Bitcoin Forum
April 21, 2014, 12:15:30 AM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4  All
  Print  
Author Topic: My Bitcoin master thesis  (Read 18842 times)
ThePiachu
Sr. Member
****
Offline Offline

Activity: 418



View Profile WWW

Ignore
June 17, 2012, 09:45:37 AM
 #1

Hello everyone,

I've been working on my master thesis for almost a year now and today I passed my exam. So, if anyone is interested in reading my dissertation, it's available here:

https://dl.dropbox.com/u/3658181/PiotrPiasecki-BitcoinMasterThesis.pdf

Its topic is “Design and security analysis of Bitcoin infrastructure using application deployed on Google Apps Engine.”. It mostly considers various security strengths and weaknesses of the Bitcoin protocol, standard client, third party apps and even Bitcoin users.

I'll upload the code I developed for it some other time (it's not really that amazing).

Hope you'll enjoy the reading. I'd like to apologize for the use of polish at the start (it was a requirement), and for some boring introduction of basic things (also a requirement).

Donations welcome:
18zRT8jaHJUZe3foLcHkocV468dZ9sGiBq

1HWbVLhxj7bhewhyapMZpyhqWAeAhJd51E
My Bitcoin Calculator:
http://tpbitcalc.appspot.com/
Unbeatable Service & Product Support
Grab Your Miners at GAWMiners.com
Order Before April 25th to receive
Double your Hashing Power for 1 week!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398039330
Hero Member
*
Offline Offline

Posts: 1398039330

View Profile Personal Message (Offline)

Ignore
1398039330
Reply with quote  #2

1398039330
Report to moderator
1398039330
Hero Member
*
Offline Offline

Posts: 1398039330

View Profile Personal Message (Offline)

Ignore
1398039330
Reply with quote  #2

1398039330
Report to moderator
Meni Rosenfeld
Donator
Hero Member
*
expert
Offline Offline

Activity: 1148



View Profile WWW

Ignore
June 17, 2012, 10:18:41 AM
 #2

Wonderful. While academically it seems the intended focus was security analysis, it is comprehensive enough to be used as a reference general introduction to Bitcoin, to those willing to take the time to study it seriously.

A few nitpicks:

1. "Bitcoin" and "satoshi", as units of currency, should only be capitalized if at the beginning of a sentence. "Dollar" isn't capitalized either. Bitcoin as the name of a project, a protocol, a software, an ecosystem and a community is of course capitalized. Also, I'd avoid using "bitcoins" in reference to the system - e.g., instead of "(b)Bitcoins offer much lower cost of transferring money" I'd say "Bitcoin offers".

2. You use http://pastehtml.com/view/awb1vg03r.html as a reference for currently used mining pool reward systems, but it's badly out of date, and even for its time it was vague at best - SMPPS pools are listed as PPS, different varieties of score-based methods are lumped together in a single category, etc.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
sylkyx
SCAMMER
Jr. Member
*****
Offline Offline

Activity: 42


View Profile

Ignore
June 17, 2012, 11:15:36 AM
 #3

Wow, that was genuinely a really good read, and whilst it does provide great academic depth into the subject, it is also a great explanation of how the whole system works, giving new users a good understanding of it. I was thinking of heading into a PhD in Computing as i have already gained my masters in cryptology, so this subject around the security of bitcoins is fascinating to me.

1JjknGryTciTQbYViWq9npPCEhbGVW8noK
cypherdoc
Hero Member
*****
Offline Offline

Activity: 1120



View Profile

Ignore
June 17, 2012, 03:11:11 PM
 #4

in the very first paragraph i find something i would've stated differently:

"It relies on cryptographic algorithms in order to prevent abuse of the system."

shouldn't it say "...cryptographic and hashing algorithms..."?

i'm not an academic in this particular area so correct me if i'm wrong.
Meni Rosenfeld
Donator
Hero Member
*
expert
Offline Offline

Activity: 1148



View Profile WWW

Ignore
June 17, 2012, 03:19:51 PM
 #5

in the very first paragraph i find something i would've stated differently:

"It relies on cryptographic algorithms in order to prevent abuse of the system."

shouldn't it say "...cryptographic and hashing algorithms..."?

i'm not an academic in this particular area so correct me if i'm wrong.
"Cryptography" is a general field encompassing encryption, digital signatures, hashing and more.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
cypherdoc
Hero Member
*****
Offline Offline

Activity: 1120



View Profile

Ignore
June 17, 2012, 03:22:07 PM
 #6

in the very first paragraph i find something i would've stated differently:

"It relies on cryptographic algorithms in order to prevent abuse of the system."

shouldn't it say "...cryptographic and hashing algorithms..."?

i'm not an academic in this particular area so correct me if i'm wrong.
"Cryptography" is a general field encompassing encryption, digital signatures, hashing and more.

my turn to nitpick.  he used a small "c".
Meni Rosenfeld
Donator
Hero Member
*
expert
Offline Offline

Activity: 1148



View Profile WWW

Ignore
June 17, 2012, 03:43:03 PM
 #7

in the very first paragraph i find something i would've stated differently:

"It relies on cryptographic algorithms in order to prevent abuse of the system."

shouldn't it say "...cryptographic and hashing algorithms..."?

i'm not an academic in this particular area so correct me if i'm wrong.
"Cryptography" is a general field encompassing encryption, digital signatures, hashing and more.

my turn to nitpick.  he used a small "c".
"Cryptography" isn't capitalized when in the middle of a sentence.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
cypherdoc
Hero Member
*****
Offline Offline

Activity: 1120



View Profile

Ignore
June 17, 2012, 04:14:25 PM
 #8

in the very first paragraph i find something i would've stated differently:

"It relies on cryptographic algorithms in order to prevent abuse of the system."

shouldn't it say "...cryptographic and hashing algorithms..."?

i'm not an academic in this particular area so correct me if i'm wrong.
"Cryptography" is a general field encompassing encryption, digital signatures, hashing and more.

my turn to nitpick.  he used a small "c".
"Cryptography" isn't capitalized when in the middle of a sentence.

hmmm, this is confusing.

"Hash functions" can also be defined as a broad category with "cryptographic hashing functions" as a subset.   http://en.wikipedia.org/wiki/Hash_function

if you use "Cryptography" as you defined it, i would think you'd capitalize it even in the middle of a sentence.

even more confusing is that in my discussions with theymos, as well as has been commented here on this forum by several prominent members, it's been said that Bitcoin does not rely on "encryption" per se.  i always understood this to mean that the SHA-256 hashing algorithm effectively makes miners "guess" at the target solution which reduces the process down to mathematical probabilities vs. certain miners having insider information, ie, a "cryptographic key solution".

this is what makes Bitcoin "fair" to the masses that care to mine, like me, and would be analogous to the lotteries run by States.  even the little guys line up around the block to buy their tickets despite knowing that larger players can buy up huge numbers of tickets for the ultimate prize.  at least they have an equal chance on a ticket by ticket basis.
Meni Rosenfeld
Donator
Hero Member
*
expert
Offline Offline

Activity: 1148



View Profile WWW

Ignore
June 17, 2012, 04:48:01 PM
 #9

if you use "Cryptography" as you defined it, i would think you'd capitalize it even in the middle of a sentence.
Scientific fields aren't capitalized.

even more confusing is that in my discussions with theymos, as well as has been commented here on this forum by several prominent members, it's been said that Bitcoin does not rely on "encryption" per se.
Encryption is a one-to-one transformation for which the inverse can be computed by, and only by, someone who has the proper key. It is used to conceal data from everyone but intended recipients. That isn't used anywhere in the Bitcoin protocol, but it is used in wallet encryption in the client.

Hashing is a transformation that is in general not one-to-one, and which ideally cannot be inverted by anyone. The ostensibly random nature of such transformations is used in making block finding artificially difficult (and directly proportional to computational power).

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
sylkyx
SCAMMER
Jr. Member
*****
Offline Offline

Activity: 42


View Profile

Ignore
June 17, 2012, 04:56:41 PM
 #10

cryptography isn't capitalized, trust me, my masters degree was in cryptography

1JjknGryTciTQbYViWq9npPCEhbGVW8noK
Meni Rosenfeld
Donator
Hero Member
*
expert
Offline Offline

Activity: 1148



View Profile WWW

Ignore
June 17, 2012, 05:04:46 PM
 #11

Cryptography isn't capitalized, trust me, my masters degree was in cryptography
It is when in the beginning of a sentence.

I agree of course but that's not really evidence, ThePiachu's master's thesis was in Bitcoin and he still didn't properly capitalize "bitcoins".

I wonder if "bitcoinology" should be capitalized?

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
wachtwoord
Hero Member
*****
Offline Offline

Activity: 896



View Profile WWW

Ignore
June 17, 2012, 05:07:04 PM
 #12

How did this thread turn into a language discussion?

✰ Scared Money Don't Make No Money | PrimeDice.com | The New Way To Roll *Thread*
I now do Bitcoin consultancy! PM to discuss terms.
Selling my signature space! PM to discuss terms.
eeb227823edc2ef43867d2640d26615cb7a3b2194af128c97b5f64770d367ba4
ThePiachu
Sr. Member
****
Offline Offline

Activity: 418



View Profile WWW

Ignore
June 17, 2012, 05:34:17 PM
 #13

Thank you all for your comments.

1. "Bitcoin" and "satoshi", as units of currency, should only be capitalized if at the beginning of a sentence. "Dollar" isn't capitalized either. Bitcoin as the name of a project, a protocol, a software, an ecosystem and a community is of course capitalized. Also, I'd avoid using "bitcoins" in reference to the system - e.g., instead of "(b)Bitcoins offer much lower cost of transferring money" I'd say "Bitcoin offers".

As for the capitalization - I decided to capitalise every Bitcoin-related term for clarity. It works quite well in a lot of circumstances (especially when talking about Bitcoin Addresses and IP addresses in the same sentence, it should be there somewhere). As for the singular and plural, I guess I should review my uses of them.

2. You use http://pastehtml.com/view/awb1vg03r.html as a reference for currently used mining pool reward systems, but it's badly out of date, and even for its time it was vague at best - SMPPS pools are listed as PPS, different varieties of score-based methods are lumped together in a single category, etc.

Hmm, didn't know it wasn't too accurate, but it was used only once as a general view of the pools. Unfortunately, I haven't found any other such wide comparison.



in the very first paragraph i find something i would've stated differently:

"It relies on cryptographic algorithms in order to prevent abuse of the system."

shouldn't it say "...cryptographic and hashing algorithms..."?

i'm not an academic in this particular area so correct me if i'm wrong.

"Cryptography" is quite a general term that encompasses a lot of thing - encryption, hashing, message signing and so forth.

even more confusing is that in my discussions with theymos, [...] it's been said that Bitcoin does not rely on "encryption" per se.

Bitcon Protocol does not rely on encryption. The Standard Client uses encryption for wallet encryption and bitcoind calls (SSL/TSL). You can use Bitcoin without encryption, but they are not necessary for Bitcoin Network to work.

How did this thread turn into a language discussion?

Check around post number 4 Wink.

1HWbVLhxj7bhewhyapMZpyhqWAeAhJd51E
My Bitcoin Calculator:
http://tpbitcalc.appspot.com/
Serith
Sr. Member
****
Offline Offline

Activity: 269


View Profile

Ignore
June 17, 2012, 05:37:59 PM
 #14

Section 5.3 Finney Attack
Quote
It is also worth noting that on more than one occasion the double-spend attempt was detected
by the website blockchain.info[202]. As such any service actively checking the website for
such activity would be able to detect the malicious activity attempt.

I think you described a regular double spend attack, where is Finney attack involves pre-mined block, and it is not detectable.

Suppose the attacker is generating blocks occasionally. in each block he generates, he includes a transfer from address A to address B, both of which he controls.

To cheat you, when he generates a block, he doesn't broadcast it. Instead, he runs down to your store and makes a payment to your address C with his address A. You wait a few seconds, don't hear anything, and transfer the goods. He broadcasts his block now, and his transaction will take precedence over yours.
cypherdoc
Hero Member
*****
Offline Offline

Activity: 1120



View Profile

Ignore
June 17, 2012, 06:47:18 PM
 #15

the only reason i bring up the distinction btwn cryptography and hashing is for what i believe are public perception issues.

to me, the more we can describe Bitcoin as being based on "mathematics", which more aligns with the broader concept of hashing, the better it will be perceived, as opposed to being based on "cryptography" which is not only hard to understand but possibly convey a negative perception as if we have something to hide.

my two cents.
Meni Rosenfeld
Donator
Hero Member
*
expert
Offline Offline

Activity: 1148



View Profile WWW

Ignore
June 17, 2012, 06:56:13 PM
 #16

the only reason i bring up the distinction btwn cryptography and hashing is for what i believe are public perception issues.

to me, the more we can describe Bitcoin as being based on "mathematics", which more aligns with the broader concept of hashing, the better it will be perceived, as opposed to being based on "cryptography" which is not only hard to understand but possibly convey a negative perception as if we have something to hide.

my two cents.
Cryptography is mathematics.

Even if "cryptography" is assumed to mean "encryption", the public should be well aware of the important role of encryption in online commerce and banking.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
cypherdoc
Hero Member
*****
Offline Offline

Activity: 1120



View Profile

Ignore
June 17, 2012, 07:01:05 PM
 #17

the only reason i bring up the distinction btwn cryptography and hashing is for what i believe are public perception issues.

to me, the more we can describe Bitcoin as being based on "mathematics", which more aligns with the broader concept of hashing, the better it will be perceived, as opposed to being based on "cryptography" which is not only hard to understand but possibly convey a negative perception as if we have something to hide.

my two cents.
Cryptography is mathematics.

Even if "cryptography" is assumed to mean "encryption", the public should be well aware of the important role of encryption in online commerce and banking.

sure.  but when you're explaining how Bitcoin works to an average Joe, its much simpler to say it it based on math where 2+2 always equals 4. 

try explaining it using "cryptography".  the discussion all of a sudden gets way more complicated to the point of the listener giving up.
muyuu
Donator
Hero Member
*
Offline Offline

Activity: 770



View Profile

Ignore
June 17, 2012, 08:40:20 PM
 #18

I shall be reading this Smiley

Where is the accompanying CD?

GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
Flowz
Member
**
Offline Offline

Activity: 114


Bitcoin = Money for the people, by the people.


View Profile

Ignore
June 17, 2012, 08:42:28 PM
 #19

I read a part of it, I enjoyed it.
Will read further tomorrow!
Good job.
ThePiachu
Sr. Member
****
Offline Offline

Activity: 418



View Profile WWW

Ignore
June 17, 2012, 08:48:41 PM
 #20

I think you described a regular double spend attack, where is Finney attack involves pre-mined block, and it is not detectable.

Yeah, now that I reflect on it for a long while I believed that Finney attack is a double-spend attack, and that there are just two variations of it, which made things a bit confusing.

sure.  but when you're explaining how Bitcoin works to an average Joe, its much simpler to say it it based on math where 2+2 always equals 4. 

try explaining it using "cryptography".  the discussion all of a sudden gets way more complicated to the point of the listener giving up.

Well, it's not an article aimed at general public, but rather people that know a bit about computer science, or want to know more and are ready to look into some things they have doubts with.

This kinda reminds me of this article:
http://blogs.discovermagazine.com/badastronomy/2011/10/19/scientists-are-from-mars-the-public-is-from-earth/


I shall be reading this Smiley

Where is the accompanying CD?

The accompanying CD is in my school's archive, and with three other printed copies of the thesis. As I said in the original post, I'll upload its contents eventually (it's mainly a lot of code in Google Go, a bit messy).

1HWbVLhxj7bhewhyapMZpyhqWAeAhJd51E
My Bitcoin Calculator:
http://tpbitcalc.appspot.com/
Pages: [1] 2 3 4  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!