BITCOINS

And the Issues Related with them EMSE 6023 Fall 2013
Akshat Oswal Shishir Utture Snehit Mothe

BITCOINS

BITCOINS
And the Issues Related with them

Introduction
What are Bitcoins?
Bitcoin is a crypto currency, the laws if transferring of which are controlled by an open source cryptographic protocol. They are digital currency and the major way in which they are different from other currencies is that they have no centralised controlling unit, i.e. no one country has or organisation

BITCOINS

has complete control over the evaluation, transfer or trade of bitcoins. It is a peer-to-peer electronic cash system and are stored by associating an address with them known as wallet.

History of Bitcoins
The concept of Bitcoins was first proposed over a paper on the internet in November 2008, by Satoshi Nakamoto, pseudonymous developer. In January 2009, the bitcoin network came into existence with the issuance of the first bitcoins. The value of each bitcoin at the time of its launch was less than $0.01.

The value of a bitcoin reached parity with the US dollar in march 2011 and by the beginning of 2013, each bitcoin was approximately valued at around 15$ and currently its worth in excess of 600$.

*here we write stuff about the regulatory issues of bitcoins and also silk route

BITCOINS

How do Bitcoins work?

Each user is given a bitcoin address which they can use to purchase bitcoins from bitcoin client and also for making transactions from one user to another. Once bitcoins have been purchased, they are stored in the digital wallet of the user. A wallet has both a public key and a private key. Any transaction from the wallet can only be authorised using a private key. However, depositing bitcoins into another ones wallet requires only their public key. Since there is no central authority that checks every transaction, to avoid the problem of double spending, the earliest transaction is the one that counts and the transactions must be publicly announced.

BITCOINS

Bitcoins simplified
Theres a room that anyone can access. The room has security cameras that anyone can view, and every second of recorded footage is available online forever. The room is filled with indestructible piggy banks made of transparent plastic. Naturally, these piggy banks have coin slots, and everyone can see which coins are in which piggy bank. These piggy banks can never leave the room.

Each person has a key that can open their piggy bank. Lets say I want to buy a pair of alpaca socks, and you want to sell them. First, you tell me which piggy bank is yours. Then, I walk into the room with a ski mask on. Anyone in the world can see me on the security cameras, but not my face.

Next, I unlock my piggy bank, take some coins out and then put them into your locked piggy bank. I leave the room.

BITCOINS

Now, everyone in the world knows that your piggy bank has coins that were previously in my piggy bank. This is the case with every transaction, so everyone knows the history of every coin. [1]

Mining of Bitcoins
dfsdadfffa

Technology Issues
To understand the major issues faced by the bitcoin structure, and seek out any possible solutions to these issues, we must understand that the whole working of the bitcoin as an organization is done via the internet. Hence for this very reason most of the technology issues faced by bitcoins are related to cyber security. Some of the major issues which we discovered and could suggest
BITCOINS 6

viable solutions to, have been enlisted below and a detailed explanation of both the issue and solution will follow: 1. Wallet Vulnerability: The Wallets of users are stored without encryption and hence the bitcoins present in them are vulnerable to be stolen by an attacker.
2. Traceability: Tracing a bitcoins history can facilitate an attacker to get the information of its previous owners, thus compromising the anonymity of the previous owners of that bitcoin. 3. Lack of Governance: As previously stated, there is no arbitrator or moderator present to ensure that both parties involved in a bitcoin transaction have completed the deal fairly, hence in case of disputes the lack of an arbitrator poses a great issue. 4. Lack of Security: Cybercrime is a threat to the smooth functioning of bitcoin as techniques used in cybercrimes such as packet sniffing and clogging up the network affect the transaction of bitcoins adversely. 5. Malicious Miners Nexus: A cabal of expert miners might form a coalition and take advantage of the system used to generate bitcoins and mine bitcoins without publishing the results, hence making a profit by cheating the system. ADD MORE from this site: https://en.bitcoin.it/wiki/Weaknesses

BITCOINS

jhgjhj

In-depth Analysis Wallet Vulnerability

All the bitcoins owned by a certain user are stored in the digital wallet assigned to him/her. Hence protecting the users wallet is of utmost importance as it is the most vulnerable to an attack and the attacker can gain the most by gaining access to the wallet. Unfortunately the wallets are not encrypted, hence making it easy for an attacker to take advantage of this lapse in security and wallet vulnerable to attack. Every wallet has a private key and public key associated with it; these are used for making online bitcoin transactions. The private key is a crucial element used to ensure the safety of a users wallet. The private key is needed to gain access to a wallet. If a user feels that his private key has been compromised a mere change in password approach does not guarantee protection of the wallet; ie the user cannot guarantee the safety of his wallet by only changing the private key to a new private key. This is because each private key and wallet are linked to each other, and if a new private key is assigned to the same wallet, the old password is still linked with it. The old password can be easily retrieved by using existing retrieving mechanisms and hence the wallet still remains vulnerable to attack. The wallet is stored on the hard disk of the physical device used by the user to make transactions, ie a computer or mobile device. If this device is compromised, either physically or via software, it effectively makes the wallet vulnerable. If the hardware crashes, the bitcoins stored in the wallet on that hardware are lost forever and cannot be retrieved.

SOLUTION:

BITCOINS

The following are the solutions we would like to suggest after having analyzed and assessed the issues mentioned above: The foremost and the most effective way to counter wallet vulnerability is to encrypt the wallets. Encryption requires additional lines in the code thus making the initial process of making a wallet longer and more time consuming but it is tradeoff that any user would be happy to make in exchange of the additional security it provides to the wallet. Hence encrypting the wallet has more advantages than disadvantages and is a viable solution. Since the change of password has its obvious flaws we suggest the creation of a new wallet with every change in private key. This way a new wallet is first generated when the user wants to change the private key, the bitcoins from the old wallet are then drained from the old wallet into the new wallet and then the new wallet is secured with the new password. This way the problem of the old password still being linked with the new wallet is eliminated, hence even if the old password is retrieved by an attacker, he would gain access only to the old wallet, which would be devoid of any bitcoins and not to the new wallet. This feature ensures that securing a compromised private key is as easy as changing a password.

BITCOINS

Traceability The most marketed advantage of bitcoins is the anonymity of its users. The process of mining and carrying out transactions using bitcoins is structured so that its users are completely anonymous. This however is a utopic outlook; as analyzing the bitcoin world has lead us to the conclusion that bitcoins are really anonymous only if one personally mines them. The way bitcoin transactions function has been stated before and here we would like to add to it. Every bitcoin transaction is carried out via a bitcoin exchange and hence every transaction is recorded in the logs of the exchange that is used for the transaction. Once a bitcoin is transferred from one wallet to the other, it is forever associated with the wallet its been placed in,
BITCOINS 10

which means that the bitcoin effectively does carry some crucial information of the wallet of the user. Hence an attacker can match the address of the user to his identity by tracing the information associated with a certain bitcoin. Gaining access to the identity of a bitcoin user beats the whole purpose of the anonymity feature of bitcoins.
This issue has forced users to start paying extra for newly mined bitcoins, hence reducing the probability of their identities being made public.

SOLUTION Tracing the information associated with a bitcoin is not as easy as it sounds. It is a painstakingly lengthy and time consuming task. Hence the most effective way of reducing the disadvantages caused by this issue is to make transactions through multiple loops. What this means is if user A wants to make a payment for some product that is being sold by user B, A uses multiple loops to deposit the bitcoins into Bs wallet. Using multiple loops means that more information gets associated with the bitcoin, hence making the process of tracing the bitcoin even more difficult. This method

BITCOINS

11

gives this added advantage as opposed to A directly transferring the bitcoins to Bs wallet as the information linked with the bitcoin would then be lesser and hence easier to trace.

Lack of Governance The bitcoin transactions that works on the peer-to-peer protocols is completely based on the trust between its users. Analyzing the working of bitcoins we realized that trust between the users of bitcoins plays a vital role. This is due to

BITCOINS

12

the fact that bitcoins does not make use of any arbitrator or mediator. Unlike typical bank or credit card transactions, in which the user is given 100% fraud protection by the bank in case of any fraudulent charges, the bitcoin network lacks any governance. This means that incase a fraud does occur, for example if a user makes the deposit of certain agreed upon bitcoins into another users wallet in exchange of goods, but does
BITCOINS 13

not receive those goods, he cannot challenge and/or revert the transaction. All bitcoin transactions are irreversible and they do not have an arbitrator like a bank/government to ensure the authenticity of the transaction. Hence bitcoin transactions are wholly based on the trust factor, making the lack of governance a major issue. SOLUTION

BITCOINS

14

While considering the solution to this issue we felt that the anonymity factor must be protected. Hence we suggest that a feature that lets the users opt in for an anonymous arbitrator be made available to the users. This feature would provide a random anonymous arbitrator to a certain transaction once both users agree to use one. Its the responsibility of the arbitrator to then

BITCOINS

15

ensure that a smooth and fair transaction takes place. The reward for the arbitrator would be a percentage, in bitcoins, of the transaction he arbitrates payable by both the parties involved in the transaction. This suggestion offers a solution to the lack of governance without compromising on the anonymity factor.

Lack of Security
BITCOINS 16

Since the entire bitcoin industry functions via the internet, all the cyber threats related to the internet are inherent in the bitcoin network. The existing bitcoin infrastructure does provide some amount of protection from these threats and hence we would like to discuss the lack of security feature that specifically affect bitcoins. Ideally bitcoin transactions are meant to be carried out using the bitcoin address
BITCOINS 17

by the user, but if bitcoin transactions are done via IP address, the transaction is susceptible to man-in-middle attacks and the security of the users can be compromised. What this means is, if an attacker is monitoring a certain part of the network and the activities of certain IP addresses (which are public and available to anyone that has access to the internet), and a bitcoin transaction

BITCOINS

18

is taking place using the IP address, the attacker can easily tap into the transaction and hence effectively steal the bitcoins during the transaction. Another cyber security related issue arises if/when a user is using an unprotected and/or public network to make transactions. Attackers can make use of tools like packet sniffing to gain information from the transaction that a user undertakes thereby aiding the
BITCOINS 19

process of tracing a bitcoin or making a wallet vulnerable.

SOLUTIONS The security issue caused due to the use of IP address has already been resolved. The bitcoin exchanges have now disabled the option of letting a transaction take place via IP address hence making it mandatory for the users to use their wallet address.
BITCOINS 20

 Packet sniffing is used at particular nodes in the network and by using this tool the attacker can gain valuable information about the transactions being carried out using those nodes. Hence to ensure that bitcoin transactions are carried out safely the nodes can be encrypted thereby providing the much needed security to the users. Malicious Miners Nexus
BITCOINS 21

I will complete this part on Monday? --Who are you red guy???

Proposed Solutions
jglj;

Conclusion
jjhbhjh

BITCOINS

22

Citations
[1]http://www.quora.com/Bitcoin/How-would-you-explain-bitcoins-to-a-fiveyear-old

BITCOINS

23

References

BITCOINS

24