1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
Return-Path: <dev@jonasschnelli.ch>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id C5587C72
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 8 Mar 2017 21:31:07 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from server3 (server3.include7.ch [144.76.194.38])
by smtp1.linuxfoundation.org (Postfix) with ESMTP id 55B92206
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 8 Mar 2017 21:31:07 +0000 (UTC)
Received: by server3 (Postfix, from userid 115)
id 5501B2D0022D; Wed, 8 Mar 2017 22:31:06 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Spam-Level:
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1,
MIME_QP_LONG_LINE autolearn=ham version=3.3.1
Received: from [10.0.1.31] (cable-static-140-182.teleport.ch [87.102.140.182])
by server3 (Postfix) with ESMTPSA id 11EAC2D0016B;
Wed, 8 Mar 2017 22:31:05 +0100 (CET)
From: Jonas Schnelli <dev@jonasschnelli.ch>
Message-Id: <FBFEE1B5-9243-45DA-A8F6-1449591DCAB6@jonasschnelli.ch>
Content-Type: multipart/signed;
boundary="Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926";
protocol="application/pgp-signature"; micalg=pgp-sha256
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Date: Wed, 8 Mar 2017 22:31:01 +0100
In-Reply-To: <18390846.ckRIaq9dAb@strawberry>
To: Tom Zander <tomz@freedommail.ch>
References: <BL2PR03MB435C5077E69D91D0A8092B6EE2A0@BL2PR03MB435.namprd03.prod.outlook.com>
<D4B674DB-8F2E-4AA1-B271-FEE02A62A274@voskuil.org>
<30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch>
<18390846.ckRIaq9dAb@strawberry>
X-Mailer: Apple Mail (2.3259)
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Unique node identifiers (and BIP150)
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Mar 2017 21:31:07 -0000
--Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8
Hi Tom
> Do you know the trick of having an open wifi basestation in a public =
street
> and how that can lead to tracking? Especially if you have a network of =
them.
> The trick is this; you set up an open wifi base station with a hidden =
ssid
> and phones try to connect to it by saying =E2=80=9CAre you =
ssid=3Dxyz?=E2=80=9D
> This leads the basestation to know that the phone has known =
credentials with
> another wifi that has a specific ssid. (the trick is slightly more =
elaborate,
> but the basics are relevant here).
>=20
> Your BIP is vulnarable to the same issue, as a node wants to connect =
using
> the AUTHCHALLENGE which has as an argument the hash of the person =
I=E2=80=99m trying
> to connect with.
This thread is not about BIP150/151.
The hash includes the encryption session which makes it impossible to =
distinct identities.
>=20
> Your BIP says "Fingerprinting the requesting peer is not possible=E2=80=9D=
.
> Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. =
Your
> hash never changes and as you connect to a node anyone listening can =
see you
> sending the same hash on every connect to that peer, whereever you are =
or
> connect from.
Not true. The hash includes the encryption session which is based on a =
ephemeral ECDH/HKDF per connection-session.
Have you read the BIP?
</jonas>
--Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEyhopCNzi8TB0xizeHrd2uwPHki0FAljAeBUACgkQHrd2uwPH
ki2hGA/8CXy60sVIIFBP0Ya99Ih67HNiXDi9Zf8IATAW04qF//6MUaNkqsbB9O+B
Hc+B+qN4pVPtww9GIbdxVSRb8ydVmnSubBDv0p8giNTaKvQfLFL5Il0bjRmVg/9c
+jQTDbwyHOfP5moTgJ0I3az//mBY6pQ8bgZIQ5GGvmSoK8cesoHsMJfD/FelmAly
ZxzQ/gX7QD5YV7biJxRmCOAqzVheEB8iEW7VHJPsk3aIbpfEKi/JCJvXRhZs91lt
C4/CUr40cNSwMQMnZH/oDz1u+/ozORUyYk3PU6Iyjp7DM/Ha2/G62KdU6Isx2FAK
BhWz8Q3Jb3HBm4Mh0kiEJHk/2PG9Fkr/dwgpQhdik/vuaJy4QtbIWOcOW7OQLw9c
oH2QbgelKlIRwvj/M8ByT10ANE7J6ZMrvfjQpdrDjAM56BCMCraZzbfLvlC7z+Kj
msD4b2nKKAQH5MaiU5eL6rpEYuQVVgc8uuTO4gSZKY/BHm4HzJlZnvDvkBlbDghi
syirQetvpsqrLBIAo7iLd28z3FjVQffJDT0+t2+w3SUEoWMkiwhqapFx3rh3qky0
7NXEXuHE1y8StZ5aUJ8Aong28YDQcvoAtXxPXtZ2h1h9UafoRbblmlnN8sfMf7lI
Tax8v0ePnCvRlUCc5tl938WW/ktS4qkXKtdKG1ns46gmmBVAelg=
=iPro
-----END PGP SIGNATURE-----
--Apple-Mail=_243D5DCE-2DB2-4EBE-AD25-E4B4D5E10926--
|
