTE: Staff working papers in the Finance and Economics Discussion Series (FEDS) are preliminary materials circulated to stimulate discussion and critical comment. The analysis and conclusions set forth are those of the authors and do not indicate concurrence by other members of the research staff or the Board of Governors. References in publications to the Finance and Economics Discussion Series (other than acknowledgement) should be cleared with the author(s) to protect the tentative character of these papers. Bitcoin: Technical Background and Data Analysis Anton Badev Matthew Chen∗ October 7, 2014 Executive summary Broadly speaking, Bitcoin is a scheme designed to facilitate the transfer of value be- tween parties. Unlike traditional payment systems, which transfer funds denominated in sovereign currencies, Bitcoin has its own metric for value called bitcoin (with lowercase letter \b", and abbreviated as BTC1). Bitcoin is a complex scheme, and its implementa- tion involves a combination of cryptography, distributed algorithms, and incentive driven behaviour. Moreover, recent developments suggest that Bitcoin operations may involve risks whose nature and proportion are little, if at all, understood. In light of these con- siderations, the purpose of this paper is to provide the necessary technical background to understand basic Bitcoin operations and document a set of empirical regularities related to Bitcoin usage. We present the micro-structure of the Bitcoin transaction process and highlight the use of cryptography for the purposes of transaction security and distributed maintenance of a ledger.
    [Show full text]
  • ATAES132A 32K AES Serial EEPROM Complete Data Sheet
    ATAES132A ATAES132A 32K AES Serial EEPROM Complete Data Sheet Features • Crypto Element Device with Secure Hardware-Based Key Storage • 32 kb Standard Serial EEPROM Memory – Compatible with the Microchip AT24C32D and the Microchip AT25320B – 16 User Zones of 2 kb Each • High-Security Features – AES Algorithm with 128-bit Keys – AES-CCM for Authentication – Message Authentication Code (MAC) Capability – Guaranteed Unique Die Serial Number – Secure Storage for up to Sixteen 128-bit Keys – Encrypted User Memory Read and Write – Internal High-Quality FIPS Random Number Generator (RNG) – 16 High-Endurance Monotonic EEPROM Counters • Flexible User Configured Security – User Zone Access Rights Independently Configured – Authentication Prior to Zone Access • Read/Write, Encrypted, or Read-Only User Zone Options • High-Speed Serial Interface Options – 10 MHz SPI (Mode 0 and 3) – 1 MHz Standard I2C Interface • 2.5V to 5.5V Supply Voltage Range • <250 nA Sleep Current • 8-pad UDFN and 8-lead SOIC Package Options • Temperature Range: -40°C to +85°C Applications • Easily Add Security by Replacing Existing Serial EEPROM • Authenticate Consumables, Components, and Network Access • Protect Sensitive Firmware • Securely Store Sensitive Data and Enable Paid-for Features • Prevent Contract Manufacturers from Overbuilding • Manage Warranty Claims • Securely Store Identity Data (i.e. Fingerprints and Pictures) © 2018 Microchip Technology Inc. Datasheet Complete DS40002023A-page 1 ATAES132A Description The Microchip ATAES132A is a high-security, Serial Electrically-Erasable and Programmable Read-Only Memory (EEPROM) providing both authentication and confidential nonvolatile data storage capabilities. Access restrictions for the 16 user zones are independently configured, and any key can be used with any zone.
    [Show full text]
  • Design and Analysis of Decentralized Public Key Infrastructure with Quantum-Resistant Signatures
    석 ¬ Y 위 | 8 Master's Thesis 양자 ´1 서명D t©\ È중YT 공개¤ 0반 lpX $Ä 및 분석 Design and Analysis of Decentralized Public Key Infrastructure with Quantum-resistant Signatures 2018 H 형 철 (W ; 哲 An, Hyeongcheol) \ m 과 Y 0 Ð Korea Advanced Institute of Science and Technology 석 ¬ Y 위 | 8 양자 ´1 서명D t©\ È중YT 공개¤ 0반 lpX $Ä 및 분석 2018 H 형 철 \ m 과 Y 0 Ð 전산Y부 (정보보8대YÐ) Design and Analysis of Decentralized Public Key Infrastructure with Quantum-resistant Signatures Hyeongcheol An Advisor: Kwangjo Kim A dissertation submitted to the faculty of Korea Advanced Institute of Science and Technology in partial fulfillment of the requirements for the degree of Master of Science in Computer Science (Information Security) Daejeon, Korea June 12, 2018 Approved by Kwangjo Kim Professor of Computer Science The study was conducted in accordance with Code of Research Ethics1. 1 Declaration of Ethical Conduct in Research: I, as a graduate student of Korea Advanced Institute of Science and Technology, hereby declare that I have not committed any act that may damage the credibility of my research. This includes, but is not limited to, falsification, thesis written by someone else, distortion of research findings, and plagiarism. I confirm that my thesis contains honest conclusions based on my own careful research under the guidance of my advisor. MIS H형철. 양자 ´1 서명D t©\ È중YT 공개¤ 0반 lpX $Ä 및 분석. 전산Y부 (정보보8대YÐ) . 2018D. 50+iv ½. 지ÄP수: @광p. 20164355 (영8 |8) Hyeongcheol An. Design and Analysis of Decentralized Public Key Infras- tructure with Quantum-resistant Signatures.
    [Show full text]
  • Optimising the SHA256 Hashing Algorithm for Faster & More Efficient Bitcoin Mining
    Optimising the SHA256 Hashing Algorithm for Faster and More Efficient Bitcoin Mining1 by Rahul P. Naik Supervisor: Dr. Nicolas T. Courtois MSc Information Security DEPARTMENT OF COMPUTER SCIENCE September 2, 2013 1 This report is submitted as part requirement for the MSc Degree in Information Security at University College London. It is substantially the result of my own work except where explicitly indicated in the text. The report may be freely copied and distributed provided the source is explicitly acknowledged. Copyright © Rahul Naik 2013. Abstract Since its inception in early 2009, Bitcoin has attracted a substantial amount of users and the popularity of this decentralised virtual currency is rapidly increasing day by day. Over the years, an arms race for mining hardware has resulted with miners requiring more and more hashing power in order to remain alive in the Bitcoin mining arena. The hashing rate and the energy consumption of the mining devices used are of utmost importance for the profit margin in Bitcoin mining. As Bitcoin mining is fundamentally all about computing the double SHA256 hash of a certain stream of inputs many times, a lot of research has been aimed towards hardware optimisations of the SHA256 Hash Standard implementations. However, no effort has been made in order to optimise the SHA256 algorithm specific to Bitcoin mining. This thesis covers the broad field of Bitcoin, Bitcoin mining and the SHA256 hashing algorithm. Rather than hardware based optimisations, the main focus of this thesis is targeted towards optimising the SHA256 hashing algorithm specific to the Bitcoin mining protocol so that mining can be performed faster and in a more efficient manner.
    [Show full text]
  • Crush Crypto Educational Series
    The History of Digital Currency Educational Series November 26, 2018 Digital Currency Before Bitcoin • The creation of Bitcoin in 2009 marked the birth of the first digital currency to achieve widespread adoption across the globe. However, the concept of a secure digital currency has been around since the 1980s. • Previous attempts that inspired Satoshi Nakamoto’s creation of Bitcoin include: • DigiCash • Bit Gold • Hashcash • B-money For additional resources, please visit www.CrushCrypto.com. 2 Copyright © Crush Crypto. All Rights Reserved. DigiCash • Computer scientist David Chaum released the paper Blind Signatures for Untraceable Payments (1982) in which he outlined an alternative to the electronic transactions hitting retail stores at the time. His paper is considered one of the first proposals of digital currency in history. • He continued working on his proposal and eventually launched a company called DigiCash in 1990 to commercialize the ideas in his research. In 1994 the company put forth their first electronic cash transaction over the internet. For additional resources, please visit www.CrushCrypto.com. 3 Copyright © Crush Crypto. All Rights Reserved. DigiCash (continued) • DigiCash transactions were unique for the time considering their use of protocols like blind signatures and public key cryptography to enable anonymity. As a result, third parties were prevented from accessing personal information through the online transactions. • Despite the novel technology, DigiCash was not profitable as a company and filed a chapter 11 bankruptcy in 1998 before being sold for assets in 2002. • Chaum thought that DigiCash entered the market before e-commerce was fully integrated with the internet and that lead to a chicken-and-egg problem.
    [Show full text]