CE235 Computer Security Bitcoin

Assignment 2: Blockchain and Mining with Proof-of-work for Bitcoin

CE235 Computer Security

1. Introduction

1.1 Bitcoin Mining Bitcoin is a cryptocurrency. In the Bitcoin system Bitcoins are mined through proof-of-work mechanism.

Bitcoin miners are given technical puzzles to solve. There is only one puzzle at any time with a given difficultylevel, which is set by the system administrator. New puzzlesare created after the current one is solved.The first miner who solves the puzzle is awarded a specified number of bitcoins. The winner creates and sign anew block with digital signature technology and broadcast to other Bitcoin users. The signed block is linked to

the previous signed blocks. These blocks form a chain of blocks (called blockchain) as shown in the followingfigure. The new signed blocks are verified by others and could become mature after being confirmed by a givennumber of miners, which is measured by length of blocks linked to the new blocks.

1.2 Technical puzzle

The puzzle set in the proof-of-work is to find a specific integer number (called nonce), which together with afew other numbers (such as hash value of the previous block, the transactions to be included to the new block)are hashed with SHA-256 algorithm and the hashed value satisfies a given condition.The puzzle can be formulated as follows:where preHash is the hash value of the previous block, Tx is transaction of bitcoins. levelHard is a given number,usually controlledby requiring a consecutive number of most significant bits (MSB) being zeros, for examplethe first 30 MSBs being zero. The more MSB zeros required on levelHard, the more difficult to solve the puzzle(finding the nonce satisfying the condition). Below gives a binary number with the 15 MSB being zeros and 5least significant bits (LSB).

(MSB) 00000000000000011100000101111110011010101100000 (LSB)

1.3 Signing and verifying a new block The first miner solving the puzzle will create a new block, which includes a block header (storing the digital

signature of this new block, which will include the hash value of the block body) and a block body. The blockbody includes the hash value of the previous block, the foundnonce and transactions included in this block.代写CE235 Computer Security Bitcoin  Thedigital signature is created by encrypting the hash value of this new block with private key. The block is linkedto the last block of the existing blockchain and broadcast. The new block will then be verified by others using

he winning miner’s public key and checking the hash values of this and previous blocks.

Block n find nonce, subject to: hash(preHash, nonce, Tx) < levelHardThis assignment takes 18% of the marks (18 marks) of this module. The aim of the assignment is to write aPython program, which will implement a simplified version of Bitcoin mining and digital signature schemes asshown in the following figure, with additional task of protecting the confidentiality of the signed message (fromby encrypting/decrypting the signed message (such as with an extra RSA key pair for the validator).

2.1 Task1: Create a RSA public/private key pair with 1024 bits key length [1 mark]

o The RSA key pairs will be used in Task3 and Task4 of this assignment.

o The created RSA public {n,e} and private keys {n,d} need to be displayed with the followingformat:

2.2 Task2: Find a nonce with hash algorithm SHA-256, which is a hash value satisfying requirement of the 6 least significant bits (LSB) being zero [4 marks]. Produce a figure (or a table) which shows the computation time (denoted by T) used to find a valid nonce by your own computer against the number of required LSB being zero (denoted by N) changing from 1 to 8 [3 marks].

o Hint: you can extend Example 4 in the provided sample program to complete this task. Example 4

generates only one nonce and check if the nonce is valid.o You should try many random integers as nonce (with a loop) until you successfully find a noncethat meets therequirement. The only output from this task is the nonce, which needs to be displayedwith the following format (suppose the found nonce is 12345):

o You can use your program to produce the figure/table automatically, or you can record thecomputation times and create the figure/table using other software, then present it to the teachingstaff members during your demonstration. Not to submit the figure/table to Faser.

2.3 Task3: Digitally sign the nonce and your student number with the RSA private key [3 marks]

o The message to be signed is a string consisting of the nonce (found with 6 LSB being zero) andyour student number, which are separated by a space. For example, if the found nonce is 12345 andyour student number is 54321, then the message to be signed needs to be a string “12345 54321”

o You need to sign the message with RSA key pair generated in Task 1.

o The outputs of this Task3 include the hashed value of the message and the signature, which need tobe displayed with the following format.13Valid Nonce: 123452.4 Task4: Verify the signature [3 marks]

o The signature verification is to be achieved by decrypting the digital signature with public key{n,e} generated in Task 1 to get the hash value from the signature andcompare it to the oneobtained from hashing the signed message.

o The process of signature verification needs to output yes or no depending on the verificationoutcome.

2.5 Task5: Protect the confidentiality of the signed message from Task 3 by encrypting/decrypting

the signed message [4 marks]

o You should generate another RSA key pair for the validator.

o The signed message should be encrypted with a key of the validator by the user who signs themessage.

o The encrypted signed message should be decrypted with another key of the validator before thesignature validation by the validator.

3. Sample ProgramWe provide a sample python program miningBitcoin_sample.py, which includes most of the needed

RSA encryption and digital signature functions to complete the above tasks. It can be run from integrateddevelopment environments (IDLE). It can also be run from the command line like this:python mingingBitcoin_sample.py

You should modify the sample python program to complete the tasks. Your own program should have a namelike cs_bitcoin_registrationnumber.py (replace registrationnumber by your own registration number). Forexample, if your registration number is 1234567, your filename will be:

cs_bitcoin_1234567.py

Your program must run from the command line like this:

python cs_bitcoin_1234567.pyThe outputs of your program are required to be displayed, following the specified format for marking purposes.