Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XJmkW-0002Oh-TE for bitcoin-development@lists.sourceforge.net; Tue, 19 Aug 2014 16:59:08 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.216.180 as permitted sender) client-ip=209.85.216.180; envelope-from=gubatron@gmail.com; helo=mail-qc0-f180.google.com; Received: from mail-qc0-f180.google.com ([209.85.216.180]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XJmkV-0006UG-H4 for bitcoin-development@lists.sourceforge.net; Tue, 19 Aug 2014 16:59:08 +0000 Received: by mail-qc0-f180.google.com with SMTP id l6so6436293qcy.25 for ; Tue, 19 Aug 2014 09:59:02 -0700 (PDT) X-Received: by 10.140.34.164 with SMTP id l33mr17911551qgl.72.1408467541748; Tue, 19 Aug 2014 09:59:01 -0700 (PDT) MIME-Version: 1.0 Received: by 10.140.86.37 with HTTP; Tue, 19 Aug 2014 09:58:41 -0700 (PDT) In-Reply-To: References: <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com> <33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com> <53F37635.5070807@riseup.net> From: Angel Leon Date: Tue, 19 Aug 2014 12:58:41 -0400 Message-ID: To: Gregory Maxwell Content-Type: multipart/alternative; boundary=001a11c1002480f34e0500fe6786 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gubatron[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XJmkV-0006UG-H4 Cc: Bitcoin Development , Justus Ranvier Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Aug 2014 16:59:09 -0000 --001a11c1002480f34e0500fe6786 Content-Type: text/plain; charset=UTF-8 "I suggest that Bitcoin Core should generate a public/private key pair and share the public one with peers." I've not read the p2p protocol of Bitcoin core, but I suppose the initial handshake between 2 peers would be the ideal place to exchange a public keys. would it make sense to generate a new random pair of keys per each peer you connect to? then each subsequent message to every peer gets encrypted differently, keeping each conversation isolated from each other encryption-speaking. These keys would have nothing to do with your wallet, they're just to encrypt any further communication between peers post-handshake. Would that be of any use to "This could provide privacy and integrity but not autentication."? http://twitter.com/gubatron On Tue, Aug 19, 2014 at 12:38 PM, Gregory Maxwell wrote: > On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier > wrote: > > If that's not acceptable, even using TLS with self-signed certificates > > would be an improvement. > > TLS is a huge complex attack surface, any use of it requires an > additional dependency with a large amount of difficult to audit code. > TLS is trivially DOS attacked and every major/widely used TLS > implementation has had multiple memory disclosure or remote execution > vulnerabilities even in just the last several years. > > We've dodged several emergency scale vulnerabilities by not having TLS. > > > ------------------------------------------------------------------------------ > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --001a11c1002480f34e0500fe6786 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
"I suggest that Bitcoin Core should generate a public/private key pa= ir and share the public one with peers."

I've not read the = p2p protocol of Bitcoin core, but I suppose the initial handshake between 2= peers would be the ideal place to exchange a public keys.

would it make sense to generate a new random pair of keys per each peer= you connect to?
then each subsequent message to every peer gets encrypt= ed differently, keeping each conversation isolated from each other encrypti= on-speaking.

These keys would have nothing to do with your wallet, they're just = to encrypt any further communication between peers post-handshake. Would th= at be of any use to "This could provide privacy and integrity but not autentic= ation."?



On Tue, Aug 19, 2014 at 12:38 PM, Gregor= y Maxwell <gmaxwell@gmail.com> wrote:
On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier
<justusranvier@riseup.net> wrote:
> If that's not acceptable, even using TLS with self-signed certific= ates
> would be an improvement.

TLS is a huge complex attack surface, any use of it requires an
additional dependency with a large amount of difficult to audit code.
TLS is trivially DOS attacked and every major/widely used TLS
implementation has had multiple memory disclosure or remote execution
vulnerabilities even in just the last several years.

We've dodged several emergency scale vulnerabilities by not having TLS.=

---------------------------------------------------------------------------= ---
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment

--001a11c1002480f34e0500fe6786--