Slide 1

The views expressed in this presentation are Mere Apne. Reference to any specific products, process ,or service do not necessarily constitute or imply endorsement, recommendation, or views of Min of Def or any GovtAllimagesused are for illustrative purposesonly & Do not promote any specific product

OVERVIEWWHY,HOW,WHEREWHOS WHO?TECHNOLOGYCASE STUDYJAI HINDHSUMMARY

Name used by the unknown person or persons who designed BITCOIN and created its original reference implementationSATOSHI NAKAMOTO

Kahan Gaya Usay Dhoondo

AS OF 17TH FEB 20171 BITCOIN IS WORTH 1040$

SO 1 BITCOIN IS 70103

THE LAST BITCOIN (PROBABLY 21 MILLIONTH COIN) WILL BE MINED IN THE YEAR 2140

ANONYMITY VSPSEUDONYMITYMark TwainSamuel Clemens

BITCOIN is often ADVERTISED as ANONYMOUS Digital Currency that offers a high level of user PRIVACY PEOPLE can HIDE their IDENTITIES behind a WALLET ADDRESS, and generate ADDITIONAL ADDRESSES if needed

CRYPTOCURRENCY IS AN ATTEMPT TO BRING BACK A DECENTRALISED CURRENCY OF PEOPLE, ONE THAT IS NOT SUBJECT TO INFLATIONARY MOVES BY A CENTRAL BANK

Distributed Ledger is a Consensus of Replicated, Shared & Synchronized digital data geographically spread across multiple sites & countries

Type of Distributed Ledger, comprised of Unchangeable, Digitally Recorded Data in packages called BLOCKS

TAMPER EVIDENT LEDGER

https://anders.com/blockchain/

BASICALLY CHUNKS OF INFO THAT CAN BE USED TO MATHEMATICALGUARANTEE ABOUT MESSAGES

Peer-to-Peer(P2P)networkis created when two or more PCs are connected & share resources without going through a separate server computer

206 , 1670 ... .

SHA .

BITCOIN MINING

MERKLE TREE

A user for CONDUCTING TRANSACTIONS utilizing BITCOIN, he or she must first DOWNLOAD and setup a BITCOIN WALLETBITCOIN WALLET can show the total BALANCE of all BITCOINS it CONTROLS and let A USER PAY a specified AMOUNT

WALLET contains a USERS PRIVATE KEY, which ALLOWS FOR THE SPENDING of the BITCOINS, which are located in the BLOCK CHAINOnce wallet is INSTALLED & CONFIGURED, an ADDRESS is GENERATED which is SIMILAR to an E-MAIL or PHYSICAL ADDRESS

WALLET is basically theBitcoinEquivalent of a Bank account. Allows to RECEIVEBITCOINS, STORE them, and then SEND them to others

Connected to the Internet or is online is said to be HOTCold Wallets & Hot WalletsCold is considered most Secure & suitable for Storing Large Amounts of bitcoinsHot is suitable for Frequently Accessed fundsCOLD implies it is Offline or Disconnected from the Internet

Designed to be downloaded & used on Laptops/PCsDESKTOP WALLETSArmory,Multibit,Msigna andHive to mention a FEWEasy to Access.Available for Different OS Windows, Mac OS and Ubuntu.

MOBILE WALLETS

ONLINE WEB WALLETS

PHYSICAL WALLETSOnce they are generated, you print them out on a piece of paperPaper Wallets can Securely hold your BITCOINS in Cold Storage form for a long time Bitaddress.orgorBlockchain.info

BitcoinQt is the First ever built bitcoin CLIENT WALLET BITCOIN CLIENTS WALLETSOriginal bitcoin wallet used by the Pioneers of the currencyCOMPUTERS installed with these wallets FORM PART OF THE CORE NETWORK & have access to all transactions on the blockchain

HARDWARE WALLETS

BITCOIN ARTIFACTS

They DONT EXIST ANYWHERE, even on a hard drive

When we say SOMEONE HAS BITCOINS & you look at a PARTICULAR BITCOIN ADDRESS, there are NO DIGITAL BITCOINS held AGAINST that ADDRESS BALANCE of any BITCOIN address ISNT HELD at that ADDRESS; one MUST RECONSTRUCT it by looking at the BLOCKCHAIN

Everyone on the NETWORK knows about a TRANSACTION and THE HISTORY OF A TRANSACTION can be TRACED BACK to the point where the BITCOINS were produced

Conduct a SEARCH based on BLOCK NUMBER, ADDRESS, BLOCK HASH, TRANSACTION HASH or PUBLIC KEY

BITCOIN-QT FOLDER STRUCTURE

BITCOIN-QT FOLDER STRUCTUREBlocks This subdirectory contains blockchain data and contains a blk.dat file and a blocks/index subdirectory. blk.dat stores actual Bitcoin blocks dumped in raw format. The blocks/index subdirectory is a database that contains metadata about all known blocks

Chainstate subdirectory- it is a database with a compact representation of all currently unspent transactions and some metadata about where the transactions originatedBITCOIN-QT FOLDER STRUCTURE

Database subdirectory - Contains database journaling files (Data Directory,

BITCOIN-QT FOLDER STRUCTURE

BITCOIN-QT FOLDER STRUCTUREDB LOCK FILEEXTENSIVE LOGGING FILEPEER INFORMATIONSTORAGE FOR KEYS,TXN,METADATA etc

Private key of the suspect, they can search for that particular key on the Blockchain to Trace the purchases to other potential Suspects.

investigator has the Bitcoin

BITCOIN FORENSIC ARTIFACT EXAMINATIONWindows 7 Professional

Multibit

Bitcoin-Qt

Bitminter

Basic USB ASIC BitcoinGateway laptop ML6720

120 GB WD hard drive

(4) USB ASIC Mining drives

USB powered cooling fan

32 GB USB thumb drive

Utilizing the data from 344transactions, Meiklejohn able to identify the owners ofmore than a million Bitcoin addressesSarah Meiklejohn, a Bitcoin focused Computer ResearcherExtensive Research inBitcoin Blockchain Found that by looking blockchain an investigator canuncover who owns a Bitcoin addresses

Bitcoin transactions occur via a Network Connection, an investigator should seize any Physical Object that can connect to the Internet in addition to the hard driveCOLLECTION OF BITCOIN ARTIFACTS

System Info

Info about Logged users

Registry Info

Remnants of Chats

Web browsing Activities

Recent Communications

Info from Cloud Services

Decryption Keys for encrypted volumes mounted

COLLECTION OF BITCOIN ARTIFACTS

UlbrichtRoss

anupamtiwari@protonmail.com

https://about.me/anupam.tiwari