Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben

2014 | Buch

How Did Dread Pirate Roberts Acquire and Protect his Bitcoin Wealth? Kapitel lesen Erstes Kapitel lesen

Financial Cryptography and Data Security

FC 2014 Workshops, BITCOIN and WAHC 2014, Christ Church, Barbados, March 7, 2014, Revised Selected Papers

herausgegeben von: Rainer Böhme, Michael Brenner, Tyler Moore, Matthew Smith

Verlag: Springer Berlin Heidelberg

Buchreihe : Lecture Notes in Computer Science

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

This books constitutes the thoroughly refereed papers and poster abstracts from the FC 2014 Workshops, the First Workshop on Bitcoin Research, BITCOIN 2014, and the Second Workshop on Applied Homomorphic Cryptography and Encrypted Computing, WAHC 2014, co-located with the 18th International Conference on Financial Cryptography and Data Security, held in Christ Church, Barbados, on March 7, 2014. The 15 full papers and 3 poster abstracts presented were carefully reviewed and selected from 30 submissions. They are grouped in topical sections on Bitcoin transactions, policy and legal issues; Bitcoin security; improving digital currencies; posters, and WAHC papers.

Inhaltsverzeichnis

Frontmatter

Bitcoin Transactions, Policy and Legal Issues

Frontmatter
How Did Dread Pirate Roberts Acquire and Protect his Bitcoin Wealth?
Abstract
The Bitcoin scheme is the most popular and talked about alternative payment scheme. One of the most active parts of the Bitcoin ecosystem was the Silk Road marketplace, in which highly illegal substances and services were traded. It was run by a person who called himself Dread Pirate Roberts (DPR), whose bitcoin holdings are estimated to be worth hundreds of millions of dollars at today’s exchange rate. On October 1-st 2013, the FBI arrested a 29 year old person named Ross William Ulbricht, claiming that he is DPR, and seizing a small fraction of his bitcoin wealth. In this paper we use the publicly available record to trace the evolution of his holdings in order to find how he acquired and how he tried to hide them from the authorities. In particular, we trace the amounts he seemingly received and the amounts he seemingly transferred out of his accounts, and show that all his Silk Road commissions from the months of May, June and September 2013, along with numerous other amounts, were not seized by the FBI. This analysis demonstrates the power of data mining techniques in analyzing large payment systems, and especially publicly available transaction graphs of the type provided by the Bitcoin scheme.
Dorit Ron, Adi Shamir
Towards Risk Scoring of Bitcoin Transactions
Abstract
If Bitcoin becomes the prevalent payment system on the Internet, crime fighters will join forces with regulators and enforce blacklisting of transaction prefixes at the parties who offer real products and services in exchange for bitcoin. Blacklisted bitcoins will be hard to spend and therefore less liquid and less valuable. This requires every recipient of Bitcoin payments not only to check all incoming transactions for possible blacklistings, but also to assess the risk of a transaction being blacklisted in the future. We elaborate this scenario, specify a risk model, devise a prediction approach using public knowledge, and present preliminary results using data from selected known thefts. We discuss the implications on markets where bitcoins are traded and critically revisit Bitcoin’s ability to serve as a unit of account.
Malte Möser, Rainer Böhme, Dominic Breuker
Challenges and Opportunities Associated with a Bitcoin-Based Transaction Rating System
Abstract
It has been shown that seller ratings given by previous buyers give new customers useful information when making purchasing decisions. Bitcoin, however, is designed to obfuscate the link between buyer and seller with a layer of limited anonymity, thus preventing buyers from finding or validating this information. While this level of anonymity is valued by the Bitcoin community, as Bitcoin moves toward greater adoption there will be pressure from buyers who wish to know more about who they are doing business with, and sellers who consider their reputation a strong selling point, to allow greater transparency. We consider three different models by which a reputation/rating system could be implemented in conjunction with Bitcoin transactions and consider pros and cons of each. We find that each presents challenges on both the technological and social fronts.
David Vandervort
Bitcoin: A First Legal Analysis
With Reference to German and US-American Law
Abstract
The use of Bitcoins is increasing rapidly. Bitcoins are utilized in e-commerce to purchase both legal and illegal goods, they are transferred and traded and companies have invested their capital in the new digital currency. While the technical aspects of the system are well established, the legal framework remains unclear. Legislators all over the world are just starting to discover this new virtual phenomenon. This article illustrates selected legal challenges arising in different fields of law (public, criminal and civil law). Particular attention is paid to the German situation while the US-American context is also considered.
Franziska Boehm, Paulina Pesch

Bitcoin Security

Frontmatter
Empirical Analysis of Denial-of-Service Attacks in the Bitcoin Ecosystem
Abstract
We present an empirical investigation into the prevalence and impact of distributed denial-of-service (DDoS) attacks on operators in the Bitcoin economy. To that end, we gather and analyze posts mentioning “DDoS” on the popular Bitcoin forum bitcointalk.​org. Starting from around 3 000 different posts made between May 2011 and October 2013, we document 142 unique DDoS attacks on 40 Bitcoin services. We find that 7 % of all known operators have been attacked, but that currency exchanges, mining pools, gambling operators, eWallets, and financial services are much more likely to be attacked than other services. Not coincidentally, we find currency exchanges and mining pools are much more likely to have DDoS protection such as CloudFlare, Incapsula, or Amazon Cloud. We show that those services that have been attacked are more than three times as likely to buy anti-DDoS services than operators who have not been attacked. We find that big mining pools (those with historical hashrate shares of at least 5 %) are much more likely to be DDoSed than small pools. We investigate Mt. Gox as a case study for DDoS attacks on currency exchanges and find a disproportionate amount of DDoS reports made during the large spike in trading volume and exchange rates in spring 2013. We conclude by outlining future opportunities for researching DDoS attacks on Bitcoin.
Marie Vasek, Micah Thornton, Tyler Moore
Game-Theoretic Analysis of DDoS Attacks Against Bitcoin Mining Pools
Abstract
One of the unique features of the digital currency Bitcoin is that new cash is introduced by so-called miners carrying out resource-intensive proof-of-work operations. To increase their chances of obtaining freshly minted bitcoins, miners typically join pools to collaborate on the computations. However, intense competition among mining pools has recently manifested in two ways. Miners may invest in additional computing resources to increase the likelihood of winning the next mining race. But, at times, a more sinister tactic is also employed: a mining pool may trigger a costly distributed denial-of-service (DDoS) attack to lower the expected success outlook of a competing mining pool. We explore the trade-off between these strategies with a series of game-theoretical models of competition between two pools of varying sizes. We consider differences in costs of investment and attack, as well as uncertainty over whether a DDoS attack will succeed. By characterizing the game’s equilibria, we can draw a number of conclusions. In particular, we find that pools have a greater incentive to attack large pools than small ones. We also observe that larger mining pools have a greater incentive to attack than smaller ones.
Benjamin Johnson, Aron Laszka, Jens Grossklags, Marie Vasek, Tyler Moore
The Bitcoin P2P Network
Abstract
The Bitcoin virtual currency is built on the top of a decentralized peer-to-peer (P2P) network used to propagate system information such as transactions or blockchain updates. In this paper, we have performed a data collection process identifying more than 872000 different Bitcoin nodes. This data allows us to present information on the size of the Bitcoin P2P network, the node geographic distribution, the network stability in terms of interrupted availability of nodes, as well as some data regarding the propagation time of the transmitted information. Furthermore, although not every Bitcoin user can be identified as a P2P network node, measurements of the P2P network can be considered as a lower bound for Bitcoin usage, and they provide interesting results on the adoption of such virtual currency.
Joan Antoni Donet Donet, Cristina Pérez-Solà, Jordi Herrera-Joancomartí

Improving Digital Currencies

Frontmatter
Fair Two-Party Computations via Bitcoin Deposits
Abstract
We show how the Bitcoin currency system (with a small modification) can be used to obtain fairness in any two-party secure computation protocol in the following sense: if one party aborts the protocol after learning the output then the other party gets a financial compensation (in bitcoins). One possible application of such protocols is the fair contract signing: each party is forced to complete the protocol, or to pay to the other one a fine.
We also show how to link the output of this protocol to the Bitcoin currency. More precisely: we show a method to design secure two-party protocols for functionalities that result in a “forced” financial transfer from one party to the other.
Our protocols build upon the ideas of our recent paper “Secure Multiparty Computations on Bitcoin” (Cryptology ePrint Archive, Report 2013/784). Compared to that paper, our results are more general, since our protocols allow to compute any function, while in the previous paper we concentrated only on some specific tasks (commitment schemes and lotteries). On the other hand, as opposed to “Secure Multiparty Computations on Bitcoin”, to obtain security we need to modify the Bitcoin specification so that the transactions are “non-malleable” (we discuss this concept in more detail in the paper).
Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Łukasz Mazurek
Increasing Anonymity in Bitcoin
Abstract
Bitcoin prevents double-spending using the blockchain, a public ledger kept with every client. Every single transaction till date is present in this ledger. Due to this, true anonymity is not present in bitcoin. We present a method to enhance anonymity in bitcoin-type cryptocurrencies. In the blockchain, each block holds a list of transactions linking the sending and receiving addresses. In our modified protocol the transactions (and blocks) do not contain any such links. Using this, we obtain a far higher degree of anonymity. Our method uses a new primitive known as composite signatures. Our security is based on the hardness of the Computation Diffie-Hellman assumption in bilinear maps.
Amitabh Saxena, Janardan Misra, Aritra Dhar
Rational Zero: Economic Security for Zerocoin with Everlasting Anonymity
Abstract
Zerocoin proposed adding decentralized cryptographically anonymous e-cash to Bitcoin. Given the increasing popularity of Bitcoin and its reliance on a distributed pseudononymous public ledger, this anonymity is important if only to provide the same minimal privacy protections from nosy neighbors offered by conventional banking. Unfortunately, at 25 KB, the non-interactive zero-knowledge proofs for spending a zerocoin are nearly prohibitively large. In this paper, we consider several improvements. First, we strengthen Zerocoin’s anonymity guarantees, making them independent of the size of these proofs. Given this freedom, we explore several techniques for drastically reducing proof size while ensuring that forging a single zerocoin is more difficult than the block mining process used to maintain Bitcoin’s distributed ledger. Provided a zerocoin is worth less than the reward for a Bitcoin block, forging a coin is not an economically rational action. Hence we preserve Zerocoin’s absolute anonymity guarantees while achieving drastic reductions in proof size by limiting ourselves to security against rational attackers.
Christina Garman, Matthew Green, Ian Miers, Aviel D. Rubin

Bitcoin Poster Abstracts

Frontmatter
On Offline Payments with Bitcoin (Poster Abstract)
Abstract
Bitcoin [2] is a decentralized digital currency which relies neither on banks nor on any other central authority for issuing of coins or transaction verification. Currently, Bitcoin experiences enormous success driven by large interest from users, politics, but also by speculation.
Alexandra Dmitrienko, David Noack, Ahmad-Reza Sadeghi, Moti Yung
One Weird Trick to Stop Selfish Miners: Fresh Bitcoins, A Solution for the Honest Miner (Poster Abstract)
Abstract
In “Majority is not Enough: Bitcoin Mining is Vulnerable”, Eyal and Sirer study a Bitcoin mining strategy called selfish mining [1]. Under selfish mining, miners strategically withhold blocks to cheat Bitcoin’s mining incentive system. This represents a ‘tragedy of the commons’ in which selfish behavior is incentivized over honest behavior, eventually causing most miners to adopt the selfish strategy, despite it being harmful to Bitcoin [2] as a whole.
Ethan Heilman
From Bitcoin to the Brixton Pound: History and Prospects for Alternative Currencies (Poster Abstract)
Abstract
The rise of Bitcoin has led to renewed interest in alternative currencies. While alternative currencies have regularly featured on the economic landscape over the last half-millennia we have a limited understanding of several salient questions, such as which factors explain their rise and decline. An alternative currency is considered here to be any medium of exchange other than legal tender. A new taxonomy is introduced below to more precisely define the many different types of alternative currencies and to address the disparate lexicon found in the literature. Alternative currencies can be broadly classified as either tangible (Table 1) or digital (Table 2).
Garrick Hileman

Applied Homomorphic Cryptography and Encrypted Computing

Frontmatter
High-Speed Fully Homomorphic Encryption Over the Integers
Abstract
A fully homomorphic encryption (FHE) scheme is envisioned as a key cryptographic tool in building a secure and reliable cloud computing environment, as it allows arbitrary evaluation of a ciphertext without revealing the plaintext. However, existing FHE implementations remain impractical due to very high time and resource costs. To the authors’ knowledge, this paper presents the first hardware implementation of a full encryption primitive for FHE over the integers using FPGA technology. A large-integer multiplier architecture utilising Integer-FFT multiplication is proposed, and a large-integer Barrett modular reduction module is designed incorporating the proposed multiplier. The encryption primitive used in the integer-based FHE scheme is designed employing the proposed multiplier and modular reduction modules. The designs are verified using the Xilinx Virtex-7 FPGA platform. Experimental results show that a speed improvement factor of up to 44 is achievable for the hardware implementation of the FHE encryption scheme when compared to its corresponding software implementation. Moreover, performance analysis shows further speed improvements of the integer-based FHE encryption primitives may still be possible, for example through further optimisations or by targeting an ASIC platform.
Xiaolin Cao, Ciara Moore, Máire O’Neill, Neil Hanley, Elizabeth O’Sullivan
Practical and Privacy-Preserving Policy Compliance for Outsourced Data
Abstract
We consider a scenario for data outsourcing that supports performing database queries in the following three-party model: a client interested in making database queries, a data owner providing its database for client access, and a server (e.g., a cloud server) holding the (encrypted) outsourced data and helping both other parties. In this scenario, a natural problem is that of designing efficient and privacy-preserving protocols for checking compliance of a client’s queries to the data owner’s query compliance policy. We propose a cryptographic model for the study of such protocols, defined so that they can compose with an underlying database retrieval protocol (with no query compliance policy) in the same participant model. Our main result is a set of new protocols that satisfy a combination of natural correctness, privacy, and efficiency requirements. Technical contributions of independent interest include the use of equality-preserving encryption to produce highly practical symmetric-cryptography protocols (i.e., two orders of magnitude faster than “Yao-like” protocols), and the use of a query rewriting technique that maintains privacy of the compliance result.
Giovanni Di Crescenzo, Joan Feigenbaum, Debayan Gupta, Euthimios Panagos, Jason Perry, Rebecca N. Wright
Bandwidth Efficient PIR from NTRU
Abstract
We present a private information retrieval (PIR) scheme based on somewhat homomorphic encryption (SWHE). In particular, we customize an NTRU-based SWHE scheme in order to evaluate a specific class of fixed depth circuits relevant for PIR implementation, thus achieving a more practical implementation. In practice, a SWHE that can evaluate a depth 5 circuit is sufficient to construct a PIR capable of retrieving data from a database containing 4 billion rows. We leverage this property in order to produce a more practical PIR scheme. Compared to previous results, our implementation achieves a significantly lower bandwidth cost (more than 1000 times smaller). The computational cost of our implementation is higher than previous proposals for databases containing a small number of bits in each row. However, this cost is amortized as database rows become wider.
Yarkın Doröz, Berk Sunar, Ghaith Hammouri
Toward Practical Homomorphic Evaluation of Block Ciphers Using Prince
Abstract
We present the homomorphic evaluation of the Prince block cipher. Our leveled implementation is based on a generalization of NTRU. We are motivated by the drastic bandwidth savings that may be achieved by scheme conversion. To unlock this advantage we turn to lightweight ciphers such as Prince. These ciphers were designed from scratch to yield fast and compact implementations on resource-constrained embedded platforms. We show that some of these ciphers have the potential to enable near practical homomorphic evaluation of block ciphers. Indeed, our analysis shows that Prince can be implemented using only a 24 level deep circuit. Using an NTRU based implementation we achieve an evaluation time of 3.3 s per Prince block – one and two orders of magnitude improvement over homomorphic AES implementations achieved using NTRU, and BGV-style homomorphic encryption libraries, respectively.
Yarkın Doröz, Aria Shahverdi, Thomas Eisenbarth, Berk Sunar
A Scalable Implementation of Fully Homomorphic Encryption Built on NTRU
Abstract
In this paper we report on our work to design, implement and evaluate a Fully Homomorphic Encryption (FHE) scheme. Our FHE scheme is an NTRU-like cryptosystem, with additional support for efficient key switching and modulus reduction operations to reduce the frequency of bootstrapping operations. Ciphertexts in our scheme are represented as matrices of 64-bit integers. The basis of our design is a layered software services stack to provide high-level FHE operations supported by lower-level lattice-based primitive implementations running on a computing substrate. We implement and evaluate our FHE scheme to run on a commodity CPU-based computing environment. We implemented our FHE scheme to run in a compiled C environment and use parallelism to take advantage of multi-core processors. We provide experimental results which show that our FHE implementation provides at least an order of magnitude improvement in runtime as compared to recent publicly known evaluation results of other FHE software implementations.
Kurt Rohloff, David Bruce Cousins
Restructuring the NSA Metadata Program
Abstract
During the Summer of 2013, it was revealed through the documents leaked by Edward Snowden that the NSA was collecting the metadata of every US-to-foreign, foreign-to-US and US-to-US call from the largest US telephone providers. This led to public outcry and to President Obama calling for the restructuring of this program. The options initially considered included keeping the data at the providers, entrusting the data to a private entity, entrusting the data to a non-NSA government agency or ending the program all-together.
In this work, we show how cryptography can be used to design a privacy-preserving alternative to the NSA metadata program. We present a protocol based on structured encryption, in particular on graph encryption, and secure function evaluation that provides the following guarantees: (1) providers learn no information about NSA queries; (2) NSA queries can only be executed if validated by a given certification process; (3) the NSA learns nothing about the data beyond what can be inferred from the query results. In addition, these properties are achieved whether the data is stored at the providers, the NSA or on a third-party cloud.
Seny Kamara
Backmatter
Metadaten
Titel
Financial Cryptography and Data Security
herausgegeben von
Rainer Böhme
Michael Brenner
Tyler Moore
Matthew Smith
Copyright-Jahr
2014
Verlag
Springer Berlin Heidelberg
Electronic ISBN
978-3-662-44774-1
Print ISBN
978-3-662-44773-4
DOI
https://doi.org/10.1007/978-3-662-44774-1

Premium Partner

    Bildnachweise