[cryptography] stanford talk: Juan Garay: The Bitcoin Backbone Protocol: Analysis and Applications

=JeffH Jeff.Hodges at KingsMountain.com
Mon Apr 20 12:01:21 EDT 2015


this seems to be their associated paper..

https://eprint.iacr.org/2014/765.pdf


Subject: Tuesday,
  April 21 -- Juan Garay: The Bitcoin Backbone Protocol: Analysis
  and Applications
From: David Wu <dwu4 at cs.stanford.edu>
Date: Thu, 16 Apr 2015 18:56:43 -0700
To: security-seminar at lists.stanford.edu

   The Bitcoin Backbone Protocol: Analysis and Applications

                          Juan Garay

                   Tuesday, April 21, 2015
                        Talk at 4:15pm
                          Gates 498

Abstract:

Bitcoin is the first and most popular decentralized cryptocurrency to date.
In this work, we extract and analyze the core of the Bitcoin protocol,
which we term the Bitcoin "backbone," and prove two of its fundamental
properties which we call "common prefix" and "chain quality" in the static
setting where the number of players remains fixed. Our proofs hinge on
appropriate and novel assumptions on the "hashing power" of the
adversary relative to network synchronicity; we show our results to be
tight under high synchronization.

Next, we propose and analyze applications that can be built "on top'' of the
backbone protocol, specifically focusing on Byzantine agreement (BA)
and on the notion of a  public transaction ledger. Regarding BA, we observe
hat Nakamoto's suggestion falls short of solving it, and present a simple
alternative which works assuming that the adversary's hashing power is
bounded by 1/3. The public transaction ledger captures the essence of
Bitcoin's operation as a cryptocurrency, in the sense that it guarantees the
liveness and  persistence of committed  transactions. Based on this  notion
we describe and analyze the Bitcoin system as well as a more elaborate BA
protocol, proving them secure assuming high network synchronicity and that
the adversary's hashing power is strictly less than 1/2, while the
adversarial
bound needed for security decreases  as the network desynchronizes.

This is joint work with Aggelos Kiayias (U. of Athens) and Nikos Leonardos
(U. Paris Diderot -- Paris 7).


More information about the cryptography mailing list