BitShares Forum
Main => General Discussion => Topic started by: bitcoinerS on September 30, 2014, 03:03:17 am
-
For those wanting deeper understanding of Bitcoin protocol.
Bitcoins the hard way: Using the raw Bitcoin protocol (http://bit.ly/YEyrQj)
Mining Bitcoin With Pencil and Paper (http://bit.ly/YEwBi6)
-
also interesting:
https://bitcoin.org/en/developer-guide
-
Mining Bitcoin With Pencil and Paper (http://bit.ly/YEwBi6)
minute 4:05 "constant provided by the NSA" haha
-
Yhea .. you should read about the constants in the ECC used in all coins including btsx
-
Yhea .. you should read about the constants in the ECC used in all coins including btsx
can you (or anyone) describe what the function of elliptic curves is for bitcoin and others and possibly how it fulfill this function? I surely am not capable of understanding in math language...
The article also refers to the involvement of the NSA in creating Sha256 (footnote 2). Is it verifiably known that the NSA also encrypts their important stuff this way?
-
ECC (elliptic curve crypto) build on elliptic curves (EC) .. not just any but the *discretized* version of a EC.
Further, in bitcoin and almost any other cryptocurrency (except NXT and CryptoNote) ONE particular curve is used.
That particular curve is the bases of all asymmetric crypto in crypto currencies .. so you have one public key and a different private key ..
in shares secret crypto systems, you just have one shared key (a password so to say)
the curve that is used in btc and here is called "Secp256k1" https://en.bitcoin.it/wiki/Secp256k1
and defined by a set of numbers:
The elliptic curve domain parameters over Fp associated with a Koblitz curve secp256k1 are specified by the sextuple T = (p,a,b,G,n,h)
these numbers basically come from 'somewhere' and in contrast to the SHA256 numbers we here have:
secp256k1 was almost never used before Bitcoin became popular, but it is now gaining in popularity due to its several nice properties. Most commonly-used curves have a random structure, but secp256k1 was constructed in a special non-random way which allows for especially efficient computation. As a result, it is often more than 30% faster than other curves if the implementation is sufficiently optimized. Also, unlike the popular NIST curves, secp256k1's constants were selected in a predictable way, which significantly reduces the possibility that the curve's creator inserted any sort of backdoor into the curve.
//edit:
BTW, the question around the "right" initialization values for hash functions and other crypto schemes has it's own wiki-page and covers a set of
"Nothing up the sleve" numbers:
http://en.wikipedia.org/wiki/Nothing_up_my_sleeve_number
-
This is a good article explaining a basic Bitcoin-like system: https://www.igvita.com/2014/05/05/minimum-viable-block-chain/
I'd be interested in possibly switching to Curve25519 in a future system: https://en.wikipedia.org/wiki/Curve25519
-
This is a good article explaining a basic Bitcoin-like system: https://www.igvita.com/2014/05/05/minimum-viable-block-chain/
I'd be interested in possibly switching to Curve25519 in a future system: https://en.wikipedia.org/wiki/Curve25519
Could you also take a look at Lamport signature? they are quantum proof. need longer pubkeys and can be used only once .. not sure if it makes sense... but this would be the first quantum proof transactions!
http://en.wikipedia.org/wiki/Lamport_signature
http://www.reddit.com/r/CryptogenicBullion/comments/22rwpa/proposal_first_mover_using_lamport_signatures_for/
-
I thought BTC is believed to be quantum proofed?
No?
-
I thought BTC is believed to be quantum proofed?
No?
Nop
http://bitcoinmagazine.com/6021/bitcoin-is-not-quantum-safe-and-how-we-can-fix/
but difficulty depends if you have already sent bitcoin from an address (such that the pubkey is available) or not ..
-
This is a good article explaining a basic Bitcoin-like system: https://www.igvita.com/2014/05/05/minimum-viable-block-chain/
I'd be interested in possibly switching to Curve25519 in a future system: https://en.wikipedia.org/wiki/Curve25519
Could you also take a look at Lamport signature? they are quantum proof. need longer pubkeys and can be used only once .. not sure if it makes sense... but this would be the first quantum proof transactions!
http://en.wikipedia.org/wiki/Lamport_signature
http://www.reddit.com/r/CryptogenicBullion/comments/22rwpa/proposal_first_mover_using_lamport_signatures_for/
I don't expect anyone to care about this generation of DACs anymore by the time any quantum attacks become relevant.
I'm no expert but my primary concerns are (1) using something that has been widely analyzed and believed to be safe (http://safecurves.cr.yp.to/), (2) using something that is relatively not-difficult for experts to implement (and thus analyze) and that has multiple different implementations, and (3) using something fast.