[Cryptography] Apple GovtOS/FBiOS & Proof of Work
Peter Todd
pete at petertodd.org
Fri Mar 18 12:21:11 EDT 2016
On Fri, Mar 18, 2016 at 06:56:17AM -0700, Henry Baker wrote:
> At 06:30 AM 3/18/2016, Peter Todd wrote:
> >In the spirit of patents, I'll also point out all of the above could be
> >even more effectively done with the Bitcoin blockchain.
>
> True, but do you want to require your iPhone to be connected to the Internet (so it can "see" the Bitcoin blockchain) in order to get a firmware update?
The firmware update itself can provide the relevant blockchain headers.
> Also, when your iPhone wakes up, how does it even know -- for sure -- what time&date it is?
>
> Someone could simply reset the clock back a few years and give it an old blockchain (or a completely made-up blockchain).
As for why it's secure for the firmware update to do that, I think
you're misunderstanding how Bitcoin works. A poorly understood part of
the security of Bitcoin is that the PoW difficulty can only vary by a
limited amount every two weeks, at most 4x higher or lower.
Now, I'm suggesting the device have a recent block header + total work
baked into it at the factory, so setting the clock backwards won't be
possible. What the attacker would want to do is set the clock *forwards*
so that the fake chain they provide the device requires as little work
as possible. For instance, if the attacker can set the clock forward by
8 weeks, they can drive the difficulty to 1/16th; forward by 16 weeks,
1/256th.
This doesn't sound great, but remember that the attacker still has to
create a very large number of fake blocks to drive the difficulty down
in the first place, for a large total work. At worst the same result as
your PoW suggestion, yet still significantly cheaper because all Bitcoin
users are contributing to the same security goal.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160318/448176f8/attachment.sig>
More information about the cryptography
mailing list