# bitcoins math

DESCRIPTION

A short seminar presentation on the technical background of Bitcoins. Some basic concepts behind bitcoin addresses are discussed. An overview on the concepts of transactions and blocks is given.TRANSCRIPT

IntroductionBitcoin addresses

TransactionsBlock chain

BitcoinsMathematical Background

Akram El-Korashy1

1Computer Science and EngineeringGerman University in Cairo

CSEN 1033 Seminar in Topics and Applications inCryptography, 2013

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Outline

1 IntroductionBitcoins network properties

2 Bitcoin addressesBTC address generation overviewBTC address cryptography

3 Transactions

4 Block chain

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Bitcoins network properties

Outline

1 IntroductionBitcoins network properties

2 Bitcoin addressesBTC address generation overviewBTC address cryptography

3 Transactions

4 Block chain

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Bitcoins network properties

Main features

Bitcoin addresses

Bitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchainsTransactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Bitcoins network properties

Main features

Bitcoin addresses

Bitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchains

Transactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Bitcoins network properties

Main features

Bitcoin addressesBitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchains

Transactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Bitcoins network properties

Main features

Bitcoin addressesBitcoins can be transferred between arbitrary nodes.Transactions can be received at any time.Transactions are broadcast within seconds.

Bitcoin blockchainsTransactions are verified within 10 to 60 minutes.Transactions are irreversible.Double spending is prevented by using a block chain.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Outline

1 IntroductionBitcoins network properties

2 Bitcoin addressesBTC address generation overviewBTC address cryptography

3 Transactions

4 Block chain

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressDefinition

DefinitionBicoin address is an identifier of 27-34 alphanumericcharacters, that represents a possible destination for a Bitcoinpayment.

Address GenerationA Bitcoin address is a 160-bit hash of the public portion of apublic/private ECDSA keypair.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressDefinition

DefinitionBicoin address is an identifier of 27-34 alphanumericcharacters, that represents a possible destination for a Bitcoinpayment.

Address GenerationA Bitcoin address is a 160-bit hash of the public portion of apublic/private ECDSA keypair.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressAddress Generation

Choose a random Elliptic-Curve key-pair. The public part isconverted into a BTC address

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressAddress Generation

The 20 bytes Message Digest from RIPEMD-160..

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Outline

1 IntroductionBitcoins network properties

2 Bitcoin addressesBTC address generation overviewBTC address cryptography

3 Transactions

4 Block chain

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressDefinitions and some Math

DefinitionBase58

encoding is a binary-to-text encoding, that uses onlythe alphanumeric characters (except 0,O,I, and l.)

DefinitionRIPEMD-160 is a cryptographic hash function that generates a160-bit digest of an arbitrary size block of data.

ExampleRIPEMD-160("The quick brown fox jumps over the lazy

dog") = 37f332f68db77bd9d7edd4969571ad671cf9dd3b

RIPEMD-160("The quick brown fox jumps over the lazy

cog") = 132072df690933835eb8b6ad0b77e7b6f14acad7

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressDefinitions and some Math

DefinitionBase58 encoding is a binary-to-text encoding, that uses onlythe alphanumeric characters

(except 0,O,I, and l.)

DefinitionRIPEMD-160 is a cryptographic hash function that generates a160-bit digest of an arbitrary size block of data.

ExampleRIPEMD-160("The quick brown fox jumps over the lazy

dog") = 37f332f68db77bd9d7edd4969571ad671cf9dd3b

RIPEMD-160("The quick brown fox jumps over the lazy

cog") = 132072df690933835eb8b6ad0b77e7b6f14acad7

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressDefinitions and some Math

DefinitionBase58 encoding is a binary-to-text encoding, that uses onlythe alphanumeric characters (except 0,O,I, and l.)

DefinitionRIPEMD-160 is a cryptographic hash function that generates a160-bit digest of an arbitrary size block of data.

ExampleRIPEMD-160("The quick brown fox jumps over the lazy

dog") = 37f332f68db77bd9d7edd4969571ad671cf9dd3b

RIPEMD-160("The quick brown fox jumps over the lazy

cog") = 132072df690933835eb8b6ad0b77e7b6f14acad7

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressDefinitions and some Math

DefinitionBase58 encoding is a binary-to-text encoding, that uses onlythe alphanumeric characters (except 0,O,I, and l.)

ExampleRIPEMD-160("The quick brown fox jumps over the lazy

dog") = 37f332f68db77bd9d7edd4969571ad671cf9dd3b

RIPEMD-160("The quick brown fox jumps over the lazy

cog") = 132072df690933835eb8b6ad0b77e7b6f14acad7

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressSecure Hash Algorithm-256

Input: arbitrary length data, Output: 256-bit digestMerkle-Damgard Construction (one-way compressionfunction, block ciphers)

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

DefinitionElliptic curve over a field Fp can be defined as the set of points (x,y)satisfying the equation

y2 mod p = (x3 + ax + b) mod p

Example

The set of affine points of the elliptic curve y2 = x3 − x over F61.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

DefinitionElliptic curve over a field Fp can be defined as the set of points (x,y)satisfying the equation

y2 mod p = (x3 + ax + b) mod p

Example

The set of affine points of the elliptic curve y2 = x3 − x over F61.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

Any signature algorithm has a Sign phase and a Verifyphase.

Some parameters agreed upon between sender andreceiver:

1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point

doubling (can be calculated from G!)6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

Any signature algorithm has a Sign phase and a Verifyphase. Some parameters agreed upon between sender andreceiver:

1 q field size

2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point

doubling (can be calculated from G!)6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

Any signature algorithm has a Sign phase and a Verifyphase. Some parameters agreed upon between sender andreceiver:

1 q field size2 FR the basis used - can assume a fixed basis

3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point

doubling (can be calculated from G!)6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

Any signature algorithm has a Sign phase and a Verifyphase. Some parameters agreed upon between sender andreceiver:

1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation

(field elements)4 G base point, and5 n its order - group element order, point addition, point

doubling (can be calculated from G!)6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)

4 G base point, and5 n its order - group element order, point addition, point

doubling (can be calculated from G!)6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point

doubling

(can be calculated from G!)6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

1 q field size2 FR the basis used - can assume a fixed basis3 a, b parameters of the equation (field elements)4 G base point, and5 n its order - group element order, point addition, point

doubling (can be calculated from G!)

6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

BTC address generation overviewBTC address cryptography

Bitcoin AddressElliptic Curve Digital Signature Algorithm

doubling (can be calculated from G!)6 h cofactor - order of the curve divided by n

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

TransactionsDefinitions

DefinitionA transaction is a signed section of data that is broadcast to thenetwork and collected into blocks.

It typically references previous transaction(s) and dedicates acertain number of bitcoins from it to one or more new publickey(s) (Bitcoin address).

It is not encrypted (nothing in Bitcoin is encrypted).

Transactions and Blocks are the main data structures.

A Block is composed of a header and a group of transactions.

Transactions are identified by their hash (SHA-256).

Blocks are identified by a hash of the header.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

TransactionsDefinitions

DefinitionA transaction is a signed section of data that is broadcast to thenetwork and collected into blocks.

It typically references previous transaction(s) and dedicates acertain number of bitcoins from it to one or more new publickey(s) (Bitcoin address).

It is not encrypted (nothing in Bitcoin is encrypted).

Transactions and Blocks are the main data structures.

A Block is composed of a header and a group of transactions.

Transactions are identified by their hash (SHA-256).

Blocks are identified by a hash of the header.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

TransactionsExample

Example

Principle example of a transaction

Script is a set of instructions for the receiver to follow in order tobe able to spend the Bitcoins.

An input is a reference to the output of a different transaction.Previous tx is the pointer to (hash value of) the transactionfrom which the bitcoin Value will be transferred.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

TransactionsExample

The main script instructions are:

The hash of the public key should match the bitcoinaddress specified in the transaction.The signature on the sent data should be verifiable by thepublic key.

Instructions are executed from the Output field of thereferenced transaction Previous tx

scriptSig is an ECDSA signature on small data (part of thetransaction). It serves as a proof that the transaction in which itexists was created by the real owner of the public address whichthe Previous tx was intended to.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Block ChainDefinition

DefinitionBlock chain is a transaction database shared by all nodesparticipating in a system based on the Bitcoin protocol.

Every block contains a hash of the previous block

BitCoin uses the SHA-256 hash algorithm to generate verifiably"random" numbers in a way that requires a predictable amountof CPU effort.

Akram El-Korashy Bitcoins Math

IntroductionBitcoin addresses

TransactionsBlock chain

Block ChainConcept

Block chain: Because a block can only reference one previousblock, it is impossible for two forked chains to merge.

(Tree goes bottom-up)

Akram El-Korashy Bitcoins Math

Appendix

References I

https://en.bitcoin.it/wiki/AddressAccessed March, 2013

Simple Tutorial on Elliptic Curve CryptographyAccessed March, 2013

https://en.bitcoin.it/w/images/en/9/9b/PubKeyToAddr.pngAccessed March, 2013

Bitcoin wiki: Technical background of bitcoin addressesAccessed March, 2013

rnks.informatik.tu-cottbus.de - A tutorial on elliptic curve cryptographyAccessed March, 2013

https://en.bitcoin.it/wiki/Category:TechnicalAccessed March, 2013

Akram El-Korashy Bitcoins Math