diff options
author | Tim Ruffing <crypto@timruffing.de> | 2020-03-24 08:49:38 +0100 |
---|---|---|
committer | bitcoindev <bitcoindev@gnusha.org> | 2020-03-24 07:49:49 +0000 |
commit | 2ac8f0e1d6967570463cc0fc8a572933458365fe (patch) | |
tree | d3f71b8fc5ff9409877be8f095a5256df3f9b27c | |
parent | 07a88dbc65e49ffeb760562af8460aa30b9b3c35 (diff) | |
download | pi-bitcoindev-2ac8f0e1d6967570463cc0fc8a572933458365fe.tar.gz pi-bitcoindev-2ac8f0e1d6967570463cc0fc8a572933458365fe.zip |
Re: [bitcoin-dev] Overview of anti-covert-channel signing techniques
-rw-r--r-- | d4/871deb29819efc5ea3820e2c66fbe259d7bcb0 | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/d4/871deb29819efc5ea3820e2c66fbe259d7bcb0 b/d4/871deb29819efc5ea3820e2c66fbe259d7bcb0 new file mode 100644 index 000000000..1340ee236 --- /dev/null +++ b/d4/871deb29819efc5ea3820e2c66fbe259d7bcb0 @@ -0,0 +1,88 @@ +Return-Path: <crypto@timruffing.de> +Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) + by lists.linuxfoundation.org (Postfix) with ESMTP id B6848C0177 + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 24 Mar 2020 07:49:49 +0000 (UTC) +Received: from localhost (localhost [127.0.0.1]) + by whitealder.osuosl.org (Postfix) with ESMTP id A4E618773E + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 24 Mar 2020 07:49:49 +0000 (UTC) +X-Virus-Scanned: amavisd-new at osuosl.org +Received: from whitealder.osuosl.org ([127.0.0.1]) + by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id Sg845PpZAygA + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 24 Mar 2020 07:49:47 +0000 (UTC) +X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 +Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172]) + by whitealder.osuosl.org (Postfix) with ESMTPS id 72D9B8704C + for <bitcoin-dev@lists.linuxfoundation.org>; + Tue, 24 Mar 2020 07:49:47 +0000 (UTC) +Received: from smtp2.mailbox.org (smtp2.mailbox.org [80.241.60.241]) + (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) + (No client certificate requested) + by mout-p-202.mailbox.org (Postfix) with ESMTPS id 48mk1304YFzQlGg; + Tue, 24 Mar 2020 08:49:43 +0100 (CET) +X-Virus-Scanned: amavisd-new at heinlein-support.de +Received: from smtp2.mailbox.org ([80.241.60.241]) + by spamfilter03.heinlein-hosting.de (spamfilter03.heinlein-hosting.de + [80.241.56.117]) (amavisd-new, port 10030) + with ESMTP id bCUImSWmvIhn; Tue, 24 Mar 2020 08:49:39 +0100 (CET) +Message-ID: <c182227876c47f476000b0b54618dac73e45a03f.camel@timruffing.de> +From: Tim Ruffing <crypto@timruffing.de> +To: Dustin Dettmer <dustinpaystaxes@gmail.com>, Bitcoin Protocol Discussion + <bitcoin-dev@lists.linuxfoundation.org>, Pieter Wuille + <bitcoin-dev@wuille.net> +Date: Tue, 24 Mar 2020 08:49:38 +0100 +In-Reply-To: <CABLeJxQsse99aw35DxSDOyVTruFCgi0hmZntvgbYtPLSRGQ+xA@mail.gmail.com> +References: <VZTbLR9RlkkyNg6mOOIxedh7H0g8NGlaCmgBfCVXZ4RNfW3axefgoTqZGXjAQZFEuekujVGjRMv8SifDIodZ6tRGaaXQ_R63rFa03SGS6rg=@wuille.net> + <CABLeJxQsse99aw35DxSDOyVTruFCgi0hmZntvgbYtPLSRGQ+xA@mail.gmail.com> +Content-Type: text/plain; charset="UTF-8" +MIME-Version: 1.0 +Content-Transfer-Encoding: 7bit +X-Mailman-Approved-At: Tue, 24 Mar 2020 08:32:40 +0000 +Subject: Re: [bitcoin-dev] Overview of anti-covert-channel signing techniques +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.15 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Tue, 24 Mar 2020 07:49:49 -0000 + +Hi Dustin, + +That sounds interesting but I can't follow your email to be honest. + +On Mon, 2020-03-23 at 07:38 -0700, Dustin Dettmer via bitcoin-dev +wrote: +> This mitigates, I believe, all leak vectors besides k/R hacking and +> prechosen entropy. + +Hm, so what vectors is this supposed to mitigate? Leaking through the +generated public keys? Anything else? + +Here are a few questions: + - What are you trying to achieve? You seem to describe how you get +from the setup to the goal in four steps but I don't understand what +the setup is or what the goal is. (What's a storage solution?) + - "all SW being compromised" do you mean "SW and HW compromised"? Note +that SW and HW are parties in Pieter's writeup, not just abbreviations +for software and hardware. + - Where are the two stages? You mention four steps. + - Where do you run the external software? On a second SW? Is this the +second stage? + - Do you use unhardened derivation? + - What's a k commitment? + + +Best, +Tim + + + |