[Cryptography] Another Bitcoin issue (maybe)

Jeffrey I Schiller jis at qyv.net
Fri Feb 14 11:23:07 EST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/14/2014 03:57 AM, ianG wrote:
> It is a problem, if you don't rely on it.  If you need to rely on 
> it, as per Mt.Gox, it becomes a problem.  An exchange merchant 
> friend of mine was telling me that his database to manage the 
> blockchain is now at 40Gb.  As a merchant, he's subject to attack 
> .. so he's keen to manage the entire process.

Actually my bitcoin partition usage is up to 40Gb (20Gb owned by
bitcoind and the rest owned by the Armory wallet). Btw. I keep my
bitcoin partition encrypted.

Indeed I would fully expect exchanges and most merchants to maintain
an entire copy of the blockchain. It is the consumers in this equation
who will use light weight wallets. I'm playing with the KryptoKit
Chrome extension and Andreas Schildbach’s Bitcoin Wallet on
Android. KryptoKit directly uses blockchain.info and Andreas's wallet
scans the blockchain that it receives from the P2P network, though you
can tell it to only connect to a "trusted" peer.

Another cryptography related issue is the strength of the ECDSA Curve
used (secp256k1) not to mention the whole space of ECDSA. Currencies
last a long time.... one of the interesting features of Bitcoin is the
hashing of the public key to derive the Bitcoin address. As long as
you don't spend from a bitcoin address, the public key is never
revealed. So you are protected from attacks against the ECDSA
curve. However as soon as you do a spend, the blockchain contains your
public key and this protection is lost. I have seen advice that says
you should only spend from an address once, sending change from a
transaction to a different address. This is implemented in the full
wallets. However the light weight wallets are really just a wrapper
around a single address. In fact the term "wallet" is sometimes
conflated with address (not to mention Coin :-) ). Things like "paper
wallets" are just a scanable copy of a private key.

Then there is the abomination of "brain wallets" where the private key
is simply a password. Btw. An interesting experiment to do (I've done
it) is to create a brain wallet based on a simple password and send it
some coin (don't send a lot!). Within a few seconds of submitting the
transaction, a transaction will be submitted that steals the coin. So
someone (probably more then one someone) has built a lookup table of
all bitcoin addresses that result of a decent password
dictionary. They are watching the transaction chain in real time and
making off with coin when they find a match. Pretty cool, and scary.

So bitcoin is under constant attack. Of course what doesn't kill you,
makes you stronger. Hmmm. Does that apply to crypto?

- -Jeff

- --
_______________________________________________________________________
Jeffrey I. Schiller
Information Systems and Technology – MIT App Inventor
Massachusetts Institute of Technology
77 Massachusetts Avenue  Room E17-110A, 32-392
Cambridge, MA 02139-4307
617.910.0259 - Voice
jis at mit.edu, jis at qyv.net
http://jis.qyv.name
_______________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iD8DBQFS/kLj8CBzV/QUlSsRAsknAKCLN3GOhwuNQIm+off62jzFqLTi5gCeJPYf
VG5KRBD8XYmOiA+PzbU6zDE=
=yimA
-----END PGP SIGNATURE-----


More information about the cryptography mailing list