summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Ruffing <crypto@timruffing.de>2020-03-24 08:49:38 +0100
committerbitcoindev <bitcoindev@gnusha.org>2020-03-24 07:49:49 +0000
commit2ac8f0e1d6967570463cc0fc8a572933458365fe (patch)
treed3f71b8fc5ff9409877be8f095a5256df3f9b27c
parent07a88dbc65e49ffeb760562af8460aa30b9b3c35 (diff)
downloadpi-bitcoindev-2ac8f0e1d6967570463cc0fc8a572933458365fe.tar.gz
pi-bitcoindev-2ac8f0e1d6967570463cc0fc8a572933458365fe.zip
Re: [bitcoin-dev] Overview of anti-covert-channel signing techniques
-rw-r--r--d4/871deb29819efc5ea3820e2c66fbe259d7bcb088
1 files changed, 88 insertions, 0 deletions
diff --git a/d4/871deb29819efc5ea3820e2c66fbe259d7bcb0 b/d4/871deb29819efc5ea3820e2c66fbe259d7bcb0
new file mode 100644
index 000000000..1340ee236
--- /dev/null
+++ b/d4/871deb29819efc5ea3820e2c66fbe259d7bcb0
@@ -0,0 +1,88 @@
+Return-Path: <crypto@timruffing.de>
+Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
+ by lists.linuxfoundation.org (Postfix) with ESMTP id B6848C0177
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Tue, 24 Mar 2020 07:49:49 +0000 (UTC)
+Received: from localhost (localhost [127.0.0.1])
+ by whitealder.osuosl.org (Postfix) with ESMTP id A4E618773E
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Tue, 24 Mar 2020 07:49:49 +0000 (UTC)
+X-Virus-Scanned: amavisd-new at osuosl.org
+Received: from whitealder.osuosl.org ([127.0.0.1])
+ by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id Sg845PpZAygA
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Tue, 24 Mar 2020 07:49:47 +0000 (UTC)
+X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
+Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172])
+ by whitealder.osuosl.org (Postfix) with ESMTPS id 72D9B8704C
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Tue, 24 Mar 2020 07:49:47 +0000 (UTC)
+Received: from smtp2.mailbox.org (smtp2.mailbox.org [80.241.60.241])
+ (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits))
+ (No client certificate requested)
+ by mout-p-202.mailbox.org (Postfix) with ESMTPS id 48mk1304YFzQlGg;
+ Tue, 24 Mar 2020 08:49:43 +0100 (CET)
+X-Virus-Scanned: amavisd-new at heinlein-support.de
+Received: from smtp2.mailbox.org ([80.241.60.241])
+ by spamfilter03.heinlein-hosting.de (spamfilter03.heinlein-hosting.de
+ [80.241.56.117]) (amavisd-new, port 10030)
+ with ESMTP id bCUImSWmvIhn; Tue, 24 Mar 2020 08:49:39 +0100 (CET)
+Message-ID: <c182227876c47f476000b0b54618dac73e45a03f.camel@timruffing.de>
+From: Tim Ruffing <crypto@timruffing.de>
+To: Dustin Dettmer <dustinpaystaxes@gmail.com>, Bitcoin Protocol Discussion
+ <bitcoin-dev@lists.linuxfoundation.org>, Pieter Wuille
+ <bitcoin-dev@wuille.net>
+Date: Tue, 24 Mar 2020 08:49:38 +0100
+In-Reply-To: <CABLeJxQsse99aw35DxSDOyVTruFCgi0hmZntvgbYtPLSRGQ+xA@mail.gmail.com>
+References: <VZTbLR9RlkkyNg6mOOIxedh7H0g8NGlaCmgBfCVXZ4RNfW3axefgoTqZGXjAQZFEuekujVGjRMv8SifDIodZ6tRGaaXQ_R63rFa03SGS6rg=@wuille.net>
+ <CABLeJxQsse99aw35DxSDOyVTruFCgi0hmZntvgbYtPLSRGQ+xA@mail.gmail.com>
+Content-Type: text/plain; charset="UTF-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+X-Mailman-Approved-At: Tue, 24 Mar 2020 08:32:40 +0000
+Subject: Re: [bitcoin-dev] Overview of anti-covert-channel signing techniques
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.15
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Tue, 24 Mar 2020 07:49:49 -0000
+
+Hi Dustin,
+
+That sounds interesting but I can't follow your email to be honest.
+
+On Mon, 2020-03-23 at 07:38 -0700, Dustin Dettmer via bitcoin-dev
+wrote:
+> This mitigates, I believe, all leak vectors besides k/R hacking and
+> prechosen entropy.
+
+Hm, so what vectors is this supposed to mitigate? Leaking through the
+generated public keys? Anything else?
+
+Here are a few questions:
+ - What are you trying to achieve? You seem to describe how you get
+from the setup to the goal in four steps but I don't understand what
+the setup is or what the goal is. (What's a storage solution?)
+ - "all SW being compromised" do you mean "SW and HW compromised"? Note
+that SW and HW are parties in Pieter's writeup, not just abbreviations
+for software and hardware.
+ - Where are the two stages? You mention four steps.
+ - Where do you run the external software? On a second SW? Is this the
+second stage?
+ - Do you use unhardened derivation?
+ - What's a k commitment?
+
+
+Best,
+Tim
+
+
+