We encourage students and young researchers to submit their paper or their thesis work to our research competition.
Submissions are open until 15 October.
Cash prizes will be awarded and winners will be allowed to present their work at an international blockchain conference.
More details here and here and here and here is the submission link (some older announcements).
Tomorrow 20 July Ethereum are going to invalidate more than 50M$ worth of Ethereum stolen by some rogue hacker group.
Congratulations to our community for this brave decision!
Support for this decision must be shown by all honest citizens of crypto space by upgrading ASAP geth.exe and mist wallets to the new version, for example now, and voting FOR THE FORK and against the illicit gains.
This will NOT be the end of the story, as people who do NOT agree will be operating their own fork of Ethereum. There is a lot of sympathy out there for this sort of organized hacker groups which exhibit a high level of skills and ability. So we will have TWO Ethereum blockchains: the normal official Ethereum blockchain and a darker less well supported version of it. We expect that starting from tomorrow both chains will operate. Or the old chain will operate for some time until it possibly declines [or not].
Questions:
EDITED and ADDED 24-27 July 2016.
YES! We have the dark/old/orphaned/illegitimate Ethereum coins trading. Poloniex has started listing them under the name of ETC = Ethereum Classic. Also Bitfinex lists them.
It is very difficult to explain what is going on here. Few points:
Remarks/Related: This older blog post by Dr. Courtois regarding a crypto currency divorce/splitting into two is cited, cf. pages 49 and 84, in a report by the British government Chief Scientific Adviser, Sir Mark Walport, “Distributed Ledger Technology: beyond block chain, here, 19 jan 2016.
In a few minutes, cf. countdown, the amount of bitcoins attributed to each block mined will be divided by 2 in one single step. A rare event which happens once approximately every 4 years.
This is an artificial shock which is tolerated by the bitcoin community in the name of misplaced ideology that whatever was decided by Satoshi Nakamoto is brilliant and should not be changed.
However programming a sudden jump in a monetary policy of a crypto currency is a terrible engineering blunder and simply a very bad thing to have.
In the short term it will probably have positive effects:
Bitctoin has this peculiar property that miners mine at a massive scale to support a relatively small payment network, compared to more traditional [centralized] payment systems.
Why did we call this madness???
They have never been in a human history a financial system in which each new transaction would require such incredibly large subsidy per transaction, imagine that I sent 10$ do someone using bitcoin. In order to make this transaction work miners have spent a few dollars mining. This is the cost for one single transaction to be included in the blockchain. This depending on its size in Kbytes, the current price of bitcoin, and block reward [to be divided by two now].
This is paid by newly created coins, or as some people have claimed by “debasement” of the currency. More coins means less value potentially for current coin holders. In fact NOT necessarily: the currency do actually appreciate because the bitcoin economy grows.
We could call this seigniorage cash flow or seigniorage income which pays for the network to function. The problem however is that it is quite expensive. It is a very unusual way to pay for a payment network to function here by mining, more or less for profit, or maybe rather at a loss. Seigniorage income is not a pure income without a cost, or income does not equal profits or net income after all expenses deduced. In fact the usual definition of seigniorage is the amount which is the difference between the money face value and the cost of its production. Here this difference is frequently negative [which is not totally unusual, for example many metallic coins are manufactured at a loss by central banks, they cost more to manufacture than the face value]. However someone must pay the bill, there are here questions of altruism, [positive] externalities and hidden subsidies in the crypto currency economy.
Eventually the effect of this is probably a decline of bitcoin in the medium and long term. Why?
An interesting question is: Will bitcoin hash rate be divided by two tomorrow?? This would be natural if miners were rational and miner profitability tended to some sort of equilibrium.
We are holding our breath. It can followed in real time here.
In the past the author of this blog has predicted that the hash rate of Dogecoin will be divided by 2 overnight, and this is exactly what happened, in fact it happened in the space of hours, actually it has happened MORE THAN ONCE, and exactly as predicted, in April 2014 and later, see Section 11.4 in this paper and here and here is a video.
BTW. The exact rule is NOT that it will be exactly divided by 2, but it has been a good approximation in the past.
Bitcoin and many other crypto currencies have been genetically programmed to self-destruct. This is undeniable, see this paper.
This “programmed” decline on bitcoin could be very slow and take 10-20 years.
But it could be also very fast, just because miners who are wealthy people with a lot of power influence, will simply decide to mine another crypto currency which is more reasonable [less “anomalous“] or more technologically advanced than bitcoin or simply faster, e.g. Ethereum.
However again, bitcoin is a DOMINANT crypto currency, and as such it will have a tendency to avoid the decline or not to decline. Bitcoin is the Microsoft of cryptocurrency. It enjoys a position of a natural monopoly with lots of positive externalities. A comfortable position which also makes bitcoin does not need to be particularly good at their business, just “good enough” [Antonopoulos LA bitocin meetup]. Some level of madness, or inability to reform/change/improve will not erode its dominant position. Other people need to work very hard to bring innovations and improvements to market, bitcoin doesn’t need to(!). It can cynically adopt them later when they mature.
For a longer discussion of the questions whether bitcoin is exempt from the “programmed decline” which is in the DNA of bitcoin, yet potentially the “dominant position effect” is yet stronger, we refer to Section 12 of our older paper.
Some 50 millions of dollars have been stolen from DAO token holders (including myself). The DAO is by the way, claimed to be closing [Tual]. Closing or not, it remains a smart contract which should allow DAO holders to get some of their initial ethers back.
Now can the thief spend his Ethers without being caught (for now locked until 14 July)? Or will community agree to simply invalidate these tokens (hard fork or/and a decision by 51% of ETH miners)?
A person claiming to be the thief himself have made a public statement explaining that [after consulting a law firm] given the DAO official rules, the money is rightfully theirs. The thief claims that the DAO was intentionally designed to allow this sort of action. Moreover he threatens legal action against Ethereum programmers or DAO curators, if they decided to invalidate his tokens. Lawyers don’t really agree: “code vulnerability doesn’t equal consent”, and “criminal laws may have been broken”.
Now the thief [apparently a group of people] decided to oppose any such fork by another method: they announced that they will basically PAY the ETH miners to oppose the fork. They have lots of ETH to do so. It looks like some highly skilled gangsters are trying to see if it is possible to corrupt ETH community from the within and with cash. Will they succeed?
We have heard about the CIA/NSA Uber Apple/Google/Facebook, food industry, rampant imperialism which emanates from a handful of countries… and how these forces corrupt politicians and business circles in many other countries.
Well actually in many cases it is self-inflicted misery. In many cases it is politicians and business people who run these countries do not want them to have a future.
For example it is interesting to compare how much different countries spend on R&D, this in percentage of GDP. In many countries, they spend such a tiny portion of their own money on giving themselves a future, so that they compromise their future. It is clearly NOT true that they have no money. Politicians are not just corrupted, they ask to be corrupted and they send their children to live abroad. Some countries want to be miserable. Tomorrow, in the best case they will be slaves working for people from other countries, or simply unemployed and under-developed.
Here are some figures selected from world bank stats on the GDP percentage different countries spent on R&D [public+private combined].
A major paper trying to explain why security experts have so frequently failed. 
Cormac Herley: The Unfalsifiability of Security Claims paper /slides.
It starts with a great classic, Karl Popper philosophy of science which would be the basis to say “security” is some sort of pseudo-science. We read that “there is no empirical test that allows us to label an arbitrary system (or technique) secure”.
I thought the same for the last 20 years, but in fact, well, possibly there is one.
As long as MONEY is stored in computer systems in terms of private keys [e.g. bitcoins] it is that either these bitcoins will be stolen OR the system is secure or secure enough [for short or medium term]. This combined with reputation of vendors, developers and scientists could win us the repeated game: achieve secure systems.
One problem however is that reputation of these people is at all times low due to the Snowden scandal. We are today more relucant to trust experts and vendors.
Here come bets, crypto challenges and prediction markets. It is one thing to claim that something is secure, another thing is to bet money on it. The problem maybe is that until now experts and developers had no incentive to get it right or to be right. Many have been corrupted or manipulated to give wrong security advice. Bad security advice and misplaced priorities has in my opinion been the primary activity for decades, in bitcoin, linux, mainstream crypto community, etc.
Going back to the paper the author also claims that “errors accumulate” and that we can be even “blind to danger”… Interesting.
For decades the dominant paradigm in crypto and security research would be:
In general my nearly 20 years of experience in this sector have been appalling and I deplore the low level of ethics in this research community, toxic concentration of power and money and all the forms of scientific bias caused by that.
This is now changing after the Snowden revelations.
A major paper on the topic of subversion of random number generators has been published. RNGs are really THE place where cryptographic protections could be and were subverted, a lot more easily than elsewhere. In contrast it is very hard to subvert a symmetric cipher or a hash function.
Some citations:
“The study of subversion of cryptographic systems — how to undetectably and securely subvert them, and how to defend against subversion — is a central one”.
This paper concentrates a lot of attention to the question of immunization: how to a backdoor-ed RNG can be used securely or rendered inoffensive: for example due to post-processing or by having an auxiliary input.
DEADLINE EXTENDED 15 OCT 2016.
============================
We have created a fund for research prizes for beginning researchers in bitcoin and blockchain security and financial cryptography.
In 2016 we are going to award prizes for student thesis and student paper work. Here is our press release.
Submissions will be accepted until 15 Oct 2016, cf. here, and we have a committee of senior academics which will judge the submissions. Winners will be invited to present their work at a bitcoin conference (TBA).
Confirmed sponsors are Blockchain.com, Clearmatics, Finyear, Tramonex, and a number of individual UCL bitcoin seminar donators.
Contact email: blockchainresearchprize@bettercrypto.com
In the last 2 weeks it was possible to buy DAO tokens, a major new form of distributed business constructed to run on ETH blockchain. Until Friday 12 May 2016 some 50 M$ were invested. Then the price of these tokens has started raising [following the pre-determined rule] for the last 2 weeks of token pre-sale. This has resulted in an unprecedented spike in investment: just during this week-end investors have invested another 57 M$. It has captured more than 13% of all ETH in existence and counting.
The DAO is claimed to be created by an anonymous or leader-less entity. 
This seems to be just a pure publicity stunt and a lame attempt to avoid any legal responsibility for the people who has created it and run it (cf. DAO Curators here). This DAO is simply another blatant attempt to create a new form of social organization which can circumvent stock markets, investment banks, venture capital firms, etc. Congratulations for the people behind it for their courage. If by any chance they go to prison, for example due to US securities laws, we will send them oranges. We have set up a special “blockchain oranges fund” to support blockchain geeks while in prison. Please donate here.
The DAO has announced that they subscribe to the following values:
Furthermore they say that they will not seek profits through means contradictory to these stated values or to the categorical imperative.
DAO has raised 162 M$ total.
Then it has apparently been another opportunity for criminals to steal 50M of dollars in Ethers.
It is not clear what happens next.
On the V-Day and the 71st anniversary of defeating the Nazi Germany, we should remember how much the victory is owed to code breakers at Bletchley Park and elsewhere.
On this day it is my pleasure to announce the winners of the 2016 UCL Code Breaking competition.
The winners are:
The first four students are also awarded a cash prize worth 1 BTC each, which will be converted to partial sponsorship for attending a summer school in Corfu, or/and other research expenses.
We also have merit-range grades (below 69): Huanyu Ma, Wei Shao, Yuruo Zhang.
The Cryptanalysis (COMPGA18/COMPM068) module in UCL’s MSc Information Security provides students with the foundational knowledge to analyse cryptographic systems. In 2016, it was taught by Nicolas T. Courtois, Jonathan Bootle, Christophe Petit and Mary Maller. Some course slides, tutorials and labs we use in GA18 can be found here.
To give students a more realistic (and enjoyable) experience there is no written exam for this module; instead the students are evaluated based on [individual] programming projects and a [group] code breaking competition. UCL has a strong tradition of experimental research and we have been running many student competitions and hacking events in the past. In March 2013 a team directed by Dr Courtois won the UK University Cipher Challenge 2013 award, held as part of the UK Cyber Security Challenge.
This year the competition has been about recovering private keys in real-life systems. It has involved the study of random number generators, software reverse-engineering, password cracking, elliptic curve cryptography, hash functions, exploration of large datasets, programming and experimentation, optimization, visualization and statistics, and complex key recovery attacks based on algebraic exploitation of various types of special events. We also have developed passive and active side channel attacks with cache type of leakage, aiming at recovering private keys and with a variety of implementations. In the past years, we have allowed participants from other London universities. For further information, contact Dr Nicolas Courtois.
Special thanks to our gold sponsors which are sponsoring our group trip to Greece or/and our research expenses prize fund: Clearmatics, Tramonex, Finyear, Blockchain.com.
