ECDSA: The digital signature algorithm of a better internet

Bitcoin’s Security and Hash Rate Explained

Bitcoin’s Security and Hash Rate Explained
As the Bitcoin hash rate reaches new all-time highs, there’s never been a better time to discuss blockchain security and its relation to the hashing power and the Proof of Work (PoW) that feed the network. The Bitcoin system is based on a form of decentralized trust, heavily relying on cryptography. This makes its blockchain highly secure and able to be used for financial transactions and other operations requiring a trustless ledger.
Far from popular belief, cryptography dates back to thousands of years ago. The same root of the word encryption — crypt — comes from the Greek word ‘kryptos’, meaning hidden or secret. Indeed, humans have always wanted to keep some information private. The Assyrians, the Chinese, the Romans, and the Greeks, they all tried over the centuries to conceal some information like trade deals or manufacturing secrets by using symbols or ciphers carved in stone or leather. In 1900 BC, Egyptians used hieroglyphics and experts often refer to them as the first example of cryptography.
Back to our days, Bitcoin uses cryptographic technologies such as:
  1. Cryptographic hash functions (i.e. SHA-256 and RIPEMD-160)
  2. Public Key Cryptography (i.e. ECDSA — the Elliptic Curve Digital Signature Algorithm)
While Public Key Cryptography, bitcoin addresses, and digital signatures are used to provide ownership of bitcoins, the SHA-256 hash function is used to verify data and block integrity and to establish the chronological order of the blockchain. A cryptographic hash function is a mathematical function that verifies the integrity of data by transforming it into a unique unidentifiable code.
Here is a graphic example to make things more clear:

– Extract from the MOOC (Massive Open Online Course) in Digital Currencies at the University of Nicosia.
Furthermore, hash functions are used as part of the PoW algorithm, which is a prominent part of the Bitcoin mining algorithm and this is what is of more interest to understand the security of the network. Mining creates new bitcoins in each block, almost like a central bank printing new money and creates trust by ensuring that transactions are confirmed only when enough computational power is devoted to the block that contains them. More blocks mean more computation, which means more trust.
With PoW, miners compete against each other to complete transactions on the network and get rewarded. Basically they need to solve a complicated mathematical puzzle and a possibility to easily prove the solution. The more hashing power, the higher the chance to resolve the puzzle and therefore perform the proof of work. In more simple words, bitcoins exist thanks to a peer to peer network that helps validate transactions in the ledger and provides enough trust to avoid that a third party is involved in the process. It also exists because miners give it life by resolving that computational puzzle, through the mining reward incentive they are receiving.
For more info, contact Block.co directly or email at [email protected].
Tel +357 70007828
Get the latest from Block.co, like and follow us on social media:
✔️Facebook
✔️LinkedIn
✔️Twitter
✔️YouTube
✔️Medium
✔️Instagram
✔️Telegram
✔️Reddit
✔️GitHub
submitted by BlockDotCo to u/BlockDotCo [link] [comments]

Minimizing Trust in Hardware Wallets with Two Factor Signatures

Cryptology ePrint Archive: Report 2019/006
Date: 2019-01-02
Author(s): Antonio Marcedone, Rafael Pass, abhi shelat

Link to Paper


Abstract
We introduce the notion of two-factor signatures (2FS), a generalization of a two-out-of-two threshold signature scheme in which one of the parties is a hardware token which can store a high-entropy secret, and the other party is a human who knows a low-entropy password. The security (unforgeability) property of 2FS requires that an external adversary corrupting either party (the token or the computer the human is using) cannot forge a signature. This primitive is useful in contexts like hardware cryptocurrency wallets in which a signature conveys the authorization of a transaction. By the above security property, a hardware wallet implementing a two-factor signature scheme is secure against attacks mounted by a malicious hardware vendor; in contrast, all currently used wallet systems break under such an attack (and as such are not secure under our definition). We construct efficient provably-secure 2FS schemes which produce either Schnorr signature (assuming the DLOG assumption), or EC-DSA signatures (assuming security of EC-DSA and the CDH assumption) in the Random Oracle Model, and evaluate the performance of implementations of them. Our EC-DSA based 2FS scheme can directly replace currently used hardware wallets for Bitcoin and other major cryptocurrencies to enable security against malicious hardware vendors.

References
[1] Jes´us F Almansa, Ivan Damg˚ard, and Jesper Buus Nielsen. Simplified threshold RSA with adaptive and proactive security. In Eurocrypt, volume 4004, pages 593–611. Springer, 2006.
[2] Dan Boneh, Xuhua Ding, Gene Tsudik, and Chi-Ming Wong. A method for fast revocation of public key certificates and security capabilities. In USENIX Security Symposium, pages 22–22, 2001.
[3] Jan Camenisch, Anja Lehmann, Gregory Neven, and Kai Samelin. Virtual smart cards: how to sign with a password and a server, 2016.
[4] Yvo Desmedt and Yair Frankel. Threshold cryptosystems. In Advances in Cryptology – CRYPTO 1989, pages 307–315. Springer, 1990.
[5] J. Doerner, Y. Kondi, E. Lee, and a. shelat. Secure two-party threshold ECDSA from ECDSA assumptions. In 2018 IEEE Symposium on Security and Privacy (SP), pages 595–612, 2018.
[6] Rosario Gennaro and Steven Goldfeder. Fast multiparty threshold ecdsa with fast trustless setup. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 1179–1194. ACM, 2018.
[7] Rosario Gennaro, Stanis law Jarecki, Hugo Krawczyk, and Tal Rabin. Robust and efficient sharing of RSA functions. In Advances in Cryptology – CRYPTO 1996, pages 157–172. Springer, 1996.
[8] Steven Goldfeder, Rosario Gennaro, Harry Kalodner, Joseph Bonneau, Joshua A Kroll, Edward W Felten, and Arvind Narayanan. Securing bitcoin wallets via a new DSA/ECDSA threshold signature scheme, 2015.
[9] Yehuda Lindell. Fast secure two-party ECDSA signing. In Advances in Cryptology – CRYPTO 2017, pages 613–644. Springer, 2017.
[10] Yehuda Lindell and Ariel Nof. Fast secure multiparty ecdsa with practical distributed key generation and applications to cryptocurrency custody. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 1837–1854. ACM, 2018.
[11] Philip MacKenzie and Michael K Reiter. Delegation of cryptographic servers for capture-resilient devices. Distributed Computing, 16(4):307–327, 2003.
[12] Philip MacKenzie and Michael K Reiter. Networked cryptographic devices resilient to capture. International Journal of Information Security, 2(1):1–20, 2003.
[13] Antonio Marcedone, Rafael Pass, and abhi shelat. Minimizing trust in hardware wallets with two factor signatures. Cryptology ePrint Archive, Report 2018/???, 2018.
[14] Microchip. Atecc608a datasheet, 2018.
[15] Antonio Nicolosi, Maxwell N Krohn, Yevgeniy Dodis, and David Mazieres. Proactive two-party signatures for user authentication. In NDSS, 2003.
[16] Marek Palatinus, Pavol Rusnak, Aaron Voisine, and Sean Bowe. Mnemonic code for generating deterministic keys (bip39). https://github.com/bitcoin/bips/blob/mastebip-0039.mediawiki.
[17] Tal Rabin. A simplified approach to threshold and proactive RSA. In Advances in Cryptology – CRYPTO 1998, pages 89–104. Springer, 1998.
[18] T.C. Sottek. Nsa reportedly intercepting laptops purchased online to install spy malware, December 2013. [Online; posted 29-December-2013; https://www.theverge.com/2013/12/29/5253226/nsacia-fbi-laptop-usb-plant-spy].
submitted by dj-gutz to myrXiv [link] [comments]

4A Coin Whitepaper

4A Coin: A web-based cryptocurrency network. Summary~ Because the first generation cryptocurrencies such as Bitcoin, Ethereum and Litecoin distribute the money issuing task according to the power of machines such as GPU and CPU, they accumulate the payments in the mempool and they mine by changing the nonce number randomly or by continuously increasing it and trying repeatedly until they find a hash summary that matches the difficulty they specify, instead of processing the payments made in real-time instantly. This solution is ingenious if you want to use digital currency as a value storage tool. But when you try to use these digital currencies to pay for coffee or purchase a product online, it stands out as a disadvantage since you have to pay commissions to those miners and have to wait too long. As you know, the power of large payment solutions, such as Paypal or Western Union, comes from their servers and software. We also started working on a noncentralized, blockchain-protected end-toend (P2P) cryptocurrency that works as a web service. In such a case, for the system to survive and ensure security, instead of paying for the server cost, we set up a system where servers, that are nodes in the system, can get paid, provided they just stay online for 44 hours instead of mining. People get paid for a useful service they provide instead of wasting their time. There will be a reason for people to install this system on their servers because they are rewarded as long as they remain as servers. When people send an end-to-end payment, the servers, by finding a summary of this payment (They find this summary in order for all systems to meet at a common point and validate payments, and because it is a necessity of the blockchain architecture), ending with 4A, including the time, the sender, the receiver, amount, summary of the previous transaction and the data contained in a digital signature indicating that the sender is actually sending it, without any difficulty and they add it to their databases. Because there are no such concepts as block size or mining involved in any way, the registration process is completed instantly. We use a task queue management library called Celery Project, which is used by companies such as Instagram and Mozilla to prevent complication that may occur if 100 transactions take place within the same second. Security~ If you noticed when you entered the site, I told you that it was safer than Visa. This may seem an ambitious sentence for many, but if you actually know what you're doing when you buy a product online, you are aware of the risks involved. Risk & Problem~ When you type information in the payment form, such as credit card, CVV, and so on, malicious people on the web can read the data you send through these forms. Just because of this, payment solutions require you to add an SSL certificates to your site. These SSL certificates actually save your data using cryptography and protect it until it reaches the recipient. Well, what if the seller has bad intentions? Solution~ 4A Coin encrypts your payments using the Elliptic Curve Digital Signature Algorithm (ECDSA) and sends a signature confirming that you want to pay instead of giving your digital password to the network. This is actually the idea of Satoshi Nakamoto and it is known as P2PKH in Bitcoin. So if we actually compare 4A Coin to a credit card, then no one will ever see your credit card details. In addition, SSL certificate is no longer needed because a malicious user who can tap into your network seeing your payment signature won't change anything, besides it is already publicly shared everywhere. Thus, we have already gotten rid of certificate issues like security and SSL in the first place. Commission Solution~ When you benefit from a local payment solution, you will have to pay a commission to the companies you work with, between 5% and 20% of your sales. The coins you use in 4A Coin are already generated by the nodes, so they do not ask for a commission. Thanks to this, you do not pay commissions for transactions nor for any other reason. Wallets ~ wallet_id ~ 4A01eaedb37fc09fdb94c6d632adf9f63d private_key ~ cbc949239a333559f5dd8b0b5cf3d32923c2cab3 7c2bde9c8042a3dafe59a6b9 Your wallet is actually an ECDSA key pair. At first, we used RSA for this, but we had to switch to ECDAS because the keys were too long in the RSA and were taking too much space. Users have public keys, private keys, and wallet addresses created by processing public keys. Public key is not visible to users on the system. Instead, they will see a short version of a summary generated by public key processing as their wallet. def generate_wallet_from_pkey(public_key): binmnmn = public_key.encode('utf-8') first_step = 34 - len(settings.CURRENCY) wallet_id = hashlib.sha256(binmnmn).hexdigest() wallet_id = wallet_id[-first_step:] wallet_id = "".join((settings.CURRENCY, wallet_id)) return wallet_id This function simply creates a wallet from the simply given public key's SHA-256 summary. Public keys are required for the approval of digital signatures, so it is necessary to keep the public key in transactions. Payments~ When a user makes a payment, the payment time (in epoch format & GMT), the sender's address, the recipient's address, the summary of the previous transaction and the amount sent are transferred to a dictionary. This dictionary can be sorted differently on different computers, and to prevent this, the contents of this dictionary must be organized in a way that is ordered from A to Z, and will give the same result in everyone. data = collections.OrderedDict(sorted(data.items())) With the above code, we can create a stable dictionary that can work globally. Finally, we take a summary of this dictionary and record it in our database, and broadcast it to other servers that we have recorded it. Peer to Peer~ We use the TCP port and web socket technology to ensure that the system is P2P. For the script to work, you need to use Python3. Because, we use the Twister Matrix Library and the Autobahn Python libraries to provide real time transactions. The port we use globally is the 9000th port. There are 3 different types of broadcasting in real time processes: The first one is “Hi, I'm a new node, please add me to your network” and the other one is “Hi, I'm a new process, please verify me”. This is parsed on the server side and necessary actions are taken. The third broadcasting type will be explained in the proof of cloud section. Mining ~ A total of 450 million of 4A Coins will be issued with 300.000.000 Pre-mined. 150 million coins will be mined by a method called Proof of Cloud. Proof of Cloud~ Proof of Cloud or POC refers to a method of earning based on time as a server instead of mining. Each node, by staying online for 44 hours, will send a message as "I have been online for 44 hours, so check my database to see if I have been online by reviewing my recent transactions." If it proves that you have approved transactions for the last 44 hours, you will be eligible to receive the reward. Celery & Redis~ We use Celery, a library that automatically controls tasks so that certain processes can be repeated at certain times in the system. Celery needs Redis to work. Redis is an open source NoSQL (NoSQL is the name given to database systems that store “non-relational” data schematically. NoSQL is literally being used in the sense of "not-only- SQL", which means "only SQL is not used".) software written on Linux as the pure version. Keeping the system up and running~ We use Gunicorn 'Green Unicorn' and Nginx, the Python WSI HTTP Server, to ensure that the system can handle high load and maintain its endurance; Nginx is a Web server designed to focus on high concurrency, high performance and low memory usage. It can also be used as a reverse proxy server, load balancer, and HTTP cache. We were actually using Supervisord to keep all these systems up and running, but since Supervisord did not work with Python3 we started using Circusd developed by the Mozilla Foundation and we were more satisfied with it than Supervisiord. It is much easier to install and use, requires Tornado framework to work on its own, and works correctly with the 4.5.3 version of Tornado. This version is already installed automatically in requirements.txt, but it is important that you know this detail.
submitted by 4acoin to u/4acoin [link] [comments]

4A Coin Whitepaper

4A Coin: A web-based cryptocurrency network. Summary~ Because the first generation cryptocurrencies such as Bitcoin, Ethereum and Litecoin distribute the money issuing task according to the power of machines such as GPU and CPU, they accumulate the payments in the mempool and they mine by changing the nonce number randomly or by continuously increasing it and trying repeatedly until they find a hash summary that matches the difficulty they specify, instead of processing the payments made in real-time instantly. This solution is ingenious if you want to use digital currency as a value storage tool. But when you try to use these digital currencies to pay for coffee or purchase a product online, it stands out as a disadvantage since you have to pay commissions to those miners and have to wait too long. As you know, the power of large payment solutions, such as Paypal or Western Union, comes from their servers and software. We also started working on a noncentralized, blockchain-protected end-toend (P2P) cryptocurrency that works as a web service. In such a case, for the system to survive and ensure security, instead of paying for the server cost, we set up a system where servers, that are nodes in the system, can get paid, provided they just stay online for 44 hours instead of mining. People get paid for a useful service they provide instead of wasting their time. There will be a reason for people to install this system on their servers because they are rewarded as long as they remain as servers. When people send an end-to-end payment, the servers, by finding a summary of this payment (They find this summary in order for all systems to meet at a common point and validate payments, and because it is a necessity of the blockchain architecture), ending with 4A, including the time, the sender, the receiver, amount, summary of the previous transaction and the data contained in a digital signature indicating that the sender is actually sending it, without any difficulty and they add it to their databases. Because there are no such concepts as block size or mining involved in any way, the registration process is completed instantly. We use a task queue management library called Celery Project, which is used by companies such as Instagram and Mozilla to prevent complication that may occur if 100 transactions take place within the same second. Security~ If you noticed when you entered the site, I told you that it was safer than Visa. This may seem an ambitious sentence for many, but if you actually know what you're doing when you buy a product online, you are aware of the risks involved. Risk & Problem~ When you type information in the payment form, such as credit card, CVV, and so on, malicious people on the web can read the data you send through these forms. Just because of this, payment solutions require you to add an SSL certificates to your site. These SSL certificates actually save your data using cryptography and protect it until it reaches the recipient. Well, what if the seller has bad intentions? Solution~ 4A Coin encrypts your payments using the Elliptic Curve Digital Signature Algorithm (ECDSA) and sends a signature confirming that you want to pay instead of giving your digital password to the network. This is actually the idea of Satoshi Nakamoto and it is known as P2PKH in Bitcoin. So if we actually compare 4A Coin to a credit card, then no one will ever see your credit card details. In addition, SSL certificate is no longer needed because a malicious user who can tap into your network seeing your payment signature won't change anything, besides it is already publicly shared everywhere. Thus, we have already gotten rid of certificate issues like security and SSL in the first place. Commission Solution~ When you benefit from a local payment solution, you will have to pay a commission to the companies you work with, between 5% and 20% of your sales. The coins you use in 4A Coin are already generated by the nodes, so they do not ask for a commission. Thanks to this, you do not pay commissions for transactions nor for any other reason. Wallets ~ wallet_id ~ 4A01eaedb37fc09fdb94c6d632adf9f63d private_key ~ cbc949239a333559f5dd8b0b5cf3d32923c2cab3 7c2bde9c8042a3dafe59a6b9 Your wallet is actually an ECDSA key pair. At first, we used RSA for this, but we had to switch to ECDAS because the keys were too long in the RSA and were taking too much space. Users have public keys, private keys, and wallet addresses created by processing public keys. Public key is not visible to users on the system. Instead, they will see a short version of a summary generated by public key processing as their wallet. def generate_wallet_from_pkey(public_key): binmnmn = public_key.encode('utf-8') first_step = 34 - len(settings.CURRENCY) wallet_id = hashlib.sha256(binmnmn).hexdigest() wallet_id = wallet_id[-first_step:] wallet_id = "".join((settings.CURRENCY, wallet_id)) return wallet_id This function simply creates a wallet from the simply given public key's SHA-256 summary. Public keys are required for the approval of digital signatures, so it is necessary to keep the public key in transactions. Payments~ When a user makes a payment, the payment time (in epoch format & GMT), the sender's address, the recipient's address, the summary of the previous transaction and the amount sent are transferred to a dictionary. This dictionary can be sorted differently on different computers, and to prevent this, the contents of this dictionary must be organized in a way that is ordered from A to Z, and will give the same result in everyone. data = collections.OrderedDict(sorted(data.items())) With the above code, we can create a stable dictionary that can work globally. Finally, we take a summary of this dictionary and record it in our database, and broadcast it to other servers that we have recorded it. Peer to Peer~ We use the TCP port and web socket technology to ensure that the system is P2P. For the script to work, you need to use Python3. Because, we use the Twister Matrix Library and the Autobahn Python libraries to provide real time transactions. The port we use globally is the 9000th port. There are 3 different types of broadcasting in real time processes: The first one is “Hi, I'm a new node, please add me to your network” and the other one is “Hi, I'm a new process, please verify me”. This is parsed on the server side and necessary actions are taken. The third broadcasting type will be explained in the proof of cloud section. Mining ~ A total of 450 million of 4A Coins will be issued with 300.000.000 Pre-mined. 150 million coins will be mined by a method called Proof of Cloud. Proof of Cloud~ Proof of Cloud or POC refers to a method of earning based on time as a server instead of mining. Each node, by staying online for 44 hours, will send a message as "I have been online for 44 hours, so check my database to see if I have been online by reviewing my recent transactions." If it proves that you have approved transactions for the last 44 hours, you will be eligible to receive the reward. Celery & Redis~ We use Celery, a library that automatically controls tasks so that certain processes can be repeated at certain times in the system. Celery needs Redis to work. Redis is an open source NoSQL (NoSQL is the name given to database systems that store “non-relational” data schematically. NoSQL is literally being used in the sense of "not-only- SQL", which means "only SQL is not used".) software written on Linux as the pure version. Keeping the system up and running~ We use Gunicorn 'Green Unicorn' and Nginx, the Python WSI HTTP Server, to ensure that the system can handle high load and maintain its endurance; Nginx is a Web server designed to focus on high concurrency, high performance and low memory usage. It can also be used as a reverse proxy server, load balancer, and HTTP cache. We were actually using Supervisord to keep all these systems up and running, but since Supervisord did not work with Python3 we started using Circusd developed by the Mozilla Foundation and we were more satisfied with it than Supervisiord. It is much easier to install and use, requires Tornado framework to work on its own, and works correctly with the 4.5.3 version of Tornado. This version is already installed automatically in requirements.txt, but it is important that you know this detail.
submitted by 4acoin to u/4acoin [link] [comments]

Bitcoin 101 Elliptic Curve Cryptography Part 4 Generating ... Public Key Encryption: Elliptic Curve Ciphers Bitcoin Private and Public Keys Explained Simply - YouTube Encryption Basics  Public Key Encryption  SSL - YouTube Introduction to Bitcoin with Yours Bitcoin, Lecture 5: ECDSA

ECDSA vs RSA. ECDSA and RSA are algorithms used by public key cryptography[03] systems, to provide a mechanism for authentication.Public key cryptography is the science of designing cryptographic systems that employ pairs of keys: a public key (hence the name) that can be distributed freely to anyone, along with a corresponding private key, which is only known to its owner. I can't find a similar tool (that works) for ECDSA cryptography where I can play around with public and private keys, and do digital signatures on messages, and test signature verification. I've found these 2 sites that claim to do this but didn't work for me: Understanding How ECDSA Protects Your Data.: Everyone has probably heard of ECDSA in one form or another. Some people will better recognize it when I say "Digital signature", and some people will just have no idea what I'm talking about.I once tried to understand how ECDSA works, but it's hard… Bitcoin’s protocol uses what’s called the Elliptic Curve Digital Signature Algorithm (ECDSA) to create a new set of private key and corresponding public key. The public key is then used with a hash function to create the public address that Bitcoin users use to send and receive funds. The private key is kept secret and is used to sign a digital transaction to make sure the origin of the ... ECDSA_sign To use this authentication mechanism, the client MUST possess a certificate containing an ECDSA-capable public key and signed with ECDSA. pem Add the public and private key to the key management and configure your producers to retrieve public keys and consumers clients to retrieve private keys. from_string (secret, curve = SECP256k1) public_key = private_key. PHP secp256k1_ec_pubkey ...

[index] [14202] [26323] [1448] [16422] [9342] [27215] [16748] [49795] [50457] [41890]

Bitcoin 101 Elliptic Curve Cryptography Part 4 Generating ...

Bitcoin 101 - Quindecillions & The Amazing Math Of Bitcoin's Private Keys - Duration: 23:51. ... Fast Secure Two Party ECDSA Signing - Duration: 22:08. TheIACR 1,663 views. 22:08 . How Bitcoin ... Vídeo original: https://youtu.be/iB3HcPgm_FI Welcome to part four in our series on Elliptic Curve Cryptography. I this episode we dive into the development o... Working with private keys is also a risk, because if anyone were to obtain a private key you own, they could access your coins. Therefore, you must take every precaution if you are exporting them. Welcome to part four in our series on Elliptic Curve Cryptography. I this episode we dive into the development of the public key. In just 44 lines of code, w... How do you slow down hackers and provide equal access to everyone on earth? Not easy. But Bitcoin's solution is devilishly simple, employing outrageously big...

#