Bitcoin, Blockchain and Cryptography - Time to look forward

Show Notes

This week, with some trepidation, we embark on an overview of some of the more esoteric elements of financial crime risk management. We attempt to explain the blockchain, cryptocurrencies like Bitcoin, and cryptography generally, in layman's terms.

As neither of us are subject matter experts in any of these fields, we are somewhat laying ourselves open to rebuttal and ridicule but we felt it was worth the risk.

Follow us on LinkedIn at https://www.linkedin.com/company/the-dark-money-files-ltd/ on Twitter at https://twitter.com/dark_files or see our website at https://www.thedarkmoneyfiles.com/

Transcript

spk_1:   0:11
Hello and welcome to the seventh episode of Season two of the Dark Money files in which we shine a light into a murky world. I'm Ray Blake and with me as my co host, friend and business partner, Grey and Barrow. Hello, Graham. Hello, Ondas, we said last week. It's time to turn our gaze forward rather than looking back at events from the past.

spk_0:   0:33
Yes, and I think we do so with some trepidation, don't you think?

spk_1:   0:38
Definitely, for two reasons. One. It's a brave person who predict what the future looks like and to Neither of us would profess to be expert in some of the subjects were going to talk about.

spk_0:   0:50
Yeah, I couldn't agree more, but maybe we can turn by those things to Arab volunteers, don't you think?

spk_1:   0:56
Well, yes, it means we're gonna be quite circumspect about what the future holds, and our explanations of some of the emerging technologies will be. Necessarily simple.

spk_0:   1:05
But it's worth saying that if someone does photo how that and it's entirely possible, do please feel free to get in touch

spk_1:   1:11
on DH appropriately, as we're going to be talking technology we now have dedicated don't money files email addresses so you can email me at Rate Up Lake at the dark money files dot com

spk_0:   1:23
or may at graham dot piano at the dark money files dot com.

spk_1:   1:28
So where should we start growing?

spk_0:   1:30
Well, I guess right? The one subject we've had by far and away the most request to talk about is Cryptocurrencies and the Blockchain. So maybe that's a good beginning.

spk_1:   1:39
Okay, let's try and do an introduction to them today and then move on. Incoming episodes. Teo, Artificial intelligence, machine learning and some of the good things happening in the road take space.

spk_0:   1:50
Yeah, and if there's another subject people would like us to cover within that sphere, you know what to do.

spk_1:   1:56
Email. Twitter linked in Facebook We got all the bases covered, I believe.

spk_0:   2:02
I think you're right. So come on in. Block training, crypto. Where do you want to begin?

spk_1:   2:07
I think by explaining the differences between the tomb what each one means. I've heard people use the expressions interchangeably and that definitely needs addressing. In a way, it's the difference between your bank account and the money you put in it.

spk_0:   2:22
Yes, or I guess, the Internet and emails. One is the technology that allows the other one to work. So we start with the Blockchain. We came out with a fairly simple example of how it works. So we walked through that example before we go into a bit more detail.

spk_1:   2:39
Yes, let's do that. Imagine grown that you have to send an email to, let's, say, a notoriously difficult colleague who has a history of editing past emails to fit with their version of events. You know they will not be happy with your message, but you want to ensure there's an accurate historical record of what you said

spk_0:   2:59
on right. I can think of a few occasions in the past where that could quite easily have happened.

spk_1:   3:05
Well, indeed. Eso think about an email programme that select, say, 1000 recipients at random, on which then copies the men on your email in a way that stops them from being removed from the e mail trail.

spk_0:   3:18
Okay, so when I hit, send my e mail drops into. That's a special folder in all those random people's email accounts as well as the specified recipient.

spk_1:   3:28
Exactly, and your email client keeps a record of each one of those people. When your centre responds, they will also be copied in on the response, and the system compares the contents of the response against all the other virgins. If it had been changed, it will differ from the other versions, and it would be next to impossible to try and retrospectively change all off them at the same time.

spk_0:   3:53
Yeah, and of course, there's that email trail grows. The potential to change anything retrospectively becomes, in a way even harder.

spk_1:   4:00
For yes. A majority of the other recipients have to agree that the email matches the record that they have. Otherwise, it will be rejected as having been altered, which is also why the Blockchain is no Nas, public ledger or distributed ledger. The network's available to be viewed by anyone

spk_0:   4:21
excellent and like I said at the start, that may not be a perfect analogy. But it should help to explain why a public or distributed ledger across the peer to peer network he's a powerful way to stop packers, for example, altering existing transactions for their own

spk_1:   4:36
benefit. Yes, there's a clever bit of maths called hashing that ties each block in the chain together on the slightest alteration toe one would cause a domino effect all down the chain. Given that there are now nearly 580,000 blocks on the Bitcoin Blockchain, it's easy to see that trying to change one of the earlier ashes would involve a stupendous amount of work. In our analogy, it would be like an email trail with 580,000 back and forth messages stored on hundreds of thousands of pieces around the world. You couldn't hope to make even a simple change without being obvious and therefore rejected.

spk_0:   5:18
Yes, I think we should probably also explain passes, don't you think?

spk_1:   5:23
Yeah, Jonah, do that

spk_0:   5:25
Well, I'll have a go on. A hash is a clever bit of mass that connects each end of the block to the others in the chain. It is a method of turning any import into an output off fixed link, but each output hatch will be unique to the specific import.

spk_1:   5:45
I'm trying to give an example. Crime? Yes, I

spk_0:   5:47
think so. Probably a couple. So if I input string is just a two letter word, let's say hi, it will still generate a fixed length output. So if we were using. So you 256 bit encryption, I will come back to that later. The output stream would be 64 characters,

spk_1:   6:07
which is a lot of characters for a two letter input.

spk_0:   6:10
It is, but but oddly, if the input string was the entire Encyclopaedia Britannica, it would still generate a 64 character output string on. That's the strength of it. The point here is if you change just one character of the imports so that say, you removed a comma from the Encyclopaedia Britannica, the output string would be completely different.

spk_1:   6:31
Graham that that means there must be an unbelievable number of output strings.

spk_0:   6:38
Well, right there are on if you do the maths, because the heartstrings use 16 different characters in each position on the string, which is 0 to 9, and then the letters A to F. There are effectively 16 to the power of 60 for possible variation,

spk_1:   6:56
which is a very big number indeed.

spk_0:   7:00
It's a number so large it's actually bore than all the atoms in the entire planet Earth, which, if you're interested because I checked, is estimated at around 1.33 times 10 to the power of 50.

spk_1:   7:12
So it's not just more. It's an awful lot more.

spk_0:   7:17
Yeah, so if you try and tweak the contents of a block, you will order the hats not just for that block, but every subsequent won, both at the start and end of the block. The computing power required to work out those changes is just phenomenal.

spk_1:   7:30
And of course, it wouldn't work if it was happening on just one computer because of all the thousands of backup copies.

spk_0:   7:36
Exactly. Yes, exactly.

spk_1:   7:38
Now I was wondering if you could back engineer a hash to its original input. Given that each hash is unique

spk_0:   7:45
on DH, can you?

spk_1:   7:47
Mmm, theoretically.

spk_0:   7:51
Okay, that makes me think it's unlikely.

spk_1:   7:53
Well, Graham, it's very unlikely because there's no relationship between the input and the output strings. One comma change in the Encyclopaedia Britannica, as he said, produces a totally different output string. So the only method is what's known as the brute force method, which means trying every possible combination until you get a match,

spk_0:   8:14
which would be fine if they were only that save 64 possible combinations. But here we're talking about 16 to the power of 60

spk_1:   8:21
four exactly 64 zeros. In practical terms, it's impossible to decode a hash.

spk_0:   8:30
Okay, so that's the Blockchain. That's the delivery mechanism for Cryptocurrencies like Bitcoin. So we need now, I think, to try and explain what a crypto currency is.

spk_1:   8:41
At one level, it's easy. It's a piece of computer code that's unique on derived from doing calculations. When you get the result of that calculation you registered on the block chain and get rewarded with a unit of Cryptocurrency

spk_0:   8:54
Andi calculations they have to do. I guess they're a bit harder than just doing a bit of ordinary man.

spk_1:   8:59
Yes, they are, actually involve finding the hash for specified functions. In the case of Bitcoin, there are a limited number of functions, which means that there will only ever be around 21 million. Bitcoins. Mind earning Bitcoins this way is called mining as in gold mining, I suppose. And over time the effort of finding the hash functions becomes harder, which means that more and more computer power is needed to find them. And this is the proof of work required to be awarded your Bitcoin.

spk_0:   9:32
Okay, so the network automatically awards Bitcoins to minors when they derive the right hash for which there is no shortcut as it can only be done using the brute force approach.

spk_1:   9:42
Exactly. There are no algorithms to shook up this, so you have to have expended effort in order to get the Bitcoin.

spk_0:   9:49
Okay, so it's a bit like the world to work we inhabit. Then we work a certain amount of hours for which we then get paid.

spk_1:   9:55
Yes, but in the Bitcoin world, there's no sloping off to the gents with the paper for half an hour. You absolutely have to do the

spk_0:   10:01
work. Not that I've ever done such a thing, you

spk_1:   10:04
know, moving on Lester. Her quick recap the Blockchain or distributed ledger is a publicly accessible system built on a peer to peer network, where the addition of blocks is dependent on the creation of hashes, which are unique strings of characters derived through complex mathematical functions and which are extremely sensitive to the slightest change.

spk_0:   10:26
Yes, and this then becomes a system for creating Bitcoin or other Blockchain based Cryptocurrency.

spk_1:   10:32
We should move on to explain what you can do with your krypto once you've acquired it.

spk_0:   10:37
Yeah, Now that is an interesting conversation So they start off where you can keep your Bitcoin or a theory, Um, or whatever your krypto choices,

spk_1:   10:45
you keep it in a crypt. I wallet Graham.

spk_0:   10:48
Okay, which is?

spk_1:   10:49
It's an online wallet which stores the public and private keys that allow you to access and transact your crypto currency. People often think they store the Cryptocurrency itself, but of course, that's on the Blockchain. But in order to access it, you need a private key to match the public key. If they agree the transaction is recorded in the Blockchain

spk_0:   11:11
on Where do you keep your krypto wallet?

spk_1:   11:14
There's a choice, Graham, and each has its advantages and disadvantages.

spk_0:   11:18
Okay, shall we worked with them one at a time then?

spk_1:   11:21
So let's start with a desktop wallet. As the name suggests, this is a wallet that is stored on your desktop computer or laptop. You can only have one instance of it, so wherever it's loaded is the place you have to access it from. It's very secure, but possibly not very convenient. And of course, if you get hack to your PC becomes completely corrupted, you may Well, these access completely.

spk_0:   11:45
Mmm. Um, next,

spk_1:   11:48
there are cloud based wallets so you can access them from any Internet enabled device.

spk_0:   11:54
Well, now that sounds better. Any drawbacks?

spk_1:   11:57
Well, you're effectively handing over control to 1/3 party host and relying on them to resist hacking attempts or even stealing it themselves.

spk_0:   12:08
True on the next one,

spk_1:   12:11
there's an app based on your mobile device. It means you can take it with you and use it in store where the option is available. But again, you need to ensure the security of your mobile device.

spk_0:   12:22
Yeah, fair enough. Any others?

spk_1:   12:24
You can have a dedicated hardware device like a USB type state. It means you're not storing your keys in an online accessible environment. You just plug in to a suitably an opal device. Authorised the transaction and log out again is pretty secure. But maybe not so convenient.

spk_0:   12:42
No, it is that

spk_1:   12:44
it? No, There's one more, which is often referred to as a paper wallet, although it doesn't have to be a physical print. L. But it could be. It's effectively a record of your keys,

spk_0:   12:55
which reminds me talking about all these different methods of storing your fees of the tale from the early days of Bitcoin about the unfortunate chap from South Wales.

spk_1:   13:04
Oh, yes,

spk_0:   13:06
Yeah. Just if anyone hasn't heard this storey, it relates to a chap called James Howells who started money Bitcoin in the very early days when it needed much, much less computing power. But because they were virtually worth nothing at the time, he'd managed to mind seven and 1/2 1000 Bitcoin on his laptop, which he eventually broke up on DH, sold on eBay but retained the hard drive as it had always. Bitcoin stalled on it. And as you said, just now, you can only have one instant.

spk_1:   13:35
I think I can see what's coming here, but do go on.

spk_0:   13:38
Several years later, he had a clearer on DH, forgetting what was on the hard drive. He threw it away, and it ended up in a landfill site run by his local authority.

spk_1:   13:49
So the peak of the Bitcoin search, when they were worth at their peak around $18,000 each, he's seven and 1/2 1000 Bitcoin would have been worth $135 million. Ouch!

spk_0:   14:02
Yeah, I mean, I have no idea of the story's too well, no, but it's one of those that still makes you wince when you hear it.

spk_1:   14:09
Yes, and the other great Bitcoin Storey is surrounding the Winklevoss brothers, who always alleged that they were the originators of the idea that became Facebook and subsequently sued Mark Zuckerberg for stealing their idea. They ultimately received a settlement of around $65 million which is peanuts compared to Sucker Berg's take, obviously. But according to their Storey, they use some of that settlement to buy up around 1% of all the Bitcoin in circulation in 2011 holding, which is now worth well over a $1,000,000,000

spk_0:   14:43
on Now Facebook. Of course, we're talking about launching their own Cryptocurrency, which almost brings that storey full circle

spk_1:   14:49
it does on I've been thinking. We've been talking a lot about crypto currency in public and private keys. Maybe we should go on to explain what we mean by all this.

spk_0:   15:01
Ray. That's a really good idea. I've got a copy of Simon Sings Book, which is called Aptly, The code book on that traces the history of cryptography codes back at least to Julius Caesar.

spk_1:   15:13
It's a long history on DH. I also have that book is brilliant

spk_0:   15:17
it is. It is so the earliest coast. We're what are known a substitution codes or what we now call Caesar cyphers, where he's just simply substitute each letter for another one. A certain number of steps further are for further back down the alphabet.

spk_1:   15:33
Yes, possibly apocryphal. Storey is that the computer in 2001? A Space Odyssey, which is called How was simply as substitution code for IBM as each letter is one further back in the alphabet.

spk_0:   15:46
Not a lot of people know that, Ray.

spk_1:   15:49
Well, a few more do now. Graham in the sequel 2010. Clark acknowledges the joke, and has his characters love about how, how was one step ahead of IBM?

spk_0:   16:00
Ah yeah, on. So over the course of time, the cyphers became much more sophisticated, leading to what's become known as the unique Murder machines, which we used by Germany during World War Two and which, on ensuring the team at Bletchley Park became very famous but decrypting

spk_1:   16:19
yes, lots of thie early codes were susceptible to frequency analysis whereby the code could be worked out from looking at the incidence of common letters in the alphabet, lychee and tea on mapping them to the most commonly appearing letters in the code. The goal was always to create codes that generated messages that did not allocate the letters in such a way Enigma did that. But as the Bletchley team eventually proved, the code wass breakable.

spk_0:   16:49
Yes, I think one of the very early computers they device for Jordan The

spk_1:   16:55
Colossus. Yeah, that's right,

spk_0:   16:56
Colossus. We

spk_1:   16:57
can go and see it in Bletchley Park,

spk_0:   16:59
which had not won on Good Day out for those so minded

spk_1:   17:04
in taint.

spk_0:   17:05
So Post Bletchley, one of the biggest strides forward in cryptography, was taken by a triumvirate named Ron Rivest, 80 Shamir on Leonard Edelman, who between them devised what's become known as the RSA encryption method, which anyone who's ever had to log on remotely to affirms email or Internet sister will have used through their security for or an apple

spk_1:   17:27
Yes, on without getting too much into the technicalities. It was a brilliant way of using some of the unique properties of prime numbers, which are relatively straightforward to multiply together but which have fiendishly difficult to factories from their product.

spk_0:   17:42
Yes, which again, just to explain, means that most people give and say the two prime numbers 6451 8000 and 81 could pretty easily multiply them on their calculated to get 52,130,531. Clearly, I've done that. But if you're starting point is the result of 52,130,531 it's really significantly harder to work back and find the two prime factors that produced it. So, for instance, if he took the very similarly sized number of 52,132,121 the two prime factors of that on 9341 of 5573 very different from the 6451 and 8081 that make up our first beacon number, that's only fractionally different.

spk_1:   18:35
The point here was that you could provide a public key which anyone could use to encrypt the message to you. But the only way to decrypt it was with your private key, which is only known to you by using very large prime numbers. This provides a very secure method of encryption on with Arce. We're not talking about prime factors in the thousands, but rather factors that millions of millions of millions truly vast numbers. The system has been superseded by other, more secure systems, and technically, they're all vulnerable to brute force into a degree algorithmic attacks. But for the likes of you and me knowing our email on what's APP, messages are protected by end to end encryption, which means they're encrypted on the phone and decrypted by the receiver's phone. A pretty reassuring,

spk_0:   19:29
yes, it's also quantum cryptography, isn't there? I

spk_1:   19:34
yes, which is potentially completely secure on which utilises quantum physics to devise a system that's impossible to eavesdrop on any attempt to access in the code would alert the user to the fact that it had been accessed. Conversely, practical quantum computing will render any non quantum encryption worthless, since brute force attack will take a tiny fraction of the time it does now. It's estimated the braking strong RSA encryption through brute force would take one of these computers longer than the age of the universe to break. But a working quantum computer could do it through brute force while you make a cup of tea. But I think with quantum computing we've strayed outside our scope. Really a bit grown.

spk_0:   20:22
You're right. But it is fascinating, isn't it? But what we haven't done yet, Ray Fascinating. Although there is to talk about maybe the more practical elements off the financial crime angles of Krypton,

spk_1:   20:35
you're right. And in many ways the financial world is only just waking up to some of the risks as recently as 2013 fin ce n issued guidance that virtual currencies were exempt from regulation unless they've been traded for real currencies or goods.

spk_0:   20:50
Yeah, that implies there's no scope for shenanigans when you trade in the virtual currency itself.

spk_1:   20:55
Yes, and that certainly isn't true. Bitcoin and similar virtual or crypto currencies have been exploited by organised crime from the early days on the dark. Web largely runs on this stuff. There's no need for a virtual currency ever to be rented into an actual one these days. Even regular investors a using crypto to hold value and seek growth over the longer term.

spk_0:   21:19
Yeah, ahs. I understand it from a recent report. Only about 2% of Bitcoin activity is legitimate spending on actual goods and services The rest is either a legitimate or dark Web spending or peer to peer transactions, which would include all of those investors.

spk_1:   21:37
Yes, that seems to be the case.

spk_0:   21:39
So Ray are the regulators. Do you think waking up now?

spk_1:   21:42
Well, they are. Bodies like Fat F and Rosie have reported extensively on the dangers, and most national regulators now have programmes in the UK The FDA has so far focused on the dangers for investors. It hasn't regulated Cryptocurrencies directly, but it has regulated investment products and derivatives linked to them. It has taken the view that they're not currencies because they're not issued by central banks. Indeed, it uses the terms crypto assets and exchange tokens rather

spk_0:   22:15
than quit their currencies. That seems maybe a bit short sighted Ray,

spk_1:   22:21
possibly grand. But they are limited in their scope to what the legislation requires and allows them to dio. In any case, they've been consulting this year on what types of crypto asset and what activities they should be regulating under their current legal brief. Final guidance is ju later in the summer, and that might be an opportunity for us to come back and look at this from a financial crime perspective.

spk_0:   22:46
Yeah, I I agree. So there we have our 101 introduction to the Blockchain, Cryptocurrencies and cryptography. I suspect there will be opinions on all this. So so do drop us a line, either through the emails we gave you earlier or through the various social media outlets with the dark money files. If you want to contribute to the conversation. Meanwhile, next week we'll start looking at Wreck Tech, I think. And the possibility is brought about by artificial intelligence and machine learning.

spk_1:   23:17
I'm looking forward to it.

spk_0:   23:20
Thank you for listening to this inside of dark money files. We hope with, like, to listen to future episodes. Please subscribe through my teeth. Spotify or your normal podcast provider. Thanks.