Bitcoin Forum
December 04, 2016, 04:16:37 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Bitcoin and the NSA  (Read 4869 times)
samablog
Jr. Member
*
Offline Offline

Activity: 30



View Profile WWW
April 25, 2011, 04:02:24 PM
 #1

I posted the following on my blog, but I figured that people here would be able to point me to the answers more easily.  I apologize in advance if this has been discusses ad nauseam already.


Bitcoin utilizes something called elliptical curve encryption in its processes. I remember back in the day, attending Bob Hettinga’s “Digital Commerce Society of Boston” meetings, and hearing this discussed then That was about 15 years ago now. I’m not a cryptographer, but from what I remember, elliptical curve encryption offered extraordinarily strong encryption without requiring an extraordinary amount of processing power. It was envisioned at the time that this method of encryption would be extremely useful in mobile devices.

My question is simple: Has the NSA broken elliptical curve encryption yet? And if they have, would they have it within their power to destroy Bitcoin?

If the NSA has broken elliptical curve encryption, they surely wouldn’t announce such a capability. But it does mean that if the US Federal Government wanted to, they could crush Bitcoin in seconds flat, inflating it beyond measure. By doing so, they would announce to the world that they can break elliptical curve encryption, but maybe that would be worth doing in certain circumstances.

But put aside the NSA for a moment. Theoretically, there is also what I would call the MC Frontalot problem as well. In his song, Secrets From The Future, he writes:

Quote
You can’t hide secrets from the future with math.
You can try, but I bet that in the future they laugh
at the half-assed schemes and algorithms amassed
to enforce cryptographs in the past.

The point being, that even the best cryptography today is likely to be broken, even by brute force, at some point in the future. So my question is, how is the Bitcoin development community planning to work around the MC Frontalot problem? IPhysical currency gets recalled and re-issued with new anti-counterfeiting measures added periodically, but what's the equivalent for Bitcoin?  I assume somebody has already asked this question, but I thought I’d ask it here in any event.

Get your Bitcoin Decals at www.bitcoindecals.com
1480824997
Hero Member
*
Offline Offline

Posts: 1480824997

View Profile Personal Message (Offline)

Ignore
1480824997
Reply with quote  #2

1480824997
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480824997
Hero Member
*
Offline Offline

Posts: 1480824997

View Profile Personal Message (Offline)

Ignore
1480824997
Reply with quote  #2

1480824997
Report to moderator
gusti
Legendary
*
Offline Offline

Activity: 1102


View Profile
April 25, 2011, 04:36:02 PM
 #2

I'm not a cryptography expert  at all, but I understand that is easy to change btc in the protocol, from sha256 to whatever other technology, if the old one happens to be cracked.

If you don't own the private keys, you don't own the coins.
kgo
Hero Member
*****
Offline Offline

Activity: 548


View Profile
April 25, 2011, 06:45:52 PM
 #3

No the NSA hasn't broken it.  In fact, ECC is the only public key algorithm that they've cleared for use by the government itself to secure top secret documents.

http://www.nsa.gov/ia/programs/suiteb_cryptography/
Stephen Gornick
Legendary
*
Offline Offline

Activity: 1988



View Profile
April 25, 2011, 08:31:51 PM
 #4

Related discussion here:
  http://bitcointalk.org/index.php?topic=2699.0

samablog
Jr. Member
*
Offline Offline

Activity: 30



View Profile WWW
April 25, 2011, 09:59:55 PM
 #5

Thanks guys

Get your Bitcoin Decals at www.bitcoindecals.com
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
April 25, 2011, 10:14:47 PM
 #6

My question is simple: Has the NSA broken elliptical curve encryption yet?
Unknowable.
Quote
And if they have, would they have it within their power to destroy Bitcoin?

No.  At best, they would have the power to steal bitcoins from individual accounts.  Both the merkle tree inside of the blocks, and the blockchain itself, uses secure hashing, not public/private keypair encryption.  So if SHA256 (the hash that Bitcoin presently uses) were broken in the future, this would not expose the individual account balances of all users, but only those of the most recent blocks in the blockchain.  Likewise, if the public/private keypair encryption that Bitcoin presently uses was broken, this would expose the accounts of individual users that the attacker was willing to commit resources to break open; but would not expose the blockchain itself to attack, nor the whole of the Bitcoin user base.  If both are broken at the same time, we would be in trouble.  However, if either is broken (or even appears to be subject to breaking in the near future) then each is modular and can be replaced with another method within the same class of encryption.  Bitcoin is not 'married' to elliptical curve encryption, per se.

Also, the hashing methods used for the blockchain can be different than those used for the merkle tree, or even two different secure hashing methods used for each block; because the blockchain is currently secured using a SHA256 hash of a SHA256 hash of the block's header.  Which would further seperate sections of Bitcoin from the risk of any one part of the system being broken.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
Gavin Andresen
Legendary
*
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
April 25, 2011, 11:04:45 PM
 #7

To steal your bitcoins by breaking crypto (as opposed to getting your private key), somebody would have to:

1. Break RIPEMD160.  Because your bitcoin address is a RIPEMD160 hash...  AND
2. Break SHA256.  Because your bitcoin address is a RIPEMD160 hash of the SHA256 hash... AND
3. Break the ECDSA elliptic curve encryption signature algorithm, to figure out the private key that corresponds to the public key that they got from breaking (1) and (2).

That's assuming that you don't re-use bitcoin receiving addresses (your public key is revealed the first time you spend coins that were sent to that address).  If you do re-use the same receiving address, then they just need (3).

I don't spend any time worrying about whether or not the NSA (or anybody else) can break ECDSA.

How often do you get the chance to work on a potentially world-changing project?
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
April 25, 2011, 11:23:02 PM
 #8

To steal your bitcoins by breaking crypto (as opposed to getting your private key), somebody would have to:

1. Break RIPEMD160.  Because your bitcoin address is a RIPEMD160 hash...  AND
2. Break SHA256.  Because your bitcoin address is a RIPEMD160 hash of the SHA256 hash... AND
3. Break the ECDSA elliptic curve encryption algorithm, to figure out the private key that corresponds to the public key that they got from breaking (1) and (2).

Thank you for clearing this up.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
ByteCoin
Sr. Member
****
Offline Offline

Activity: 416


View Profile
April 25, 2011, 11:31:55 PM
 #9

They wouldn't have to break RIPEMD160. If they broke SHA256 suitably they could create blocks of arbitrarily high difficulty with very little effort which would enable them to take control of the block chain.
When you send your transaction to spend the coins, you reveal your public key for which they would then solve the discrete logarithm problem to find your secret key. They would ensure that your transaction was never included in a block but their transaction spending your money could confirm very quickly.
I suppose that if you never try to spend the money, they can't steal it directly but they could inflate the value away.

ByteCoin
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
April 26, 2011, 12:13:29 AM
 #10

They wouldn't have to break RIPEMD160. If they broke SHA256 suitably they could create blocks of arbitrarily high difficulty with very little effort which would enable them to take control of the block chain.

This would be a good reason to change one of the SHA256 hashings of the block headers to a completely different secure hashing algorithem now, preempting this possibility completely.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
Phinnaeus Gage
Legendary
*
Offline Offline

Activity: 1302


Bitcoin: An Idea Worth Spending


View Profile
March 19, 2012, 06:29:35 AM
 #11

Bump!
MysteryMiner
Legendary
*
Offline Offline

Activity: 910



View Profile
March 19, 2012, 11:40:59 AM
 #12

If NSA can break the crypto, the same can both russians and chinese and probably dozens of other countries. All spy agencies are compromised by spies. I mean by double agent spies, who pass NSA secrets to russians and chinese and vice versa. If you or NSA think that they have no moles or people leaking secrets of all magnitudes to foreigners, you are simply naive.

If any agency are capable to do that, that news will surface eventually. As result my conclusion is that the crypto is not broken by anybody.

1LEaxxAh1LKFUvDKYVhiMEVAHRM7K5o7cF
goodlord666
Sr. Member
****
Offline Offline

Activity: 434


100%


View Profile
March 19, 2012, 12:49:14 PM
 #13

Why would anybody like the NSA want to destroy Bitcoin? They're probably as intrigued by it as us and would rather want it as secure as us.


stevegee58
Hero Member
*****
Offline Offline

Activity: 783



View Profile
March 19, 2012, 01:06:08 PM
 #14

Why would anybody like the NSA want to destroy Bitcoin? They're probably as intrigued by it as us and would rather want it as secure as us.

Read "A Lodging of Wayfaring Men" for your answer.

You are in a maze of twisty little passages, all alike.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
March 19, 2012, 01:57:49 PM
 #15

the fact that the article published a map of the facility makes it highly suspect to me.  perhaps they're playing Ben's game of perception management.
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
March 19, 2012, 01:59:44 PM
 #16

the fact that the article published a map of the facility makes it highly suspect to me.  perhaps they're playing Ben's game of perception management.
+1, or else they figured that it couldn't hurt in these days of satellite imagery.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
goodlord666
Sr. Member
****
Offline Offline

Activity: 434


100%


View Profile
March 19, 2012, 02:01:55 PM
 #17

Why would anybody like the NSA want to destroy Bitcoin? They're probably as intrigued by it as us and would rather want it as secure as us.

Read "A Lodging of Wayfaring Men" for your answer.

Thanks, but no.


triplehelix
Member
**
Offline Offline

Activity: 84



View Profile
March 19, 2012, 02:43:38 PM
 #18

i don't understand the line of thinking.  the US government could for all intents and purposes crush bitcoin with less funds, just manipulating the market and such, then with the funds required to build the computer hardware, man hour compensation, and electric consumption required to break encryption and use it in any way with enough breadth to damage bitcoin.
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
March 19, 2012, 02:46:09 PM
 #19

i don't understand the line of thinking.  the US government could for all intents and purposes crush bitcoin with less funds, just manipulating the market and such, then with the funds required to build the computer hardware, man hour compensation, and electric consumption required to break encryption and use it in any way with enough breadth to damage bitcoin.
The line of thinking is that this hardware is targeted at AES, not SHA256, and as far as we know has nothing to do with Bitcoin at all. Not sure why OP thinks it is related.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
triplehelix
Member
**
Offline Offline

Activity: 84



View Profile
March 19, 2012, 02:48:57 PM
 #20

i don't understand the line of thinking.  the US government could for all intents and purposes crush bitcoin with less funds, just manipulating the market and such, then with the funds required to build the computer hardware, man hour compensation, and electric consumption required to break encryption and use it in any way with enough breadth to damage bitcoin.
The line of thinking is that this hardware is targeted at AES, not SHA256, and as far as we know has nothing to do with Bitcoin at all. Not sure why OP thinks it is related.

i would say its pretty obvious that the government and its agencies are far far more interested in communications than bitcoin.  we might all love bitcoin, but there is a serious case of over inflating its importance to organizations outside our relatively small group.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!