Re: [bitcoin-dev] BIP 151

author: Peter Todd <pete@petertodd.org> 2016-06-28 16:14:47 -0400
committer: bitcoindev <bitcoindev@gnusha.org> 2016-06-28 20:14:55 +0000
commit: ead4cca4c730633e8555739bec73a8cf7197ee0e (patch)
tree: 4af913370aa9acebf90b746348903ae9ef8820e7
parent: 8c42dcfce6ce05673d946f50b3dac3c541981d59 (diff)
download: pi-bitcoindev-ead4cca4c730633e8555739bec73a8cf7197ee0e.tar.gz
pi-bitcoindev-ead4cca4c730633e8555739bec73a8cf7197ee0e.zip
1 files changed, 128 insertions, 0 deletions
diff --git a/9d/47f41a1ea3e3ac5f7492f36efa0cc9668588c8 b/9d/47f41a1ea3e3ac5f7492f36efa0cc9668588c8
new file mode 100644
index 000000000..c99cb33bf
--- /dev/null
+++ b/9d/47f41a1ea3e3ac5f7492f36efa0cc9668588c8
@@ -0,0 +1,128 @@
+Return-Path: <pete@petertodd.org>
+Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
+	[172.17.192.35])
+	by mail.linuxfoundation.org (Postfix) with ESMTPS id B46F5956
+	for <bitcoin-dev@lists.linuxfoundation.org>;
+	Tue, 28 Jun 2016 20:14:55 +0000 (UTC)
+X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
+Received: from outmail149058.authsmtp.co.uk (outmail149058.authsmtp.co.uk
+	[62.13.149.58])
+	by smtp1.linuxfoundation.org (Postfix) with ESMTP id ED583CD
+	for <bitcoin-dev@lists.linuxfoundation.org>;
+	Tue, 28 Jun 2016 20:14:54 +0000 (UTC)
+Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232])
+	by punt20.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKErE4041255;
+	Tue, 28 Jun 2016 21:14:53 +0100 (BST)
+Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
+	[52.5.185.120]) (authenticated bits=0)
+	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKEo0E089861
+	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
+	Tue, 28 Jun 2016 21:14:51 +0100 (BST)
+Received: from [127.0.0.1] (localhost [127.0.0.1])
+	by petertodd.org (Postfix) with ESMTPSA id ED9824015C;
+	Tue, 28 Jun 2016 20:12:39 +0000 (UTC)
+Received: by localhost (Postfix, from userid 1000)
+	id DBB7D2056A; Tue, 28 Jun 2016 16:14:47 -0400 (EDT)
+Date: Tue, 28 Jun 2016 16:14:47 -0400
+From: Peter Todd <pete@petertodd.org>
+To: Eric Voskuil <eric@voskuil.org>
+Message-ID: <20160628201447.GA1148@fedora-21-dvm>
+References: <87h9cecad5.fsf@rustcorp.com.au>
+	<1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
+	<577234A4.3030808@jonasschnelli.ch>
+	<360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org>
+	<20160628182202.GA5519@fedora-21-dvm>
+	<D40F9E9D-DB6C-4083-A9E8-C5EBC363DB30@voskuil.org>
+MIME-Version: 1.0
+Content-Type: multipart/signed; micalg=pgp-sha256;
+	protocol="application/pgp-signature"; boundary="9jxsPFA5p3P2qPhR"
+Content-Disposition: inline
+In-Reply-To: <D40F9E9D-DB6C-4083-A9E8-C5EBC363DB30@voskuil.org>
+User-Agent: Mutt/1.5.23 (2014-03-12)
+X-Server-Quench: f874ffc7-3d6c-11e6-829e-00151795d556
+X-AuthReport-Spam: If SPAM / abuse - report it at:
+	http://www.authsmtp.com/abuse
+X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
+	aQdMdAoUEkAaAgsB AmAbWVVeUVl7XGI7 bghPaBtcak9QXgdq
+	T0pMXVMcUQALemle BmseWhB6cQQIcX9z YAg0VndfChIpclt+
+	FkgHCGwHMGF9YGIW BV1YdwJRcQRDe0tA b1YxNiYHcQ5VPz4z
+	GA41ejw8IwAXAgVt ClhQdDoA
+X-Authentic-SMTP: 61633532353630.1037:706
+X-AuthFastPath: 0 (Was 255)
+X-AuthSMTP-Origin: 52.5.185.120/25
+X-AuthVirus-Status: No virus detected - but ensure you scan with your own
+	anti-virus system.
+X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
+	autolearn=ham version=3.3.1
+X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
+	smtp1.linux-foundation.org
+Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
+Subject: Re: [bitcoin-dev] BIP 151
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.12
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
+	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
+	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Tue, 28 Jun 2016 20:14:55 -0000
+
+
+--9jxsPFA5p3P2qPhR
+Content-Type: text/plain; charset=us-ascii
+Content-Disposition: inline
+Content-Transfer-Encoding: quoted-printable
+
+On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
+> Hi Peter,
+>=20
+> What in this BIP makes a MITM attack easier (or easy) to detect, or incre=
+ases the probability of one being detected?
+
+BIP151 gives users the tools to detect a MITM attack.
+
+It's kinda like PGP in that way: lots of PGP users don't properly check key=
+s,
+so an attacker won't have a hard time MITM attacking those users. But some
+users do check keys, a labor intensive manual process, but not a process th=
+at
+requires any real cryptographic sophistication, let alone writing any code.
+It's very difficult for widescale attackers to distinguish the users who do
+check keys from the ones that don't, so if you MITM attack _any_ user you r=
+un
+the risk of running into one of the few that does check, and those users can
+alert everyone else.
+
+The key thing, is we need to get everyones communications encrypted first: =
+if
+we don't the MITM attacker can intercept 99% of the communications with 0% =
+risk
+of detection, because the non-sophisticated users are trivially distinguish=
+able
+=66rom the sophisticated users: just find the users with unencrypted
+communications!
+
+--=20
+https://petertodd.org 'peter'[:-1]@petertodd.org
+
+--9jxsPFA5p3P2qPhR
+Content-Type: application/pgp-signature; name="signature.asc"
+Content-Description: Digital signature
+
+-----BEGIN PGP SIGNATURE-----
+
+iQEcBAEBCAAGBQJXctq1AAoJEGOZARBE6K+yArcH/2qGXksCSscEBSWpE12ABOGD
+U9p3aARNXaIwCPodQyjTi0h7JFPwLyqY0ZvFEZdYKvMVgAz8VS14Ub4XVzgwXsUl
+a9PaPqNW5TqFkKiOXiMB7IQCqrvGcYdcL9HoRrSLDBKttlAEr7KJT19Za9oYLtd6
+4scSxeCquWxaeOrT02/7p0vLqkQ5qUNu/EFU8CdUMkNBANAZwJip2eL9/Yw7bdOZ
+pI2XkCznwWZGep+kvFFfUF0SZwM1u7IfR5rZK5Zg9+sifw9X8RiHwikUfYcqY2T6
+4HCCiR7dwFqLAmDt25hbLcYT1DJUW6nZ+57GtkToDA9swOFwL14fyoAI2m6f1pQ=
+=Aga6
+-----END PGP SIGNATURE-----
+
+--9jxsPFA5p3P2qPhR--
+
author	Peter Todd <pete@petertodd.org>	2016-06-28 16:14:47 -0400
committer	bitcoindev <bitcoindev@gnusha.org>	2016-06-28 20:14:55 +0000
commit	ead4cca4c730633e8555739bec73a8cf7197ee0e (patch)
tree	4af913370aa9acebf90b746348903ae9ef8820e7
parent	8c42dcfce6ce05673d946f50b3dac3c541981d59 (diff)
download	pi-bitcoindev-ead4cca4c730633e8555739bec73a8cf7197ee0e.tar.gz pi-bitcoindev-ead4cca4c730633e8555739bec73a8cf7197ee0e.zip