Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id C5587C72 for ; Wed, 8 Mar 2017 21:31:07 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from server3 (server3.include7.ch [144.76.194.38]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 55B92206 for ; Wed, 8 Mar 2017 21:31:07 +0000 (UTC) Received: by server3 (Postfix, from userid 115) id 5501B2D0022D; Wed, 8 Mar 2017 22:31:06 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1, MIME_QP_LONG_LINE autolearn=ham version=3.3.1 Received: from [10.0.1.31] (cable-static-140-182.teleport.ch [87.102.140.182]) by server3 (Postfix) with ESMTPSA id 11EAC2D0016B; Wed, 8 Mar 2017 22:31:05 +0100 (CET) From: Jonas Schnelli Message-Id: Content-Type: multipart/signed; boundary="Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926"; protocol="application/pgp-signature"; micalg=pgp-sha256 Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) Date: Wed, 8 Mar 2017 22:31:01 +0100 In-Reply-To: <18390846.ckRIaq9dAb@strawberry> To: Tom Zander References: <30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch> <18390846.ckRIaq9dAb@strawberry> X-Mailer: Apple Mail (2.3259) Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Unique node identifiers (and BIP150) X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 21:31:07 -0000 --Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi Tom > Do you know the trick of having an open wifi basestation in a public = street > and how that can lead to tracking? Especially if you have a network of = them. > The trick is this; you set up an open wifi base station with a hidden = ssid > and phones try to connect to it by saying =E2=80=9CAre you = ssid=3Dxyz?=E2=80=9D > This leads the basestation to know that the phone has known = credentials with > another wifi that has a specific ssid. (the trick is slightly more = elaborate, > but the basics are relevant here). >=20 > Your BIP is vulnarable to the same issue, as a node wants to connect = using > the AUTHCHALLENGE which has as an argument the hash of the person = I=E2=80=99m trying > to connect with. This thread is not about BIP150/151. The hash includes the encryption session which makes it impossible to = distinct identities. >=20 > Your BIP says "Fingerprinting the requesting peer is not possible=E2=80=9D= . > Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. = Your > hash never changes and as you connect to a node anyone listening can = see you > sending the same hash on every connect to that peer, whereever you are = or > connect from. Not true. The hash includes the encryption session which is based on a = ephemeral ECDH/HKDF per connection-session. Have you read the BIP? --Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEyhopCNzi8TB0xizeHrd2uwPHki0FAljAeBUACgkQHrd2uwPH ki2hGA/8CXy60sVIIFBP0Ya99Ih67HNiXDi9Zf8IATAW04qF//6MUaNkqsbB9O+B Hc+B+qN4pVPtww9GIbdxVSRb8ydVmnSubBDv0p8giNTaKvQfLFL5Il0bjRmVg/9c +jQTDbwyHOfP5moTgJ0I3az//mBY6pQ8bgZIQ5GGvmSoK8cesoHsMJfD/FelmAly ZxzQ/gX7QD5YV7biJxRmCOAqzVheEB8iEW7VHJPsk3aIbpfEKi/JCJvXRhZs91lt C4/CUr40cNSwMQMnZH/oDz1u+/ozORUyYk3PU6Iyjp7DM/Ha2/G62KdU6Isx2FAK BhWz8Q3Jb3HBm4Mh0kiEJHk/2PG9Fkr/dwgpQhdik/vuaJy4QtbIWOcOW7OQLw9c oH2QbgelKlIRwvj/M8ByT10ANE7J6ZMrvfjQpdrDjAM56BCMCraZzbfLvlC7z+Kj msD4b2nKKAQH5MaiU5eL6rpEYuQVVgc8uuTO4gSZKY/BHm4HzJlZnvDvkBlbDghi syirQetvpsqrLBIAo7iLd28z3FjVQffJDT0+t2+w3SUEoWMkiwhqapFx3rh3qky0 7NXEXuHE1y8StZ5aUJ8Aong28YDQcvoAtXxPXtZ2h1h9UafoRbblmlnN8sfMf7lI Tax8v0ePnCvRlUCc5tl938WW/ktS4qkXKtdKG1ns46gmmBVAelg= =iPro -----END PGP SIGNATURE----- --Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926--