Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BitcoinsMathematical Background

Akram El-Korashy1

1Computer Science and EngineeringGerman University in Cairo

CSEN 1033 Seminar in Topics and Applications inCryptography, 2013

Akram El-Korashy Bitcoins Math



Outline

1 IntroductionBitcoins network properties

2 Bitcoin addressesBTC address generation overviewBTC address cryptography

3 Transactions

4 Block chain




Bitcoins network properties

Outline



3 Transactions

4 Block chain





Main features

Bitcoin addresses

Bitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchainsTransactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.





Main features

Bitcoin addresses

Bitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchains

Transactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.





Main features

Bitcoin addressesBitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchains

Transactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.





Main features

Bitcoin addressesBitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchainsTransactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.




BTC address generation overviewBTC address cryptography

Outline



3 Transactions

4 Block chain





Bitcoin AddressDefinition

DefinitionBicoin address is an identifier of 27-34 alphanumericcharacters, that represents a possible destination for a Bitcoinpayment.

Address GenerationA Bitcoin address is a 160-bit hash of the public portion of apublic/private ECDSA keypair.





Bitcoin AddressAddress Generation

Choose a random Elliptic-Curve key-pair. The public part isconverted into a BTC address





Bitcoin AddressAddress Generation

The 20 bytes Message Digest from RIPEMD-160..





Outline



3 Transactions

4 Block chain





Bitcoin AddressDefinitions and some Math

DefinitionBase58

encoding is a binary-to-text encoding, that uses onlythe alphanumeric characters (except 0,O,I, and l.)

DefinitionRIPEMD-160 is a cryptographic hash function that generates a160-bit digest of an arbitrary size block of data.

ExampleRIPEMD-160("The quick brown fox jumps over the lazy

dog") = 37f332f68db77bd9d7edd4969571ad671cf9dd3b

RIPEMD-160("The quick brown fox jumps over the lazy

cog") = 132072df690933835eb8b6ad0b77e7b6f14acad7






DefinitionBase58 encoding is a binary-to-text encoding, that uses onlythe alphanumeric characters

(except 0,O,I, and l.)











DefinitionBase58 encoding is a binary-to-text encoding, that uses onlythe alphanumeric characters (except 0,O,I, and l.)










Bitcoin AddressSecure Hash Algorithm-256

Input: arbitrary length data, Output: 256-bit digestMerkle-Damgard Construction (one-way compressionfunction, block ciphers)





DefinitionElliptic curve over a field Fp can be defined as the set of points (x,y)satisfying the equation

y2 mod p = (x3 + ax + b) mod p

Example

The set of affine points of the elliptic curve y2 = x3 − x over F61.





Bitcoin AddressElliptic Curve Digital Signature Algorithm

Any signature algorithm has a Sign phase and a Verifyphase.

Some parameters agreed upon between sender andreceiver:

1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point

doubling (can be calculated from G!)6 h cofactor - order of the curve divided by n






Any signature algorithm has a Sign phase and a Verifyphase. Some parameters agreed upon between sender andreceiver:

1 q field size

2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point








1 q field size2 FR the basis used - can assume a fixed basis

3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point








1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation

(field elements)4 G base point, and5 n its order - group element order, point addition, point








1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)

4 G base point, and5 n its order - group element order, point addition, point









doubling

(can be calculated from G!)6 h cofactor - order of the curve divided by n








doubling (can be calculated from G!)

6 h cofactor - order of the curve divided by n




TransactionsDefinitions

DefinitionA transaction is a signed section of data that is broadcast to thenetwork and collected into blocks.

It typically references previous transaction(s) and dedicates acertain number of bitcoins from it to one or more new publickey(s) (Bitcoin address).

It is not encrypted (nothing in Bitcoin is encrypted).

Transactions and Blocks are the main data structures.

A Block is composed of a header and a group of transactions.

Transactions are identified by their hash (SHA-256).

Blocks are identified by a hash of the header.




TransactionsExample

Example

Principle example of a transaction

Script is a set of instructions for the receiver to follow in order tobe able to spend the Bitcoins.

An input is a reference to the output of a different transaction.Previous tx is the pointer to (hash value of) the transactionfrom which the bitcoin Value will be transferred.




TransactionsExample

The main script instructions are:

The hash of the public key should match the bitcoinaddress specified in the transaction.The signature on the sent data should be verifiable by thepublic key.

Instructions are executed from the Output field of thereferenced transaction Previous tx

scriptSig is an ECDSA signature on small data (part of thetransaction). It serves as a proof that the transaction in which itexists was created by the real owner of the public address whichthe Previous tx was intended to.




Block ChainDefinition

DefinitionBlock chain is a transaction database shared by all nodesparticipating in a system based on the Bitcoin protocol.

Every block contains a hash of the previous block

BitCoin uses the SHA-256 hash algorithm to generate verifiably"random" numbers in a way that requires a predictable amountof CPU effort.




Block ChainConcept

Block chain: Because a block can only reference one previousblock, it is impossible for two forked chains to merge.

(Tree goes bottom-up)


Appendix

References I

https://en.bitcoin.it/wiki/AddressAccessed March, 2013

Simple Tutorial on Elliptic Curve CryptographyAccessed March, 2013

https://en.bitcoin.it/w/images/en/9/9b/PubKeyToAddr.pngAccessed March, 2013

Bitcoin wiki: Technical background of bitcoin addressesAccessed March, 2013

rnks.informatik.tu-cottbus.de - A tutorial on elliptic curve cryptographyAccessed March, 2013

https://en.bitcoin.it/wiki/Category:TechnicalAccessed March, 2013


Bitcoins Math

Technology

Transcript of Bitcoins Math