Return-Path: Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id C1D55C0177 for ; Sun, 22 Mar 2020 15:38:29 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id BCBA1883E1 for ; Sun, 22 Mar 2020 15:38:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nAVDJd2miNaT for ; Sun, 22 Mar 2020 15:38:28 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mout-p-201.mailbox.org (mout-p-201.mailbox.org [80.241.56.171]) by hemlock.osuosl.org (Postfix) with ESMTPS id DDFFC88177 for ; Sun, 22 Mar 2020 15:38:27 +0000 (UTC) Received: from smtp2.mailbox.org (smtp2.mailbox.org [IPv6:2001:67c:2050:105:465:1:2:0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by mout-p-201.mailbox.org (Postfix) with ESMTPS id 48lhVn4SMpzQlJJ; Sun, 22 Mar 2020 16:38:25 +0100 (CET) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.241]) by spamfilter04.heinlein-hosting.de (spamfilter04.heinlein-hosting.de [80.241.56.122]) (amavisd-new, port 10030) with ESMTP id gjsPM6r_gVgV; Sun, 22 Mar 2020 16:38:22 +0100 (CET) Message-ID: From: Tim Ruffing To: Russell O'Connor Date: Sun, 22 Mar 2020 16:38:21 +0100 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sun, 22 Mar 2020 15:42:00 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Overview of anti-covert-channel signing techniques X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Mar 2020 15:38:29 -0000 On Sun, 2020-03-22 at 11:30 -0400, Russell O'Connor wrote: > Your claim is that if we don't fix the pubkey issue there is no point > in fixing the signature issue. I disagree. While I think both > issues need to be fully addressed, the issues around the original > proposed non-deterministic signature scheme are far more severe. The > proposal would move us from a deterministic scheme, where spot checks > are possible, with all the caveats that entails, to a non- > deterministic scheme where spot checks are impossible. My hope is > that we can standardise a scheme that has the advantages of non- > determinism without the threat of covert channels. I think we agree that both issues should be addressed, and this is all what matters in the end. Now that we have a proposal for Schnorr signatures, it's indeed a good time to work on these issues. Tim