Bitcoin uses a proof-of-work (PoW) mechanism to adjudicate which participant or "miner" gets to publish the next block of transactions on the blockchain and claim the reward for doing so. Having verified and packaged a set of new transactions to form a new block, a miner would search for an arbitrary string Nonce, such that, H(previous Block, newTransactions, Nonce) = 00...O ty.... 8 bits for a specified "difficulty" parameter 8 given a hash function with l bits of output. The difficulty parameter 8 is intended to require 28 distinct attempts on average before satisfying the condition. a. Express in function of 8 the minimum and/or maximum hash output size & that is required for such PoW to work as intended. (1 mark) In words, provide a brief justification for your answer. (1 bonus mark) Hint: if this helps, think of H as a magic function that outputs a truly random value every time it is called on a new input, and remembers all its answers so it can answer consistently on repeated inputs. (Cryptographers often use this idealisation of hash functions, which is known by the technical name of "random oracle".) b. Now suppose that there is a mistake in the design of H, that make it easy to construct collisions but not to find second preimages or invert the hash, which are still hard. Could such H still possibly work for the PoW application? (1 mark) c. Same question, except that this time we assume that H is not a cryptographic hash, but a linear function (such as the CRC used in WEP). Could such I still possibly work for the PoW application? (1 mark) Bitcoin uses a proof-of-work (PoW) mechanism to adjudicate which participant or "miner" gets to publish the next block of transactions on the blockchain and claim the reward for doing so. Having verified and packaged a set of new transactions to form a new block, a miner would search for an arbitrary string Nonce, such that, H(previous Block, newTransactions, Nonce) = 00...O ty.... 8 bits for a specified "difficulty" parameter 8 given a hash function with l bits of output. The difficulty parameter 8 is intended to require 28 distinct attempts on average before satisfying the condition. a. Express in function of 8 the minimum and/or maximum hash output size & that is required for such PoW to work as intended. (1 mark) In words, provide a brief justification for your answer. (1 bonus mark) Hint: if this helps, think of H as a magic function that outputs a truly random value every time it is called on a new input, and remembers all its answers so it can answer consistently on repeated inputs. (Cryptographers often use this idealisation of hash functions, which is known by the technical name of "random oracle".) b. Now suppose that there is a mistake in the design of H, that make it easy to construct collisions but not to find second preimages or invert the hash, which are still hard. Could such H still possibly work for the PoW application? (1 mark) c. Same question, except that this time we assume that H is not a cryptographic hash, but a linear function (such as the CRC used in WEP). Could such I still possibly work for the PoW application? (1 mark)