Bitcoin – A little Analysis

Milind Shah Yash Punamiya

Shri Bhagubhai Mafatlal Polytechnic Shri Bhagubhai Mafatlal Polytechnic
Mumbai, India Mumbai,India
[email protected] [email protected]

Abstract--Bitcoin is a cryptocurrency which uses the actual amount the sender wants to send to the
cryptography to secure transactions, and also receiver, and the output will be the receiver’s
control the flow of the currency. Bitcoin was address. For example, if person A (person A received
released as an open source software, and is known Bitcoins from person C) wants to send X amount of
to be the first decentralized digital currency. In Bitcoins to person B, then the input will be the
this paper, we discuss how a Bitcoin transaction address of person C, the amount will be X, and the
takes place, security measures that users currently output will be the address of person B.[2]
take, and potential flaws in the said measures. We
take a look at cyber-attacks that surrounded To complete any transaction, a Bitcoin address, and a
Bitcoin. We take a look at the peer-to-peer Bitcoin private key is needed. A Bitcoin address is simply a
network, and how this network is used to regulate sequence of randomly generated letters and numbers
and generate (mine) more Bitcoins. We also take a which are unique to a person. This address can be
look at how Bitcoin maintains anonymity between shared to anyone (to receive payments).A private key
users. is also a sequence of letters and numbers which is
used by the sender to “sign” a transaction. Without it
Introduction: completing a transaction isn’t possible. One way to
understand this would be a lock and a key. The lock
Bitcoin is a digital currency invented by Satoshi would be the address and the key would be the
Nakamoto in the year 2009. Bitcoin was the first private key. The lock is seen by everyone, but can
decentralized digital currency, and is still the most only be opened or used by someone holding the key
widely used digital currency in the whole wide world. to it. The transactions are encrypted by certain
Decentralized currency means that unlike any other encryption techniques which are nearly impossible to
currency, Bitcoin isn’t issued by any single authority break down or decrypt. Each transaction is hashed
or governed by any national or international banks using the SHA-256 encryption algorithm, and the
(however, certain countries like the United States generated hash is then used everywhere as the
have started regulating it). After the first two quiet transaction ID.
years, there are now over 15.2 million Bitcoins in
circulation and its values have fluctuated from as The data of all transactions needs to be stored
little as $3 to $1200 per Bitcoin. As of July 2016, 1 somewhere for verification. This data is stored in
BTC (Bitcoin) is worth around $652. Like other files called blocks. Each block has information about
currencies, Bitcoin is used to fulfill transactions of several transactions. These blocks are placed one by
goods and services, mostly in e-commerce one in a chain to form what is known as a blockchain.
applications. Bitcoin in a way is like hard paper A blockchain is essentially a database which stores
currency which is circulated virtually, because it is all the data of every transaction that has ever
almost as fast as cash exchanges, and is occurred. Every block contains the hash of the
nonrefundable too. previous block for verification purposes.

To complete a Bitcoin transaction, a person (the Unlike traditional currency where money is minted
sender) needs three things: an input, an amount and by national banks, there is no single authority that
an output. The input will tell us from where the does so for generating new Bitcoins. Instead, a
current sender got the Bitcoin amount. The amount is process called “Mining” has to be done to mine new
Bitcoins. Mining consists of solving mathematical The output of each transaction is an integer value
problems (encryption/decryption) and as a reward for which denotes the no. of Bitcoins being sent. The
mining, miners get Bitcoins. smallest unit of a Bitcoin transaction is 1 satoshi, and
108 satoshis make up what is known as 1 Bitcoin
Working of a Bitcoin Transaction: (BTC) [1].

Each and every transaction in the Bitcoin system is

encrypted using SHA-256. SHA stands for Secure
Hash Algorithm, and the generated hash is used to
verify the integrity of data by comparing it to a
known or expected hash value. The hash is a unique
256-bit (32-byte) combination of letters and numbers.
Even the change of one character in the data causes
the whole hash to change. For example, let’s take the
data ‘Bitcoin’. The hash produced for it is:

b4056df6691f8dc72e56302ddad345d65fead3ead929
9609a826e2344eb63aa4
Fig. 1 – Example of a chain of transactions
Now, if we change the ‘t’ in ‘Bitcoin’ to an ‘a’, the
Let’s take three transactions A, B and C and three hash changes to:
people X, Y and Z for example. In transaction A, 3.0
BTC is sent to X and is used to send 2.5 BTC to Y. 5e8bfa9b093b62b8fc0688b6c9a0f4eb2aaf699c382e7
Since there is an excess of 0.5BTC, it is sent to a 06f8aaf8aa246917e3c
change address belonging to X. Now in transaction
B, Z sends another 1.0BTC to Y. In transaction C, Y As you can see, the hash has changed drastically and
sends 3.0BTC to a random person. Since both the is extremely crucial. Even if one character from the
transactions C received aren’t equal to 3.0BTC, the hash is altered, the eventual decrypted data value will
amounts are clubbed and sent together, with the be changed completely.
excess 0.5BTC going to Y in a change address. The
How the ownership of a transaction is defined
validity of a Bitcoin and a transaction is heavily
dependent on whether the signature of each Bitcoin is Any transaction in Bitcoin doesn’t have any specific
correct in the transaction change. We will see this way to identify who the owner of the particular
later on.[3] transaction or amount is. A user is considered to be
the owner if he/she simply knows the private key to a
Transaction Format:
particular transaction. The only way a user is
In the world of Bitcoins, the transactions take place identified is by his public key hashes which are
in the form of a series of messages . Transactions and specified in pay-to-pub-key-hash transactions, which
the list of transactions (blockchain) is the only form are widely known as addresses. A user doesn’t need
of proof in Bitcoin. There aren’t any users, accounts to reveal his name or any other identifying
or identities that exist, all info available exists in the information at all. [1]
blockchain itself.
Mining
As Josseph Bonneau et al have put it, a transaction
A transaction based currency would have no security
contains an array of inputs and array of outputs [1] .
and verification measures if transactions were done
All transactions that have existed are hashed using
directly from party A to party B. Even though there
SHA-256, and the hash produced is then used as the
would be private keys that allowed only the recipient
transaction’s identifier.
to receive the transaction amount, a person could use
the same transaction ID twice and do the transaction
twice to receive double the amount. This is known as higher input value than the output value includes a
double spending attack[1][4]. transaction fee that is paid to the miners.

To overcome this, each transaction is required to be During the earlier days of Bitcoin, individual users
placed in a public log which everyone can access. were able to mine bitcoins by themselves and the
This log is known as the blockchain, which is a series power of their existing computers was enough to do
of ‘blocks’. Each block contains a list of transactions, so. However due to the extremely large amount of
and they contain the hash of the previous block, users using Bitcoin, and the amount of miners in
forming a chain. contention, mining now is done in pools instead. A
pool consists of thousands of miners working
This is where miners come into the picture. Miners together to solve the puzzles and the rewards are then
perform complex mathematical functions to shared amongst the pool members. Usually, each
determine which block will be considered as the next pool has a manager who for a small sum, collects the
block in the blockchain. The core ingredient for this rewards and then distributes the rewards based on the
is the use of a challenging computational puzzle used proportion of work each member does [1].
in the Bitcoin system.
The Bitcoin network
Essentially, miners’ computers collect the
transactions of the past 10 minutes into a new The Bitcoin network is an ad-hoc broadcast peer-to-
“transaction block”. Their computers are setup to peer network which is used by nodes to announce
calculate cryptographic hash functions and each new transactions and proposed blocks. The stability
miner’s job is to take the existing hash value, the and speed of this network is crucial. If there is any
transaction block info, and what is called a “nonce” latency between the finding of a block, and its
to produce a new hash value. Another miner then recognition in the form of a receipt by all nodes, there
repeats this process [1]. is an increased chance of a temporary fork. A fork is
when two or more blocks with the exact same
What makes it an extremely intensive process is that specifications are found at the same time. Thus, a
in the Bitcoin system, it is required that each new very quick and stable decentralized network is
hash value much start with a particular number of required to fulfill the job [1].
zeros. The miners have no way to predict which
nonce will produce a hash value that will have that Nodes in the network need to be able to discover
particular number of leading zeros, so they have to other nodes that are connected to the network.
generate multiple hashes until they find a hash with Bitcoin has several methods for peer discovery. Each
the right number of leading zeros. The current Bitcoin peer keeps track of IP addresses of peers it
number of required zeros is around 68 [1]. has previously seen in the form of a database. The
database is dumped into the peer’s hard drive every
The difficulty of the puzzle is adjusted if necessary so 15 minutes (and also when the peer exits the
that there is one new block found every ten minutes network). For discovery [3], Bitcoin peers broadcast
or so. As a reward for mining, miners get a particular their address onto the network once in a while. Peers
number of bitcoins in return. During the inception of can also ask for addresses from other peers using the
Bitcoin and its early years, the reward for every block GETADDR message and advertise addresses using
found was 50 Bitcoin. This has since been cut to half the ADDR messages.
to 25 Bitcoin, and there is a schedule which states
that the amount will be halved every four years till To prevent DOS attacks, Bitcoin also has an anti-
2140, after which there will be no new bitcoins DOS protection system [3]. Each Bitcoin peer uses a
created. To give miners even more incentive, miners reputation based protocol, wherein each node keeps
also get to claim any differences between all the what is known as a penalty score for every other node
inputs and outputs of the block they have just mined. in the network. Whenever an incorrect message is
For normal users however, any transaction with a sent to the node, the node increases the penalty score
of the node that sent that particular message.
Different messages have varying levels of score
penalties. When the penalty score reaches to 100, the
node bans the IP address of the node sending those
messages for 24 hours.
Our additions
Security
Bitcoin has gone through a lot of tough times. People
The client-side security in Bitcoin is an exciting and have called its doom many a times in the past but
important area of research. The strength of Bitcoin each time it lives through the bad patches, which
security is that it uses cryptography. Everything is shows a strong resiliency in the system. However, to
defined by laws of mathematics; there is no need of a make sure that it lives for a very long time, one thing
central party to manage it. Unlike online e-commerce that needs to be done is make it more accessible and
that relies on passwords or confidential credit card open it a lot more to the general public. Most people
information, Bitcoin relies on public key right now do not know what Bitcoin is or only have
cryptography for user authentication. heard of it once or twice. By making people more
aware about what it is and pointing out its
Like Bruce Schneier puts it, cryptography strength advantages, we can get more users on board, and a
can only be as much as the strength of its algorithms higher number of users would mean a longer lifespan.
which are SHA-256, ECDSA, RIPEMD-160. If the
algorithm gets broken, the cryptography system goes The best way to do this would be to get a huge online
down and for Bitcoin that is heavily built on vendor on board to start accepting Bitcoin as a valid
cryptography knowledge, it cannot be good. For now way to buy their products. Huge manufacturers like
there is no break to the algorithms used by Bitcoin. In Dell and Microsoft have already come on board and
the past few years cryptographer’s machines and accept Bitcoin as a payment method and online
work have become a lot more powerful to find such retailers like Newegg have too. This has led to an
breaks in algorithms. increase in users already, and by getting more
companies on board it’ll only grow.
Split control enhances the security in Bitcoin to store
it using k-of-n multi-signature script [1]. Valid Another aspect is to get individual people to start
signatures of k of these n keys are required to redeem using Bitcoin as their means of payment. For
the script [1]. It is basically like issuing a transaction example people who provide services online as
on your computer and getting a notification on your individuals can benefit heavily by accepting Bitcoin,
smartphone to confirm the transaction, for example as the transactions are irreversible, which is a huge
making the wallet a lot more secure. Funds stored problem in the modern online service websites.
under single public key can be shared among n Online security is a huge problem, and not everyone
parties using threshold cryptography. Threshold is aware enough to keep themselves secure on the
cryptography keeps the parameters k and n private Internet. Although Bitcoin might not be perfect, it
but achieves the same k-of-n security. surely has the means to keep a few aspects of the
average user safe, like payment details and so on.
Users are able to encrypt their private keys by
encrypting their Bitcoin wallet with Advanced Literature Survey
Encryption Standard symmetric-key algorithm.
[1] SoK: Research Perspectives and Challenges
Having to enter passphrase of these encrypted keys,
for Bitcoin and Cryptocurrencies - Joseph
some of simpler attacks are mitigated.
Bonneau, Andrew Miller et al.
Since Bitcoin theft is not criminalized everywhere, it [2] Behind Closed Doors: Measurement and
is both interesting and valuable to hackers. It may be Analysis of CryptoLocker Ransoms in
many years till we see a criminal being prosecuted Bitcoin - Kevin Liao, Ziming Zhao, Adam
for stealing bitcoins. Doupe, and Gail-Joon Ahn
[3] Bitcoin over Tor isn’t a good idea - Alex
Biryukov and Ivan Pustogarov
[4] G. O. Karame, E. Androulaki, and S.
Capkun - “Double-spending fast payments
in bitcoin”