Bitcoin Casino – Bitcoin Information and Data – Bitcoinx ...

Parallel.For uses 50-70% of CPU part 2 (narrowed down to some BigInteger math)

A while ago I asked about this problem I had with Parallel.For where it used all cores but only at ~60%. Thanks to all the excellent advice I received here I was able to narrow down the problem to 3 parts of the code. 1. The way I was creating the IEnumerable which I replaced with a simple array (special thanks to u/panoskj) 2. A bug where different threads were actually writing to the same buffers inside ICompareService which was a global instance instead of being created for each thread (but this also suffers from 3). 3. Some math involving BigInteger on this line.
Out of these 3 I've fixed 1 and 2 and they make sense but I can't figure out why the third one is causing problems and I need help again (haven't published these changes on GitHub due to being incomplete). If I comment out L329 and replace L467 with a simple array comparison the parallel loop can successfully use 100% CPU on all cores.
I am creating both the calculator and the generator (starting point) inside each thread although I don't think it matters. The full calculator code can be seen here: https://github.com/Coding-Enthusiast/FinderOutetree/masteSrc/FinderOuteBackend/Asymmetric/EllipticCurve The relevant code for the method being called is this (Elliptic Curve point multiplication):
internal EllipticCurvePoint MultiplyChecked(BigInteger k, EllipticCurvePoint point) { EllipticCurvePoint result = EllipticCurvePoint.InfinityPoint; EllipticCurvePoint addend = point; while (k != 0) { if ((k & 1) == 1) { result = AddChecked(result, addend); } addend = DoubleChecked(addend); k >>= 1; } return result; } internal EllipticCurvePoint AddChecked(EllipticCurvePoint point1, EllipticCurvePoint point2) { if (point1 == EllipticCurvePoint.InfinityPoint) return point2; if (point2 == EllipticCurvePoint.InfinityPoint) return point1; BigInteger m; if (point1.X == point2.X) { if (point1.Y != point2.Y) // (x,y) + (x,−y) = O { return EllipticCurvePoint.InfinityPoint; } // Point double or (x,y) + (x,y) m = ((3 * point1.X * point1.X) + curve.A) * (2 * point1.Y).ModInverse(curve.P); // Note that since points are on a group with a prime (mod p) all of them do have multiplicative inverses. } else // point1 != point2. (x1,y1) + (x2,y2) { m = (point1.Y - point2.Y) * (point1.X - point2.X).ModInverse(curve.P); } BigInteger x3 = ((m * m) - point1.X - point2.X).Mod(curve.P); BigInteger y3 = (m * (point1.X - x3) - point1.Y).Mod(curve.P); return new EllipticCurvePoint(x3, y3); } internal EllipticCurvePoint DoubleChecked(EllipticCurvePoint point1) { if (point1 == EllipticCurvePoint.InfinityPoint) return point1; BigInteger m = 3 * point1.X * point1.X * (2 * point1.Y).ModInverse(curve.P); BigInteger x3 = ((m * m) - (2 * point1.X)).Mod(curve.P); BigInteger y3 = (m * (point1.X - x3) - point1.Y).Mod(curve.P); return new EllipticCurvePoint(x3, y3); } 
EllipticCurvePoint is a struct with 2 readonly BigInteger properties
public struct EllipticCurvePoint : IEquatable { public EllipticCurvePoint(BigInteger x, BigInteger y) { X = x; Y = y; } public BigInteger X { get; } public BigInteger Y { get; } 
submitted by Coding_Enthusiast to csharp [link] [comments]

Why do WIF-compressed private keys exist?

I am reading Andreas' Mastering Bitcoin (great book btw) and got to the section where compressed and uncompressed public keys are explained (pages71-74). I have a question that I don't find an answer for, maybe someone here can help - might be a little too technical though.
If I understood correctly, the public keys are just (x,y) coordinates of the elliptic curve generated from the private key. Now there's two versions, the original version where the entire x and y coordinates are shown (04... public keys) and the newer version where the y is calculated from y² mod p=(x³+7) and are either 02... or 03... depending on whether it represents the positive or negative y.
All good. However, in order for wallets to know if they should search for the addresses generated from hashing the compressed or the uncompressed versions of the public key when importing a private key, the book says two types of private key formats were developed to represent what type of public key should be obtained from it. This way, if the private key imported looks like 5... the wallet knows it should create 04... public keys (uncompressed) and if the private key looks like K... it knows it should look for adresses derived from 02... or 03... public keys.
My question is - why do we need to show whether the addresses used came from a compressed or uncompressed public keys, IN the private key? I mean, can't we use a single standard private key format and have the wallet just create both versions of public keys to check in which one there's any funds? It would take what, a couple more minutes to check the balance?
Hope the question makes sense haha thanks!!
submitted by Jack1602 to Bitcoin [link] [comments]

ECDSA In Bitcoin

Digital signatures are considered the foundation of online sovereignty. The advent of public-key cryptography in 1976 paved the way for the creation of a global communications tool – the Internet, and a completely new form of money – Bitcoin. Although the fundamental properties of public-key cryptography have not changed much since then, dozens of different open-source digital signature schemes are now available to cryptographers.

How ECDSA was incorporated into Bitcoin

When Satoshi Nakamoto, a mystical founder of the first crypto, started working on Bitcoin, one of the key points was to select the signature schemes for an open and public financial system. The requirements were clear. An algorithm should have been widely used, understandable, safe enough, easy, and, what is more important, open-sourced.
Of all the options available at that time, he chose the one that met these criteria: Elliptic Curve Digital Signature Algorithm, or ECDSA.
At that time, native support for ECDSA was provided in OpenSSL, an open set of encryption tools developed by experienced cipher banks in order to increase the confidentiality of online communications. Compared to other popular schemes, ECDSA had such advantages as:
These are extremely useful features for digital money. At the same time, it provides a proportional level of security: for example, a 256-bit ECDSA key has the same level of security as a 3072-bit RSA key (Rivest, Shamir и Adleman) with a significantly smaller key size.

Basic principles of ECDSA

ECDSA is a process that uses elliptic curves and finite fields to “sign” data in such a way that third parties can easily verify the authenticity of the signature, but the signer himself reserves the exclusive opportunity to create signatures. In the case of Bitcoin, the “data” that is signed is a transaction that transfers ownership of bitcoins.
ECDSA has two separate procedures for signing and verifying. Each procedure is an algorithm consisting of several arithmetic operations. The signature algorithm uses the private key, and the verification algorithm uses only the public key.
To use ECDSA, such protocol as Bitcoin must fix a set of parameters for the elliptic curve and its finite field, so that all users of the protocol know and apply these parameters. Otherwise, everyone will solve their own equations, which will not converge with each other, and they will never agree on anything.
For all these parameters, Bitcoin uses very, very large (well, awesomely incredibly huge) numbers. It is important. In fact, all practical applications of ECDSA use huge numbers. After all, the security of this algorithm relies on the fact that these values are too large to pick up a key with a simple brute force. The 384-bit ECDSA key is considered safe enough for the NSA's most secretive government service (USA).

Replacement of ECDSA

Thanks to the hard work done by Peter Wuille (a famous cryptography specialist) and his colleagues on an improved elliptical curve called secp256k1, Bitcoin's ECDSA has become even faster and more efficient. However, ECDSA still has some shortcomings, which can serve as a sufficient basis for its complete replacement. After several years of research and experimentation, a new signature scheme was established to increase the confidentiality and efficiency of Bitcoin transactions: Schnorr's digital signature scheme.
Schnorr's signature takes the process of using “keys” to a new level. It takes only 64 bytes when it gets into the block, which reduces the space occupied by transactions by 4%. Since transactions with the Schnorr signature are the same size, this makes it possible to pre-calculate the total size of the part of the block that contains such signatures. A preliminary calculation of the block size is the key to its safe increase in the future.
Keep up with the news of the crypto world at CoinJoy.io Follow us on Twitter and Medium. Subscribe to our YouTube channel. Join our Telegram channel. For any inquiries mail us at [[email protected]](mailto:[email protected]).
submitted by CoinjoyAssistant to btc [link] [comments]

ECDSA In Bitcoin

Digital signatures are considered the foundation of online sovereignty. The advent of public-key cryptography in 1976 paved the way for the creation of a global communications tool – the Internet, and a completely new form of money – Bitcoin. Although the fundamental properties of public-key cryptography have not changed much since then, dozens of different open-source digital signature schemes are now available to cryptographers.

How ECDSA was incorporated into Bitcoin

When Satoshi Nakamoto, a mystical founder of the first crypto, started working on Bitcoin, one of the key points was to select the signature schemes for an open and public financial system. The requirements were clear. An algorithm should have been widely used, understandable, safe enough, easy, and, what is more important, open-sourced.
Of all the options available at that time, he chose the one that met these criteria: Elliptic Curve Digital Signature Algorithm, or ECDSA.
At that time, native support for ECDSA was provided in OpenSSL, an open set of encryption tools developed by experienced cipher banks in order to increase the confidentiality of online communications. Compared to other popular schemes, ECDSA had such advantages as:
These are extremely useful features for digital money. At the same time, it provides a proportional level of security: for example, a 256-bit ECDSA key has the same level of security as a 3072-bit RSA key (Rivest, Shamir и Adleman) with a significantly smaller key size.

Basic principles of ECDSA

ECDSA is a process that uses elliptic curves and finite fields to “sign” data in such a way that third parties can easily verify the authenticity of the signature, but the signer himself reserves the exclusive opportunity to create signatures. In the case of Bitcoin, the “data” that is signed is a transaction that transfers ownership of bitcoins.
ECDSA has two separate procedures for signing and verifying. Each procedure is an algorithm consisting of several arithmetic operations. The signature algorithm uses the private key, and the verification algorithm uses only the public key.
To use ECDSA, such protocol as Bitcoin must fix a set of parameters for the elliptic curve and its finite field, so that all users of the protocol know and apply these parameters. Otherwise, everyone will solve their own equations, which will not converge with each other, and they will never agree on anything.
For all these parameters, Bitcoin uses very, very large (well, awesomely incredibly huge) numbers. It is important. In fact, all practical applications of ECDSA use huge numbers. After all, the security of this algorithm relies on the fact that these values are too large to pick up a key with a simple brute force. The 384-bit ECDSA key is considered safe enough for the NSA's most secretive government service (USA).

Replacement of ECDSA

Thanks to the hard work done by Peter Wuille (a famous cryptography specialist) and his colleagues on an improved elliptical curve called secp256k1, Bitcoin's ECDSA has become even faster and more efficient. However, ECDSA still has some shortcomings, which can serve as a sufficient basis for its complete replacement. After several years of research and experimentation, a new signature scheme was established to increase the confidentiality and efficiency of Bitcoin transactions: Schnorr's digital signature scheme.
Schnorr's signature takes the process of using “keys” to a new level. It takes only 64 bytes when it gets into the block, which reduces the space occupied by transactions by 4%. Since transactions with the Schnorr signature are the same size, this makes it possible to pre-calculate the total size of the part of the block that contains such signatures. A preliminary calculation of the block size is the key to its safe increase in the future.
Keep up with the news of the crypto world at CoinJoy.io Follow us on Twitter and Medium. Subscribe to our YouTube channel. Join our Telegram channel. For any inquiries mail us at [[email protected]](mailto:[email protected]).
submitted by CoinjoyAssistant to Bitcoin [link] [comments]

【NeoLine Talk】The life cycle of the private key

【NeoLine Talk】The life cycle of the private key

https://preview.redd.it/yeib74adcoy41.png?width=900&format=png&auto=webp&s=8e50b543a01a25860c7c732c17a1f2da338cd7c6
In the blockchain system, since there is no centralized organization responsible for managing the backup user sensitive data, the generation, storage, use, retrieval, destruction, and update of the user’s private key all need to be guaranteed by the user. Therefore, for the entire life cycle of the private key, there needs to be a strict way to manage and control it, to ensure the security of the asset.
Today ’s NeoLine Talk, let ’s talk about how to ensure the security of the private key life cycle.

Private key generation

Private key: A 256-bit binary random number whose quality depends entirely on the quality of the random number that generated the private key. If the randomness of the key generation process is insufficient to make it predictable, then all subsequent security protection measures will be in vain.
Random numbers are the cornerstone of information security systems based on modern cryptography. The security of the entire system depends entirely on the generation efficiency and quality of random number sequences. The core of high-quality random numbers is “unpredictability”. There are two types of random numbers: pseudo-random and true random.
Pseudo-random is also called pseudo-random. It generally relies on seeds and algorithms. Knowing the seeds or the random numbers that have been generated, you can get the next random numbers, which is predictable. The current mainstream blockchain system is the private key generated by this method …
True random numbers are generally based on the design of the hardware. Random numbers are generated according to the external temperature, voltage, electromagnetic field, environmental noise, etc., and the unpredictability of randomness is greatly increased. All security cryptographic chips in the financial field adopt this design.

Let’s see in detail how to generate a private key from a random number?

The first step in generating a private key is also the most important. It is to find a sufficiently secure source of entropy, that is, a source of randomness. Generating a Bitcoin private key is essentially the same as “choose a number between 1 and 2256”. As long as the selected results are unpredictable or unrepeatable, the specific method of selecting numbers is not important. Bitcoin software uses a random number generator at the bottom of the operating system to generate 256 bits of entropy (randomness). Normally, the operating system random number generator is initialized by an artificial random source, and it may also need to be initialized by shaking the mouse continuously within a few seconds.
More precisely, the private key can be any number between 1 and n-1, where n is a constant (n = 1.158 * 1077, slightly less than 2256) and is defined by the order of the elliptic curve used by Bitcoin. To generate such a private key, we randomly choose a 256-bit number and check whether it is less than n-1. From a programming point of view, it is generally by taking a long string of random bytes from a cryptographically secure random source and using the SHA256 hash algorithm to perform operations, so that a 256-bit number can be easily generated. If the operation result is less than n-1, we have a suitable private key. Otherwise, we repeat it with another random number.

Private key storage

Each bitcoin address corresponds to a private key, and mastering the private key means mastering the bitcoin in its corresponding address. In layman’s terms, a key opens a lock. If the Bitcoin address is a lock, then the private key is the key to the lock.
The storage and use of private keys are generally divided into soft and hard implementations.
Soft implementation, storage, and use are in the form of software. After the key is generated, it is stored in the user terminal or hosted on the server as a file or character string. When used, the private key plain text is read directly or through simple password control into the memory, and the private key calculation is completed by the CPU. This storage and use method has a lot of security risks and is easy to be copied, stolen, brute-forced by hackers or ghosts.
Hard implementation generally relies on a dedicated cryptographic security chip or cryptographic device as a carrier. There are generally mechanisms such as physical protection, sensitive data protection, and key protection to ensure that the private key must be generated by dedicated hardware. At any time and under any circumstances, the private key cannot appear outside the cryptographic device in clear text; the key stored inside the cryptographic device should have an effective key protection mechanism to prevent dissection, detection, and illegal reading. The private key cannot be exported, and only the signature value can be calculated and output.
But whether it is soft or hard, as long as others know your private key, you can transfer your assets. Remember, whoever holds the private key is the real owner of the asset.

Safe use of private keys

When using the private key, it is necessary to ensure the security of the use environment, and access, reading, and writing of the private key file need to have relevant permission control. After the use is completed, all sensitive data cached in the memory needs to be cleared using a dedicated function to prevent the leakage of sensitive data. From the perspective of password cracking, the private key should be replaced after a certain period of use. This is a problem involving the destruction and update of the private key, which we will introduce later.

Private key recovery

If a traditional centralized bank loses its U-shield or forgets its password, it can rebind a new U-shield (private key) through the account system. Accounts and private keys are logically bound and are operated by centralized banks while meeting risk control requirements. There are also some traditional centralized payment institutions. When the user’s asset certificate is lost, the centralized institution can retrieve the relevant data through its identity certificate.
But in the blockchain system, there is no centralized organization to help us back up sensitive data such as private keys. Therefore, when designing the system’s private key management scheme, it is necessary to provide multiple back-ups and recovery methods, such as the use of mnemonic words or the use of passwords plus local ciphertext files to restore private key data. But if your mnemonic is also lost, it means you lost everything.

Private key destruction

When the user needs to destroy the private key data, it is necessary to ensure that all the private key data stored in the backup are completely deleted and destroyed.

Private key update

In the field of blockchain, the private key is the only credential that represents the user’s identity or digital assets. If the private key needs to be updated, registration or digital asset transfer must be re-bound. Therefore, when you need to replace the private key, you need to ensure that the new private key is safely generated or imported, the assets have been safely transferred, and the old private key is safely destroyed.
Everything starts with visibility. The security of the private key is related to the security of digital assets and the security of personal privacy, so it is very important to securely ensure every step of the life cycle of the private key.
submitted by NeoLine_Wallet to NEO [link] [comments]

Technical: Upcoming Improvements to Lightning Network

Price? Who gives a shit about price when Lightning Network development is a lot more interesting?????
One thing about LN is that because there's no need for consensus before implementing things, figuring out the status of things is quite a bit more difficult than on Bitcoin. In one hand it lets larger groups of people work on improving LN faster without having to coordinate so much. On the other hand it leads to some fragmentation of the LN space, with compatibility problems occasionally coming up.
The below is just a smattering sample of LN stuff I personally find interesting. There's a bunch of other stuff, like splice and dual-funding, that I won't cover --- post is long enough as-is, and besides, some of the below aren't as well-known.
Anyway.....

"eltoo" Decker-Russell-Osuntokun

Yeah the exciting new Lightning Network channel update protocol!

Advantages

Myths

Disadvantages

Multipart payments / AMP

Splitting up large payments into smaller parts!

Details

Advantages

Disadvantages

Payment points / scalars

Using the magic of elliptic curve homomorphism for fun and Lightning Network profits!
Basically, currently on Lightning an invoice has a payment hash, and the receiver reveals a payment preimage which, when inputted to SHA256, returns the given payment hash.
Instead of using payment hashes and preimages, just replace them with payment points and scalars. An invoice will now contain a payment point, and the receiver reveals a payment scalar (private key) which, when multiplied with the standard generator point G on secp256k1, returns the given payment point.
This is basically Scriptless Script usage on Lightning, instead of HTLCs we have Scriptless Script Pointlocked Timelocked Contracts (PTLCs).

Advantages

Disadvantages

Pay-for-data

Ensuring that payers cannot access data or other digital goods without proof of having paid the provider.
In a nutshell: the payment preimage used as a proof-of-payment is the decryption key of the data. The provider gives the encrypted data, and issues an invoice. The buyer of the data then has to pay over Lightning in order to learn the decryption key, with the decryption key being the payment preimage.

Advantages

Disadvantages

Stuckless payments

No more payments getting stuck somewhere in the Lightning network without knowing whether the payee will ever get paid!
(that's actually a bit overmuch claim, payments still can get stuck, but what "stuckless" really enables is that we can now safely run another parallel payment attempt until any one of the payment attempts get through).
Basically, by using the ability to add points together, the payer can enforce that the payee can only claim the funds if it knows two pieces of information:
  1. The payment scalar corresponding to the payment point in the invoice signed by the payee.
  2. An "acknowledgment" scalar provided by the payer to the payee via another communication path.
This allows the payer to make multiple payment attempts in parallel, unlike the current situation where we must wait for an attempt to fail before trying another route. The payer only needs to ensure it generates different acknowledgment scalars for each payment attempt.
Then, if at least one of the payment attempts reaches the payee, the payee can then acquire the acknowledgment scalar from the payer. Then the payee can acquire the payment. If the payee attempts to acquire multiple acknowledgment scalars for the same payment, the payer just gives out one and then tells the payee "LOL don't try to scam me", so the payee can only acquire a single acknowledgment scalar, meaning it can only claim a payment once; it can't claim multiple parallel payments.

Advantages

Disadvantages

Non-custodial escrow over Lightning

The "acknowledgment" scalar used in stuckless can be reused here.
The acknowledgment scalar is derived as an ECDH shared secret between the payer and the escrow service. On arrival of payment to the payee, the payee queries the escrow to determine if the acknowledgment point is from a scalar that the escrow can derive using ECDH with the payer, plus a hash of the contract terms of the trade (for example, to transfer some goods in exchange for Lightning payment). Once the payee gets confirmation from the escrow that the acknowledgment scalar is known by the escrow, the payee performs the trade, then asks the payer to provide the acknowledgment scalar once the trade completes.
If the payer refuses to give the acknowledgment scalar even though the payee has given over the goods to be traded, then the payee contacts the escrow again, reveals the contract terms text, and requests to be paid. If the escrow finds in favor of the payee (i.e. it determines the goods have arrived at the payer as per the contract text) then it gives the acknowledgment scalar to the payee.

Advantages

Disadvantages

Payment decorrelation

Because elliptic curve points can be added (unlike hashes), for every forwarding node, we an add a "blinding" point / scalar. This prevents multiple forwarding nodes from discovering that they have been on the same payment route. This is unlike the current payment hash + preimage, where the same hash is used along the route.
In fact, the acknowledgment scalar we use in stuckless and escrow can simply be the sum of each blinding scalar used at each forwarding node.

Advantages

Disadvantages

submitted by almkglor to Bitcoin [link] [comments]

Help me code it!

Hi everyone, i am learning about Python and it's quite hard with me. I want to calculate Public key from Private key with ECC. I have the code from Github, transform it to Python 3.0 and it does not work:
# Super simple Elliptic Curve Presentation. No imported libraries, wrappers, nothing. # For educational purposes only. Remember to use Python 2.7.6 or lower. You'll need to make changes for Python 3. # Below are the public specs for Bitcoin's curve - the secp256k1 import binascii Pcurve = 2**256 - 2**32 - 2**9 - 2**8 - 2**7 - 2**6 - 2**4 -1 # The proven prime N=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 # Number of points in the field Acurve = 0; Bcurve = 7 # These two defines the elliptic curve. y^2 = x^3 + Acurve * x + Bcurve Gx = 55066263022277343669578718895168534326250603453777594175500187360389116729240 Gy = 32670510020758816978083085130507043184471273380659243275938904335757337482424 GPoint = (Gx,Gy) # This is our generator point. Trillions of dif ones possible #Individual Transaction/Personal Information privKey = 0xA0DC65FFCA799873CBEA0AC274015B9526505DAAAED385155425F7337704883E #replace with any private key def modinv(a,n=Pcurve): #Extended Euclidean Algorithm/'division' in elliptic curves lm, hm = 1,0 low, high = a%n,n while low > 1: ratio = high/low nm, new = hm-lm*ratio, high-low*ratio lm, low, hm, high = nm, new, lm, low return lm % n def ECadd(a,b): # Not true addition, invented for EC. Could have been called anything. LamAdd = ((b[1]-a[1]) * modinv(b[0]-a[0],Pcurve)) % Pcurve x = (LamAdd*LamAdd-a[0]-b[0]) % Pcurve y = (LamAdd*(a[0]-x)-a[1]) % Pcurve return (x,y) def ECdouble(a): # This is called point doubling, also invented for EC. Lam = ((3*a[0]*a[0]+Acurve) * modinv((2*a[1]),Pcurve)) % Pcurve x = (Lam*Lam-2*a[0]) % Pcurve y = (Lam*(a[0]-x)-a[1]) % Pcurve return (x,y) def EccMultiply(GenPoint,ScalarHex): #Double & add. Not true multiplication if ScalarHex == 0 or ScalarHex >= N: raise Exception("Invalid ScalaPrivate Key") ScalarBin = str(bin(ScalarHex))[2:]; #print(ScalarBin); Q=GenPoint for i in range (1,len(ScalarBin)): # This is invented EC multiplication. Q=ECdouble(Q); print(("DUB", Q[0])); print(i) if ScalarBin[i] == "1": Q=ECadd(Q,GenPoint); print(("ADD", Q[0])); print() return (Q) PublicKey = EccMultiply(GPoint,privKey); print(); print("******* Public Key Generation *********"); print() print("the private key:"); print((hex(privKey))); print() print("the uncompressed public key (not address):"); print(PublicKey); print() print("the uncompressed public key (HEX):"); print(("04" + "%064x" % PublicKey[0] + "%064x" % PublicKey[1])); print(); print("the official Public Key - compressed:"); if PublicKey[1] % 2 == 1: # If the Y value for the Public Key is odd. print(("03"+str(hex(PublicKey[0])[2:-1]).zfill(64))) else: # Or else, if the Y value is even. print(("02"+str(hex(PublicKey[0])[2:-1]).zfill(64))) 
submitted by Phuc_Jackson to Bitcoin [link] [comments]

Threshold Signature Explained— Bringing Exciting Applications with TSS

Threshold Signature Explained— Bringing Exciting Applications with TSS
— A deep dive into threshold signature without mathematics by ARPA’s cryptographer Dr. Alex Su

https://preview.redd.it/cp0wib2mk0q41.png?width=757&format=png&auto=webp&s=d42056f42fb16041bc512f10f10fed56a16dc279
Threshold signature is a distributed multi-party signature protocol that includes distributed key generation, signature, and verification algorithms.
In recent years, with the rapid development of blockchain technology, signature algorithms have gained widespread attention in both academic research and real-world applications. Its properties like security, practicability, scalability, and decentralization of signature are pored through.
Due to the fact that blockchain and signature are closely connected, the development of signature algorithms and the introduction of new signature paradigms will directly affect the characteristics and efficiency of blockchain networks.
In addition, institutional and personal account key management requirements stimulated by distributed ledgers have also spawned many wallet applications, and this change has also affected traditional enterprises. No matter in the blockchain or traditional financial institutions, the threshold signature scheme can bring security and privacy improvement in various scenarios. As an emerging technology, threshold signatures are still under academic research and discussions, among which there are unverified security risks and practical problems.
This article will start from the technical rationale and discuss about cryptography and blockchain. Then we will compare multi-party computation and threshold signature before discussing the pros and cons of different paradigms of signature. In the end, there will be a list of use cases of threshold signature. So that, the reader may quickly learn about the threshold signature.
I. Cryptography in Daily Life
Before introducing threshold signatures, let’s get a general understanding of cryptography. How does cryptography protect digital information? How to create an identity in the digital world? At the very beginning, people want secure storage and transmission. After one creates a key, he can use symmetric encryption to store secrets. If two people have the same key, they can achieve secure transmission between them. Like, the king encrypts a command and the general decrypts it with the corresponding key.
But when two people do not have a safe channel to use, how can they create a shared key? So, the key exchange protocol came into being. Analogously, if the king issues an order to all the people in the digital world, how can everyone proves that the sentence originated from the king? As such, the digital signature protocol was invented. Both protocols are based on public key cryptography, or asymmetric cryptographic algorithms.


“Tiger Rune” is a troop deployment tool used by ancient emperor’s, made of bronze or gold tokens in the shape of a tiger, split in half, half of which is given to the general and the other half is saved by the emperor. Only when two tiger amulets are combined and used at the same time, will the amulet holder get the right to dispatch troops.
Symmetric and asymmetric encryption constitute the main components of modern cryptography. They both have three fixed parts: key generation, encryption, and decryption. Here, we focus on digital signature protocols. The key generation process generates a pair of associated keys: the public key and the private key. The public key is open to everyone, and the private key represents the identity and is only revealed to the owner. Whoever owns the private key has the identity represented by the key. The encryption algorithm, or signature algorithm, takes the private key as input and generate a signature on a piece of information. The decryption algorithm, or signature verification algorithm, uses public keys to verify the validity of the signature and the correctness of the information.
II. Signature in the Blockchain
Looking back on blockchain, it uses consensus algorithm to construct distributed books, and signature provides identity information for blockchain. All the transaction information on the blockchain is identified by the signature of the transaction initiator. The blockchain can verify the signature according to specific rules to check the transaction validity, all thanks to the immutability and verifiability of the signature.
For cryptography, the blockchain is more than using signature protocol, or that the consensus algorithm based on Proof-of-Work uses a hash function. Blockchain builds an infrastructure layer of consensus and transaction through. On top of that, the novel cryptographic protocols such as secure multi-party computation, zero-knowledge proof, homomorphic encryption thrives. For example, secure multi-party computation, which is naturally adapted to distributed networks, can build secure data transfer and machine learning platforms on the blockchain. The special nature of zero-knowledge proof provides feasibility for verifiable anonymous transactions. The combination of these cutting-edge cryptographic protocols and blockchain technology will drive the development of the digital world in the next decade, leading to secure data sharing, privacy protection, or more applications now unimaginable.
III. Secure Multi-party Computation and Threshold Signature
After introducing how digital signature protocol affects our lives, and how to help the blockchain build identities and record transactions, we will mention secure multi-party computation (MPC), from where we can see how threshold signatures achieve decentralization. For more about MPC, please refer to our previous posts which detailed the technical background and application scenarios.
MPC, by definition, is a secure computation that several participants jointly execute. Security here means that, in one computation, all participants provide their own private input, and can obtain results from the calculation. It is not possible to get any private information entered by other parties. In 1982, when Prof. Yao proposed the concept of MPC, he gave an example called the “Millionaires Problem” — two millionaires who want to know who is richer than the other without telling the true amount of assets. Specifically, the secure multiparty computation would care about the following properties:
  • Privacy: Any participant cannot obtain any private input of other participants, except for information that can be inferred from the computation results.
  • Correctness and verifiability: The computation should ensure correct execution, and the legitimacy and correctness of this process should be verifiable by participants or third parties.
  • Fairness or robustness: All parties involved in the calculation, if not agreed in advance, should be able to obtain the computation results at the same time or cannot obtain the results.
Supposing we use secure multi-party computation to make a digital signature in a general sense, we will proceed as follows:
  • Key generation phase: all future participants will be involved together to do two things: 1) each involved party generates a secret private key; 2) The public key is calculated according to the sequence of private keys.
  • Signature phase: Participants joining in a certain signature use their own private keys as private inputs, and the information to be signed as a public input to perform a joint signature operation to obtain a signature. In this process, the privacy of secure multi-party computing ensures the security of private keys. The correctness and robustness guarantee the unforgeability of the signature and everyone can all get signatures.
  • Verification phase: Use the public key corresponding to the transaction to verify the signature as traditional algorithm. There is no “secret input” during the verification, this means that the verification can be performed without multi-party computation, which will become an advantage of multi-party computation type distributed signature.
The signature protocol constructed on the idea of ​​secure multiparty computing is the threshold signature. It should be noted that we have omitted some details, because secure multiparty computing is actually a collective name for a type of cryptographic protocol. For different security assumptions and threshold settings, there are different construction methods. Therefore, the threshold signatures of different settings will also have distinctive properties, this article will not explain each setting, but the comparative result with other signature schemes will be introduced in the next section.
IV. Single Signature, Multi-Signature and Threshold Signature
Besides the threshold signature, what other methods can we choose?
Bitcoin at the beginning, uses single signature which allocates each account with one private key. The message signed by this key is considered legitimate. Later, in order to avoid single point of failure, or introduce account management by multiple people, Bitcoin provides a multi-signature function. Multi-signature can be simply understood as each account owner signs successively and post all signatures to the chain. Then signatures are verified in order on the chain. When certain conditions are met, the transaction is legitimate. This method achieves a multiple private keys control purpose.
So, what’s the difference between multi-signature and threshold signature?
Several constraints of multi-signature are:
  1. The access structure is not flexible. If an account’s access structure is given, that is, which private keys can complete a legal signature, this structure cannot be adjusted at a later stage. For example, a participant withdraws, or a new involved party needs to change the access structure. If you must change, you need to complete the initial setup process again, which will change the public key and account address as well.
  2. Less efficiency. The first is that the verification on chain consumes power of all nodes, and therefore requires a processing fee. The verification of multiple signatures is equivalent to multiple single signatures. The second is performance. The verification obviously takes more time.
  3. Requirements of smart contract support and algorithm adaptation that varies from chain to chain. Because multi-sig is not naturally supported. Due to the possible vulnerabilities in smart contracts, this support is considered risky.
  4. No anonymity, this is not able to be trivially called disadvantage or advantage, because anonymity is required for specific conditions. Anonymity here means that multi-signature directly exposes all participating signers of the transaction.
Correspondingly, the threshold signature has the following features:
  1. The access structure is flexible. Through an additional multi-party computation, the existing private key sequence can be expanded to assign private keys to new participants. This process will not expose the old and newly generated private key, nor will it change the public key and account address.
  2. It provides more efficiency. For the chain, the signature generated by the threshold signature is not different from a single signature, which means the following improvements : a) The verification is the same as the single signature, and needs no additional fee; b ) the information of the signer is invisible, because for other nodes, the information is decrypted with the same public key; c) No smart contract on chain is needed to provide additional support.
In addition to the above discussion, there is a distributed signature scheme supported by Shamir secret sharing. Secret sharing algorithm has a long history which is used to slice information storage and perform error correction information. From the underlying algorithm of secure computation to the error correction of the disc. This technology has always played an important role, but the main problem is that when used in a signature protocol, Shamir secret sharing needs to recover the master private key.
As for multiple signatures or threshold signature, the master private key has never been reconstructed, even if it is in memory or cache. this short-term reconstruction is not tolerable for vital accounts.
V. Limitations
Just like other secure multi-party computation protocols, the introduction of other participants makes security model different with traditional point-to-point encrypted transmission. The problem of conspiracy and malicious participants were not taken into account in algorithms before. The behavior of physical entities cannot be restricted, and perpetrators are introduced into participating groups.
Therefore, multi-party cryptographic protocols cannot obtain the security strength as before. Effort is needed to develop threshold signature applications, integrate existing infrastructure, and test the true strength of threshold signature scheme.
VI. Scenarios
1. Key Management
The use of threshold signature in key management system can achieve a more flexible administration, such as ARPA’s enterprise key management API. One can use the access structure to design authorization pattern for users with different priorities. In addition, for the entry of new entities, the threshold signature can quickly refresh the key. This operation can also be performed periodically to level up the difficulty of hacking multiple private keys at the same time. Finally, for the verifier, the threshold signature is not different from the traditional signature, so it is compatible with old equipments and reduces the update cost. ARPA enterprise key management modules already support Elliptic Curve Digital Signature Scheme secp256k1 and ed25519 parameters. In the future, it will be compatible with more parameters.

https://preview.redd.it/c27zuuhdl0q41.png?width=757&format=png&auto=webp&s=26d46e871dadbbd4e3bea74d840e0198dec8eb1c
2. Crypto Wallet
Wallets based on threshold signature are more secure because the private key doesn’t need to be rebuilt. Also, without all signatures posted publicly, anonymity can be achieved. Compared to the multi-signature, threshold signature needs less transaction fees. Similar to key management applications, the administration of digital asset accounts can also be more flexible. Furthermore, threshold signature wallet can support various blockchains that do not natively support multi-signature, which reduces the risk of smart contracts bugs.

Conclusion

This article describes why people need the threshold signature, and what inspiring properties it may bring. One can see that threshold signature has higher security, more flexible control, more efficient verification process. In fact, different signature technologies have different application scenarios, such as aggregate signatures not mentioned in the article, and BLS-based multi-signature. At the same time, readers are also welcomed to read more about secure multi-party computation. Secure computation is the holy grail of cryptographic protocols. It can accomplish much more than the application of threshold signatures. In the near future, secure computation will solve more specific application questions in the digital world.

About Author

Dr. Alex Su works for ARPA as the cryptography researcher. He got his Bachelor’s degree in Electronic Engineering and Ph.D. in Cryptography from Tsinghua University. Dr. Su’s research interests include multi-party computation and post-quantum cryptography implementation and acceleration.

About ARPA

ARPA is committed to providing secure data transfer solutions based on cryptographic operations for businesses and individuals.
The ARPA secure multi-party computing network can be used as a protocol layer to implement privacy computing capabilities for public chains, and it enables developers to build efficient, secure, and data-protected business applications on private smart contracts. Enterprise and personal data can, therefore, be analyzed securely on the ARPA computing network without fear of exposing the data to any third party.
ARPA’s multi-party computing technology supports secure data markets, precision marketing, credit score calculations, and even the safe realization of personal data.
ARPA’s core team is international, with PhDs in cryptography from Tsinghua University, experienced systems engineers from Google, Uber, Amazon, Huawei and Mitsubishi, blockchain experts from the University of Tokyo, AIG, and the World Bank. We also have hired data scientists from CircleUp, as well as financial and data professionals from Fosun and Fidelity Investments.
For more information about ARPA, or to join our team, please contact us at [email protected].
Learn about ARPA’s recent official news:
Telegram (English): https://t.me/arpa_community
Telegram (Việt Nam): https://t.me/ARPAVietnam
Telegram (Russian): https://t.me/arpa_community_ru
Telegram (Indonesian): https://t.me/Arpa_Indonesia
Telegram (Thai): https://t.me/Arpa_Thai
Telegram (Philippines):https://t.me/ARPA_Philippines
Telegram (Turkish): https://t.me/Arpa_Turkey
Korean Chats: https://open.kakao.com/o/giExbhmb (Kakao) & https://t.me/arpakoreanofficial (Telegram, new)
Medium: https://medium.com/@arpa
Twitter: u/arpaofficial
Reddit: https://www.reddit.com/arpachain/
Facebook: https://www.facebook.com/ARPA-317434982266680/54
submitted by arpaofficial to u/arpaofficial [link] [comments]

A brief history of the Monero development (Part I)

or a struggle for anonymity and confidentiality of blockchain transaction.
The issues of privacy of electronic currency faced researchers and developers for a long time, long before Bitcoin. In 1991, Tatsuaki Okamoto and Kazuo Ohta from the NTT research laboratory (Japan's largest telecommunications company) introduced 6 criteria for an ideal e-currency, including privacy: "relationship between the user and his purchases must be untraceable by anyone". Nicholas van Saberhagen, an anonymous author behind the work on the CryptoNote protocol, which formed the basis of Monero, in December 2012 summarized these 6 criteria to two specific properties:
Untraceability: for every incoming transaction, all possible senders are equally likely.Unlinkability: for any two outgoing transactions, it is impossible to prove that they were sent to the same person.
None of the other properties are characteristic of Bitcoin, since all transactions are broadcasted publicly. Of course, by the time this work was written, various tumblers made it possible to combine outputs of several transactions and send them through some intermediate address. Also, by that time, some protocols based on the zero-knowledge proof were known, but at that time such evidence was large enough to make them impractical to use.
What was proposed to tackle the issues: firstly, each transaction was signed on behalf of the group, not the individual, as in BTC. To do this, we used the option of an electronic digital signature called "Ring Signature" (further development of the so-called "Group Signature"). However, when implementing a completely anonymous ring signature, a (very high) probability of double spending of coins arose, and therefore the so-called linkable anonymity primitive was taken, which was implemented through a one-time-key mechanism (i.e., when creating each new transaction, the group key changes).
Essentially, although it's certainly worth noting that the CryptoNote implementation used a different scheme of elliptical curves (EdDSA instead of ECDSA, as a result, an elliptic curve with a different equation was used, etc.).
Anonymity achieved, but what about privacy? RingCT to the rescue
You know how it happens: everything seems to be there, but something is missing. The problem with the original CryptoNote protocol was that the user balances were not hidden, and thus, it was possible to analyze the blockchain and deanonymize the members of the group who signed the transaction. An additional problem with hiding balances is that with simple encryption of balances, it is not possible to reach a consensus on whether coins were produced from the thin air or not.
To solve this problem, the developer Shen Noether from Monero Research Lab proposed the use of the Pederson Commitment, which allows the prover to calculate the obligation for the amount without disclosing it and being unable to change it.
Short explanation from Monero Wiki:
As long as the encrypted output amounts created, which include an output for the recipient and a change output back to the sender, and the unencrypted transaction fee is equal to the sum of the inputs that are being spent, it is a legitimate transaction and can be confirmed to not be creating Monero out of thin air.
Thus, it is possible to obtain a ring confidential transaction (hence the name). And, the inquisitive reader will ask, what is wrong this time?
The problem is one, but twofold. On the one hand, the size of the transaction increases with RingCT, which does not have the best effect on scalability and transaction fees. Besides, again, due to the large size of the signature, the number of possible subscribers n is limited. So, the n value in the official software of Monero wallet is from 5 to 20 by default. As a result, the sender anonymity for RingCT1.0 is at most 1 out of 20.
To be continued...
submitted by CUTcoin to cutc0in [link] [comments]

ANS is one of the most secure currencies against Quantum Computers!!

Ethereum and Bitcoin utilize Elliptical Curve cryptography for their signatures which from my understanding is very similar to the primitive RSA with smaller key sizes but similar security. Supposedly there is not a known mathematical flaw in this but that all could change with Quantum Computers which is why Quantum Resistance lately had piqued my interest. It seems like a protocol which can be added to other blockchains in the coming decade when Quantum Computers begin full scale development by IBM/Google.
ANS, however, uses lattice-based cryptography which already provides security beyond the capabilities of a Quantum Computer. Lattice-based problems are seemingly very difficult to solve even for a QC and therefore are much more difficult to be compromised.
I'm very impressed at how this team has been ahead of the curve. Let me know if I got anything wrong about lattice-based cryptography, there's only so meany resources out there in regards to cryptography, let alone one this obscure.
submitted by runcmc22 to Antshares [link] [comments]

AsicVault - Frequently Asked Questions

When was AsicVault established and how is it funded?
AsicVault was established 2016. It is funded by founders and corporate investors. Please see Crunchbase.

How can it be 1,000 times harder to crack compared to other BIP-39 hardware wallets?
BIP-39 hardware wallets are working on very low performance microcontrollers or secure elements. They are doing only 2,048 iterations of PBKDF2 SHA-512 that is even less than old NIST recommendation of 10,000 rounds from year 2016.
Performing higher number of PBKDF2 SHA-512 is standard practice for good security. iTunes does it, LastPass does it and Veracrypt as well. Even Ledger agrees that this very low number is the main problem of BIP-39.
AsicVault specially designed SHA-512 accelerator inside high performance secure chip is at least 340 times faster than common microcontrollers. The number of PBKDF2 SHA-512 rounds is set to be exactly 1,000 times higher than BIP-39, hence the cost to crack AsicVault is also 1,000 times bigger.
Please read in-depth teardown review and validation of AsicVault SHA-512 performance here.
You can perform independent analysis according to this PDF and our device performance is shown on this video.

Does it support BIP-39 passphrase?
Yes, AsicVault supports all standard BIP-39 seed words and additional passphrase (so-called 25th word). You can restore your HD wallet account created by other hardware wallets (Ledger, Trezor, Keepkey) without any additional steps. AsicVault always opens standard security BIP-39 account and high security BIP-39 accounts at the same time.

Why two processors?
Common design practice, also followed by Ledger, is to separate secure and non-secure code. Our advantage is that these two RISC-V processors are inside a single secure chip. This way the Security CPU has full access to the Application CPU RAM. This makes it possible to do proper secure boot.

Why RISC-V?
Open instruction set. Possibility to have open source CPU and extensions. We have already implemented several custom instructions.

Do I need a computer to initialize the device?
No. You can supply power from wall adapter or battery bank. AsicVault supports true air-gapped environment.
You can perform full device initialization, seed word generation and seed word backup without connection to the computer. You can also charge the device and check the status the same way.

Can I use USB extender cables?
Certified USB2.0 extender cables can be used. We don’t recommend extender cables while using USB3.1 features of the device. The device can detect (some) bad cables and show warning messages about them. It is not recommended to use cables/extenders longer than 2.5m. In any case, cables with lower AWG value are better, such as AWG20.

How hot does the device get?
During normal operation AsicVault device temperature reaches 35-37C. High speed USB3.0 operation adds additional 7C. AsicVault utilizes full Aluminum enclosure as an effective heatsink. Internal chips can tolerate up to +85C, so you never need to worry about them overheating. There are no Lithium batteries inside the device that are known for leaking and not tolerating high temperatures.

How long does the active anti-tamper system work?
Active anti-tamper protects your device at least 2 weeks, possibly up to 45 days, after you have fully charged the device. It takes just 15 minutes to charge the supercapacitors again. It is advisable to connect the device to a power source at least once per week. Different anti-tamper settings affect the anti-tamper aggressiveness, sensitivity and power consumption.
It is also good practice to enter your passphrase weekly so that you will not forget it.

How often can I charge it? Do the batteries age?
You can charge it as often as you like, several times per day. Supercapacitors can be charged 50,000 – 1,000,000 times during their lifetime compared to common Lithium batteries that only allow 500-1,000 times. Therefore even 10 times per day for 10 years should be fine. At least weekly charging is recommended for best anti-tamper protection.

How long are private keys safely stored inside device before the memory gets weak and they are lost?
Data retention time of Flash memory inside the main chip is 20 years. Additional encryption keys stored inside FRAM can last for 40 years at temperatures below 70C. These values are higher than the expected lifetime of the device. In any case you must make paper backup(s) of your seed words.

Can it store the whole Bitcoin blockchain inside the device?
No. The device is not designed to store large amounts of data. Internal 128-megabyte Flash is used to store applications. There are thousands of copies of the blockchain, storing yet another copy is not meaningful or necessary.

What is FIPS 140-2 highest Level 4?
FIPS 140-2 is Federal Information Processing Standard.
Level 4 requires that:
  1. physical security mechanisms provide a complete envelope of protection around the cryptographic module
  2. with the intent of detecting and responding to all unauthorized attempts at physical access
  3. Penetration of the cryptographic module enclosure from any direction has a very high probability of being detected, resulting in the immediate deletion of all plaintext CSPs
  4. Security Level 4 also protects a cryptographic module against a security compromise due to environmental conditions or fluctuations outside of the module's normal operating ranges for voltage and temperature
  5. A cryptographic module is required to include special environmental protection features designed to detect fluctuations and delete CSPs
We have used these guidelines while designing AsicVault. We meet and exceed the requirements in the following way:
  1. AsicVault has full Aluminium/Titanium enclosure that is not designed to be opened. Passive antitamper mesh protects the electronic circuits inside the device. Main secure chip also has chip level metal layer anti-tamper mesh.
  2. Active anti-tamper circuit monitors all intrusion attempts and performs immediate device zeroization upon detecting any such attempts.
  3. AsicVault has temperature, voltage and many other sensors that are continuously monitored by the anti-tamper circuit. Additionally, AsicVault has internal supercapacitor-based power reserve to run Elliptic Curve calculations and other cryptographic functions. Therefore, external voltage fluctuations can’t affect our device while performing these critical operations.
  4. Zeroization not only deletes the private keys, it also destroys internal hardware design making it impossible to perform any further analysis of the hardware.
AsicVault has not participated in formal Cryptographic Module Validation Program since we are not targeting US government users at this point.

Can AsicVault device run Linux?
It is not our priority to run Linux since it has too big overhead for hardware wallet. However, our RISC-V processors and Mark II hardware can run Linux for your custom projects.

Where can I purchase the device?
Please contact your local supplier about availability.
submitted by photonreality to AsicVaultOfficial [link] [comments]

World History Timeline of Events Leading up to Bitcoin - In the Making

A (live/editable) timeline of historical events directly or indirectly related to the creation of Bitcoin and Cryptocurrencies
*still workin' on this so check back later and more will be added, if you have any suggested dates/events feel free to lemme know...
This timeline includes dates pertaining to:
Ancient Bartering – first recorded in Egypt (resources, services...) – doesn’t scale
Tally sticks were used, making notches in bones or wood, as a form of money of account
9000-6000 BC Livestock considered the first form of currency
c3200 BC Clay tablets used in Uruk (Iraq) for accounting (believed to be the earliest form of writing)
3000 BC Grain is used as a currency, measured out in Shekels
3000 BC Banking developed in Mesopotamia
3000 BC? Punches used to stamp symbols on coins were a precursor to the printing press and modern coins
? BC Since ancient Persia and all the way up until the invention and expansion of the telegraph Homing Pigeons were used to carry messages
2000 BC Merchants in Assyria, India and Sumeria lent grain to farmers and traders as a precursor to banks
1700 BC In Babylon at the time of Hammurabi, in the 18th century BC, there are records of loans made by the priests of the temple.
1200 BC Shell money first used in China
1000-600 BC Crude metal coins first appear in China
640 BC Precious metal coins – Gold & Silver first used in ancient Lydia and coastal Greek cities featuring face to face heads of a bull and a lion – first official minted currency made from electrum, a mixture of gold and silver
600-500 BC Atbash Cipher
A substitution Cipher used by ancient Hebrew scholars mapping the alphabet in reverse, for example, in English an A would be a Z, B a Y etc.
400 BC Skytale used by Sparta
474 BC Hundreds of gold coins from this era were discovered in Rome in 2018
350 BC Greek hydraulic semaphore system, an optical communication system developed by Aeneas Tacticus.
c200 BC Polybius Square
??? Wealthy stored coins in temples, where priests also lent them out
??? Rome was the first to create banking institutions apart from temples
118 BC First banknote in the form of 1 foot sq pieces of white deerskin
100-1 AD Caesar Cipher
193 Aureus, a gold coin of ancient Rome, minted by Septimius Severus
324 Solidus, pure gold coin, minted under Constantine’s rule, lasted until the late 8th century
600s Paper currency first developed in Tang Dynasty China during the 7th century, although true paper money did not appear until the 11th century, during the Song Dynasty, 960–1279
c757–796 Silver pennies based on the Roman denarius became the staple coin of Mercia in Great Britain around the time of King Offa
806 First paper banknotes used in China but isn’t widely accepted in China until 960
1024 The first series of standard government notes were issued in 1024 with denominations like 1 guàn (貫, or 700 wén), 1 mín (緡, or 1000 wén), up to 10 guàn. In 1039 only banknotes of 5 guàn and 10 guàn were issued, and in 1068 a denomination of 1 guàn was introduced which became forty percent of all circulating Jiaozi banknotes.
1040 The first movable type printer was invented in China and made of porcelain
? Some of the earliest forms of long distance communication were drums used by Native Africans and smoke signals used by Native Americans and Chinese
1088 Movable type in Song Dynasty China
1120 By the 1120s the central government officially stepped in and produced their own state-issued paper money (using woodblock printing)
1150 The Knights Templar issued bank notes to pilgrims. Pilgrims deposited their valuables with a local Templar preceptory before embarking, received a document indicating the value of their deposit, then used that document upon arrival in the Holy Land to retrieve their funds in an amount of treasure of equal value.
1200s-1300s During the 13th century bankers from north Italy, collectively known as Lombards, gradually replace the Jews in their traditional role as money-lenders to the rich and powerful. – Florence, Venice and Genoa - The Bardi and Peruzzi Families dominated banking in 14th century Florence, establishing branches in many other parts of Europe
1200 By the time Marco Polo visited China they’d move from coins to paper money, who introduced the concept to Europe. An inscription warned, "All counterfeiters will be decapitated." Before the use of paper, the Chinese used coins that were circular, with a rectangular hole in the middle. Several coins could be strung together on a rope. Merchants in China, if they became rich enough, found that their strings of coins were too heavy to carry around easily. To solve this problem, coins were often left with a trustworthy person, and the merchant was given a slip of paper recording how much money they had with that person. Marco Polo's account of paper money during the Yuan Dynasty is the subject of a chapter of his book, The Travels of Marco Polo, titled "How the Great Kaan Causeth the Bark of Trees, Made Into Something Like Paper, to Pass for Money All Over his Country."
1252 Florin minted in Florence, becomes the hard currency of its day helping Florence thrive economically
1340 Double-entry bookkeeping - The clerk keeping the accounts for the Genoese firm of Massari painstakingly fills in the ledger for the year 1340.
1397 Medici Bank established
1450 Johannes Gutenberg builds the printing press – printed words no longer just for the rich
1455 Paper money disappears from China
1466 Polyalphabetic Cipher
1466 Rotating cipher disks – Vatican – greatest crypto invention in 1000 yrs – the first system to challenge frequency analysis
1466 First known mechanical cipher machine
1472 The oldest bank still in existence founded, Banca Monte dei Paschi di Siena, headquartered in Siena, Italy
1494 Double-entry bookkeeping system codified by Luca Pacioli
1535 Wampum, a form of currency used by Native Americans, a string of beads made from clamshells, is first document.
1553 Vigenere Cipher
1557 Phillip II of Spain managed to burden his kingdom with so much debt (as the result of several pointless wars) that he caused the world's first national bankruptcy — as well as the world's second, third and fourth, in rapid succession.
1577 Newspaper in Korea
1586 The Babington Plot
1590 Cabinet Noir was established in France. Its mission was to open, read and reseal letters, and great expertise was developed in the restoration of broken seals. In the knowledge that mail was being opened, correspondents began to develop systems to encrypt and decrypt their letters. The breaking of these codes gave birth to modern systematic scientific code breaking.
1600s Promissory banknotes began in London
1600s By the early 17th century banking begins also to exist in its modern sense - as a commercial service for customers rather than kings. – Late 17th century we see cheques slowly gains acceptance
The total of the money left on deposit by a bank's customers is a large sum, only a fraction of which is usually required for withdrawals. A proportion of the rest can be lent out at interest, bringing profit to the bank. When the customers later come to realize this hidden value of their unused funds, the bank's profit becomes the difference between the rates of interest paid to depositors and demanded from debtors.
The transformation from moneylenders into private banks is a gradual one during the 17th and 18th centuries. In England it is achieved by various families of goldsmiths who early in the period accept money on deposit purely for safe-keeping. Then they begin to lend some of it out. Finally, by the 18th century, they make banking their business in place of their original craft as goldsmiths.
1605 Newspaper in Straussburg
c1627 Great Cipher
1637 Wampum is declared as legal tender in the U.S. (where we got the slang word “clams” for money)
1656 Johan Palmstruch establishes the Stockholm Banco
1661 Paper Currency reappears in Europe, soon became common - The goldsmith-bankers of London began to give out the receipts as payable to the bearer of the document rather than the original depositor
1661 Palmstruch issues credit notes which can be exchanged, on presentation to his bank, for a stated number of silver coins
1666 Stockholms Banco, the predecessor to the Central Bank of Sweden issues the first paper money in Europe. Soon went bankrupt for printing too much money.
1667 He issues more notes than his bank can afford to redeem with silver and winds up in disgrace, facing a death penalty (commuted to imprisonment) for fraud.
1668 Bank of Sweden – today the 2nd oldest surviving bank
1694 First Central Bank established in the UK was the first bank to initiate the permanent issue of banknotes
Served as model for most modern central banks.
The modern banknote rests on the assumption that money is determined by a social and legal consensus. A gold coin's value is simply a reflection of the supply and demand mechanism of a society exchanging goods in a free market, as opposed to stemming from any intrinsic property of the metal. By the late 17th century, this new conceptual outlook helped to stimulate the issue of banknotes.
1700s Throughout the commercially energetic 18th century there are frequent further experiments with bank notes - deriving from a recognized need to expand the currency supply beyond the availability of precious metals.
1710 Physiocracy
1712 First commercial steam engine
1717 Master of the Royal Mint Sir Isaac Newton established a new mint ratio between silver and gold that had the effect of driving silver out of circulation (bimetalism) and putting Britain on a gold standard.
1735 Classical Economics – markets regulate themselves when free of intervention
1744 Mayer Amschel Rothschild, Founder of the Rothschild Banking Empire, is Born in Frankfurt, Germany
Mayer Amschel Rothschild extended his banking empire across Europe by carefully placing his five sons in key positions. They set up banks in Frankfurt, Vienna, London, Naples, and Paris. By the mid 1800’s they dominated the banking industry, lending to governments around the world and people such as the Vanderbilts, Carnegies, and Cecil Rhodes.
1745 There was a gradual move toward the issuance of fixed denomination notes in England standardized printed notes ranging from £20 to £1,000 were being printed.
1748 First recorded use of the word buck for a dollar, stemming from the Colonial period in America when buck skins were commonly traded
1757 Colonial Scrip Issued in US
1760s Mayer Amschel Rothschild establishes his banking business
1769 First steam powered car
1775-1938 US Diplomatic Codes & Ciphers by Ralph E Weber used – problems were security and distribution
1776 American Independence
1776 Adam Smith’s Invisible Hand theory helped bankers and money-lenders limit government interference in the banking sector
1781 The Bank of North America was a private bank first adopted created the US Nation's first de facto central bank. When shares in the bank were sold to the public, the Bank of North America became the country's first initial public offering. It lasted less than ten years.
1783 First steamboat
1791 Congress Creates the First US Bank – A Private Company, Partly Owned by Foreigners – to Handle the Financial Needs of the New Central Government. First Bank of the United States, a National bank, chartered for a term of twenty years, it was not renewed in 1811.
Previously, the 13 states had their own banks, currencies and financial institutions, which had an average lifespan of about 5 years.
1792 First optical telegraph invented where towers with telescopes were dispersed across France 12-25 km apart, relaying signals according to positions of arms extended from the top of the towers.
1795 Thomas Jefferson invents the Jefferson Disk Cipher or Wheel Cipher
1797 to 1821 Restriction Period by England of trading banknotes for silver during Napoleonic Wars
1797 Currency Crisis
Although the Bank was originally a private institution, by the end of the 18th century it was increasingly being regarded as a public authority with civic responsibility toward the upkeep of a healthy financial system.
1799 First paper machine
1800 Banque de France – France’s central bank opens to try to improve financing of the war
1800 Invention of the battery
1801 Rotchschild Dynasty begins in Frankfurt, Holy Roman Empire – established international banking family through his 5 sons who established themselves in London, Paris, Frankfurt, Vienna, and Naples
1804 Steam locomotive
1807 Internal combustion engine and automobile
1807 Robert Fulton expands water transportation and trade with the workable steamboat.
1809 Telegraphy
1811 First powered printing press, also first to use a cylinder
1816 The Privately Owned Second Bank of the US was Chartered – It Served as the Main Depository for Government Revenue, Making it a Highly Profitable Bank – charter not renewed in 1836
1816 The first working telegraph was built using static electricity
1816 Gold becomes the official standard of value in England
1820 Industrial Revolution
c1820 Neoclassical Economics
1821 British gov introduces the gold standard - With governments issuing the bank notes, the inherent danger is no longer bankruptcy but inflation.
1822 Charles Babbage, considered the "father of the computer", begins building the first programmable mechanical computer.
1832 Andrew Jackson Campaigns Against the 2nd Bank of the US and Vetoes Bank Charter Renewal
Andrew Jackson was skeptical of the central banking system and believed it gave too few men too much power and caused inflation. He was also a proponent of gold and silver and an outspoken opponent of the 2nd National Bank. The Charter expired in 1836.
1833 President Jackson Issues Executive Order to Stop Depositing Government Funds Into Bank of US
By September 1833, government funds were being deposited into state chartered banks.
1833-1837 Manufactured “boom” created by central bankers – money supply Increases 84%, Spurred by the 2nd Bank of the US
The total money supply rose from $150 million to $267 million
1835 Jackson Escapes Assassination. Assassin misfired twice.
1837-1862 The “Free Banking Era” there was no formal central bank in the US, and banks issued their own notes again
1838 First Telegram sent using Morse Code across 3 km, in 1844 he sent a message across 71 km from Washington DC to Baltimore.
1843 Ada Lovelace published the first algorithm for computing
1844 Modern central bank of England established - meaning only the central bank of England could issue banknotes – prior to that commercial banks could issue their own and were the primary form of currency throughout England
the Bank of England was restricted to issue new banknotes only if they were 100% backed by gold or up to £14 million in government debt.
1848 Communist Manifesto
1850 The first undersea telegraphic communications cable connected France in England after latex produced from the sap of the Palaquium gutta tree in 1845 was proposed as insulation for the underwater cables.
1852 Many countries in Europe build telegram networks, however post remained the primary means of communication to distant countries.
1855 In England fully printed notes that did not require the name of the payee and the cashier's signature first appeared
1855 The printing telegraph made it possible for a machine with 26 alphabetic keys to print the messages automatically and was soon adopted worldwide.
1856 Belgian engineer Charles Bourseul proposed telephony
1856 The Atlantic Telegraph company was formed in London to stretch a commercial telegraph cable across the Atlantic Ocean, completed in 1866.
1860 The Pony Express was founded, able to deliver mail of wealthy individuals or government officials from coast to coast in 10 days.
1861 The East coast was connected to the West when Western Union completed the transcontinental telegraph line, putting an end to unprofitable The Pony Express.
1862-1863 First US banknotes - Lincoln Over Rules Debt-Based Money and Issues Greenbacks to Fund Civil War
Bankers would only lend the government money under certain conditions and at high interest rates, so Lincoln issued his own currency – “greenbacks” – through the US Treasury, and made them legal tender. His soldiers went on to win the war, followed by great economic expansion.
1863 to 1932 “National Banking Era” Commercial banks in the United States had legally issued banknotes before there was a national currency; however, these became subject to government authorization from 1863 to 1932
1864 Friedrich Wilhelm Raiffeisen founded the first rural credit union in Heddesdorf (now part of Neuwied) in Germany. By the time of Raiffeisen's death in 1888, credit unions had spread to Italy, France, the Netherlands, England, Austria, and other nations
1870 Long-distance telegraph lines connected Britain and India.
c1871 Marginalism - The doctrines of marginalism and the Marginal Revolution are often interpreted as a response to the rise of the worker's movement, Marxian economics and the earlier (Ricardian) socialist theories of the exploitation of labour.
1871 Carl Menger’s Principles of Economics – Austrian School
1872 Marx’s Das Capital
1872 Australia becomes the first nation to be connected to the rest of the world via submarine telegraph cables.
1876 Alexander Graham Bell patented the telephone, first called the electric speech machine – revolutionized communication
1877 Thomas Edison – Phonograph
1878 Western Union, the leading telegraph provider of the U.S., begins to lose out to the telephone technology of the National Bell Telephone Company.
1881 President James Garfield, Staunch Proponent of “Honest Money” Backed by Gold and Silver, was Assassinated
Garfield opposed fiat currency (money that was not backed by any physical object). He had the second shortest Presidency in history.
1882 First description of the one-time pad
1886 First gas powered car
1888 Ballpoint pen
1892 Cinematograph
1895 System of wireless communication using radio waves
1896 First successful intercontinental telegram
1898 Polyethylene
1899 Nickel-cadmium battery
1907 Banking Panic of 1907
The New York Stock Exchange dropped dramatically as everyone tried to get their money out of the banks at the same time across the nation. This banking panic spurred debate for banking reform. JP Morgan and others gathered to create an image of concern and stability in the face of the panic, which eventually led to the formation of the Federal Reserve. The founders of the Federal Reserve pretended like the bankers were opposed to the idea of its formation in order to mislead the public into believing that the Federal Reserve would help to regulate bankers when in fact it really gave even more power to private bankers, but in a less transparent way.
1908 St Mary’s Bank – first credit union in US
1908 JP Morgan Associate and Rockefeller Relative Nelson Aldrich Heads New National Monetary Commission
Senate Republican leader, Nelson Aldrich, heads the new National Monetary Commission that was created to study the cause of the banking panic. Aldrich had close ties with J.P. Morgan and his daughter married John D. Rockefeller.
1910 Bankers Meet Secretly on Jekyll Island to Draft Federal Reserve Banking Legislation
Over the course of a week, some of the nation’s most powerful bankers met secretly off the coast of Georgia, drafting a proposal for a private Central Banking system.
1913 Federal Reserve Act Passed
Two days before Christmas, while many members of Congress were away on vacation, the Federal Reserve Act was passed, creating the Central banking system we have today, originally with gold backed Federal Reserve Notes. It was based on the Aldrich plan drafted on Jekyll Island and gave private bankers supreme authority over the economy. They are now able to create money out of nothing (and loan it out at interest), make decisions without government approval, and control the amount of money in circulation.
1913 Income tax established -16th Amendment Ratified
Taxes ensured that citizens would cover the payment of debt due to the Central Bank, the Federal Reserve, which was also created in 1913.The 16th Amendment stated: “The Congress shall have power to lay and collect taxes on incomes, from whatever source derived, without apportionment among the several States, and without regard to any census or enumeration.”
1914 November, Federal Reserve Banks Open
JP Morgan and Co. Profits from Financing both sides of War and Purchasing Weapons
J.P. Morgan and Co. made a deal with the Bank of England to give them a monopoly on underwriting war bonds for the UK and France. They also invested in the suppliers of war equipment to Britain and France.
1914 WWI
1917 Teletype cipher
1917 The one-time pad
1917 Zimmerman Telegram intercepted and decoded by Room 40, the cryptanalysis department of the British Military during WWI.
1918 GB returns to gold standard post-war but it didn’t work out
1919 First rotor machine, an electro-mechanical stream ciphering and decrypting machine.
1919 Founding of The Cipher Bureau, Poland’s intelligence and cryptography agency.
1919-1929 The Black Chamber, a forerunner of the NSA, was the first U.S. cryptanalytic organization. Worked with the telegraph company Western Union to illegally acquire foreign communications of foreign embassies and representatives. It was shut down in 1929 as funding was removed after it was deemed unethical to intercept private domestic radio signals.
1920s Department stores, hotel chains and service staions begin offering customers charge cards
1921-1929 The “Roaring 20’s” – The Federal Reserve Floods the Economy with Cash and Credit
From 1921 to 1929 the Federal Reserve increased the money supply by $28 billion, almost a 62% increase over an eight-year period.[3] This artificially created another “boom”.
1927 Quartz clock
1928 First experimental Television broadcast in the US.
1929 Federal Reserve Contracts the Money Supply
In 1929, the Federal Reserve began to pull money out of circulation as loans were paid back. They created a “bust” which was inevitable after issuing so much credit in the years before. The Federal Reserve’s actions triggered the banking crisis, which led to the Great Depression.
1929 October 24, “Black Thursday”, Stock Market Crash
The most devastating stock market crash in history. Billions of dollars in value were consolidated into the private banker’s hands at the expense of everyone else.
1930s The Great Depression marked the end of the gold standard
1931 German Enigma machines attained and reconstructed.
1932 Turbo jet engine patented
1933 SEC founded - passed the Glass–Steagall Act, which separated investment banking and commercial banking. This was to avoid more risky investment banking activities from ever again causing commercial bank failures.
1933 FM Radio
1933 Germany begins Telex, a network of teleprinters sending and receiving text based messages. Post WWII Telex networks began to spread around the world.
1936 Austrian engineer Paul Eisler invented Printed circuit board
1936 Beginning of the Keynesian Revolution
1937 Typex, British encryption machines which were upgraded versions of Enigma machines.
1906 Teletypewriters
1927 Founding of highly secret and unofficial Signal Intelligence Service, SIS, the U.S. Army’s codebreaking division.
1937 Made illegal for Americans to own gold
1938 Z1 built by Konrad Zuse is the first freely programmable computer in the world.
1939 WWII – decline of the gold standard which greatly restricted policy making
1939-45 Codetalkers - The Navajo code is the only spoken military code never to have been deciphered - "Were it not for the Navajos, the Marines would never have taken Iwo Jima."—Howard Connor
1940 Modems
1942 Deciphering Japanese coded messages leads to a turning point victory for the U.S. in WWII.
1943 At Bletchley Park, Alan Turing and team build a specialized cipher-breaking machine called Heath Robinson.
1943 Colossus computer built in London to crack the German Lorenz cipher.
1944 Bretton Woods – convenient after the US had most of the gold
1945 Manhattan Project – Atom Bomb
1945 Transatlantic telephone cable
1945 Claude E. Shannon published "A mathematical theory of cryptography", commonly accepted as the starting point for development of modern cryptography.
C1946 Crypto Wars begin and last to this day
1946 Charg-it card created by John C Biggins
1948 Atomic clock
1948 Claude Shannon writes a paper that establishes the mathematical basis of information theory
1949 Info theorist Claude Shannon asks “What does an ideal cipher look like?” – one time pad – what if the keys are not truly random
1950 First credit card released by the Diners Club, able to be used in 20 restaurants in NYC
1951 NSA, National Security Agency founded and creates the KL-7, an off-line rotor encryption machine
1952 First thermonuclear weapon
1953 First videotape recorder
1953 Term “Hash” first used meaning to “chop” or “make a mess” out of something
1954 Atomic Energy Act (no mention of crypto)
1957 The NSA begins producing ROMOLUS encryption machines, soon to be used by NATO
1957 First PC – IBM
1957 First Satellite – Sputnik 1
1958 Western Union begins building a nationwide Telex network in the U.S.
1960s Machine readable codes were added to the bottom of cheques in MICR format, which speeded up the clearing and sorting process
1960s Financial organizations were beginning to require strong commercial encryption on the rapidly growing field of wired money transfer.
1961 Electronic clock
1963 June 4, Kennedy Issued an Executive Order (11110) that Authorized the US Treasury to Issue Silver Certificates, Threatening the Federal Reserve’s Monopoly on Money
This government issued currency would bypass the governments need to borrow from bankers at interest.
1963 Electronic calculator
1963 Nov. 22, Kennedy Assassinated
1963 Johnson Reverses Kennedy’s Banking Rule and Restores Power to the Federal Reserve
1964 8-Track
1964 LAN, Local Area Networks adapters
1965 Moore’s Law by CEO of Intel Gordon Moore observes that the number of components per integrated circuit doubles every year, and projected this rate of growth would continue for at least another decade. In 1975 he revised it to every two years.
1967 First ATM installed at Barclay’s Bank in London
1968 Cassette Player introduced
1969 First connections of ARPANET, predecessor of the internet, are made. started – SF, SB, UCLA, Utah (now Darpa) – made to stay ahead of the Soviets – there were other networks being built around the world but it was very hard to connect them – CERN in Europe
1970s Stagflation – unemployment + inflation, which Keynesian theory could not explain
1970s Business/commercial applications for Crypto emerge – prior to this time it was militarily used – ATMs 1st got people thinking about commercial applications of cryptography – data being sent over telephone lines
1970s The public developments of the 1970s broke the near monopoly on high quality cryptography held by government organizations.
Use of checks increased in 70s – bringing about ACH
One way functions...
A few companies began selling access to private networks – but weren’t allowed to connect to the internet – business and universities using Arpanet had no commercial traffic – internet was used for research, not for commerce or advertising
1970 Railroads threatened by the growing popularity of air travel. Penn Central Railroad declares bankruptcy resulting in a $3.2 billion bailout
1970 Conjugate coding used in an attempt to design “money physically impossible to counterfeit”
1971 The US officially removes the gold standard
1971 Email invented
1971 Email
1971 First microcomputer on a chip
1971 Lockheed Bailout - $1.4 billion – Lockheed was a major government defense contractor
1972 First programmable word processor
1972 First video game console
1973 SWIFT established
1973 Ethernet invented, standardized in ‘83
1973 Mobile phone
1973 First commercial GUI – Xerox Alto
1973 First touchscreen
1973 Emails made up more than ¾ of ARPANET’s packets – people had to keep a map of the network by their desk – so DNS was created
1974 A protocol for packet network intercommunication – TCP/IP – Cerf and Kahn
1974 Franklin National Bank Bailout - $1.5 billion (valued at that time) - At the time, it was the largest bank failure in US history
1975 New York City Bailout - $9.4 billion – NYC was overextended
1975 W DES - meant that commercial uses of high quality encryption would become common, and serious problems of export control began to arise.
1975 DES, Data Encryption Standard developed at IBM, seeking to develop secure electronic communications for banks and large financial organizations. DES was the first publicly accessible cipher to be 'blessed' by a national agency such as the NSA. Its release stimulated an explosion of public and academic interest in cryptography.
1975 Digital camera
1975 Altair 8800 sparks the microprocessor revolution
1976 Bretton Woods ratified (lasted 30 years) – by 80’s all nations were using floating currencies
1976 New Directions in Cryptography published by Diffie & Hellman – this terrified Fort Meade – previously this technique was classified, now it’s public
1976 Apple I Computer – Steve Wozniak
1976 Asymmetric key cryptosystem published by Whitfield Diffie and Martin Hellman.
1976 Hellman and Diffie publish New Directions in Cryptography, introducing a radically new method of distributing cryptographic keys, contributing much to solving key distribution one of the fundamental problems of cryptography. It brought about the almost immediate public development of asymmetric key algorithms. - where people can have 2 sets of keys, public and private
1977 Diffie & Hellman receive letter from NSA employee JA Meyer that they’re violating Federal Laws comparable to arms export – this raises the question, “Can the gov prevent academics from publishing on crypto?
1977 DES considered insecure
1977 First handheld electronic game
1977 RSA public key encryption invented
1978 McEliece Cryptosystem invented, first asymmetric encryption algorithm to use randomization in the encryption process
1980s Large data centers began being built to store files and give users a better faster experience – companies rented space from them - Data centers would not only store data but scour it to show people what they might want to see and in some cases, sell data
1980s Reaganomics and Thatcherism
1980 A decade of intense bank failures begins; the FDIC reports that 1,600 were either closed or received financial assistance from 1980 to 1994
1980 Chrysler Bailout – lost over $1 billion due to major hubris on the part of its executives - $1.5 billion one of the largest payouts ever made to a single corporation.
1980 Protocols for public key cryptosystems – Ralph Merkle
1980 Flash memory invented – public in ‘84
1981 “Untraceable Electronic Mail, Return Addresses and Digital Pseudonumns” – Chaum
1981 EFTPOS, Electronic funds transfer at point of sale is created
1981 IBM Personal Computer
1982 “The Ethics of Liberty” Murray Rothbard
1982 Commodore 64
1982 CD
1983 Satellite TV
1983 First built in hard drive
1983 C++
1983 Stereolithography
1983 Blind signatures for untraceable payments
Mid 1980s Use of ATMs becomes more widespread
1984 Continental Illinois National Bank and Trust bailed out due to overly aggressive lending styles and - the bank’s downfall could be directly traced to risk taking and a lack of due diligence on the part of bank officers - $9.5 billion in 2008 money
1984 Macintosh Computer - the first mass-market personal computer that featured a graphical user interface, built-in screen and mouse
1984 CD Rom
1985 Zero-Knowledge Proofs first proposed
1985 300,000 simultaneous telephone conversations over single optical fiber
1985 Elliptic Curve Cryptography
1987 ARPANET had connected over 20k guarded computers by this time
1988 First private networks email servers connected to NSFNET
1988 The Crypto Anarchists Manifesto – Timothy C May
1988 ISDN, Integrated Services Digital Network
1989 Savings & Loan Bailout - After the widespread failure of savings and loan institutions, President George H. W. Bush signed and Congress enacted the Financial Institutions Reform Recovery and Enforcement Act - This was a taxpayer bailout of about $200 billion
1989 First commercial emails sent
1989 Digicash - Chaum
1989 Tim Berners-Lee and Robert Cailliau built the prototype system which became the World Wide Web, WWW
1989 First ISPs – companies with no network of their own which connected people to a local network and to the internet - To connect to a network your computer placed a phone call through a modem which translated analog signals to digital signals – dial-up was used to connect computers as phone lines already had an extensive network across the U.S. – but phone lines weren’t designed for high pitched sounds that could change fast to transmit large amounts of data
1990s Cryptowars really heat up...
1990s Some countries started to change their laws to allow "truncation"
1990s Encryption export controls became a matter of public concern with the introduction of the personal computer. Phil Zimmermann's PGP cryptosystem and its distribution on the Internet in 1991 was the first major 'individual level' challenge to controls on export of cryptography. The growth of electronic commerce in the 1990s created additional pressure for reduced restrictions.[3] Shortly afterward, Netscape's SSL technology was widely adopted as a method for protecting credit card transactions using public key cryptography.
1990 NSFNET replaced Arpanet as backbone of the internet with more than 500k users
Early 90s Dial up provided through AOL and Compuserve
People were leery to use credit cards on the internet
1991 How to time-stamp a digital doc - Stornetta
1991 Phil Zimmermann releases the public key encryption program Pretty Good Privacy (PGP) along with its source code, which quickly appears on the Internet. He distributed a freeware version of PGP when he felt threatened by legislation then under consideration by the US Government that would require backdoors to be included in all cryptographic products developed within the US. Expanded the market to include anyone wanting to use cryptography on a personal computer (before only military, governments, large corporations)
1991 WWW (Tim Berners Lee) – made public in ‘93 – flatten the “tree” structure of the internet using hypertext – reason for HTTP//:WWW – LATER HTTPS for more security
1992 Erwise – first Internet Browser w a graphical Interface
1992 Congress passed a law allowing for commercial traffic on NSFNET
1992 Cpherpunks, Eric Hughes, Tim C May and John Gilmore – online privacy and safety from gov – cypherpunks write code so it can be spread and not shut down (in my earlier chapter)
1993 Mosaic – popularized surfing the web ‘til Netscape Navigator in ’94 – whose code was later used in Firefox
1993 A Cypherpunks Manifesto – Eric Hughes
1994 World’s first online cyberbank, First Virtual, opened for business
1994 Bluetooth
1994 First DVD player
1994 Stanford Federal Credit Union becomes the first financial institution to offer online internet banking services to all of its members in October 1994
1994 Internet only used by a few
1994 Cybercash
1994 Secure Sockets Layer (SSL) encryption protocol released by Netscape. Making financial transactions possible.
1994 One of the first online purchases was made, a Pizza Hut pepperoni pizza with mushrooms and extra cheese
1994 Cyphernomicon published – social implication where gov can’t do anything about it
1994-1999 Social Networking – GeoCities (combining creators and users) – had 19M users by ’99 – 3rd most popular after AOL and Yahoo – GeoCities purchased by Yahoo for $3.6B but took a hit after dotcom bubble popped and never recovered – GC shut down in ‘99
1995-2000 Dotcom bubble – Google, Amazon, Facebook: get over 600M visitors/year
1995 DVD
1995 MP3 term coined for MP3 files, the earlier development of which stretches back into the ‘70s, where MP files themselves where developed throughout the ‘90s
1995 NSFNET shut down and handed everything over to the ISPs
1995 NSA publishes the SHA1 hash algorithm as part of its Digital Signature Standard.
1996, 2000 President Bill Clinton signing the Executive order 13026 transferring the commercial encryption from the Munition List to the Commerce Control List. This order permitted the United States Department of Commerce to implement rules that greatly simplified the export of proprietary and open source software containing cryptography, which they did in 2000 - The successful cracking of DES likely helped gather both political and technical support for more advanced encryption in the hands of ordinary citizens - NSA considers AES strong enough to protect information classified at the Top Secret level
1996 e-gold
1997 WAP, Wireless Access Point
1997 NSA researchers published how to mint e cash
1997 Adam Back – HashCash – used PoW – coins could only be used once
1997 Nick Szabo – smart contracts “Formalizing and Securing Relationships on Public Networks”
1998 OSS, Open-source software Initiative Founded
1998 Wei Dai – B-money – decentralized database to record txs
1998 Bitgold
1998 First backdoor created by hackers from Cult of the Dead Cow
1998 Musk and Thiel founded PayPal
1998 Nick Szabo says crypto can protect land titles even if thugs take it by force – said it could be done with a timestamped database
1999 Much of the Glass-Steagal Act repealed - this saw US retail banks embark on big rounds of mergers and acquisitions and also engage in investment banking activities.
1999 Milton Friedman says, “I think that the Internet is going to be one of the major forces for reducing the role of government. The one thing that's missing, but that will soon be developed, is a reliable e-cash - a method whereby on the Internet you can transfer funds from A to B without A knowing B or B knowing A.”
1999 European banks began offering mobile banking with the first smartphones
1999 The Financial Services Modernization Act Allows Banks to Grow Even Larger
Many economists and politicians have recognized that this legislation played a key part in the subprime mortgage crisis of 2007.
1999-2001 Napster, P2P file sharing – was one of the fastest growing businesses in history – bankrupt for paying musicians for copyright infringement

submitted by crypto_jedi_ninja to Bitcoin [link] [comments]

Part 5. I'm writing a series about blockchain tech and possible future security risks. This is the fifth part of the series talking about an advanced vulnerability of BTC.

The previous parts will give you usefull basic blockchain knowledge and insights on quantum resistance vs blockchain that are not explained in this part.
Part 1, what makes blockchain reliable?
Part 2, The mathematical concepts Hashing and Public key cryptography.
Part 3, Quantum resistant blockchain vs Quantum computing.
Part 4A, The advantages of quantum resistance from genesis block, A
Part 4B, The advantages of quantum resistance from genesis block, A

Why BTC is vulnerable for quantum attacks sooner than you would think.
Content:
The BTC misconception: “Original public keys are not visible until you make a transaction, so BTC is quantum resistant.”
Already exposed public keys.
Hijacking transactions.
Hijacks during blocktime
Hijacks pre-blocktime.
MITM attacks

- Why BTC is vulnerable for quantum attacks sooner than you would think. -

Blockchain transactions are secured by public-private key cryptography. The keypairs used today will be at risk when quantum computers reach a certain critical level: Quantum computers can at a certain point of development, derive private keys from public keys. See for more sourced info on this subject in part 3. So if a public key can be obtained by an attacker, he can then use a quantum computer to find the private key. And as he has both the public key and the private key, he can control and send the funds to an address he owns.
Just to make sure there will be no misconceptions: When public-private key cryptography such as ECDSA and RSA can be broken by a quantum computer, this will be an issue for all blockchains who don't use quantum resistant cryptography. The reason this article is about BTC is because I take this paper as a reference point: https://arxiv.org/pdf/1710.10377.pdf Here they calculate an estimate when BTC will be at risk while taking the BTC blocktime as the window of opportunity.
The BTC misconception: “Original public keys are not visible until you make a transaction, so BTC is quantum resistant.”
In pretty much every discussion I've read and had on the subject, I notice that people are under the impression that BTC is quantum resistant as long as you use your address only once. BTC uses a hashed version of the public key as a send-to address. So in theory, all funds are registered on the chain on hashed public keys instead of to the full, original public keys, which means that the original public key is (again in theory) not public. Even a quantum computer can't derive the original public key from a hashed public key, therefore there is no risk that a quantum computer can derive the private key from the public key. If you make a transaction, however, the public key of the address you sent your funds from will be registered in full form in the blockchain. So if you were to only send part of your funds, leaving the rest on the old address, your remaining funds would be on a published public key, and therefore vulnerable to quantum attacks. So the workaround would be to transfer the remaining funds, within the same transaction, to a new address. In that way, your funds would be once again registered on the blockchain on a hashed public key instead of a full, original public key.
If you feel lost already because you are not very familiar with the tech behind blockchain, I will try to explain the above in a more familiar way:
You control your funds through your public- private key pair. Your funds are registered on your public key. And you can create transactions, which you need to sign to be valid. You can only create a signature if you have your private key. See it as your e-mail address (public key) and your password (Private key). Many people got your email address, but only you have your password. So the analogy is, that if you got your address and your password, then you can access your mail and send emails (Transactions). If the right quantum computer would be available, people could use that to calculate your password (private key), if they have your email address (public key).
Now, because BTC doesn’t show your full public key anywhere until you make a transaction. That sounds pretty safe. It means that your public key is private until you make a transaction. The only thing related to your public key that is public is the hash of your public key. Here is a short explanation of what a hash is: a hash is an outcome of an equation. Usually one-way hash functions are used, where you can not derive the original input from the output; but every time you use the same hash function on the same original input (For example IFUHE8392ISHF), you will always get the same output (For example G). That way you can have your coins on public key "IFUHE8392ISHF", while on the chain, they are registered on "G".
So your funds are registered on the blockchain on the "Hash" of the public key. The Hash of the public key is also your "email address" in this case. So you give "G" as your address to send BTC to.
As said before: since it is, even for a quantum computer, impossible to derive a public key from the Hash of a public key, your coins are safe for quantum computers as long as the public key is only registered in hashed form. The obvious safe method would be, never to reuse an address, and always make sure that when you make a payment, you send your remaining funds to a fresh new address. (There are wallets that can do this for you.) In theory, this would make BTC quantum resistant, if used correctly. This, however, is not as simple as it seems. Even though the above is correct, there is a way to get to your funds.
Already exposed public keys.
But before we get to that, there is another point that is often overlooked: Not only is the security of your personal BTC is important, but also the security of funds of other users. If others got hacked, the news of the hack itself and the reaction of the market to that news, would influence the marketprice. Or, if a big account like the Satoshi account were to be hacked and dumped, the dump itself, combined with the news of the hack, could be even worse. An individual does not have the control of other people’s actions. So even though one might make sure his public key is only registered in hashed form, others might not do so, or might no know their public key is exposed. There are several reasons why a substantial amount of addresses actually have exposed full public keys:
In total, about 36% of all BTC are on addresses with exposed public keys Of which about 20% is on lost addresses. and here
Hijacking transactions.
But even if you consider the above an acceptable risk, just because you yourself will make sure you never reuse an address, then still, the fact that only the hashed public key is published until you make a transaction is a false sense of security. It only works, if you never make a transaction. Why? Public keys are revealed while making a transaction, so transactions can be hijacked while being made.
Here it is important to understand two things:
1.) How is a transaction sent?
The owner has the private key and the public key and uses that to log into the secured environment, the wallet. This can be online or offline. Once he is in his wallet, he states how much he wants to send and to what address.
When he sends the transaction, it will be broadcasted to the blockchain network. But before the actual transaction will be sent, it is formed into a package, created by the wallet. This happens out of sight of the sender.
That package ends up carrying roughly the following info: the public key to point to the address where the funds will be coming from, the amount that will be transferred, the address the funds will be transferred to (depending on the blockchain this could be the hashed public key, or the original public key of the address the funds will be transferred to). This package also carries the most important thing: a signature, created by the wallet, derived from the private- public key combination. This signature proves to the miners that you are the rightful owner and you can send funds from that public key.
Then this package is sent out of the secure wallet environment to multiple nodes. The nodes don’t need to trust the sender or establish the sender’s "identity”, because the sender proofs he is the rightful owner by adding the signature that corresponds with the public key. And because the transaction is signed and contains no confidential information, private keys, or credentials, it can be publicly broadcast using any underlying network transport that is convenient. As long as the transaction can reach a node that will propagate it into the network, it doesn’t matter how it is transported to the first node.
2.) How is a transaction confirmed/ fulfilled and registered on the blockchain?
After the transaction is sent to the network, it is ready to be processed. The nodes have a bundle of transactions to verify and register on the next block. This is done during a period called the block time. In the case of BTC that is 10 minutes.
If we process the information written above, we will see that there are two moments where you can actually see the public key, while the transaction is not fulfilled and registered on the blockchain yet.
1: during the time the transaction is sent from the sender to the nodes
2: during the time the nodes verify the transaction. (The blocktime)
Hijacks during blocktime
This paper describes how you could hijack a transaction and make a new transaction of your own, using someone else’s address and send his coins to an address you own during moment 2: the time the nodes verify the transaction:
https://arxiv.org/pdf/1710.10377.pdf
"(Unprocessed transactions) After a transaction has been broadcast to the network, but before it is placed on the blockchain it is at risk from a quantum attack. If the secret key can be derived from the broadcast public key before the transaction is placed on the blockchain, then an attacker could use this secret key to broadcast a new transaction from the same address to his own address. If the attacker then ensures that this new transaction is placed on the blockchain first, then he can effectively steal all the bitcoin behind the original address." (Page 8, point 3.)
So this means that BTC obviously is not a quantum secure blockchain. Because as soon as you will touch your funds and use them for payment, or send them to another address, you will have to make a transaction and you risk a quantum attack.
Hijacks pre-blocktime.
The story doesn't end here. The paper doesn't describe the posibility of a pre-blocktime hijack.
So back to the paper: as explained, while making a transaction your public key is exposed for at least the transaction time. This transaction time is 10 minutes where your transaction is being confirmed during the 10 minute block time. That is the period where your public key is visible and where, as described in the paper, a transaction can be hijacked, and by using quantum computers, a forged transaction can be made. So the critical point is determined to be the moment where quantum computers can derive private keys from public keys within 10 minutes. Based on that 10 minute period, they calculate (estimate) how long it will take before QC's start forming a threat to BTC. (“ By our most optimistic estimates, as early as 2027 a quantum computer could exist that can break the elliptic curve signature scheme in less than 10 minutes, the block time used in Bitcoin.“ This is also shown in figure 4 on page 10 and later more in depth calculated in appendix C, where the pessimistic estimate is around 2037.) But you could extend that 10 minutes through network based attacks like DDoS, BGP routing attacks, NSA Quantum Insert, Eclipse attacks, MITM attacks or anything like that. (And I don’t mean you extend the block time by using a network based attack, but you extend the time you have access to the public key before the transaction is confirmed.) Bitcoin would be earlier at risk than calculated in this paper.
Also other Blockchains with way shorter block times imagine themselves safe for a longer period than BTC, but with this extension of the timeframe within which you can derive the private key, they too will be vulnerable way sooner.
Not so long ago an eclipse attack demonstrated it could have done the trick. and here Causing the blockchain to work over max capacity, means the transactions will be waiting to be added to a block for a longer time. This time needs to be added on the blocktime, expanding the period one would have time to derive the private key from the public key.
That seems to be fixed now, but it shows there are always new attacks possible and when the incentive is right (Like a few billion $ kind of right) these could be specifically designed for certain blockchains.
MITM attacks
An MITM attack could find the public key in the first moment the public key is exposed. (During the time the transaction is sent from the sender to the nodes) So these transactions that are sent to the network, contain public keys that you could intercept. So that means that if you intercept transactions (and with that the private keys) and simultaneously delay their arrival to the blockchain network, you create extra time to derive the private key from the public key using a quantum computer. When you done that, you send a transaction of your own before the original transaction has arrived and is confirmed and send funds from that stolen address to an address of your choosing. The result would be that you have an extra 10, 20, 30 minutes (or however long you can delay the original transactions), to derive the public key. This can be done without ever needing to mess with a blockchain network, because the attack happens outside the network. Therefore, slower quantum computers form a threat. Meaning that earlier models of quantum computers can form a threat than they assume now.
When MITM attacks and hijacking transactions will form a threat to BTC, other blockchains will be vulnerable to the same attacks, especially MITM attacks. There are ways to prevent hijacking after arrival at the nodes. I will elaborate on that in the next article. At this point of time, the pub key would be useless to an attacker due to the fact there is no quantum computer available now. Once a quantum computer of the right size is available, it becomes a problem. For quantum resistant blockchains this is differetn. MITM attacks and hijacking is useless to quantum resistant blockchains like QRL and Mochimo because these projects use quantum resistant keys.
submitted by QRCollector to CryptoTechnology [link] [comments]

No way to reproduce some key numbers used in the design of Elliptic Curves

No way to reproduce some key numbers used in the design of Elliptic Curves submitted by ripper2345 to Bitcoin [link] [comments]

My growing collection of info about NEO

It can be very time consuming to keep up to date on a single blockchain project let alone multiple ones. If you just heard about NEO a few weeks ago it would be impossible catch up on past occurrences due to high volume of Reddit posts and articles made on the project. I’m going to try and simplify the past, present and future as much as I can into one well thought-out post. I hope I can be helpful to anyone who has been investigating like myself. I will include sources with all of my research.
https://imgur.com/a/NBI7S (img for mobile backround)
Key notes from the White Paper http://docs.neo.org/en-us/
Digital Assets
Digital assets are programmable assets that exist in the form of electronic data. With blockchain technology, the digitization of assets can be decentralized, trustful, traceable, highly transparent, and free of intermediaries. On the NEO blockchain, users are able to register, trade, and circulate multiple types of assets. Proving the connection between digital and physical assets is possible through digital identity. Assets registered through a validated digital identity are protected by law.
Digital Identity
Digital identity refers to the identity information of individuals, organizations, and other entities that exist in electronic form. The more mature digital identity system is based on the PKI (Public Key Infrastructure) X.509 standard. In NEO, we will implement a set of X.509 compatible digital identity standards. This set of digital identity standards, in addition to compatible X.509 level certificate issuance model, will also support Web Of Trust point-to-point certificate issuance model. Our verification of identity when issuing or using digital identities includes the use of facial features, fingerprint, voice, SMS and other multi-factor authentication methods.
Smart Contracts
The NeoContract smart contract system is the biggest feature of the seamless integration of the existing developer ecosystem. Developers do not need to learn a new programming language but use C#, Java and other mainstream programming languages in their familiar IDE environments (Visual Studio, Eclipse, etc.) for smart contract development, debugging and compilation. NEO's Universal Lightweight Virtual Machine, NeoVM, has the advantages of high certainty, high concurrency, and high scalability. The NeoContract smart contract system will allow millions of developers around the world to quickly carry out the development of smart contracts.
Economic Model
NEO has two native tokens, NEOand NeoGas NEO represents the right to manage the network. Management rights include voting for bookkeeping, NEO network parameter changes, and so on. The minimum unit of NEO is 1 and tokens cannot be subdivided. GAS is the fuel token for the realization of NEO network resource control. The NEO network charges for the operation and storage of tokens and smart contracts, thereby creating economic incentives for bookkeepers and preventing the abuse of resources. The minimum unit of GAS is 0.00000001.
Distribution Mechanism
NEO's 100 million tokens are divided into two portions. The first portion is 50 million tokens distributed proportionally to supporters of NEO during the crowdfunding. This portion has been distributed.
The second portion is 50 million NEO managed by the NEO Council to support NEO's long-term development, operation and maintenance and ecosystem. The NEO in this portion has a lockout period of 1 year and is unlocked only after October 16, 2017. This portion WILL NOT enter the exchanges and is only for long-term support of NEO projects. The plans for it are as below:
▪ 10 million tokens (10% total) will be used to motivate NEO developers and members of the NEO Council
▪ 10 million tokens (10% total) will be used to motivate developers in the NEO ecosystem
▪ 15 million tokens (15% total) will be used to cross-invest in other block-chain projects, which are owned by the NEO Council and are used only for NEO projects
▪ 15 million (15% total) will be retained as contingency
▪ The annual use of NEO in principle shall NOT exceed 15 million tokens
GAS distribution
GAS is generated with each new block. The initial total amount of GAS is zero. With the increasing rate of new block generation, the total limit of 100 million GAS will be achieved in about 22 years. The interval between each block is about 15-20 seconds, and 2 million blocks are generated in about one year. According to this release curve, 16% of the GAS will be created in the first year, 52% of the GAS will be created in the first four years, and 80% of the GAS will be created in the first 12 years. GAS will be distributed proportionally in accordance with the NEO holding ratio, recorded in the corresponding addresses. NEO holders can initiate a claim transaction at any time and claim these GAS tokens at their holding addresses.
Consensus mechanism: dBFT
The dBFT is called the Delegated Byzantine Fault Tolerant, a Byzantine fault-tolerant consensus mechanism that enables large-scale participation in consensus through proxy voting. The holder of the NEO token can, by voting, pick the bookkeeper it supports. The selected group of bookkeepers, through BFT algorithm, reach a consensus and generate new blocks. Voting in the NEO network continues in real time, rather than in accordance with a fixed term.
Cross-chain assets exchange agreement
NeoX has been extended on existing double-stranded atomic assets exchange protocols to allow multiple participants to exchange assets across different chains and to ensure that all steps in the entire transaction process succeed or fail together. In order to achieve this function, we need to use NeoContract function to create a contract account for each participant. If other blockchains are not compatible with NeoContract, they can be compatible with NeoX as long as they can provide simple smart contract functionality.
Cross-chain distributed transaction protocol
Cross-chain distributed transactions mean that multiple steps of a transaction are scattered across different blockchains and that the consistency of the entire transaction is ensured. This is an extension of cross-chain assets exchange, extending the behavior of assets exchange into arbitrary behavior. In layman's terms, NeoX makes it possible for cross-chain smart contracts where a smart contract can perform different parts on multiple chains, either succeeding or reverting as a whole. This gives excellent possibilities for cross-chain collaborations and we are exploring cross-chain smart contract application scenarios.
Distributed Storage Protocol: NeoFS
NeoFS is a distributed storage protocol that utilizes Distributed Hash Table technology. NeoFS indexes the data through file content (Hash) rather than file path (URI). Large files will be divided into fixed-size data blocks that are distributed and stored in many different nodes
Anti-quantum cryptography mechanism: NeoQS
The emergence of quantum computers poses a major challenge to RSA and ECC-based cryptographic mechanisms. Quantum computers can solve the large number of decomposition problems (which RSA relies on) and the elliptic curve discrete logarithm (which ECC relies on) in a very short time. NeoQS (Quantum Safe) is a lattice-based cryptographic mechanism. At present, quantum computers do not have the ability to quickly solve the Shortest Vector Problem (SVP) and the Closest Vector Problem (CVP), which is considered to be the most reliable algorithm for resisting quantum computers.
Reasons for choosing dBFT over PoW and PoS:
With the phenomenal success of Bitcoin and its increasing mainstream adoption, the project’s unbounded appetite for energy grew accordingly. Today, the average Bitcoin transaction costs as much energy as powering 3.67 average American homes, which amounts to about 3000 times more than a comparable Credit Card settlement.
This mind boggling amount of energy is not, as it is commonly believed, being wasted. It is put to good use: securing the Bitcoin network and rendering attacks on it infeasible. However, the cost of this security mechanism and its implications for an increasingly warming and resource hungry planet led almost the entire crypto industry to the understanding that an alternative has to be found, at least if we’re interested in seeing blockchain technology gaining overwhelming mainstream adoption.
The most popular alternative to PoW, used by most alternative cryptocurrency systems, is called Proof-of-Stake, or PoS. PoS is highly promising in the sense that it doesn’t require blockchain nodes to perform arduous, and otherwise useless, cryptographic tasks in order to render potential attacks costly and infeasible. Hence, this algorithm cuts the power requirements of PoS blockchains down to sane and manageable amounts, allowing them to be more scalable without guzzling up the planet's energy reserves.
As the name suggests, instead of requiring proof of cryptographic work, PoS requires blockchain nodes to proof stake in the currency itself. This means that in order for a blockchain node to be eligible for a verification reward, the node has to hold a certain amount of currency in the wallet associated with it. This way, in order to execute an attack, a malevolent node would have to acquire the majority of the existing coin supply, rendering attacks not only costly but also meaningless, since the attackers would primarily harm themselves.
PoS, as well as PoW, simply cause the blockchain to fork into two alternative versions if for some reason consensus breaks. In fact, most blockchains fork most of the time, only to converge back to a single source of truth a short while afterwards.
By many crypto enthusiasts, this obvious bug is very often regarded as a feature, allowing several versions of the truth to survive and compete for public adoption until a resolution is generated. This sounds nice in theory, but if we want to see blockchain technology seriously disrupt and/or augment the financial sector, this ever lurking possibility of the blockchain splitting into two alternative versions cannot be tolerated.
Furthermore, even the fastest PoS blockchains out there can accomodate a few hundred transactions per second, compare that to Visa’s 56,000 tx/s and the need for an alternative becomes clear as day.
A blockchain securing global stock markets does not have the privilege to fork into two alternative versions and just sit and wait it out until the market (or what’s left of it) declares a winner. What belongs to whom should be engraved in an immutable record, functioning as a single source of truth with no glitches permitted.
After investigating and studying the crypto industry and blockchain technologies for several years, we came to the conclusion that the delegated Byzantine Fault Tolerance alternative (or dBFT) is best suited for such a system. It provides swift transaction verification times, de-incentivises most attack vectors and upholds a single blockchain version with no risk of forks or alternative blockchain records emerging - regardless of how much computing power, or coins an attacker possesses.
The term Byzantine Fault Tolerance (BFT) derives its name from the Byzantine Generals problem in Game Theory and Computer Science, describing the problematic nature of achieving consensus in a distributed system with suboptimal communication between agents which do not necessarily trust each other.
The BFT algorithm arranges the relationship between blockchain nodes in such a way that the network becomes as good as resilient to the Byzantine Generals problem, and allows the system to remain consensus even if some nodes bare malicious intentions or simply malfunction.
To achieve this, Antshare’s version of the delegated BFT (or dBFT) algorithm acknowledges two kinds of players in the blockchain space: professional node operators, called bookkeeping nodes, who run nodes as a source of income, and users who are interested in accessing blockchain advantages. Theoretically, this differentiation does not exist in PoW and most PoS environments, practically, however, most Bitcoin users do not operate miners, which are mostly located in specialized venues run by professionals. At Antshares we understand the importance of this naturally occurring division of labor and use it to provide better security for our blockchain platform.
Accordingly, block verification is achieved through a consensus game held between specialized bookkeeping nodes, which are appointed by ordinary nodes through a form of delegated voting process. In every verification round one of the bookkeeping nodes is pseudo-randomly appointed to broadcast its version of the blockchain to the rest of the network. If ⅔ of the remaining nodes agree with this version, consensus is secured and the blockchain marches on. If less than ⅔ of the network agrees, a different node is appointed to broadcast its version of the truth to the rest of the system, and so forth until consensus is established.
In this way, successful system attacks are almost impossible to execute unless the overwhelming majority of the network is interested in committing financial suicide. Additionally, the system is fork proof, and at every given moment only one version of the truth exists. Without complicated cryptographic puzzles to solve, nodes operate much faster and are able to compete with centralized transaction methods.
https://www.econotimes.com/Blockchain-project-Antshares-explains-reasons-for-choosing-dBFT-over-PoW-and-PoS-659275
OnChain
It is important to note the technical difference between Onchain and NEO. Onchain is a private VC-backed company with over 40 employees. NEO is a public platform with different community-led groups contributing to this public project. There exists NEO council comprised of the original NEO creators, employees from Onchain, full time NEO council members and there is also the first Western based group called City of Zion. This confusion is likely the source of the rumour about Antshares and Alibaba having a connection. Onchain and NEO are separate entities who are intimately related via cross-chain communications and similar designs.
Onchain, a Shanghai-based blockchain R&D company, first started developing Antshares in February of 2014 which will eventually become the foundation of DNA. Onchain was founded by CEO Da HongFei and CTO Erik Zhang in response to the attention from private companies garnered by the development of Antshares, China’s first public blockchain. In contrast to the weeks-old start-ups launching ICOs that is happening currently in the blockchain world, it took them 22 long months of R&D to even begin providing services to their first customers. Finally, in April 2016, the first whitepaper on consensus protocol from China was born — the dBFT (delegated Byzantine Fault Tolerance) protocol.
2016 was a busy year for Onchain and they really picked up the pace that year. Other than continuing the development of Antshares, brushing shoulders with Fortune 500 companies, Onchain became the first Chinese blockchain company to join Hyperledger — an open source blockchain project started by the Linux Foundation specifically focusing on the development of private and consortium chains for businesses. It is here where the Da HongFei and Erik Zhang, entered the hyperbolic time chamber that is now known as Fabric, a platform by Hyperledger for distributed ledger solutions, and has consequently helped them to develop many aspects underpinning the design of DNA.
In June of 2016, during the first of many future partnerships with Microsoft China, Onchain founded Legal Chain specifically targeting the inadequacies of the digital applications within the legal system. In 2005, (Digital Signature Act) was passed into national law which permitted an effective digital signatures to gain the same legal rights as a real signature.
In company with Microsoft China, they are also aiming to integrate the technology with Microsoft’s face and voice recognition API function to kick start this digital revolution within the legal system. At the same time, a partnership was formed with FaDaDa, a third-party platform for electronic contracts that has processed over 27 million contracts to date, to provide secure evidence storage with DNA. If that’s not enough, they were also voted as KPMG’s top 50 Fintech Company in China and established a relationship with the Japanese Ministry of Economy, Trade and Industry which led to the recent tour to Japan. Finally, at the end of 2016 they announced a partnership with Alibaba to provide attested email service for Ali Cloud with Legal Chain where it provides a proof-of-existence for a blockchain-powered email evidence repository for enterprise-level use.
Fosun Group, China’s largest private conglomerate, have recently invested into Onchain in order to apply DNA across all of its businesses. Currently, Fosun International has a market cap of 102.98 billion dollars on the Hong Kong Stock Exchange and that is only its international branch.
The role of Onchain so far is reminiscent of Ethereum’s EEA in addition to a stronger emphasis of governmental cooperation. Onchain has identified the shortcomings of present laser focus of hype on public platforms such as NEO and Ethereum and addressing that with DNA. DNA envisions a future where a network of assorted, specifically designed blockchains serving private enterprises, consortiums, government and the public communicating with each other forming an interconnected blockchain network.
This is the goal of DNA — infiltrating every little inefficient niche that had no better alternatives before the invention of blockchain. What is especially critical to remember during this explosive time of hype driven partly by the obscene degree of greed is that not every little niche that blockchain can fill will be holding its own little ICO for you to “go to the moon on your rocket powered lambos”. Some of those efficiencies gained will simply be consumed by companies privately or by public systems such as the legal system.
https://hackernoon.com/neo-onchain-and-its-ultimate-plan-dna-4c33e9b6bfaa
http://www.onchain.com/
https://github.com/DNAProject/DNA
https://siliconangle.com/blog/2016/10/20/onchain-partners-with-alibaba-for-blockchain-powered-email-evidence-repository/
https://www.reuters.com/article/us-fosun-blockchain/chinas-fosun-invests-in-local-version-of-bitcoin-tech-blockchain-idUSKCN1B30KM
City of Zion (CoZ)
City of Zion (CoZ) is a global community of open source enthusiasts, with the shared goal of helping NEO achieve its full potential. CoZ primarily operates through the community Slack and CoZ Github, central places where the community shares knowledge and contributes to projects.
CoZ is neither a corporation, nor a consulting firm or a devshop / for-hire group.
Members
https://imgur.com/a/Gc9jT
CoZ aims to be low barrier of entry, the process is straightforward:
  1. Join the channel #develop.
  2. Fork or create a project.
  3. Publish as open source.
  4. After a couple of contributions a CoZ council member will invite you to the proper channel for your contributions.
  5. Receive rewards and back to 3.
Unit testing - Ongoing effort to implement code coverage for the core
Integration testing - Tools for automated testing, performance metrics and functionality validation on private test nets
Continuous integration - Automated multi-platform testing of all pull requests at GitHub.
Deployment pipeline - Automated tools and processes to ensure fast and reliable updates upon code changes
New C# implementation (NEO2) - Improve code quality, speed & testability
Roadmap
https://imgur.com/a/4CDhw
dApps competition
https://cityofzion.io/dapps/1
10 prizes of 1350 GAS, with 500 GAS to be used for smart contract deployment. Currently 19 dApps registered. Deadline is 16 of November 11:59 EST.
https://drive.google.com/drive/folders/0B4wu5lNlukwybEstaEJMZ19kbjQ
Traveling
August 8th to August 12th:
From August 8th to August 12th, 2017, the NEO core team, led by founder & CEO Da Hongfei will travel to Japan to explore the forefront of Japan's Blockchain innovation. This trip represents the first in a series of trips around the world with the goal to foster international cooperation's and to keep up with the fast pace in Blockchain innovation. Starting in Japan, the NEO core team will visit famous local Blockchain research institutions and active communities to engage in bilateral communication. NEO will meet with Japanese tech-celebrities to gain insights about the latest developments in the Japanese Blockchain and digital currency community. Additionally, Japanese local tech media will conduct an interview allowing NEO to present its development status and its latest technological innovations.
https://www.reddit.com/NEO/comments/6ry4s9/japan_the_neo_core_team_starts_out_on_an/
https://www.youtube.com/watch?v=SgTQ32CkxlU
https://www.reddit.com/NEO/comments/6ssfx1/neo_meetup_in_tokyo_august_10th_2017_2100h/
19th August, 2017
Blockchain X Series - NEO example applications
20th August, 2017
NEO and Microsoft Azure host a blockchain programming training in Shanghai
23rd August, 2017
INNOxNEO Blockchain Open Nights: 2nd Meeting
24th August, 2017
NEO Meetup in Taipei
https://www.reddit.com/NEO/comments/6wbebneo_taipei_meetup_long_post/
13th September, 2017
INNOxNEO Blockchain Open Nights: 3rd Meeting
14th September, 2017
NEO Shanghai Meetup with NEO team
24th September, 2017
NEO Blockchain Programming Day - Hangzhou Station
27th September, 2017
INNOxNEO Blockchain Open Nights: 4th Meeting
27th September, 2017
First London NEO Developer Meetup!
4th October, 2017
First San Francisco NEO Developer Social!
14th-16th October, 2017
GNOME.Asia Summit 2017, Chongqing, China
21st October, 2017
NEO JOY, Exploring Blockchain application, Nanjing, China
26th October, 2017
Inaugural Global Fintech & Blockchain China Summit 2017
Networks proves itself with the first ICO
ICOs, on other platforms such as Ethereum, often resulted in a sluggish network and transaction delays. While NEO’s dBFT consensus algorithm is designed to achieve consensus with higher efficency and greater network throughputt, no amount of theoretical calculations can simulate the reality of real-life conditions.
--Key Observations--
Smart Contract Invocations:
A total of 13,966 smart contracts invocations were executed on the NEO network over this time period, of which, nearly all called the RPX smart contract method mintTokens. A total of 543,348,500 RPX tokens were successfully minted and transferred to user accounts, totalling 10,097 smart contract executions.
Refunded Invocations:
A total of 4182 refund events were triggered by the smart contract method mintTokens. (Note: RPX has stated that these refunds will be processed within the next two weeks.)
Crowdsale statistics:
A successful mintTokens execution used around 1043 VM operations, while an execution that resulted in a refund used 809 VM operations. Within the hour and six minutes that the token sale was active, a total of 12,296,409 VM operations were executed. A total of 9,575 unique addresses participated in the RPX ICO. Half of these, approximately 4,800 unique addresses, participated through CoZ’s Neon wallet. The top 3 blocks with the most transactions were block 1445025 (3,242 transactions), block 1444902 (2,951 transactions), and block 1444903 (1609 transactions).
Final Thoughts
At the moment, the consensus nodes for the NEO network are operated by the NEO Council in China. By Q1 2018, NEO Council aims to control less than two-thirds of the consensus nodes.
We are pleased to note that the NEO network continuted to operate efficiently with minimal network impact, even under extreme network events. Block generation time initially slowed down to 3 minutes to process the largest block, but quickly recovered to approximately 25 seconds. Throughout the entire RPX ICO, consensus nodes were able to achieve consensus and propagate new block transactions to the rest of the network. In closing, while we consider this performance to be excellent, NEO Council and City of Zion areworking closely together on upgrades, that will increase the throughputs of the NEO network.
Hyperledger
Members and governance of Hyperledger:
Early members of the initiative included blockchain ISVs, (Blockchain, ConsenSys, Digital Asset, R3, Onchain), well-known technology platform companies (Cisco, Fujitsu, Hitachi, IBM, Intel, NEC, NTT DATA, Red Hat, VMware), financial services firms (ABN AMRO, ANZ Bank, BNY Mellon, CLS Group, CME Group, the Depository Trust & Clearing Corporation (DTCC), Deutsche Börse Group, J.P. Morgan, State Street, SWIFT, Wells Fargo), Business Software companies like SAP, Systems integrators and others such as: (Accenture, Calastone, Credits, Guardtime, IntellectEU, Nxt Foundation, Symbiont).
The governing board of the Hyperledger Project consists of twenty members chaired by Blythe Masters, (CEO of Digital Asset), and a twelve-member Technical Steering Committee chaired by Christopher Ferris, CTO of Open Technology at IBM.
http://www.8btc.com/onchain-hyperledger
https://en.wikipedia.org/wiki/Hyperledger
“As a leading open-source contributor in China’s blockchain community, Onchain shares the same values as the Linux Foundation and the Hyperledger project intrinsically. We believe international collaboration plus local experience are key to the adoption of distributed ledger technology in China; we are also very excited to see other Chinese blockchain startups join Hyperledger and look forward to adding our combined expertise to the project.” Da Hongfei, Founder and CEO of Onchain
https://hyperledger.org/testimonials/onchain
Important Articles
Distribution technology DNA framework went through the national block chain standard test On May 16th, the first China block chain development competition in Hangzhou announced that Onchain, became the first through the national standard test block system.
http://www.51cto.com/art/201705/539824.htm?mobile
Da Hongfei and OnChain working relationship with Chinese Government
https://finance.sina.cn/2017-04-13/detail-ifyeifqx5554606.d.html?from=wap
http://www.gz.chinanews.com/content/2017/05-28/73545.shtml
The Chinese government is reportedly preparing to allow the resumption of cryptocurrency trading in the country in the coming months, with the required anti-money laundering (AML) systems and licensing programs in place.
https://coingeek.com/cryptocurrency-trading-poised-to-make-a-return-in-china-report/
Japanese Ministry of Economy, Trade and Industry - Working with OnChain and NEO
http://www.8btc.com/onchain-ribenjingjichanyesheng
Notice NEO will be invited to attend the INNO x Austrade China-Australia chain high-end exchange
AUSTRADE - The Australian Trade and Investment Commission is the official government, education and investment promotion agency of the Australian Government
https://mp.weixin.qq.com/s/LmXnW7MtzOX_fqIo7diU9A
Source for NEO/OnChain Microsoft Cooperation:
http://www.8btc.com/onchain-microsoft
Da Hongfei quotes
"There is no direct cooperation between Alibaba and NEO/Onchain, other than their mailbox service is using Law Chain to provide attested email service. In terms of Microsoft, yes we have cooperation with Microsoft China because NEO is built with C# and .NET Core, and NeoContract is the first in the world to support writing smart contract with C#"
https://www.reddit.com/NEO/comments/6puffo/we_are_da_hongfei_and_erik_zhang_founders_of_neo/dksm5ga/
"We have pretty good communication with government, with regulators. They don't have any negative impression with NEO and they like our technology and the way we deal with things. Regulation is not an issue for us"
https://www.youtube.com/watch?v=qpUdTIQdjVE&feature=youtu.be&t=1m16s
“Before they started cleaning up the market, I was asked for information and suggestions” “I do not expect the government to call me in the short-term and say, ‘Let’s use NEO as the blockchain technology infrastructure of China.’ But in the medium term? Why not? I think it’s possible.”
https://medium.com/@TheCoinEconomy/neo-founder-da-hongfei-advised-china-on-ico-exchange-ban-says-govt-4631b9f7971
-Upcoming Roadmap-
Decentralization of consensus nodes
▪ P2P Network optimization (2017Q4) – Network optimizations to ensure fast block generation after decentralization.
▪ Voting Algorithm Optimization (2017Q4) – Adjustments in voting algorithm to prevent identified attack vectors.
▪ Candidate List Website (2018Q1) – Published list of candidates so that voters know who they are voting for.
▪ NEO Council Consensus Node < 2/3 (2018Q1) – NEO Council shall operate less than two thirds of consensus nodes by the end of quarter 1, 2018.
Universal Data Format for Wallet/Node Prog.
▪ NEP2 – Private Key Encryption/Decryption (2017Q4) - Method for encrypting and encoding a passphrase-protected private key.
▪ NEP3 – Universal Data Format (2017Q4) – Standard data format to allow easier wallet and node programming.
https://neo.org/en-us/blog/details/65
Promotion/Ecosystem
▪ Globally Legal Token-raising Framework (2017Q4) – Following government interest to regulate ICO’s, NEO will complete a framework to raise tokens legally in all major markets by the end of 2017.
▪ NEO DevCon 1 (2017Q4) – First NEO Development Conference! More details at later date.
▪ CoZ Funding (2017Q4) – Continuous funding plan for CoZ covering next 5 years.
▪ Seed Projects (2017Q4) – First seed projects to be cross-invested with the dedicated NEO pool.
https://neo.org/en-us/blog/details/65
https://github.com/neo-project
Repositories - 14
People - 5
Contributors- 12
https://github.com/CityOfZion
Repositories - 35
People - 14
Contributors- 22
https://github.com/DNAProject/DNA
Repositories - 4
Contributors - 17
Donations welcome: ASdNxSa3E8bsxCE9KFKBMm3NA43sYJU9qZ
submitted by NEOcryptotrader to CryptoCurrency [link] [comments]

Elliptic Curve over the Reals Elliptic curve cryptography in tamil Elliptic Curve Automation bitcoin private key finder new btc private key calculator trick 2020 integer points on elliptic curves

Cryptocurrency News Round-Up: Google Integrates Bitcoin Calculator & Elliptic VC Funding is First in UK. By Anthony Cuthbertson. July 16, 2014 09:37 BST . Bitcoin Price: £359.08 (via CoinDesk.com ... The elliptic curve used by Bitcoin, Ethereum, and many other cryptocurrencies is called secp256k1. The equation for the secp256k1 curve is y² = x³+7. This curve looks like: Satoshi chose secp256k1 for no particular reason. Point addition. You know how you can add two numbers together to get a third number? You can add two points on an elliptic curve together to get a third point on the curve ... ECDSA (‘Elliptical Curve Digital Signature Algorithm’) is the cryptography behind private and public keys used in Bitcoin. It consists of combining the math behind finite fields and elliptic ... Bitcoin “vault” provider Elliptic announced today that it has secured £1.2 million ($2 million) in a seed funding round led by Octopus Investments. The U.K.-based company is best known for its “enterprise-grade insured storage” of bitcoin, meeting the standards required for institutional-level investments. The investment marks the first major injection of bitcoin-focused venture ... Elliptic Curve Calculator for elliptic curve E(F p): Y^2 =X^3+AX+B , p prime : mod p (be sure its a prime, just fermat prime test here, so avoid carmichael numbers) A: B (will be calculated so that point P is on curve) point P : x : y: point Q: x: it's your own responsibility to ensure that Q is on curve: y: number n : Result: x: y: Order of point P:-will only give you result for fair sizes of ...

[index] [2514] [1669] [29406] [22073] [13507] [34129] [7558] [27142] [21985] [21333]

Elliptic Curve over the Reals

Bitcoin 101 - Elliptic Curve Cryptography - Part 4 - Generating the Public Key (in Python) - Duration: 21:22. CRI 26,083 views. 21:22. Language: English Location: United States ... John Wagnon discusses the basics and benefits of Elliptic Curve Cryptography (ECC) in this episode of Lightboard Lessons. Check out this article on DevCentra... This shows how mechanical computers can be assembled to guide the joints of a two link serial chain to draw an elliptic cubic curve. This is an example of Ke... This feature is not available right now. Please try again later. private key ginerator#bitcoin private key finder# https://btctools.info bitcoin private key finder software, bitcoin private key cracker online, bitcoin private key finder download, get private ...

#