×
Copy
Open
Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
SFC / CSO
[email protected]
— — 2017-06-27 – p.1/40
Slide 2
Slide 2 text
( ) SFC ( ) CSO (Chief Science Officer) CEO 1993 M.Eng ( ) 2006 ( ) SFC 16 P2P 2011 → ( ) — — 2017-06-27 – p.2/40
Slide 3
Slide 3 text
Bitcoin (2014-06-02) http://www.slideshare.net/kenjiurushima/20140602-bitcoin1-201406031222 — — 2017-06-27 – p.3/40
Slide 4
Slide 4 text
1. 2. 3. — — 2017-06-27 – p.4/40
Slide 5
Slide 5 text
1. – – ECDSA ( DSA) Base58Check — — 2017-06-27 – p.5/40
Slide 6
Slide 6 text
(1) — — 2017-06-27 – p.6/40
Slide 7
Slide 7 text
(2) H m H(m) = H(m′) m′ (m′ = m) H(m) m m′ H(m) = H(m′) ( m′ = m) — — 2017-06-27 – p.7/40
Slide 8
Slide 8 text
SHA-1 https://shattered.it 2017 2 Google (CWI) — — 2017-06-27 – p.8/40
Slide 9
Slide 9 text
ID (+ ) TX ID (+ Merkle ) ( ) — — 2017-06-27 – p.9/40
Slide 10
Slide 10 text
SHA-256 × SHA-256 SHA-256 × RIPEMD-160 (1 ) scrypt ( ) Ethash (Dagger-Hashimoto ) DAG : Directed Acyclic Graph ( ) — — 2017-06-27 – p.10/40
Slide 11
Slide 11 text
— — 2017-06-27 – p.11/40
Slide 12
Slide 12 text
(RSA) RSA (RSA : Rivest, Shamir, Adleman) ECDSA ( DSA : Digital Signature Algorithm) — — 2017-06-27 – p.12/40
Slide 13
Slide 13 text
: < , > : : < , , > : OK NG — — 2017-06-27 – p.13/40
Slide 14
Slide 14 text
( ) ← CA — — 2017-06-27 – p.14/40
Slide 15
Slide 15 text
M A 60BTC — — 2017-06-27 – p.15/40
Slide 16
Slide 16 text
– : y2 = x3 + ax + b 3 X A + B = D A + A + . . . = nA A B C D — — 2017-06-27 – p.16/40
Slide 17
Slide 17 text
(EC) DSA G(x, y), p, a, b nG G, p, a, b n (n ) k(0 ≤ k ≤ n) kG, n nG — — 2017-06-27 – p.17/40
Slide 18
Slide 18 text
ECDSA secp256k1 Certicom : 256 : 512 ( ) 160 — — 2017-06-27 – p.18/40
Slide 19
Slide 19 text
( )
[email protected]
( ) ( )
[email protected]
( ) (SFC) — — 2017-06-27 – p.19/40
Slide 20
Slide 20 text
Base58Check 1. SHA-256 × RIPEMD-160 2. ( = 0) 3. SHA-256 × SHA-256 4. 4 2. ( ) 5. base58 base58 10 + 26×2 - 4 (l,I,O,0) = 58 l = , I = , O = , 0 = 58 — — 2017-06-27 – p.20/40
Slide 21
Slide 21 text
( ) → (malleability) — — 2017-06-27 – p.21/40
Slide 22
Slide 22 text
2. (malleability) ( ) — — 2017-06-27 – p.22/40
Slide 23
Slide 23 text
Script (General) Output: OP_DUP OP_HASH160 OP_PUSHDATA* OP_EQUALVERIFY OP_CHECKSIG Input: OP_PUSHDATA* OP_PUSHDATA* TX output addressed to a public-key digest and referring input — — 2017-06-27 – p.23/40
Slide 24
Slide 24 text
Script Processing Concatinates scripts: input → output Stack-based processing — — 2017-06-27 – p.24/40
Slide 25
Slide 25 text
(malleability) ⇒ SegWit . . . ( 2.0 ) — — 2017-06-27 – p.25/40
Slide 26
Slide 26 text
(1) — — 2017-06-27 – p.26/40
Slide 27
Slide 27 text
(2) — — 2017-06-27 – p.27/40
Slide 28
Slide 28 text
(3) — — 2017-06-27 – p.28/40
Slide 29
Slide 29 text
: , , 1 FinTech , 2016 https://www.boj.or.jp/announcements/release_2016/data/rel160831b5.pdf — — 2017-06-27 – p.29/40
Slide 30
Slide 30 text
( ) (= ) — — 2017-06-27 – p.30/40
Slide 31
Slide 31 text
256 256 ↓ acfedf64beb9d4c1670d1d0890e3231f5effc72fc8e54c3e31035196f86ae1f0 — — 2017-06-27 – p.31/40
Slide 32
Slide 32 text
m n OK : OP_2
OP_3 OP_CHECKMULTISIG : OP_DUP OP_HASH160 < > OP_EQUALVERIFY OP_EVAL : < A> < A> < C> < C> < > — — 2017-06-27 – p.32/40
Slide 33
Slide 33 text
— — 2017-06-27 – p.33/40
Slide 34
Slide 34 text
50% 253 50% 23 OK n 2n 2 160 80 SHA-1 (160 ) — — 2017-06-27 – p.34/40
Slide 35
Slide 35 text
— — 2017-06-27 – p.35/40
Slide 36
Slide 36 text
3. – – — — 2017-06-27 – p.36/40
Slide 37
Slide 37 text
( ) . . . — — 2017-06-27 – p.37/40
Slide 38
Slide 38 text
( ) — — 2017-06-27 – p.38/40
Slide 39
Slide 39 text
( ) A B SA SB SA ∩ SB — — 2017-06-27 – p.39/40
Slide 40
Slide 40 text
— — 2017-06-27 – p.40/40