ceClub: But Why Does It Work? A "Rational Protocol Design" Treatment of Bitcoin

Juan Garay (Texas A&M University)
Wednesday, 9.5.2018, 11:30
EE Meyer Building 861

As the first and most popular decentralized cryptocurrency to date, Bitcoin has ignited much excitement, not only for its novel realization of a central bank-free financial instrument, but also as an alternative approach to classical problems in distributed computing and cryptographic protocols, such as reaching consensus in the presence of misbehaving parties.

In this talk, after a brief introduction to the innovative and distributedly-maintained data structure known as the "blockchain," we first present the first formalization of the Bitcoin core protocol, identifying its fundamental properties, and showing how a distributed public ledger can be built "on top" of them. This rigorous cryptographic treatment shows that such a ledger is robust if and only if the majority of the mining power is honest. Which brings us to the second part of the talk: Why then does Bitcoin work, given that the real-world system (the size of existing "mining pools," in particular) does not necessarily adhere to this assumption? Using a mix of game theory and cryptography approach -- a framework we call "Rational Protocol Design," we show how natural incentives in combination with a high monetary value of Bitcoin can explain why Bitcoin continues to work even though majority coalitions are in fact possible.

This talk is based on joint works with C. Badertscher, A. Kiayias, N. Leonardos, U. Maurer, D. Tschudi and V. Zikas.

Since the beginning of Fall '17, Juan Garay is a full professor in Texas A&M University's Computer Science & Engineering Department. Previously, after receiving his PhD in Computer Science from Penn State, he was a postdoc at the Weizmann Institute of Science (Israel), and held research positions at the IBM T.J. Watson Research Center, Bell Labs, AT&T Labs- Research, and Yahoo Research. His research interests include both foundational and applied aspects of cryptography and information security. He has published extensively in the areas of cryptography, network security, distributed computing, and algorithms; has been involved in the design, analysis and implementation of a variety of secure systems; and is the recipient of over two dozen patents. Dr. Garay has served on the program committees of numerous conferences and international panels---including co-chairing Crypto 2013 and 2014, the discipline's premier conference, and has just been appointed Fellow of the International Association for Cryptologic Research (IACR).

Back to the index of events