1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
Return-Path: <gmaxwell@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 54EDC9D
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 9 Jun 2016 01:24:11 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-vk0-f51.google.com (mail-vk0-f51.google.com
[209.85.213.51])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id BEEE2FB
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 9 Jun 2016 01:24:10 +0000 (UTC)
Received: by mail-vk0-f51.google.com with SMTP id d64so35693775vkb.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 08 Jun 2016 18:24:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:from:date:message-id
:subject:to; bh=1dy2zl0uqy9IhhLncVZsoXT2oM1yhbvQo7MAqc0EvIU=;
b=y65P5bPst/wu87RcoopWma6qurKzrERFMzf9Qqw52F1irfO3ZD/ebilSVf9p6afZ5Z
svH3bPifjJwwyZDAGk9VqLyypTcmSLfzy8qGkeWDaTfaPpfOlmOokugDW4rZcM04bfOE
5NrnT3RiL9lO0fh50kROiXV648Un6invZZbD5wAfVyCCJLi7TLrjDGzHWswthryfXX+7
oUgeBxia68b+nLpfPMnViJWvxh7im3hO/VzhRHpOyTgabxXPA+Qbj2fG2+f+oXaqCCSn
GPvjakgxkC4zo/PqzpPC0j73Z4YrOo/FRYL2o0lBZ8wSYt1nHI9OJ+e1Al6l87crUdNu
Ef6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
:date:message-id:subject:to;
bh=1dy2zl0uqy9IhhLncVZsoXT2oM1yhbvQo7MAqc0EvIU=;
b=Z9cGwMra4DhcqbaeHI9jCDalxDosvVdfd02q0zaG97thkGhzD7dzh2j5q7J4d97tUT
vNopiXDD/YQhDY0GHATbsoy0puBqYEVYeGTqfEkPWfECvucKM2xjOrVHSIJxU8diYc0W
owWi5P5kqj7sgM5+JjVXb5Zj1hY5ZjA/vWANCckCJQ4c38/w1Ao1hUpkXrvT+4XO+053
97kow9uwPFn6xNH9pLJZw2MtMs+qIHH60xkwoYX3Sz0wF1juVragcnSvC84bviCtH6BM
uco7VXDAHuRFjqtpcu4HXSA4sGTKayR+jotKgcEWQ1eeYYrk6ZoTa6UquBHIlE/DN21X
Yhig==
X-Gm-Message-State: ALyK8tLdPLOA34n0LEgoKx8+QQAbrq1M2RMHiOp1AXWxq3u19t4rfUcCJOcH4PPfUo4SDdBcZLIpM27LxLx0Rw==
X-Received: by 10.31.205.70 with SMTP id d67mr3712777vkg.141.1465435449912;
Wed, 08 Jun 2016 18:24:09 -0700 (PDT)
MIME-Version: 1.0
Sender: gmaxwell@gmail.com
Received: by 10.103.97.135 with HTTP; Wed, 8 Jun 2016 18:24:09 -0700 (PDT)
In-Reply-To: <20160608234728.GQ32334@dosf1.alfie.wtf>
References: <20160608234728.GQ32334@dosf1.alfie.wtf>
From: Gregory Maxwell <greg@xiph.org>
Date: Thu, 9 Jun 2016 01:24:09 +0000
X-Google-Sender-Auth: DOCd6cv0hREgnlfOVwBOnonY4gc
Message-ID: <CAAS2fgTtu8nqwgrO1u8SRuga6ozcYt7NEDR_tv+cuA3uqgtKvA@mail.gmail.com>
To: Alfie John <alfie@alfie.wtf>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: text/plain; charset=UTF-8
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] BIP 151 MITM
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2016 01:24:11 -0000
On Wed, Jun 8, 2016 at 11:47 PM, Alfie John via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> Hi folks,
>
> Overall I think BIP 151 is a good idea. However unless I'm mistaken, what's to
> prevent someone between peers to suppress the initial 'encinit' message during
> negotiation, causing both to fallback to plaintext?
>
> Peers should negotiate a secure channel from the outset or backout entirely
> with no option of falling back. This can be indicated loudly by the daemon
> listening on an entirely new port.
Reduction to plaintext isn't an interesting attack vector for an
active attacker: they can simply impersonate the remote side.
This is addressed via authentication, where available, which is done
by a separate specification that builds on this one.
Without authentication this only provides protection against passive attackers.
|
