ブロックチェーン連続講義 第2-4回 暗号技術のリテラシー / Cryptography Literacy

Transcript

1. 2 4 SFC / CSO ks91@sfc.wide.ad.jp — 2016-08-12 – p.1/38

2. Bitcoin (2014-06-02) http://www.slideshare.net/kenjiurushima/20140602-bitcoin1-201406031222 — 2016-08-12 – p.2/38

3. 1. 2. 3. — 2016-08-12 – p.3/38

4. 1. – – — 2016-08-12 – p.4/38

5. (1) — 2016-08-12 – p.5/38

6. (2) H m H(m) = H(m′) m′ (m′ = m)

   H(m) m m′ — 2016-08-12 – p.6/38

7. (+ ID) TX ID (+ Merkle ) ( ) —

   2016-08-12 – p.7/38

8. SHA-256 × SHA-256 SHA-256 × RIPEMD-160 scrypt ( ) Ethash

   (Dagger-Hashimoto ) DAG : Directed Acyclic Graph ( ) — 2016-08-12 – p.8/38

9. — 2016-08-12 – p.9/38

10. (RSA) RSA — 2016-08-12 – p.10/38

11. : < , > : : < , , >

    : OK NG — 2016-08-12 – p.11/38

12. — 2016-08-12 – p.12/38

13. M A 60BTC — 2016-08-12 – p.13/38

14. : y2 = x3 + ax + b 3 X

    A + B = D A + A + . . . = nA A B C D — 2016-08-12 – p.14/38

15. (EC) DSA G(x, y), p, a, b nG G, p,

    a, b n (n ) k(0 ≤ k ≤ n) kG, n nG — 2016-08-12 – p.15/38

16. ECDSA secp256k1 Certicom : 256 : 512 160 — 2016-08-12

    – p.16/38

17. ( ) ks91@cornell.edu ( ) ( ) t90123ks@sfc.keio.ac.jp ( )

    (SFC) — 2016-08-12 – p.17/38

18. Base58Check 1. SHA-256 × RIPEMD-160 2. ( = 0) 3.

    SHA-256 × SHA-256 4. 4 2. 5. base58 base58 10 + 26×2 - 4 (l,I,O,0) = 58 58 — 2016-08-12 – p.18/38

19. ( ) — 2016-08-12 – p.19/38

20. 2. – – (malleability) — 2016-08-12 – p.20/38

21. Script (General) Output: OP_DUP OP_HASH160 OP_PUSHDATA* <Public-key digest> OP_EQUALVERIFY OP_CHECKSIG

    Input: OP_PUSHDATA* <Signature> OP_PUSHDATA* <Public key> TX output addressed to a public-key digest and referring input — 2016-08-12 – p.21/38

22. Script Processing Concatinates scripts: input → output Stack-based processing —

    2016-08-12 – p.22/38

23. (malleability) — 2016-08-12 – p.23/38

24. (1) — 2016-08-12 – p.24/38

25. (2) — 2016-08-12 – p.25/38

26. — 2016-08-12 – p.26/38

27. (= ) — 2016-08-12 – p.27/38

28. 256 256 ↓ acfedf64beb9d4c1670d1d0890e3231f5effc72fc8e54c3e31035196f86ae1f0 — 2016-08-12 – p.28/38

29. m n OK : OP_2 <A> <B> <C> OP_3 OP_CHECKMULTISIG

    : OP_DUP OP_HASH160 < > OP_EQUALVERIFY OP_EVAL : < A> < A> < C> < C> < > — 2016-08-12 – p.29/38

30. — 2016-08-12 – p.30/38

31. 50% 253 50% 23 OK n 2n 2 160 80

    — 2016-08-12 – p.31/38

32. — 2016-08-12 – p.32/38

33. 3. – – Web of Trust — 2016-08-12 – p.33/38

34. ( ) . . . — 2016-08-12 – p.34/38

35. ( ) — 2016-08-12 – p.35/38

36. ( ) A B SA SB SA ∩ SB —

    2016-08-12 – p.36/38

37. Web of Trust — 2016-08-12 – p.37/38

38. — 2016-08-12 – p.38/38