Crypto &
Digital Currencies
in a nutshell
Tal Shmueli
All rights reserved ©

Why Crypto?
● Information Security Paranoia

Why Crypto?
● IP theft protection (not just legally)

Why Crypto? Ransomware!

Why Crypto?
● Encryption can be done (almost) without any resources,
unlike breaking it (pre quantum computing era).
● Future Commerce (digital coins)

Plan
● Bitcoin (DigCurr)
○ History & Background
○ Characters (miners, coders, investors, etc.)
○ General mechanism & Blockchain
● Symmetric Crypto algorithms
● Asymmetric Crypto algorithms (Public Key Enc.)
○ RSA (/Diffie Helman), Digit. Sign., Keys exchange
● “Breaking crypto” difficulty
● Litecoin vs. Bitcoin (vs. Ether maybe ..)
● Practice -
○ Open&Secure wallets, Transfer money (Fees explained)
○ Wallet types - hosted to hardware
○ Leading exchanges
○ Tips to manage account & payments

Plan #2 (Bonus)
● Segwit & Lightning (MIT?)
● Zero Knowledge Proofs (ZKP) & Zerocoin
● Homomorphic encryption

Intro

Intro

(G)Mail is secure, isn’t it? NO!

(G)Mail is secure, isn’t it? NO!
● https://www.google.com/transparencyreport/saferemail/faq/

Some Crypto Fun

What is Bitcoin?
● A protocol that supports a decentralized, pseudo-anonymous,
peer-to-peer digital currency.
● A publicly disclosed linked ledger of transactions stored in a
blockchain
● A reward driven system for achieving consensus (mining)
based on “Proofs of Work” for helping to secure the network
● It’s the first example of a growing category of money known
as cryptocurrency.

What is Bitcoin?

Bitcoin - About
● A person called Satoshi Nakamoto proposed bitcoin,
which was an electronic payment system based on
mathematical proofs. The idea was to produce a currency
independent of any central authority, transferable
electronically, more or less instantly, with very low
transaction fees.

Bitcoin - History
● 18/08/08 - Domain name “bitcoin.org” registered.
● 31/10/08 - an individual or group writing under the name of Satoshi
Nakamoto published a paper entitled “Bitcoin: A Peer-To-Peer
Electronic Cash System”.
● 09/11/08 - Bitcoin project registered at SourceForge.net
● 12/01/09 - First Bitcoin transaction in block 170 (Satoshi -> Hal
Finney).
● 05/10/09 - xchng rates published by NLiberty Std. 1$ = 1309.03BTC
● 11/2013 - BTC price hits 1000$ (1USD=1mBTC) first in Mt. Gox

Bitcoin - History

Bitcoin - Characters
● Core developers
○ https://github.com/bitcoin/bitcoin
● Mining pools
○ https://en.bitcoin.it/wiki/Comparison_of_mining_pools
● Exchanges
○ https://bitcoin.org/en/exchanges
● Wallet hosts
○ https://bitcoin.org/en/choose-your-wallet

Bitcoin - Characters
● Bussineses
○ ‫עסקים‬‫תומכי‬‫ביטקוין‬‫בישרא‬‫ל‬
● Investors
● Criminals
○ Silk Road (drugs and more)
○ Ransomware
○ Automotive Cars?

Bitcoin - Features
● Supporting eight decimal places 0.00000001 (known as a
Satoshi or Noncent*)
● Nominal transaction fee’s paid to the network
○ Same cost to send $.01 as $1,000,000
● Consensus driven – no central authority
● Fake resilient
○ Cannot add coins arbitrarily
○ Cannot be double-spent
•Non-repudiation – aka “gone baby gone” – no recourse and no
one to appeal to return sent tokens

Bitcoin - Decentralized
● The “digital wallet” operates in a peer to peer mode
● When it starts it bootstraps to find other wallets
● The wallet will synchronize with the network by
downloading ALL of the transactions starting from the
GENESIS block if necessary
○ 472375 blocks at time of slide prep
○ >22 GB
● Wallet clients share all transaction information with their
peers.

Bitcoin - Pseudo Anonymous
● Using public key cryptography, specifically Elliptic Curve
Cryptography due to its key strength and shorter keys
(Quantum res.)
● Transactions are sent to public key “addresses” (not names!)
● Why pseudo then? (Mixers)
● Criminals appraoch

Bitcoin - General Mechanism

Hashing & Public key intro
● Hashing
○ A hash function is any function that can be used to map data of arbitrary
size to data of fixed size. The values returned by a hash function are called
hash values, hash codes, digests, or simply hashes
● Example

Hashing & Public key intro
● Public key Encryption (PKE)
○ Public key cryptography, or asymmetric cryptography, is any cryptographic
system that uses pairs of keys: public keys which may be disseminated
widely, and private keys which are known only to the owner.
● Private and Public keys generated together.
● Used for Authentication and Encryption
● How does it works?! (DH, RSA, Later ..)
● Example

Digital Sign. intro
● Simple!
● Uses both Hashing and Public key Encryption (PKE)
● BTC uses the improved Elliptic Curve Digital Signature Algorithm
or ECDSA
● Why hashing?

Blockchain
● Bitcoin uses cryptographic proof instead of the trust in the third
party (PayPal, Banks ..)
● Each transaction is protected through a digital signature.
● Each transaction is sent to the “public key” of the receiver signed
using the sender “private key”.
● The ownership is verified using the sender “public key”.
● Each transaction is broadcast to every node in the Bitcoin
network and is recorded to a public ledger after verification.

Blockchain
● Before a transaction is recorded to the public ledger, veryfing
node ensures -
○ Spender owns the cryptocurrency—digital signature
verification on the transaction.
○ Spender has sufficient cryptocurrency in his/her account:
checking every transaction against spender’s account
(“public key”) in the ledger to make sure that he/she has
sufficient balance in his/her account.

Blockchain
● The Bitcoin system orders transactions by placing them in groups
called blocks and then linking these blocks through what is called
Blockchain (SHA256 Hashes)
● How does the network decide which block should be next in the
blockchain? Who sets the order?
○ There can be multiple blocks created by different nodes at
the same time.

Blockchain - block order
● How to maintain the order of the transactions that are broadcast
to every node in the bitcoin p2p network ?
○ The system has to make sure that double-spending of the
cryptocurrency does not occur.

Blockchain - block order

Blockchain - block order
● ​Mathematical Puzzel (“Proof of work”)
○ Node generating a block needs to prove that it has put
enough computing resources to solve a mathematical puzzle

Blockchain - block order
● ​Mathematical Puzzel (“Proof of work”)
○ Small probability that more than one block will be generated
in the system at a given time.
○ Occasionally, however, more than one block will be solved at
the same time, leading to several possible branches.
○ The “Miner nodes” are financially awarded for their efforts.

Blockchain -target
● Although the accepted chain can be considered a list, the
block chain is best represented with a tree.
● The longest path represents the accepted chain.
● A participant choosing to extend an existing path in the
block chain indicates a vote towards consensus on that
path. The longer the path, the more computation was
expended building it.

Blockchain - block order
●

Blockchain -target
● Also nickamed as “Leading Zeros” target
● The target is a 256-bit number (extremely large) that all Bitcoin clients share​.
● The SHA-256 hash of a block's header must be lower than or equal to the
current target for the block to be accepted by the network.
● The lower the target, the more difficult it is to generate a block
(https://bitcoinwisdom.com/bitcoin/difficulty)
● Every 2016 blocks (~two weeks), every Bitcoin client compares the actual time
it took to generate these blocks with the two week goal and modifies the target
by the percentage difference.

Bitcoin Mining
● Example

Bitcoin - Overview

Bitcoin - Overview
EXAMPLE?

Bitcoin - Alone?

LiteCoin
● Created by Charlie Lee, a former Google employee
● While inspired by, and in most regards technically nearly
identical to Bitcoin (BTC)
● Litecoin has some technical improvements over Bitcoin

LiteCoin

LiteCoin - Segwit
● SegWit increases Litecoin block size limit and allows the
implementation of the second-layer solutions for further
improvement.
● blocks have a hard-coded limit of one megabyte.
● Not enough to account for the hundreds of transactions that
the users are trying to send every minute.
● In May 2017, Litecoin became the first of the top-5 (by
market cap) cryptocurrencies to adopt Segregated Witness

LiteCoin - Segwit- transaction malleability
● While transactions are signed, the signature does not
currently cover all the data in a transaction that is hashed to
create the transaction hash. Thus, while uncommon, it is
possible for a node on the network to change a transaction
you send in such a way that the hash is invalidated.
● It’s not safe to accept a chain of unconfirmed transactions
under any circumstance.

BITCOIN
QUESTIONS?

Background
● (Claude Elwood) Shannon cipher
○ K - set of all keys (Key space)
○ M - set of all messages (Message space)
○ C - set of all ciphertexts (Ciphertext space)
○ A Shannon cipher is a pair x = (E,D) of functions.
■ E : K x M ⇥ C, D : K x C ⇥ M
■ E(k,m) = c
■ D(k, E(k, m)) = m

Background
● One time pad (Fixed Length)
○ x = (E,D), where the keys, messages, and ciphers are bit strings of the same
length.
○ x is defined over (K, M, C) where :
■ K := M := C := {0, 1}^L
○ For fixed L, key k in K, message m in M, the encryption function is defined
as and for k in K, and cipher c in C, the decryption function
is defined as follows

Background
● One time pad (Variable Length)
● .
● .
● .
● One time pad satisfies the definition of perfect security
● Not practical (|key| >= |message|)

Background
● Perfect Security (Definition) :
○ Let x = (E,D) be a shannon cipher defined over (K, M,
C). Consider a probabilistic experiment in which the
random variable k is uniformly distributed over K. If for
all m0, m1 in M and all c in C we have :
Then we say that x is perfectly secure Shannon cipher

Background
● Perfect Security - Bad news!
● Shannons Theorem
○ Let x = (E, D) be a shannon cipher defined over (K, M,
C).
○ If x is perfectly secure, then |K| >= |M|
● Proof (easy..)

Symetric Encryption

Symetric Encryption - Stream Cipher
● We would like to use a key that is much shorter
● The ‘key’ is stretched using efficient, deterministic algorithm
G that maps l-bit strings to L-bit strings.
● Key space - {0,1}^l
● Message and Cipher spaces are - {0,1}^L
● Enc & Dec defined as follows -

Symetric Encryption - Stream Cipher
● PRG - pseudo-random generator
○ An efficient, deterministic algorithm G that, given as an
input a seed s (in Seed Space), computes an output r
(Output Space)
○ def. of security for PRG - no efficient adversary can
effectively tell the difference between G(s) and r, for
ransom chosen s and r from S, R respectively.

“Two Time Pad” - Insecure
● A stream cipher is well equipped to encrypt single message
from Alice to Bob.
● Alice, however may wish to send several messages to Bob.
● An adversary (intercepts c1, c2) can compute
● English text is redundant the adversary can recover both.

Symetric Encryption - Block Cipher
● Digital Encryption Standard (DES) − The popular block cipher of the 1990s. It is
now considered as a ‘broken’ block cipher, due primarily to its small key size.
● Triple DES − It is a variant scheme based on repeated DES applications. It is still
a respected block ciphers but inefficient compared to the new faster block ciphers
available.
● Advanced Encryption Standard (AES) − It is a relatively new block cipher based
on the encryption algorithm Rijndael that won the AES design competition.

Asymetric Encryption
● Public Key Cryptography involves -
○ a public key, which may be known by anybody, and can
be used to encrypt messages, and verify signatures.
○ a private key, known only to the recipient, used to
decrypt messages, and sign (create) signatures.

Asymetric Encryption

Asymetric Encryption
● Public Key Applications -
○ encryption/decryption (secrecy)
○ digital signature (authentication)
○ key exchange (session keys)
● Some algorithms are suitable for all uses, others are specific
to one.
● Given public key, it should be “impossible” to compute
priavte key.

RSA (Rivest, Shamir, Adelson) Algorithm

RSA (Rivest, Shamir, Adelson) Algorithm
1. Choose two large prime numbers p, q (e.g., 1024 bits each)
2. Compute n = p * q, z = (p-1)(q-1) (Euler function).
3. Choose e (e<n) that has no common factors with z (gcd(e,
z) = =1)
4. Choose d such that e*d-1 is exactly divisable by z (e*d mod
z = 1)
5. Public Key - (n,e). Private Key - (n, d).

RSA (Rivest, Shamir, Adelson) Algorithm
1. Encryption & Decryption
a. Given (n,e) and (n,d) as computed above
b. To encrypt bit pattern m
i. Compute c = m^e mod n
c. To decrypt received pattern c
i. Compute m = c^d mon n
m = (m^e mod n)^d mod n

RSA (Rivest, Shamir, Adelson) Algorithm

Digital Signature
● Cryptographic technique ananlogues to hand-written
signatures.
○ Sender (Bob) digitally signs document, establishing
he is document owner.
○ Verifiable, Nonforgeable: Reciepent (Alice) can
prove someone that Bob, and no one else, must have
signed the document.

Digital Signature

Key Distribution
● Symetric Key problem - How do two entities establish a
shared secret key over network?
○ Key Distribution Center (KDC)
● Public Key problem - When Alice obtains Bob’s public key,
how does she know that it’s authentic?
○ Certificate Authority (CA)

Key Ditribution - KDC

Key Ditribution - CA
● Certificate Authority binds public key to particular entity.
● Entity registers its public key with CA.