Friday, June 17, 2011

The Cryptography of Bitcoin

MIT student Edward Z. Yang has an excellent piece on "The Cryptography of Bitcoin" (June 3, 2011), which explains the cryptographic components of bitcoin. While I disagree with his conclusion that upgrading the crypto algorithm in the future is a non-starter, he presents a good overview of how multiple different cryptographic primitives are assembled in the bitcoin protocol. Yang writes:
"Bitcoin makes some interesting choices of the cryptography it chooses, and the rest of this post will explore those choices. Bitcoin makes use of two hashing functions, SHA-256 and RIPEMD-160, but it also uses Elliptic Curve DSA on the curve secp256k1 to perform signatures. The C++ implementation uses a local copy of the Crypto++ library for mining, and OpenSSL for normal usage."
Yang also comments on the hashing in bitcoin:
"This is the technically novel use of cryptography in Bitcoin, and it is used to answer the question, 'With only traditional signatures, Alice can resend bitcoins she doesn’t actually have as many times as she wants, effectively creating multiple branches of a transaction tree. How do we prevent this?' The answer Bitcoin provides is, 'Transaction chains are certified by the solution of a computationally hard problem (mining), and once a transaction is confirmed by its inclusion in a block, clients prefer the transaction chain that has the highest computational cost associated with it, invalidating any other spending on other branches.' Even if you don’t believe in decentralized currency, you have to admit, this is pretty elegant."

For further reading:
"Bitcoin's Value is Decentralization", Paul Bohm, June 17, 2011
"Replacing Bitcoin", Sean Lynch, June 17, 2011
"Virtual currency: Bits and bob", The Economist, June 13, 2011
"Is BitCoin a triple entry system?", Ian Grigg, June 13, 2011
"Explaining – not setting – Bitcoin straight", Silas Barta, June 10, 2011
"Is bitcoin protocol future-proof?", stackoverflow, April 9, 2011

No comments:

Post a Comment