Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id C4C2826C for ; Thu, 30 Jun 2016 12:27:35 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f47.google.com (mail-wm0-f47.google.com [74.125.82.47]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2D60E131 for ; Thu, 30 Jun 2016 12:27:34 +0000 (UTC) Received: by mail-wm0-f47.google.com with SMTP id v199so219184868wmv.0 for ; Thu, 30 Jun 2016 05:27:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=voskuil-org.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=XHY/4PxN4Y+i8cc1xvX1bJa1ZvKLVwyXM5zq2QImcno=; b=j5URA3avVERCQpjPsSLpu/8qU3jZeGm3Axg5CnxlUgSbCx1heDDmcFpUztWXF8xa5x 19zVIMAmvSwABcZqqsWrP4i3OkWI79QB6r++mL20wa3aIYLxV75FbNELOsXMs00ITxRu ELTkp8rXHd8QbxNa6lsHxl5JGW5JHHPQyRK7Ra01WDntv+AdZxL1Vm14dZFb61uiG0Mq D8fImWLiZHE4/CZcm4TiXh28b/V3evTpW7B9/K+LddlxHJVntP8Jlzf7jByUYrBPm5t4 hMahxfrO71gfMmH6P6phz9IGw0n7ylNsVwS5KPLRlB0Z+Hf1gS5z0UIT5W9GnQxZRhSs 8L1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=XHY/4PxN4Y+i8cc1xvX1bJa1ZvKLVwyXM5zq2QImcno=; b=YLCucY43QXnhvDz3e1W5wDv58b1NlzVU3p2+L64/nU+cFmAK4m3beHILuy4+NH/j4Y qTdJEwtHt+ZXhJHCPeC7jHcvEki3e96SlT2MFHBZue3nFTg7w3pB8VNQtBwE7G1Rel77 lGFtJk3pQlMkNeSd8KS50OOOzac6C8m5Jdtj00qm+CdhdeJw05Ohqk8bS8Qo9oCjP8hQ 8w2zZD3639azRRosFxdE3wR8eOvDQ02AGCyr0n5LUB+pZuVmFAM3x2BbORXFi0FAUNj0 QDM+rt5VNNz1+7AJlvbBoPrb8Xfp9fQqdc9yAZslMJD0sJfJLcbPlfM5GAXjpresHPlk /zaw== X-Gm-Message-State: ALyK8tJwnrmrm7VlOejI5aXMPIi09DUZnD2sIxiT2EMwJFYWddllMsNb9uE/aYI7O1TAXw== X-Received: by 10.194.86.38 with SMTP id m6mr15111598wjz.154.1467289652577; Thu, 30 Jun 2016 05:27:32 -0700 (PDT) Received: from [197.161.188.41] ([197.161.188.41]) by smtp.gmail.com with ESMTPSA id e5sm3318539wjj.10.2016.06.30.05.27.31 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 30 Jun 2016 05:27:31 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) From: Eric Voskuil X-Mailer: iPhone Mail (13F69) In-Reply-To: <57750EAB.3020105@jonasschnelli.ch> Date: Thu, 30 Jun 2016 14:27:30 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <426C2AA3-BFB8-4C41-B4DF-4D6CC11988B2@voskuil.org> References: <87h9cecad5.fsf@rustcorp.com.au> <1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org> <577234A4.3030808@jonasschnelli.ch> <360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org> <20160629111728.GO13338@dosf1.alfie.wtf> <2981A919-4550-4807-8ED9-F8C51B2DC061@voskuil.org> <57750EAB.3020105@jonasschnelli.ch> To: Jonas Schnelli X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, MIME_QP_LONG_LINE, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] BIP 151 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2016 12:27:35 -0000 > On Jun 30, 2016, at 2:20 PM, Jonas Schnelli wrote: >=20 >=20 >> Yes, this is exactly what I meant. The complexity of the proposed constru= ction is comparable to that of Bitcoin itself. This is not itself prohibitiv= e, but it is clearly worthy of consideration. >>=20 >> A question we should ask is whether decentralized anonymous credentials i= s applicable to the authentication problem posed by BIP151. I propose that i= t is not. >>=20 >> The core problem posed by BIP151 is a MITM attack. The implied solution (= BIP151 + authentication) requires that a peer trusts that another is not an a= ttacker. >=20 > BIP151 would increase the risks for MITM attackers. > What are the benefits for Mallory of he can't be sure Alice and Bob may > know that he is intercepting the channel? It is not clear to me why you believe an attack on privacy by an anonymous p= eer is detectable. > MITM is possible today, it would still be possible (though under higher > costs) with BIP151. >=20 > With BIP151 we would have the basic tool-set to effectively reduce the > risks of being MITMled. >=20 > IMO we should focus on the risks and benefits of BIP151 and not drag > this discussion into the realm of authentication. This can and should be > done once we have proposals for authentication (and I'm sure this will > be a heated debate). >=20 > The only valid risk I have on my list from you, Eric, is the false sense > of security. >=20 > My countermeasure for that would be... > - deploy BIP151 together with the simplest form of authentication > (know_hosts / authorized_keys file, no TOFU only editable "by hand") > - make it more clear (in the BIP151 MOTIVATION text) that it won't solve > the privacy/MITM problem without additional authentication. >=20 > Or could you elaborate again =E2=80=93 without stepping into the realm of > authentication/MITM (which is not part of the BIP or possible already > today) =E2=80=93 why BIP151 would make things worse? >=20 > >=20