Research Perspectives and Challenges for Bitcoin and Cryptocurrencies. Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J. A, & Felten, E. W IEEE Symposium on Security and Privacy, 2015. ISBN: 978-1-4673-6949-7
doi  abstract   bibtex   
—Bitcoin has emerged as the most successful crypto-graphic currency in history. Within two years of its quiet launch in 2009, Bitcoin grew to comprise billions of dollars of economic value despite only cursory analysis of the system's design. Since then a growing literature has identified hidden-but-important properties of the system, discovered attacks, proposed promis-ing alternatives, and singled out difficult future challenges. Meanwhile a large and vibrant open-source community has proposed and deployed numerous modifications and extensions. We provide the first systematic exposition Bitcoin and the many related cryptocurrencies or 'altcoins.' Drawing from a scattered body of knowledge, we identify three key components of Bitcoin's design that can be decoupled. This enables a more insightful analysis of Bitcoin's properties and future stability. We map the design space for numerous proposed modifica-tions, providing comparative analyses for alternative consensus mechanisms, currency allocation mechanisms, computational puzzles, and key management tools. We survey anonymity issues in Bitcoin and provide an evaluation framework for analyzing a variety of privacy-enhancing proposals. Finally we provide new insights on what we term disintermediation protocols, which absolve the need for trusted intermediaries in an interesting set of applications. We identify three general disintermediation strategies and provide a detailed comparison. I. WHY BITCOIN IS WORTHY OF RESEARCH Consider two opposing viewpoints on Bitcoin in straw-man form. The first is that " Bitcoin works in practice, but not in theory. " At times devoted members of the Bitcoin community espouse this philosophy and criticize the security research community for failing to discover Bitcoin, not im-mediately recognizing its novelty, and still today dismissing it due to the lack of a rigorous theoretical foundation. A second viewpoint is that Bitcoin's stability relies on an unknown combination of socioeconomic factors which is hopelessly intractable to model with sufficient precision, failing to yield a convincing argument for the system's soundness. Given these difficulties, experienced security re-searchers may avoid Bitcoin as a topic of study, considering it prudent security engineering to only design systems with precise threat models that admit formal security proofs. We intend to show where each of these simplistic view-points fail. To the first, we contend that while Bitcoin has worked surprisingly well in practice so far, there is an im-portant role for research to play in identifying precisely why this has been possible, moving beyond a blind acceptance of the informal arguments presented with the system's initial proposal. Furthermore, it is crucial to understand whether Bitcoin will still " work in practice " as practices change. We expect external political and economic factors to evolve, the system must change if and when transaction volume scales, and the nature of the monetary rewards for Bitcoin miners will change over time as part of the system design. It is not enough to argue that Bitcoin has worked from 2009– 2014 and will therefore continue likewise. We do not yet have sufficient understanding to conclude with confidence that Bitcoin will continue to work well in practice, which is a crucial research challenge that requires insight from computer science theory. To the second viewpoint, we contend that Bitcoin is filling an important niche by providing a virtual currency system without any trusted parties and without pre-assumed identities among the participants. Within these constraints, the general problem of consensus in a distributed system is impossible [7], [93] without further assumptions like Bitcoin's premise that rational (greedy) behavior can be modeled and incentives can be aligned to ensure secure operation of the consensus algorithm. Yet these constraints matter in practice, both philosophically and technically, and Bitcoin's approach to consensus within this model is deeply surprising and a fundamental contribution. Bitcoin's core consensus protocol also has profound implications for many other computer security problems beyond currency 1 such as distributed naming, secure timestamping and commitment, generation of public randomness, as well as many finan-cial problems such as self-enforcing (" smart ") contracts, decentralized markets and order books, and distributed au-tonomous agents. In short, even though Bitcoin is not easy to model, it is worthy of considerable research attention as it may form the basis for practical solutions to exceedingly difficult and important problems. With this dichotomy in mind, we set out to synthesize the collective knowledge from the first six years of Bitcoin's operation and development, as well as from its many derived cryptocurrencies. Our goal is both to highlight the many areas where significant innovation has already occurred, ranging from novel payment protocols to user-friendly key management, and also highlight the most important open research challenges for Bitcoin and future cryptocurrencies.
@article{bonneau_research_2015,
	title = {Research {Perspectives} and {Challenges} for {Bitcoin} and {Cryptocurrencies}},
	issn = {1081-6011},
	doi = {10.1109/SP.2015.14},
	abstract = {—Bitcoin has emerged as the most successful crypto-graphic currency in history. Within two years of its quiet launch in 2009, Bitcoin grew to comprise billions of dollars of economic value despite only cursory analysis of the system's design. Since then a growing literature has identified hidden-but-important properties of the system, discovered attacks, proposed promis-ing alternatives, and singled out difficult future challenges. Meanwhile a large and vibrant open-source community has proposed and deployed numerous modifications and extensions. We provide the first systematic exposition Bitcoin and the many related cryptocurrencies or 'altcoins.' Drawing from a scattered body of knowledge, we identify three key components of Bitcoin's design that can be decoupled. This enables a more insightful analysis of Bitcoin's properties and future stability. We map the design space for numerous proposed modifica-tions, providing comparative analyses for alternative consensus mechanisms, currency allocation mechanisms, computational puzzles, and key management tools. We survey anonymity issues in Bitcoin and provide an evaluation framework for analyzing a variety of privacy-enhancing proposals. Finally we provide new insights on what we term disintermediation protocols, which absolve the need for trusted intermediaries in an interesting set of applications. We identify three general disintermediation strategies and provide a detailed comparison. I. WHY BITCOIN IS WORTHY OF RESEARCH Consider two opposing viewpoints on Bitcoin in straw-man form. The first is that " Bitcoin works in practice, but not in theory. " At times devoted members of the Bitcoin community espouse this philosophy and criticize the security research community for failing to discover Bitcoin, not im-mediately recognizing its novelty, and still today dismissing it due to the lack of a rigorous theoretical foundation. A second viewpoint is that Bitcoin's stability relies on an unknown combination of socioeconomic factors which is hopelessly intractable to model with sufficient precision, failing to yield a convincing argument for the system's soundness. Given these difficulties, experienced security re-searchers may avoid Bitcoin as a topic of study, considering it prudent security engineering to only design systems with precise threat models that admit formal security proofs. We intend to show where each of these simplistic view-points fail. To the first, we contend that while Bitcoin has worked surprisingly well in practice so far, there is an im-portant role for research to play in identifying precisely why this has been possible, moving beyond a blind acceptance of the informal arguments presented with the system's initial proposal. Furthermore, it is crucial to understand whether Bitcoin will still " work in practice " as practices change. We expect external political and economic factors to evolve, the system must change if and when transaction volume scales, and the nature of the monetary rewards for Bitcoin miners will change over time as part of the system design. It is not enough to argue that Bitcoin has worked from 2009– 2014 and will therefore continue likewise. We do not yet have sufficient understanding to conclude with confidence that Bitcoin will continue to work well in practice, which is a crucial research challenge that requires insight from computer science theory. To the second viewpoint, we contend that Bitcoin is filling an important niche by providing a virtual currency system without any trusted parties and without pre-assumed identities among the participants. Within these constraints, the general problem of consensus in a distributed system is impossible [7], [93] without further assumptions like Bitcoin's premise that rational (greedy) behavior can be modeled and incentives can be aligned to ensure secure operation of the consensus algorithm. Yet these constraints matter in practice, both philosophically and technically, and Bitcoin's approach to consensus within this model is deeply surprising and a fundamental contribution. Bitcoin's core consensus protocol also has profound implications for many other computer security problems beyond currency 1 such as distributed naming, secure timestamping and commitment, generation of public randomness, as well as many finan-cial problems such as self-enforcing (" smart ") contracts, decentralized markets and order books, and distributed au-tonomous agents. In short, even though Bitcoin is not easy to model, it is worthy of considerable research attention as it may form the basis for practical solutions to exceedingly difficult and important problems. With this dichotomy in mind, we set out to synthesize the collective knowledge from the first six years of Bitcoin's operation and development, as well as from its many derived cryptocurrencies. Our goal is both to highlight the many areas where significant innovation has already occurred, ranging from novel payment protocols to user-friendly key management, and also highlight the most important open research challenges for Bitcoin and future cryptocurrencies.},
	journal = {IEEE Symposium on Security and Privacy},
	author = {Bonneau, Joseph and Miller, Andrew and Clark, Jeremy and Narayanan, Arvind and Kroll, Joshua A and Felten, Edward W},
	year = {2015},
	note = {ISBN: 978-1-4673-6949-7},
	pages = {104--121},
}

Downloads: 0