content may be borrowed from other resources. see the last...
TRANSCRIPT
![Page 1: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/1.jpg)
Bitcoins,Blockchains andCybersecurity
Dr.DebasisBhattacharya,JD,[email protected]
@uhmcabithttp://maui.hawaii.edu/cybersecurity
Contentmaybeborrowedfromotherresources.Seethelastslideforacknowledgements!
![Page 2: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/2.jpg)
OnlineTransactions
• Physicalcash– Non-traceable(well,mostly!)– Secure(mostly)– Lowinflation
• Can’tbeusedonlinedirectlyØElectroniccreditordebittransactions
uBankseesalltransactionsuMerchantscantrack/profilecustomers
InterfaceHI2017- DebasisBhattacharya9/27/17 2
![Page 3: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/3.jpg)
E-Cash
• Secure– Singleuse– Reliable
• Lowinflation• Privacy-preserving
InterfaceHI2017- DebasisBhattacharya9/27/17 3
![Page 4: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/4.jpg)
E-CashCryptoProtocolsv Chaum82:blindsignaturesfore-cash
v Chaum88:retroactivedoublespenderidentification
v Brandis95:restrictedblindsignatures
v Camenisch05:compactofflinee-cash
• Variouspracticalissues:– Needfortrustedcentralparty– Computationallyexpensive– Etc.
InterfaceHI2017- DebasisBhattacharya9/27/17 4
![Page 5: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/5.jpg)
Bitcoin
• Adistributed,decentralizeddigitalcurrencysystem
• ReleasedbySatoshiNakamoto 2008• Effectivelyabankrunbyanadhocnetwork
– Digitalchecks– Adistributedtransactionlog
InterfaceHI2017- DebasisBhattacharya9/27/17 5
![Page 6: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/6.jpg)
SizeoftheBitCoin Economy• NumberofBitCoins incirculation16.5million(September,2017)
• TotalnumberofBitCoins generatedcannotexceed21million.– Around5millionlefttobemined!
• AveragepriceofaBitcoin:– $3867onSeptember25,2017;– $2350onJune27,2017
¨ Pricehasbeenveryunstableandspeculative.• Currently,244,157tx/dayor~170tx/minute.(Incontrast,Visatransaction200,000perminute!)
InterfaceHI2017- DebasisBhattacharya9/27/17 6
![Page 7: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/7.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 7
![Page 8: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/8.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 8
Bitcoins– AveragepriceonSeptember25,2017
![Page 9: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/9.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 9
Bitcoins– Averagepricesince2011
![Page 10: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/10.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 10
Bitcoins– Averagepricein2017
![Page 11: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/11.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 11
![Page 12: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/12.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 12
![Page 13: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/13.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 13
![Page 14: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/14.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 14
![Page 15: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/15.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 15
![Page 16: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/16.jpg)
BitCoin:Challenges• Creationofavirtualcoin/note
– Howisitcreatedinthefirstplace?– Howdoyoupreventinflation?(Whatpreventsanyonefromcreating
lotsofcoins?)• Validation
– Isthecoinlegit?(proof-of-work)– Howdoyoupreventacoinfromdouble-spending?
• BuyerandSellerprotectioninonlinetransactions– Buyerpays,butthesellerdoesn’tdeliver– Sellerdelivers,buyerpays,butthebuyermakesaclaim.
• Trustonthird-parties– Relyon“proofofwork”insteadoftrust– Verifiablebyeveryone– blockchain isvisibletoall– Nocentralbankorclearinghouse
InterfaceHI2017- DebasisBhattacharya9/27/17 16
![Page 17: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/17.jpg)
SecurityinBitcoin• Authentication
– AmIpayingtherightperson?Notsomeotherimpersonator?
• Integrity– Isthecoindouble-spent?– Cananattackerreverseorchangetransactions?
• Availability– CanImakeatransactionanytimeIwant?
• Confidentiality– Aremytransactionsprivate?Anonymous?
InterfaceHI2017- DebasisBhattacharya9/27/17 17
![Page 18: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/18.jpg)
SecurityinBitcoin• Authenticationà PublicKeyCrypto:DigitalSignatures
– AmIpayingtherightperson?Notsomeotherimpersonator?
• Integrityà DigitalSignaturesandCryptographicHash– Isthecoindouble-spent?– Cananattackerreverseorchangetransactions?
• Availabilityà BroadcastmessagestotheP2Pnetwork– CanImakeatransactionanytimeIwant?
• Confidentialityà Pseudonymity– Aremytransactionsprivate?Anonymous?
InterfaceHI2017- DebasisBhattacharya9/27/17 18
![Page 19: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/19.jpg)
PublicKeyCrypto:Encryption
• Keypair:publickeyandprivatekey
InterfaceHI2017- DebasisBhattacharya9/27/17 19
![Page 20: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/20.jpg)
PublicKeyCrypto:DigitalSignature• First,createamessagedigestusingacryptographichash• Then,encryptthemessagedigestwithyourprivatekey
Authentication
Integrity
Non-repudiation
InterfaceHI2017- DebasisBhattacharya9/27/17 20
![Page 21: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/21.jpg)
CryptographicHashFunctions
• Consistent:hash(X)alwaysyieldssameresult
• One-way:givenY,hardto findXs.t. hash(X)=Y
• Collisionresistant:givenhash(W)=Z,hardto findXsuchthathash(X)=Z
Hash FnMessage of arbitrary lengthFixed Size
Hash
InterfaceHI2017- DebasisBhattacharya9/27/17 21
![Page 22: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/22.jpg)
BacktoBitCoin• Validation
– Isthecoinlegit?(proof-of-work)à UseofCryptographicHashes
– Howdoyoupreventacoinfromdouble-spending?àBroadcasttoallnodes
• Creationofavirtualcoin/note– Howisitcreatedinthefirstplace?à Provideincentivesforminers,earnbitcoinsafterwork!
– Howdoyoupreventinflation?(Whatpreventsanyonefromcreatinglotsofcoins?)à LimitthecreationrateoftheBitCoins.Rightnow,12.5coinstominers
InterfaceHI2017- DebasisBhattacharya9/27/17 22
![Page 23: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/23.jpg)
Bitcoin• Electroniccoin==chainofdigitalsignatures• BitCoin transfer:Sign(Previoustransaction+Newowner’spublickey)• Anyonecanverify(n-1)th ownertransferredthistothenthowner.• AnyonecanfollowthehistoryGivenaBitCoin
InterfaceHI2017- DebasisBhattacharya9/27/17 23
![Page 24: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/24.jpg)
Bitcoin Transactions
Public key 0xa8fc93875a972ea
Signature 0xa87g14632d452cd
Public key 0xc7b2f68...
InterfaceHI2017- DebasisBhattacharya9/27/17 24
![Page 25: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/25.jpg)
UseofCryptographicHashes¨ Proof-of-work
¨ Blockcontainstransactionstobevalidatedandprevioushashvalue.¨ Pickanouce suchthatH(prev hash,nounce,Tx)<E.Eisavariablethat
thesystemspecifies.Basically,thisamountstofindingahashvaluewho’sleadingbitsarezero.Theworkrequiredisexponentialinthenumberofzerobitsrequired.
¨ Verificationiseasy.Butproof-of-workishard.
InterfaceHI2017- DebasisBhattacharya9/27/17 25
![Page 26: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/26.jpg)
PreventingDouble-spending
• Theonlywayistobeawareofalltransactions.• Eachnode(miner)verifiesthatthisisthefirstspendingoftheBitcoin bythepayer.
• Onlywhenitisverifieditgeneratestheproof-of-workandattachittothecurrentchain.
InterfaceHI2017- DebasisBhattacharya9/27/17 26
![Page 27: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/27.jpg)
Bitcoin Network• EachP2Pnoderunsthefollowingalgorithm:
– Newtransactionsarebroadcasttoallnodes.– Eachnode(miners)collectsnewtransactionsintoablock.– Eachnodeworksonfindingaproof-of-workforitsblock.(Hard
todo.Probabilistic.Theonetofinishearlywillprobablywin.)– Whenanodefindsaproof-of-work,itbroadcaststheblocktoall
nodes.– Nodesaccepttheblockonlyifalltransactionsinitarevalid
(digitalsignaturechecking)andnotalreadyspent(checkallthetransactions).
– Nodesexpresstheiracceptancebyworkingoncreatingthenextblockinthechain,usingthehashoftheacceptedblockastheprevioushash.
InterfaceHI2017- DebasisBhattacharya9/27/17 27
![Page 28: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/28.jpg)
Tiebreaking• Twonodesmayfindacorrectblocksimultaneously.
– Keepbothandworkonthefirstone– Ifonegrowslongerthantheother,takethelongerone
Twodifferentblockchains(orblocks)maysatisfytherequiredproof-of-work.
InterfaceHI2017- DebasisBhattacharya9/27/17 28
![Page 29: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/29.jpg)
RevertingisHard
• Revertinggetsexponentiallyhardasthechaingrows.
1.Modifythetransaction(revertorchangethepayer)
2.Recomputenonce
3.Recomputethenextnonce
InterfaceHI2017- DebasisBhattacharya9/27/17 29
![Page 30: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/30.jpg)
PracticalLimitation
• Atleast10mins toverifyatransaction.– Agreetopay– Waitforoneblock(10mins)forthetransactiontogothrough.
– But,foralargetransaction($$$)waitlonger,around60minutes.Becauseifyouwaitlongeritbecomesmoresecure.
– Forlarge$$$,youwaitforsixblocks(1hour).
InterfaceHI2017- DebasisBhattacharya9/27/17 30
![Page 31: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/31.jpg)
Optimizations• Merkle Tree
– Onlykeeptheroothash• Deletetheinteriorhashvaluestosavedisk• Blockheaderonlycontainstheroothash• Blockheaderisabout80bytes• 80bytes*6per/hr *24hrs *365=4.2MB/year
– WhykeepuseaMerkle tree?
InterfaceHI2017- DebasisBhattacharya9/27/17 31
![Page 32: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/32.jpg)
Simplifiedpaymentverification• Anyusercanverifyatransactioneasilybyaskinganode.• First,getthelongestproof-of-workchain• Querytheblockthatthetransactiontobeverified(tx3)isin.• OnlyneedHash01andHash2toverify;nottheentireTx’s.
InterfaceHI2017- DebasisBhattacharya9/27/17 32
![Page 33: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/33.jpg)
BitCoin Economics¨ Ratelimitingonthecreationofanewblock
¨ Adapttothe“network’scapacity”¨ Ablockcreatedevery10mins (sixblockseveryhour)
¨ How?Difficultyisadjustedeverytwoweekstokeeptheratefixedascapacity/computingpowerincreases
¨ NnewBitcoins pereachnewblock:creditedtotheminerà incentivesforminers¨ Nwas50initially.In2013,N=25¨ Since 2016N=12.5,nexthalfisJune2020forN=6.25.¨ Halvedevery210,000blocks(everyfouryears)¨ Thus,thetotalnumberofBitCoins willnotexceed21million.
(Afterthisminertakesafee)
InterfaceHI2017- DebasisBhattacharya9/27/17 33
![Page 34: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/34.jpg)
PrivacyImplications
• Noanonymity,onlypseudonymity• Alltransactionsremainontheblockchain–indefinitely!
• Retroactivedatamining– Targetuseddataminingoncustomerpurchasestoidentifypregnantwomenandtargetadsatthem(NYT2012),endedupinformingawoman’sfatherthathisteenagedaughterwaspregnant
– Imaginewhatcreditcardcompaniescoulddowiththedata
InterfaceHI2017- DebasisBhattacharya9/27/17 34
![Page 35: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/35.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 35
![Page 36: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/36.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 36
Bitcoins– Averagepricedroppedin2014butrisingsince!
![Page 37: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/37.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 37
![Page 38: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/38.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 38
![Page 39: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/39.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 39
![Page 40: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/40.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 40
![Page 41: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/41.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 41
![Page 42: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/42.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 42
![Page 43: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/43.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 43
![Page 44: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/44.jpg)
BitcoinSecurity101
• WhenusinganonlineservicesuchasanbitcoinexchangesuchasCoinbase:– Enable2-Factor-Authentication(likeGoogleauthenticatororYubiKey)onyouraccount
– WatchoutforSocialEngineeringthatcantakeswitchyourphonebycallingVerizonCustomerSvc!
• EnsuresecurityofyourAPIKey– APIKeyallowsapplicationstoretrievebitcoinsfromyourdigitalwallet.
9/27/17 InterfaceHI2017- DebasisBhattacharya 44
![Page 45: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/45.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 45
![Page 46: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/46.jpg)
BitcoinSecurity101
• Alwayshavedirectcontrolofyourbitcoins(privatekeys).Ifyoudon’thave(orlose)thekeys,youdon’tcontrolthebitcoins.
• Keeplittlecash($100to$500)intheexchange• Makeregularbackupsofyourbitcoinwallet!
– Or,useTrezor hardwarewalletorpaperwallet• Realizethatyouwillbethetargetformalware,socialengineeringandotherhacks!
9/27/17 InterfaceHI2017- DebasisBhattacharya 46
![Page 47: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/47.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 47
![Page 48: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/48.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 48
![Page 49: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/49.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 49
![Page 50: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/50.jpg)
Conclusion
• Cryptocurrenciesandtechnologyareheretostay…– www.Bitcoin,org - StartedbySatoshiNakamoto,10/08– www.ZeroCoin.org - ExtendBitcointomakeitprivate– www.Litecoin.org - OpenSourceP2PInternetCurrency– www.Ethereum.org - SmartContracts(Microsoft)– www.Hyperledger.org - Blockchains forBusiness(IBM)
• Securityisanissuejustlikeanythingelse– Consumers:SocialEngineering,Malware,Phishingetc.– Exchanges:Hacks,Botnets,Malware,Phishing,APTetc.
9/27/17 InterfaceHI2017- DebasisBhattacharya 50
![Page 51: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/51.jpg)
Acknowledgement• Someoftheslides,content,orpicturesareborrowedfrom
thefollowingresources,andsomepicturesareobtainedthroughGooglesearchwithoutbeingreferencedbelow:
• L24-BitCoinandSecurity,manyoftheslidesborrowedfromthispresentationwithmodifications.
• PresentationbyAmirHoumansadr fromUmass CSentitled“SecureDigitalCurrency:Bitcoin”,CS660,Spring2015
InterfaceHI2017- DebasisBhattacharya9/27/17 51
![Page 52: Content may be borrowed from other resources. See the last ...maui.hawaii.edu/.../13/2013/01/Bitcoins-Block-Chains-and-Cybersecurity.pdf · Bitcoin Security 101 •Always have direct](https://reader034.vdocuments.site/reader034/viewer/2022050718/5e16828f6e63815c5a070c1e/html5/thumbnails/52.jpg)
9/27/17 InterfaceHI2017- DebasisBhattacharya 52
Dr.DebasisBhattacharya,JD,[email protected]@uhmcabithttp://maui.hawaii.edu/cybersecurity