Ownercz/ssme-thesis
1
0
Fork 0
mirror of https://github.com/Ownercz/ssme-thesis.git synced 2024-06-26 05:34:42 +02:00
Code Issues Projects Releases Wiki Activity

Capital letters and dot update

Browse Source
This commit is contained in:
Radim Lipovčan 2019-02-03 20:52:42 +01:00
parent 1905056d0f
commit 6103ea30d5
1 changed files with 37 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
Thesis.tex
View File

@ -187,16 +187,16 @@
%% z chapter dát všude section s velkým section, table s velkým t a figure s velkým f;
%% 11 page
%%
%% internet se píše s velkým I
%% CAPTCHA velkými všechno
%% internet se píše s velkým I DONE
%% CAPTCHA velkými všechno DONE
%%
%% strana 25 6.1 úvodní odstavec PŘEPSAT
%% DODAT TEČKY DO TABULEK KDYŽ JE TO NĚCO VĚTŠÍHO
%%
%% projít data a dát to do eng verze
%% URL napsat velkým všude
%% URL napsat velkým všude DONE
%%
%% figure název s tečkou
%% figure název s tečkou DONE
%% pokud je to příloha, tak see appendix napsat viz strana 45
%%
%% plan appendix - popsat co je co kde
@ -238,9 +238,9 @@ Meaning that every single digital transaction and the exact number of coins in u
\begin{itemize}\itemsep0em
\item The blockchain is public, but a large part of it is encrypted.
\item The sender of the transaction is hidden by using Ring Signatures explained in the chapter \ref{sec:ringsignatures}.
\item The exact amount of transferred coins is encrypted using RingCT as described in \ref{sec:ringct}.
\item Transaction history and receiving party is hidden by the usage of stealth addresses that are referenced in the chapter \ref{sec:stealthaddresses}.
\item The sender of the transaction is hidden by using Ring Signatures explained in the Chapter \ref{sec:ringsignatures}.
\item The exact amount of transferred coins is encrypted using RingCT as described in the Chapter\ref{sec:ringct}.
\item Transaction history and receiving party is hidden by the usage of stealth addresses that are referenced in the Chapter \ref{sec:stealthaddresses}.
\end{itemize}
\section{Origin and the main focus}
@ -385,8 +385,8 @@ Updates are meant to improve and enhance the previously established codebase as
\end{itemize}
\item \textbf{Transaction analysis in Monero blockchain}
\begin{itemize}
\item Research published in 2017 uncovered past and present problems in anonymity with Monero transaction system. The most significant discovery was that a substantial portion of transactions used a ring signature of zero which caused traceability of the amount of coin in the transaction output on the blockchain \cite{moser2018empirical}.
\item This issue was resolved by Monero team already in 2016 with Monero v2, where ring signature was set to =>3 \cite{monerov2release}. Soon after the paper was released, Monero got its v6 update with enforced use of RingCT technology for all transaction outputs \cite{monerov6release}.
\item Research published in 2017 uncovered past and present problems in anonymity with Monero transaction system. The most significant discovery was that a substantial portion of transactions used a Ring Signature of zero which caused traceability of the amount of coin in the transaction output on the blockchain \cite{moser2018empirical}.
\item This issue was resolved by Monero team already in 2016 with Monero v2, where Ring Signature was set to =>3 \cite{monerov2release}. Soon after the paper was released, Monero got its v6 update with enforced use of RingCT technology for all transaction outputs \cite{monerov6release}.
\end{itemize}
%zdroj https://eprint.iacr.org/2017/338.pdf
\end{itemize}
@ -410,13 +410,13 @@ To prove that funds were sent from one wallet to another, the sender has to disc
\subsection{Ring Signatures}
\label{sec:ringsignatures}
Ring signatures present a way how to create a distinctive signature that authorizes a transaction. The digital signature of the transaction is compiled from the signer together with past outputs of transactions (decoys) to form a ring where all members are equal and valid. By that, the outside party cannot identify exact singer as it is not clear which input was signed by one time spend key \cite{mercer2016privacy}.
Ring Signatures present a way how to create a distinctive signature that authorizes a transaction. The digital signature of the transaction is compiled from the signer together with past outputs of transactions (decoys) to form a ring where all members are equal and valid. By that, the outside party cannot identify exact singer as it is not clear which input was signed by one time spend key \cite{mercer2016privacy}.
To prevent double spend, a cryptographic key image is derived from the spent output and is part of the ring signature. As each key image is unique, miners can verify that there is no other transaction with the same key image, thus preventing the double-spending attack \cite{miller2017empirical}.
To prevent double spend, a cryptographic key image is derived from the spent output and is part of the Ring Signature. As each key image is unique, miners can verify that there is no other transaction with the same key image, thus preventing the double-spending attack \cite{miller2017empirical}.
\subsection{RingCT}
\label{sec:ringct}
So far, senders anonymity is ensured by ring signatures, receivers anonymity relies on stealth addresses, but the amount of Monero transferred would be still visible on the blockchain. To hide transaction amounts, Ring Confidential Transactions are implemented \cite{noether2015ring}.
So far, senders anonymity is ensured by Ring Signatures, receivers anonymity relies on stealth addresses, but the amount of Monero transferred would be still visible on the blockchain. To hide transaction amounts, Ring Confidential Transactions are implemented \cite{noether2015ring}.
As one output cannot be spent twice, the sender has to spend entire output in the transaction. That typically results in a transaction having two outputs, one for the receiver and one for the original wallet, where the excess amount of coins is returned.
@ -430,7 +430,7 @@ By that, amounts transferred between wallets in the form of outputs of transacti
Kovri is a C++ implementation of the I2P anonymous network under heavy development process in Monero project. It aims to offer secure network transmissions where a user's IP cannot be associated with a particular transaction ID \cite{monerokovri}.
\chapter{Monero usage}
As pointed out in section \ref{sec:monero-timeline}, Monero is one of the cryptocurrencies that aim to implement as complex anonymity system as possible. Moreover, because of that not only the underlying technology of the network is different from other cryptocurrency projects but the user side as well.
As pointed out in the section \ref{sec:monero-timeline}, Monero is one of the cryptocurrencies that aim to implement as complex anonymity system as possible. Moreover, because of that not only the underlying technology of the network is different from other cryptocurrency projects but the user side as well.
\section{Wallets}
\label{sec:wallets}
The essential part of every currency is the user's ability to access stored funds. In cryptocurrency, this is represented by the wallet and associated software.
@ -480,7 +480,7 @@ As Monero wallet can be represented as little as one file or 25 words, it is rat
\begin{itemize}\itemsep0em
\item \textbf{Hot wallet}
\begin{itemize}\itemsep0em
\item Refers to wallet software running on a computer that is connected to the internet, thus Monero network. By being online, the user can verify incoming transactions, spend from the wallet and check balance as well.
\item Refers to wallet software running on a computer that is connected to the Internet, thus Monero network. By being online, the user can verify incoming transactions, spend from the wallet and check balance as well.
\item As this type of wallet is not air-gapped, this poses an external intrusion risk.
\item The hot wallet can also refer to web-based and exchanged wallet that is explained further in this section.
\end{itemize}
@ -491,11 +491,11 @@ As Monero wallet can be represented as little as one file or 25 words, it is rat
\end{itemize}
\item \textbf{Cold wallet}
\begin{itemize}\itemsep0em
\item Is an offline solution to storing wallet seed or private keys on storage media. Using method, media storing wallet information have no direct access to the internet. The storage medium can be represented by an external hard drive, air-gapped computer as well as paper with wallet seed written on it.
\item Is an offline solution to storing wallet seed or private keys on storage media. Using method, media storing wallet information have no direct access to the Internet. The storage medium can be represented by an external hard drive, air-gapped computer as well as paper with wallet seed written on it.
\item That comes with increased security from the IT standpoint, but the usability of the cryptocurrency suffers. That is mainly due to the hassle of working with funds when the user wants to spend them as it requires:
\begin{itemize}\itemsep0em
\item Cold wallet imported into wallet software in the air-gapped computer.
\item A view-only wallet connected to the internet.
\item A view-only wallet connected to the Internet.
\end{itemize}
\item This way, the user can generate an unsigned transaction on the view-only wallet, transfer it for signing to the air-gapped computer and then back to submit transfer to the Monero network.
\end{itemize}
@ -508,7 +508,7 @@ Funds can be controlled through users online account that accessible by traditio
\end{itemize}
\item \textbf{Web-based wallet}
\begin{itemize}\itemsep0em
\item Web wallet represents server based Monero client that is served to the user in the browser. By using a web wallet, the user can access funds from any internet connected device by sharing:
\item Web wallet represents server based Monero client that is served to the user in the browser. By using a web wallet, the user can access funds from any Internet connected device by sharing:
\begin{itemize}\itemsep0em
\item Mnemonic seed or private spend and view key to send and receive funds.
\item Public view key and wallet address to view incoming transactions to the wallet.
@ -546,7 +546,7 @@ This way, user's security depends on the following factors:
Hardware wallets like Ledger are built to ensure the safety of users coins. Therefore owner of such a device should be pretty confident when using this device that came with original undisrupted packaging.
For this attack, malicious vendor puts pre-generated mnemonic seed on a scratchpad. This piece of paper is made to look like an official one-time generated secret key to the wallet for the user. This way when the user puts seed to the hardware wallet and begins to store coins in here, the reseller has complete access as well as both parties know the seed. Delivery chain attack flow is shown in the figure \ref{pict:delivery-chain-attack}.
For this attack, malicious vendor puts pre-generated mnemonic seed on a scratchpad. This piece of paper is made to look like an official one-time generated secret key to the wallet for the user. This way when the user puts seed to the hardware wallet and begins to store coins in here, the reseller has complete access as well as both parties know the seed. Delivery chain attack flow is shown in the Figure \ref{pict:delivery-chain-attack}.
\tikzstyle{decision} = [diamond, draw, fill=blue!20,
text width=4.5em, text badly centered, node distance=2.5cm, inner sep=0pt]
@ -643,7 +643,7 @@ Multisig in a cryptocurrency is a feature that requires the multisig transaction
\end{itemize}
\subsection{Multisig usage}
After Lithium Luna release, only Monero wallet CLI software is ready for processing multisig transactions. In figures \ref{pict:multisig-wallet-generation} and \ref{pict:multisig-transaction} example scheme of 2-of-2 is presented with user A as blue and user B as green for wallet generation and transaction using Monero multisig feature.
After Lithium Luna release, only Monero wallet CLI software is ready for processing multisig transactions. In the Figures \ref{pict:multisig-wallet-generation} and \ref{pict:multisig-transaction} example scheme of 2-of-2 is presented with user A as blue and user B as green for wallet generation and transaction using Monero multisig feature.
\newpage
@ -809,13 +809,13 @@ Following this pattern, four research questions were set:
\section{Participants and survey's background}
The significant characteristic of Monero is its anonymity, and this feature is not taken by community lightly. Due to this fact, the survey was not hosted on third party servers, but instead on dedicated VPS running Lime Survey self-hosted software with HTTPS interface using signed Letsencrypt certificates.
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the captcha before starting the survey.
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the CAPTCHA before starting the survey.
\subsection{Methodology}
Data collection method was online only and was using the survey website software. Participants selection was based on opportunity sampling, links for the research were shared among dedicated Reddit Monero community, Facebook Monero groups as well as Cryptocurrency forums.
To reduce nonresponse rate, participants were asked only to fill out parts that were significant for them, e.g., Monero recovery part stayed hidden in the form if the user selected that he/she had never made any recovery of the seed or wallet keys in the previous part.
The complete survey is attached in the chapter \ref{monero-user-study-pdf}.
The complete survey is attached in the Chapter \ref{monero-user-study-pdf}.
\section{Results international, CZ}
@ -860,7 +860,7 @@ Generating new wallet...
Security of this task depends on the origin of the software, delivery chain trust, and the users' operating system. Monero CLI and GUI binaries can be edited, and the app itself does not call any internal checking to alert the user of the unauthorized change.
Code injection was successfully tested on GUI binary of the official Monero wallet as seen in the figure \ref{pic:codeinjectiongui}. Although SHA256 hash is provided on the website, the user is not specifically instructed to check the hashes of the downloaded software with tools like PowerShell using \texttt{Get-FileHash ./monero-wallet-gui.exe | Format-List} command \cite{pialphapialphagammaiotaacutealphanunualpharhoovarsigma2016study}. GPG-signed list of the hashes is available on the website although there are no instructions on how to verify PGP signature itself.
Code injection was successfully tested on GUI binary of the official Monero wallet as seen in the Figure \ref{pic:codeinjectiongui}. Although SHA256 hash is provided on the website, the user is not specifically instructed to check the hashes of the downloaded software with tools like PowerShell using \texttt{Get-FileHash ./monero-wallet-gui.exe | Format-List} command \cite{pialphapialphagammaiotaacutealphanunualpharhoovarsigma2016study}. GPG-signed list of the hashes is available on the website although there are no instructions on how to verify PGP signature itself.
\begin{figure}[H]
\begin{center}
\begin{lstlisting}
@ -878,7 +878,7 @@ Path : ./monero-wallet-gui-injected.exe
\end{figure}
% Wallet key generation process is shown on examples in figures \ref{pic:cligenerator} and \ref{pic:guigenerator}. \\
% Wallet key generation process is shown on examples in the Figures \ref{pic:cligenerator} and \ref{pic:guigenerator}. \\
There are also alternative approaches to key generation like an offline javascript based monero-wallet-generator that is available at \url{github.com/moneromooo-monero/monero-wallet-generator}.
@ -929,7 +929,7 @@ Cake Wallet & iOS & Open Source & Keypair is stored locally User
\section{Secure storage system}
Wallet keys are everything when it comes to cryptocurrency usage. Who has the keys, controls the wallet and can view or transfer the balance to another address. If user loses wallet keys, Monero wallet can still be recovered using mnemonic seed that should be saved on another storage medium.
This section describes possible ways of backing-up wallet keys. Primary storage media security is compared in the figure \ref{fig:walletstorage}.
This section describes possible ways of backing-up wallet keys. Primary storage media security is compared in the Figure \ref{fig:walletstorage}.
\subsubsection{Data characteristics}
As described in the section \ref{sec:wallets}, Monero wallet consists of an encrypted \texttt{wallet.keys} file that contains private spend and view keys. Size of this file is less than a few kilobytes.
@ -1017,7 +1017,7 @@ As a result of this chapter and Monero user research, all recommendations for se
Monero mining is a process done by miners to verify transactions on the network and add them to the blockchain together in the form of a block. This results for them in a reward in the form of new coins that are emitted as a reward for block solving.
Network speed is mainly determined by the average time between individual blocks. %This results in transaction process that takes up to 130s (transaction request \textless 1s, network broadcast \textless 5s and transaction processing time as a time between submission and next mined block \textless 120 seconds).
This results in the transaction process that takes up to 130s (request =\textless 1s, broadcast =\textless 5s and max. time between blocks =\textless 120 seconds). The transaction process is shown in the figure \ref{pict:network-processing}.
This results in the transaction process that takes up to 130s (request =\textless 1s, broadcast =\textless 5s and max. time between blocks =\textless 120 seconds). The transaction process is shown in the Figure \ref{pict:network-processing}.
\begin{figure}[H]
\center
@ -1077,7 +1077,7 @@ This results in the transaction process that takes up to 130s (request =\textles
\end{figure}
\newpage
\section{Mining nodes}
As was mentioned in the beginning of the chapter \ref{cha:obtaining}, mining is the main reason for transaction processing in Monero network, and as the mining process has rewards for successfully solving the block, this encourages many different entities to mine.
As was mentioned in the beginning of the Chapter \ref{cha:obtaining}, mining is the main reason for transaction processing in Monero network, and as the mining process has rewards for successfully solving the block, this encourages many different entities to mine.
Since Bitcoin started to gain popularity, mining has divided into five categories, that are described in the following sections:
\iffalse
\begin{itemize}\topsep0em\parskip0em\parsep0em
@ -1188,14 +1188,14 @@ Is a category that incorporates opensource mining software projects that have so
\begin{itemize}\itemsep0em
\item XMR Stak
\begin{itemize}\itemsep0em \item Consolidates CPU, AMD and Nvidia GPU mining under one multiplatform application with integrated webserver and autoconfiguration capability. \item Url: \url{https://github.com/fireice-uk/xmr-stak} \end{itemize}
\begin{itemize}\itemsep0em \item Consolidates CPU, AMD and Nvidia GPU mining under one multiplatform application with integrated webserver and autoconfiguration capability. \item URL: \url{https://github.com/fireice-uk/xmr-stak} \end{itemize}
\setlength\itemsep{1em}
\item XMRig
\setlength\itemsep{0em}
\begin{itemize}\itemsep0em \item Three separately released miners with autoconfiguration GPU and CPU capability. \item AMD: \url{https://github.com/xmrig/xmrig-amd}
\item Nvidia: \url{https://github.com/xmrig/xmrig-nvidia} \item CPU: \url{https://github.com/xmrig/xmrig} \end{itemize}
\item CCminer - Nvidia CUDA miner
\begin{itemize}\itemsep0em \item Url: \url{https://github.com/tpruvot/ccminer/} \end{itemize}
\begin{itemize}\itemsep0em \item URL: \url{https://github.com/tpruvot/ccminer/} \end{itemize}
\end{itemize}
\begin{figure}[H]
@ -1264,9 +1264,9 @@ Following this pattern, five research questions were set:
\item R5: What are the factors that affect pool choice?
\end{itemize}
\section{Participants and survey's background}
As mentioned in chapter \ref{cha:monerouserresearch}, the survey was not hosted on third party servers, but instead on dedicated VPS running Lime Survey self-hosted software with HTTPS interface using signed Letsencrypt certificates.
As mentioned in the Chapter \ref{cha:monerouserresearch}, the survey was not hosted on third party servers, but instead on dedicated VPS running Lime Survey self-hosted software with HTTPS interface using signed Letsencrypt certificates.
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the captcha before starting the survey.
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the CAPTCHA before starting the survey.
\subsection{Methodology}
Data collection method was online only and was using the survey website software. Participants selection was based on opportunity sampling, links for the research were shared among dedicated Reddit Monero community, Facebook Mining groups as well as Cryptocurrency forums. This form was distributed together with the Monero User Research survey in mentioned mining communities.
@ -1302,13 +1302,13 @@ Following this pattern, four research questions were set:
\item R4: What are backup solutions do pool operators use?
\end{itemize}
\section{Participants and survey's background}
As mentioned in the chapter \ref{cha:monerousersurvey}, the survey was not hosted on third party servers, but instead on dedicated VPS running Lime Survey self-hosted software with HTTPS interface using signed Letsencrypt certificates.
As mentioned in the Chapter \ref{cha:monerousersurvey}, the survey was not hosted on third party servers, but instead on dedicated VPS running Lime Survey self-hosted software with HTTPS interface using signed Letsencrypt certificates.
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the captcha before starting the survey.
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the CAPTCHA before starting the survey.
\subsection{Methodology}
Data collection method was online only and was using the survey website software. Participants selection was based on systematic sampling as links for the research were sent to the pool operators only.
The complete survey is attached in the chapter \ref{monero-pool-study-pdf}.
The complete survey is attached in the Chapter \ref{monero-pool-study-pdf}.
\section{Results international, CZ}
\fi
@ -1326,7 +1326,7 @@ The complete survey is attached in the chapter \ref{monero-pool-study-pdf}.
\chapter{Designing secure mining environment}
\section{Automation}
Automation is a key aspect for designing and running IT operations that are secure, up-to-date, scalable and easy to maintain. To do that, proposed mining node provisioning scheme is divided into two parts, first being OS installation with early configuration and second is automated configuration of provisioned nodes using Ansible. Workflow is described in the figure \ref{pict:deployment-workflow}.
Automation is a key aspect for designing and running IT operations that are secure, up-to-date, scalable and easy to maintain. To do that, proposed mining node provisioning scheme is divided into two parts, first being OS installation with early configuration and second is automated configuration of provisioned nodes using Ansible. Workflow is described in the Figure \ref{pict:deployment-workflow}.
\begin{figure}[H]
\center
\tikzstyle{decision} = [diamond, draw, fill=blue!20,
@ -1412,7 +1412,7 @@ label linux
\subsection{Kickstart file}
The kickstart file is a single file that contains all OS installation parameters for RHEL based operating systems \cite{van2015red}. This installation method enables automated provisioning of machines without the need of administrator input. When the file is presented to the installer, it reads the required parameters resulting in the unattended installation process \cite{leemans2015red}.
Created kickstart file for Centos 7 mining installation media is available at the figure \ref{fig:kickstart}.
Created kickstart file for Centos 7 mining installation media is available in the Figure \ref{fig:kickstart}.
\subsection{Generating ISO}
The specific process of packaging extracted CentOS installation media back into the iso file varies by used operating system. In both mentioned scenarios, few specific parameters have to be set:
@ -1523,7 +1523,7 @@ To report correct information through the web interface of the mining software,
\subsubsection{ansible-sw-postfix}
Sets up email gateway for correct email delivery together with internal mail aliases mapped to a single outbound address. Email gateway can deliver email on its own to the recipient's server or can also act as a relay to Gmail account that is used for sending out emails.
Using Gmail account is preferred as this solution is an internet service provider (ISP) agnostic (blocked SMTP and SSMTP communication for outbound connections at the ISP level would be a problem for the gateway mode).
Using Gmail account is preferred as this solution is an Internet Service Provider (ISP) agnostic (blocked SMTP and SSMTP communication for outbound connections at the ISP level would be a problem for the gateway mode).
Separate Gmail account for sending out email alerts is recommended as Postfix has login credentials saved in \texttt{/etc/postfix/sasl_passwd} file in plaintext \cite{van2015red}. This can be made more secure if the credentials file has appropriate permissions, e.g., ownership set to root, the group to wheel and chmod changed to 0600.
@ -1585,7 +1585,7 @@ For this guide, generating \texttt{autounattend.xml} file is based on online aut
\label{fig:securecrypto}
\end{center}
\end{figure}
For example, .NetFramework in Windows 10 doesn't have strong cryptography enabled for all .Net applications. Due to this, in the default state, Powershell can't be used for downloading updated code that is required for setting up the environment for Ansible. To fix that, one of the commands after the first logon is dedicated to this issue as shown in the figure \ref{fig:securecrypto}.
For example, .NetFramework in Windows 10 doesn't have strong cryptography enabled for all .Net applications. Due to this, in the default state, Powershell can't be used for downloading updated code that is required for setting up the environment for Ansible. To fix that, one of the commands after the first logon is dedicated to this issue as shown in the Figure \ref{fig:securecrypto}.
After finishing the installation process and provisioning the Windows environment with \texttt{<FirstLogonCommands>} included in the unattended file, Ansible can connect to the Windows machine and set up thing properly.