Bitcoin: Principles, Security and Future

math

Earlier this year, I happened to discuss the topic of Bitcoin with a friend. This friend had no experience in cryptography and no technical background, so he thought that Bitcoin could be over-issued just like printing money, as if it could be created out of nothing. In fact, the virtual currencies that most people usually come into contact with are similar to Q coins, which are issued by a certain operator or platform as a voucher for exchange services, and the issuance of this virtual currency is completely controlled by the company. In the real world, the currency issued by the government is actually the same as these traditional virtual currencies. Whether it is over-issued or not, and the rise and fall of its value are completely controlled by the platform operator or the government. Now we know through various interpretations that Bitcoin will not be over-issued for no reason, so what exactly guarantees its different characteristics from "ordinary" virtual currencies?

The answer is - mathematics.

Hashing

Let's start with hashing. Hash is also called "hashing". In China, it is also translated into hashing based on its English name (Hashing). In fact, from the name "listed in pieces" and "put together in a mess", we can know that this is an information summary algorithm, and the meaning of summary is similar to extracting the main idea of ​​a paragraph of text in elementary school Chinese. In computers, hashing usually extracts the characteristics of a certain piece of data through certain specific means (such as a series of complex bit operations), and the characteristics are used for verification (such as verifying the correctness of a large file downloaded from the Internet). The summary of the main idea in Chinese class is that based on the content of the summary, you can restore what the content of the paragraph is, while the cryptographic level hashing is just the opposite. It makes the code that you extract to represent the data characteristics never be restored (or easily restored) to the original data.

For example, a popular hash function is called SHA-1. When you submit a string: "The quick brown fox jumps over the lazy dog"

When used as a parameter for SHA-1, the following summary information is obtained: 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12

But if you change even one character: "The quick brown fox jumps over the lazy cog"

The results will also change dramatically: de9f2c7f d25e1b3a fad3e85a 0bd17d9b 100db4b3

These characteristics of the hash function ensure that it is not easy to analyze the loopholes of the algorithm through small modifications and differences in the digests, thereby ensuring the security of the original data.

So how are hash functions used? They are usually used as a tool for "proof". For example, Alice has a string: "The quick brown fox jumps over the lazy dog"

Bob says he also has a string that is the same as Alice's, but Bob does not trust Alice. If Alice is a fake, she will leak her real string to the fake Alice. At the same time, Alice does not trust Bob either, because if Bob is a fake, she will also leak her real string to the fake Bob. What's more frightening is that there is a spy Eve standing nearby who is constantly monitoring the string exchange process between Alice and Bob and obtains the string. So how can Alice and Bob trust each other that the other is not a fake? The simple way is for both of them to hash their own strings and then compare them. In this way, even if someone is monitoring or the other party is a fake, the original data will not be leaked.

How did these hash functions like SHA-1 come from? They were designed by the National Security Agency (NSA) and released by the National Institute of Standards and Technology (NIST). The public bidding process for a famous hash standard (including other encryption standards) is completely open, and all submitted algorithms and standards will be tested by countless top cryptographers from all over the world, so it can be basically assumed that the hash algorithms (including other encryption algorithms) popular at the same time are safe.

From the above discussion, we can see that the hashing process is irreversible, so it has the ability to prove the original data while protecting the original data. Recently, many websites have exposed plain text passwords, which has caused an uproar, because performing irreversible hashing operations on passwords is one of the most basic measures to ensure user information security, and these websites have not taken this measure (imagine that after the plain text password is leaked, it will be used by others to try to log in to the victim's email and other accounts).

Proof of employment

So where does Bitcoin come from? It comes from the calculation results of these hash functions. Imagine we calculate such a problem. What kind of string should be input to get a hash result starting with 0? Some people say that if I reverse the function to get an inverse function, can't I get the original result? That's not possible, because these hash functions are very rigorous and have been tested by countless mathematicians. They have "cryptography" level security and are not easily derived. The only way to get an unknown original result is exhaustive enumeration, in other words, guessing. Substitute all possible results into the hash function one by one and try. If you happen to get a result starting with 0, congratulations, you have solved the "math problem" and will be rewarded with a certain number of Bitcoins. The process of solving the problem is called mining. At the beginning, such work is very simple. A problem only needs the CPU of an ordinary personal computer to quickly solve the first few problems. As the number of miners increases, the problems will become more and more difficult and the benefits will be lower and lower, because only a certain number of Bitcoins will be generated in the same period of time, and the distribution process will only solve the number of problems according to the number of problems. In order to obtain more Bitcoins, some people program the problem-solving process into the GPU program of the graphics card, because everyone knows the characteristics of the graphics card, that is, there are many stream processors that can perform a large number of calculations in a short period of time. More and more people have bought high-performance graphics cards, and the income from mining with graphics cards is getting smaller and smaller, so some people simply design their own hardware and use dedicated integrated circuits (ASICs) to perform the problem-solving process. This type of machine with a large number of dedicated mining integrated circuits is called a "mining machine."

distributed

Some people say that if you repeatedly give yourself some "math problems" that you have already found the answers to and then quickly solve them yourself, can you get Bitcoin at will? Of course not. This is where Bitcoin's design is ingenious and what makes it different from other traditional currencies. The generation of "math problems" is not decided by yourself, but everyone mines together and everyone stores a copy of the mining results - Bitcoin transaction records. The fake results you make yourself do not count and must be recognized by others in the entire network. The result of this design is that a person cannot forge his own wealth at will, and the wealth he already has will be proven by everyone in the entire network and will not be easily deprived.

Proof value?

Are these cryptographically supported virtual currencies safe?

From a technical point of view, it is generally safe (explained in detail below). In fact, our daily Internet access, banking, military and other activities are supported by cryptography. It is now impossible to imagine what our daily lives would be like without this series of cryptographic guarantees. Cryptography is ultimately mathematics. Here we see that mathematics has actually completely supported various cryptographic-based currencies as a natural element rather than a man-made product. Its proof power is even stronger than gold (perhaps human capabilities will one day be strong enough to simulate the process of gold production, such as physical activities similar to the Big Bang, but all physical activities cannot violate the laws of mathematics).

However, mathematical guarantees alone are not enough; they must also be proven from a social perspective, that is, enough people must believe that Bitcoin can change their lives, provide a portable means of payment, or even simply believe that it can be used as a tool for hype. These data blocks obtained through a large number of hash operations are valuable.

Security

We need to further discuss security. First of all, security is not a mathematical formula or an algorithm, nor can it be guaranteed by a so-called "security product". Security is a combination of a series of correctly implemented processes .

For example, in order to ensure the security of the design drawings or source code of its products, a company installed antivirus software on every computer in the company, deployed the best firewall, required fingerprint verification when entering and leaving the company, and no one was allowed to bring storage devices or connect to the Internet. In the end, the design drawings and source code of the company were still obtained by spies from rival companies. The method of obtaining them was very simple. The spy bribed the company's supervisor and asked the supervisor to copy a copy of the design drawings and source code and take it out of the company and give it to the spy...

The same goes for Bitcoin. You said that it cannot be simply summarized as safe or unsafe, but all links related to Bitcoin should be considered. At the same time, security measures in each link must be in place to reduce losses.

Below I list some events that may threaten the security of Bitcoin from high to low probability:

Trading Platform

There is no doubt that the trading platform is one of the most vulnerable links. If you store various virtual currencies on the trading platform (or host them on the trading platform), then the only measure you have to protect the security of the currency is almost the protection of the login and trading password. There are endless times when trading platforms are attacked or hacked, and the losses are also heavy. Here are a few examples:

On October 23, the web Bitcoin wallet Inputs.io was hacked and $1.2 million worth of Bitcoin was stolen; on October 26, the Bitcoin trading platform GBL ran away with customer deposits; on April 3, the exchange Mt.Gox was attacked by DDOS, and the price of Bitcoin fell sharply; …

In addition to creating a good login and transaction password, the best way to ensure the security of the trading platform is to transfer a portion of your Bitcoin to your own private wallet and ensure your own security. This way, no matter if the trading platform runs away or is attacked, you will not lose everything.

Local wallet security

The wallet file records important information such as the private key that proves that you own the wallet, so the local wallet must be kept safe and properly backed up. Protecting the local wallet also means that you must ensure that there are sufficient security measures on your computer, including timely updating of the operating system (especially popular operating systems such as Windows) (including upgrading to newer versions, such as Windows 7 or Windows 8 in 2013), using the built-in update function (such as Windows Update) to apply the latest patches, and if necessary, installing some security software, such as firewalls and anti-virus software is also a good choice.

Altcoins are on the rise

As Bitcoin becomes more popular, numerous altcoins have been launched. It is said that it only takes 1 Bitcoin to create a new altcoin. Many of these altcoins are just trying to make a quick buck and change the parameters of the Bitcoin client, but some of them have also proposed certain improvements (such as performance, transaction time, etc.), and there are many valuable improvements among them. It can be expected that once a new altcoin provides sufficiently attractive features or solves some serious problems facing Bitcoin, it will quickly rise to the top and overwhelm Bitcoin's first-mover advantage.

Cryptography-level cracking

The algorithm used in Bitcoin has been cracked. Although it sounds like a fantasy, it is not impossible. For example, the symmetric encryption algorithm DES, which was once popular in history, has long been recommended not to be used because its key is too short, and has been replaced by 3DES, AES and Blowfish. The once popular stream encryption algorithm RC4 has also been attacked in various ways due to its insufficient strength. The popular hash algorithm MD5 was discovered by Wang Xiaoyun, a professor at the Department of Mathematics of Shandong University in 2004, using a fast collision method to reduce the number of steps to produce a collision from 2 to the power of 80 to 2 to the power of 69 and 2 to the power of 63 (this level of reduction is amazing from a computer perspective).

We can look at the time when some famous encryption algorithms were proposed and the time when they were deprecated or even abandoned (subjected to very effective attacks):

MD5 (1992-2004), 12 years;

SHA-1 (1995-2013), 18 years;

DES (1976-1999), 23 years;

MD5 and SHA-1 are still widely used in current products. Microsoft's official blog announced that SHA-1 and RC4 will be abandoned before 2016.

Bitcoin is a relatively advanced design. When it was created in 2009, it used the latest SHA-256 and RIPEMD-160 hash algorithms, which were already established standards at the time. It also selected the very advanced elliptic curve public key algorithm using the secp256k1 curve. These basic cryptographic measures still seem very safe at present (2013), but with further research by cryptographers and brute force cracking by more high-performance machines, these algorithms will become increasingly vulnerable, and it will become very difficult to migrate to new algorithms or strengthen existing algorithms.

Brute force cracking with large computing power

Someone has calculated that the length of a Bitcoin private key is 256 bits. To exhaust all possibilities to crack the private key requires:

pow(2,128) / (15 * pow(2,40)) / 3600 / 24 / 365.25 / 1e9 / 1e9 = 0.6537992112229596

That is 65000000000000000000 years. It seems that Bitcoin is absolutely safe, but if we consider Moore's Law, the performance of computers doubles every 18 months, and two 18 months will become four times the original. This growth is actually very amazing. The result of the calculation is that in just 59 years, computers will be able to crack a private key in a meaningful time (such as 1.13 years), that is, crack someone's wallet, which is very dangerous.

You might say that 59 years is long enough, but wait, you haven’t considered the hardware specifically designed for cracking. Mining machines made of graphics cards and dedicated integrated circuits can be used for mining, so why can’t they be used for cracking?

Government policies

Although one of the functions of cryptographic currencies such as Bitcoin is to resist inflation from the government, don't think that the government's measures will be limited. If Bitcoin needs to be eliminated (or eliminated in a certain area), it only needs to be done on the medium on which Bitcoin survives - the network. Before Bitcoin finds a more difficult medium to block, the attitude of the government cannot be ignored.