Information Security and Privacy

An Introduction to Bitcoin and Blockchain – Part 1

Ravi Mittal
Acknowledgements

⚫ The contents for this lecture have been taken from following sources.
Thanks are due to authors who have prepared original contents and
presentations:
⚫ CS795: Blockchain Technologies, Class notes and slides, George Mason University, Prof
Foteini Baldimtsi, http://www.baldimtsi.com/teaching/cs795_sp17
⚫ Talk: Introduction to Cryptocurrencies, by Prof Stephen Dziembowski, Univ of Warsaw,
https://www.crypto.edu.pl/dziembowski-talks
⚫ CS419 Computer Security, Lecture Blockchain and Bitcoin, Prof Paul Krzyzanowski,
Rutgers University
⚫ Course CS251. Fall 2022, Stanford University, Prof Dan Boneh
⚫ Presentations: Blockchain at Berkeley, https://blockchain.berkeley.edu/courses/spring-
2020-fundamentals-decal/
⚫ https://learnmeabitcoin.com/beginners/getting-started
⚫ Bina Ramamurthy, Talk: Blockchain to Empower All, University of Buffalo, NY
⚫ ECE/CS 598AM: Cryptocurrency Security, Fall 2016, Class presentation, Prof Andrew
Miller, http://soc1024.ece.illinois.edu/teaching/ece598am/fall2016/
⚫ http://blockchain.mit.edu/blockchain

2
In this class we will study
⚫ Brief Introduction: Blockchain
⚫ Crypto Building blocks: Hash, Hash pointer, Digital Signature
⚫ Bitcoin: An Introduction
⚫ Transition: Our currency to Bitcoin
⚫ Popularity of Bitcoin
⚫ Thanks to Satoshi Nakamoto
⚫ Merkle Tree – An efficient data structure
⚫ Bitcoin Design Principles
⚫ Bitcoin - Identity Management
⚫ Key design Challenges of Bitcoin / Cryptocurrencies
⚫ Transactions and Transaction Table – Blockchain
⚫ Achieving Consensus
⚫ Proof of Work
⚫ Process Steps
⚫ Bitcoin: Problems and shortcomings
⚫ More information on Bitcoin (Self reading)
3
Reading

There are two popular books on Bitcoin and Blockchain

4
5
Earlier

6
Now…

7
Brief Introduction – Blockchain
What is a blockchain?

Abstract answer: a blockchain provides

coordination between many parties,
when there is no single trusted party

if trusted party exists ⇒ no need for a blockchain

[financial systems: often no trusted party]

 Blockchains: what is the new idea?

2009 2015

Bitcoin Ethereum

Several innovations:
⚫ Blockchain computer: a fully programmable environment

⟹ public programs that manage digital and financial assets

⚫ Composability: applications running on chain can call each other
 Blockchains: what is the new idea?

2009 2015 2017 2022

Bitcoin Ethereum Growth of

DeFi, NFTs, DAOs
⚫ DeFi
⚫ Decentralized Finance model for organizing and enabling cryptocurrency-based transactions,
exchanges and financial services - there is no centralized authority to dictate or control operations
⚫ NFTs
⚫ Non-Fungible Token - cryptographic tokens that exist on a blockchain and cannot be replicated
⚫ DAOs
⚫ Decentralized Autonomous Organization
So what is this good for?

1. Basic application: a digital currency (stored value)

⚫ Current largest: Bitcoin (2009), Ethereum (2015)

⚫ Global: accessible to anyone with an Internet connection

What else is it good for?

2. Decentralized applications (DAPPs)

⚫ DeFi: Financial instruments managed by public programs

⚫ Examples: stablecoins, lending, exchanges, ….

⚫ Asset management (NFTs): art, game assets, domain

names
⚫ Decentralized organizations (DAOs): (decentralized
governance)
⚫ DAOs for investment, for donations, for collecting art, etc.

3. New programming model: writing decentralized programs

Transaction volume

24h volume Sep. 2023

$9.9B

$3.4B

$2.7B
# Active developers since launch (as of 12/31/2022)

source: electric capital

What is a blockchain?

user facing tools (cloud servers)

applications (DAPPs, smart contracts)

Execution engine (blockchain computer)

Sequencer: orders transactions

Data Availability / Consensus Layer

Blockchain – Top View

17
Lots of Innovations are happening!

[source: the Block Genesis]

Crypto Building Blocks
Crypto Building Blocks:

Hash, Hash pointer, Block Chain, Digital

Signature, Asymmetric Key Encryption
 Cryptographic Hash Functions

An efficiently computable function 𝐻: 𝑀 ⇾ 𝑇

where |𝑀| ≫ |𝑇|

32 bytes

256
megabytes hash value 𝑇 = 0,1
 Hash Function: Definition (Self Reading)
⚫ Hash function: H(M)
⚫ Input: Arbitrary length message M
⚫ Output: Fixed length, n-bit hash
⚫ Sometimes written as {0, 1}* → {0, 1}n
⚫ Properties
⚫ Correctness: Deterministic
⚫ Hashing the same input always produces the same output
⚫ Efficiency: Efficient to compute
⚫ Security: One-way-ness (“preimage resistance”)
⚫ Security: Second preimage resistance
⚫ Security: Collision-resistance
⚫ Unpredictability: No predictable patterns for how changing the input
affects the output
⚫ Changing 1 bit in the input causes the output to be completely different

22
Ref: CS161C Univ of California Berkeley
Cryptographic Hash Functions (repeat)

⚫ One-way-ness (preimage resistance): Given an output y, it is

infeasible to find any input x such that H(x) = y
⚫ Second preimage resistance: Given an input x, it is infeasible
to find another input x' ≠ x such that H(x) = H(x’)
⚫ It’s application in Crypto currencies:
⚫ Message Digest (example use in File comparisons)
⚫ Puzzle friendliness

23
Application: committing to data on a blockchain
Alice has a large file 𝑚. She posts ℎ = 𝐻(𝑚) (32 bytes)

Bob reads ℎ. Later he learns 𝑚’ s.t. 𝐻(𝑚’) = ℎ

𝐻 is a CRF ⇒ Bob is convinced that 𝑚’ = 𝑚

(otherwise, 𝑚 and 𝑚’ are a collision for 𝐻)

We say that ℎ = 𝐻(𝑚) is a binding commitment to 𝑚

Cryptographic Hash

⚫ Cryptographic Hash
⚫ To check integrity of message
⚫ Pointer
⚫ A data structure to allow one element to refer to another
⚫ It’s an address – memory location
⚫ Hash Pointer
⚫ A tuple
⚫ Traditional pointer, Hash of data-element that is being pointed to

⚫ What is Hash pointer good for?

⚫ It allows us to validate that the information being pointed-to, has not
been modified

25
 Hash Pointers
⚫ Hash pointer = { pointer to data, hash(data) }
Hash of data being pointed and Pointer to data

⚫ If an attacker modifies data, hash(data) ≠ hash in pointer

⚫ This allows us to verify that the information we’re pointing to
has not changed
⚫ Before using that data, do a hash(data) and see if it matches
the hash in the hash pointer
26
Ref: CS419, Prof Paul Krzyzanowski, Rutgers University
Hash Pointer (repeat)

27
 Hash Pointers: Linked Lists = Blockchain data structure

Genesis block
Null

Latest block
First block

⚫ Add new data blocks to the end of the list

⚫ Linked list can be constructed with each element containing a hash
pointer to the next element
⚫ Adding a new block is easy: allocate the block, copy head pointer to it,
update the head pointer to point to the new block, add hash of (new
block + hash pointer) to the head hash pointer
28
Ref: CS419, Prof Paul Krzyzanowski, Rutgers University
 Tamper Detection

29
Ref: CS419, Prof Paul Krzyzanowski, Rutgers University
 Tamper Detection

30
Ref: CS419, Prof Paul Krzyzanowski, Rutgers University
 Tamper Detection

• The adversary will have to change all hash pointers back to the
head
• If we can keep the head of the list safe so an adversary cannot
modify it, then we can always detect tampering

It takes less effort to modify newer blocks than older ones

31
Ref: CS419, Prof Paul Krzyzanowski, Rutgers University
 How to make sure that the data is coming from
Alice?

Use the digital signature schemes.

We have already studied

Digital Signature in previous
classes

Ref: Presentation by Stefan Dziembowski, Univ of Warsaw

 Signature schemes (Repeat)
A digital signature scheme consists of algorithms Gen, Sign and Vrfy, where:

input: output:

Gen (secret key sk, public key pk)

(sk, message M) Sign signature σ

(pk, M, σ) Vrfy yes/no

Correctness:
for every (sk,pk) := Gen() and every M we have
Vrfy(pk,M,Sign(sk,M)) = yes
Security:
“without knowing sk it is infeasible to compute σ such that
Vrfy(pk,M,σ) = yes”
Ref: Presentation by Stefan Dziembowski, Univ of Warsaw
 Digital signatures
Solution: make signature depend on document

Signer
Verifier
‘accept’
Bob agrees to pay Alice 1$
verifier or
‘reject’
signature

signing
algorithm
secret signing public verification
key (sk) key (pk)
 How to use the digital signatures?

publish pk

message M

(sk, pk) := Gen()

Ref: Presentation by Stefan Dziembowski, Univ of Warsaw

Families of signature schemes

1. RSA signatures (old … not used in blockchains):

⚫ Long sigs and public keys (≥256 bytes), fast to verify

2. Discrete-log signatures: Schnorr and ECDSA

⚫ Short sigs (48 or 64 bytes) and public key (32 bytes)

(Bitcoin, Ethereum)

3. BLS signatures: 48 bytes, aggregatable, easy threshold

(Ethereum 2.0, Chia, Dfinity)
 Signatures on the blockchain

Signatures are used everywhere (will study

later):
⚫ ensure Tx authorization,
verifyTx
⚫ governance votes,
⚫ consensus protocol votes.
verifyTx
verify
Tx

sk1 data signatures

sk2 data signatures

Bitcoin – An Introduction
 Distributed?
BITCOIN?
CRYPTO
Identity?
CURRENCY?
BLOCKCHAIN? Cryptography?

Money?
Legal?
39
 Crypto?
Unit recently: Now also:
Crypto =
Crypto = a short name for cryptocurrencies
cryptography (e.g.: Bitcoin) and
blockchain
Also: the name of the main
annual conference in
cryptography.

Ref: Presentation by Stefan Dziembowski, Univ of Warsaw

Definitions: Cryptocurrency and Blockchain (repeat)

⚫ Cryptocurrency: completely digital,

formless currency that is tied
together using computer science, and
cryptography, and economics
⚫ Bitcoin is the most popular
cryptocurrency
⚫ There are 200+ cryptocurrencies

https://yle.fi/uutiset/
osasto/news/finance_
⚫ Blockchain: data structure behind ministry_crackdown_o
cryptocurrency. Method of storing n_cryptocurrency_trad
e/10040789
data amongst multiple parties that
ensures data integrity without
requiring trust.
41
What is Cryptocurrency?

1. No central authority, and its state is maintained through distributed

consensus
2. The system keeps an overview of cryptocurrency units and their
ownership
3. The system defines whether new cryptocurrency units can be created and
how
4. Ownership of cryptocurrency units can be proved exclusively
cryptographically
5. The system allows for transactions (transfers), which can only occur from
the entity that can prove ownership of the source currency
6. If two different instructions for changing the ownership of the same
cryptographic units are simultaneously entered, the system performs at
most one of them

42
Our Currency to Bitcoin
Our Currency

⚫ Physical cash
⚫ Non-traceable (well, mostly!)
⚫ Secure (mostly)
⚫ Low inflation
⚫ Can’t be used online directly
⚫ Credit and Debit cards
⚫ Partly secure
⚫ Digital Transactions – possible
⚫ Tracked by banks
⚫ Electronic credit or debit transactions
◆ Bank sees all transactions
◆ Merchants can track/profile customers

44
 Traditional ways of paying digitally

Alice’s credit
Alice’s credit card number
card number

Alice Bob

transfer money
to Bob’s transfer
account confirmation
Alice Bob

PROBLEMS
1. Trusted server for each transaction is needed
→ Trust on Financial Institutions
2. High transaction fees
3. No anonymity.
Ref: Presentation by Stefan Dziembowski, Univ of Warsaw
Common types of payments

.
.
.
46
Ref: Lecture 1 CS795/ISA Spring 2017, Prof. Foteini Baldimtsi
And then in 2008

Blockchain

Bitcoin
e4ac7dec3e2c
 Now, addition of Bitcoin, Cryptocurrencies

.
.
48

Ref: Lecture 1 CS795/ISA Spring 2017, Prof. Foteini Baldimtsi

What is Bitcoin?

⚫ Bitcoin is a cryptocurrency: a digital currency whose rules are

enforced by cryptography
⚫ Not by a trusted party (e.g., bank)
⚫ Core ideal: avoid trust in institutions (e.g., banks,
governments)
⚫ Reasons: Ideological, financial (avoid fees), peudo- anonymity

49
What is Bitcoin?

⚫ Peer-to-peer crypto currency

⚫ No central authority
⚫ A distributed, decentralized digital currency system
⚫ Released by Satoshi Nakamoto 2008
⚫ A secretive person
⚫ Runs on the Internet
⚫ An ingenious ledger is used to keep track of all transactions
⚫ This ledger is distributed and is a collection of blocks of transactions
⚫ How do you trust this ledger?
⚫ This is the most important point solved by bitcoin model
⚫ Distributed ledger and associated concept → blockchain
⚫ Bitcoin is one reason why blockchain became so popular
50
No Trusted Third Party ?
 Example: Marriage proposal

1 if Alice loves Bob 1 if Bob loves Alice

input: A = B=
0 otherwise 0 otherwise

bfa1406343bb49

ga63w234349aa

bfa144534555d9

output: Y Y

where: Y = A ∧ B
With a “trusted third party” – it’s easy
ideal world:
A B

Y Y

But can we do it without a trusted third party?

real world:
bfa1406343bb49

ga63w234349aa

bfa144534555d9

In other words: can we “emulate” the ideal world in the real world?
 No Trusted Server – what does it mean?

Everybody can join the

system

Users are not “registered”

by any authority

Users contact each other

directly

hence the name: peer-to-peer network

Ref: Presentation by Stefan Dziembowski, Univ of Warsaw
 An example of a multiparty protocol
voting: n parties connected by pairwise channels vote yes/no

output:
no 3 yes
2 no

yes
yes security requirements:
• votes are secret
• the votes are
correctly counted
• in particular: there
no yes is a consensus about
the outcome
 No Trusted Server

⚫ Nobody “controls the money”, and therefore:

⚫ The amount of money that will ever be “printed” is fixed (to around 21
mln BTC) → no inflation
⚫ The exchange rate fluctuates:

Ref: Presentation by Stefan Dziembowski, Univ of Warsaw

 Really “no trusted server”? (for self reading)
⚫ The client software is written by people who are in power to
change the system.
⚫ They contain so-called checkpoints

⚫ For example, this is the list of “desktop clients”:

The most popular client.

(open source)

The developers: Wladimir J. van

der Laan, Gavin Andresen, Jeff
Garzi, Gregory Maxwell, Pieter
Wuille

Ref: Presentation by Stefan Dziembowski, Univ of Warsaw

 How to update the protocol if there is no governing
body? (for self reading)

⚫ Updates have a form of Bitcoin Improvement Proposals (BIPs)

⚫ The Bitcoin community has a mechanism to vote on BIPs

(weight of the vote on is proportional to the voter’s
computing power)

⚫ The voting process is organized centrally

Ref: Presentation by Stefan Dziembowski, Univ of Warsaw

 Lecture Summary

⚫ Blockchain and Bitcoin are becoming very popular

⚫ Bitcoin is an application of Blockchain
⚫ Bitcoin – A currency system that doesn’t not rely on
central authority (eg Banks)
⚫ Bitcoin has gained acceptance; Now becoming popular
⚫ Bitcoin uses following Cryptographic functions
⚫ Asymmetric Key Encryption
⚫ Digital Signature
⚫ Cryptographic Hash
⚫ Hash Pointer
⚫ Block Chain

59
Thank you!
Popularity of the Bitcoin (self reading)
 Bitcoin market value

Oct. 2008: paper by Satoshi Nakamoto

Jan. 2009: Bitcoin network launched
Total market value:
Sep. 2022: $386B
63
 Market Capitalization (self reading)

64
http://coinmarketcap.com/
 Why Bitcoin became so popular ?

⚫ Very small fees (~ 0.1$)

⚫ Fast transactions
⚫ Approximately 10 minutes for a transaction confirmation
⚫ Accepted in thousands of businesses (over 15000 businesses
accept bitcoin)
⚫ No Trusted Server
⚫ Banks are trusted server
⚫ Seeming anonymity
⚫ People could find many uses in non-democratic countries

65
Adapted from: Lecture 1 CS795/ISA Spring 2017, Prof. Foteini Baldimtsi
 Cyber Currency Uses

66
Adapted from: Lecture 1 CS795/ISA Spring 2017, Prof. Foteini Baldimtsi
Accepted in thousands of Businesses
Financial Institutions involved in Crypto

68
Bitcoin – Thanks to Satoshi Nakamoto
(self reading)
 Satoshi Nakamoto

⚫ Wrote beautiful white paper on

Bitcoin
⚫ No one knows who he is, online
presence only
⚫ Name stands for clear/wise medium;
most likely not Japanese, but a
pseudonym

Ref: CS161C Univ of California Berkeley

 Bitcoin 3456

⚫ 2008: The Bitcoin white paper

⚫ 2009: Reference
implementation

Probably not this guy

71
Slide courtesy of Ittay Eyal
 Bitcoin value comes from the fact that:
“people expect that other people will accept it in the future.”

enthusiasts: It’s like all the

other currencies

sceptics:
It’s a Ponzi scheme

Carlo Pietro Ponzi

P. Krugman A. Greenspan
Ref: Presentation by Stefan Dziembowski, Univ of Warsaw
Merkle Tree
Merkle Tree

⚫ Merkle tree – binary tree implemented with hash pointers

⚫ Leaf nodes are conventional hash pointers
⚫ Pointer to data block, Hash of the data block
⚫ Non-leaf child nodes contain
⚫ Left and right pointers along with the hash of the two hashes they
point to

74
Merkle Tree – Why?

⚫ Locate data in O(log n) time

⚫ Instead of O(n) time
⚫ Efficiently manage and validate the integrity of the underlying
data
⚫ The top level pointer represents the integrity of entire set of
data
⚫ This value must be secured properly
⚫ Check the integrity of replicated data on a branch-by-branch
basis in an efficient manner
⚫ Designed for environments where data is replicated among
multiple systems
⚫ Each system to be able to validate the integrity of the entire file

75
Merkle Tree – Why?

⚫ Example: Checking whether any blocks in your version are

corrupted with respect to a version on another server
⚫ With Linked list:
⚫ You will have to traverse the entire list to find out the block that has
been modified
⚫ With Merkle Tree:
⚫ Easy to find the block (or blocks) that have changed
⚫ If the root hash matches, you know that your entire data set matches
⚫ If not, you request the left and right hashes and compare those with
your tree
⚫ If one doesn’t match then you can compare the hashes under that
subtree, iterating down the tree until you find the mismatched data
block
⚫ Tree search is efficient when there are million of records
76