暗号技術のリテラシー / Cryptography Literacy

Transcript

1. 3 SFC / CSO [email protected] — 3 — 2017-02-17 –

   p.1/38

2. Bitcoin (2014-06-02) http://www.slideshare.net/kenjiurushima/20140602-bitcoin1-201406031222 — 3 — 2017-02-17 – p.2/38

3. 1. 2. 3. — 3 — 2017-02-17 – p.3/38

4. 1. – – — 3 — 2017-02-17 – p.4/38

5. (1) — 3 — 2017-02-17 – p.5/38

6. (2) H m H(m) = H(m′) m′ (m′ = m)

   H(m) m m′ — 3 — 2017-02-17 – p.6/38

7. (+ ID) TX ID (+ Merkle ) ( ) —

   3 — 2017-02-17 – p.7/38

8. SHA-256 × SHA-256 SHA-256 × RIPEMD-160 scrypt ( ) Ethash

   (Dagger-Hashimoto ) DAG : Directed Acyclic Graph ( ) — 3 — 2017-02-17 – p.8/38

9. — 3 — 2017-02-17 – p.9/38

10. (RSA) RSA ECDSA ( DSA : Digital Signature Algorithm) —

    3 — 2017-02-17 – p.10/38

11. : < , > : : < , , >

    : OK NG — 3 — 2017-02-17 – p.11/38

12. ( ) — 3 — 2017-02-17 – p.12/38

13. M A 60BTC — 3 — 2017-02-17 – p.13/38

14. : y2 = x3 + ax + b 3 X

    A + B = D A + A + . . . = nA A B C D — 3 — 2017-02-17 – p.14/38

15. (EC) DSA G(x, y), p, a, b nG G, p,

    a, b n (n ) k(0 ≤ k ≤ n) kG, n nG — 3 — 2017-02-17 – p.15/38

16. ECDSA secp256k1 Certicom : 256 : 512 160 — 3

    — 2017-02-17 – p.16/38

17. ( ) [email protected] ( ) ( ) [email protected] ( )

    (SFC) — 3 — 2017-02-17 – p.17/38

18. Base58Check 1. SHA-256 × RIPEMD-160 2. ( = 0) 3.

    SHA-256 × SHA-256 4. 4 2. ( ) 5. base58 base58 10 + 26×2 - 4 (l,I,O,0) = 58 58 — 3 — 2017-02-17 – p.18/38

19. ( ) → (malleability) — 3 — 2017-02-17 – p.19/38

20. 2. – – (malleability) — 3 — 2017-02-17 – p.20/38

21. Script (General) Output: OP_DUP OP_HASH160 OP_PUSHDATA* <Public-key digest> OP_EQUALVERIFY OP_CHECKSIG

    Input: OP_PUSHDATA* <Signature> OP_PUSHDATA* <Public key> TX output addressed to a public-key digest and referring input — 3 — 2017-02-17 – p.21/38

22. Script Processing Concatinates scripts: input → output Stack-based processing —

    3 — 2017-02-17 – p.22/38

23. (malleability) ⇒ SegWit . . . ( 2.0 ) —

    3 — 2017-02-17 – p.23/38

24. (1) — 3 — 2017-02-17 – p.24/38

25. (2) — 3 — 2017-02-17 – p.25/38

26. — 3 — 2017-02-17 – p.26/38

27. (= ) — 3 — 2017-02-17 – p.27/38

28. 256 256 ↓ acfedf64beb9d4c1670d1d0890e3231f5effc72fc8e54c3e31035196f86ae1f0 — 3 — 2017-02-17 – p.28/38

29. m n OK : OP_2 <A> <B> <C> OP_3 OP_CHECKMULTISIG

    : OP_DUP OP_HASH160 < > OP_EQUALVERIFY OP_EVAL : < A> < A> < C> < C> < > — 3 — 2017-02-17 – p.29/38

30. — 3 — 2017-02-17 – p.30/38

31. 50% 253 50% 23 OK n 2n 2 160 80

    — 3 — 2017-02-17 – p.31/38

32. — 3 — 2017-02-17 – p.32/38

33. 3. – – Web of Trust — 3 — 2017-02-17

    – p.33/38

34. ( ) . . . — 3 — 2017-02-17 –

    p.34/38

35. ( ) — 3 — 2017-02-17 – p.35/38

36. ( ) A B SA SB SA ∩ SB —

    3 — 2017-02-17 – p.36/38

37. Web of Trust ( ) — 3 — 2017-02-17 –

    p.37/38

38. — 3 — 2017-02-17 – p.38/38