summaryrefslogtreecommitdiff
path: root/89/e55acaeae8fadedbebe02085612cb801fe869c
blob: e53eb4066396983594df3ff35a04b50309348f40 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <pete@petertodd.org>) id 1XJtyH-0002uZ-1N
	for bitcoin-development@lists.sourceforge.net;
	Wed, 20 Aug 2014 00:41:49 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of petertodd.org
	designates 62.13.149.77 as permitted sender)
	client-ip=62.13.149.77; envelope-from=pete@petertodd.org;
	helo=outmail149077.authsmtp.com; 
Received: from outmail149077.authsmtp.com ([62.13.149.77])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
	id 1XJtyF-0008Ml-To for bitcoin-development@lists.sourceforge.net;
	Wed, 20 Aug 2014 00:41:48 +0000
Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235])
	by punt15.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s7K0fWxI094006;
	Wed, 20 Aug 2014 01:41:32 +0100 (BST)
Received: from android-61a40235731d80b6.lan (76-10-178-110.dsl.teksavvy.com
	[76.10.178.110]) (authenticated bits=0)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s7K0fTbP012846
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Wed, 20 Aug 2014 01:41:30 +0100 (BST)
User-Agent: K-9 Mail for Android
In-Reply-To: <CAJHLa0PnvpAaTgaUej=1G7CJ9=BYSjEWvXybfEaG9pFJxsM8fQ@mail.gmail.com>
References: <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
	<CA+8=xuKRyO1=bu7cgNGHvtAeqgKBxjTH2uUkb61GdCuEQWEu5A@mail.gmail.com>
	<0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
	<CA+8=xu+KWSF6XYgH-_t87na6M6UOD0CM1su8sizxn5a4b0_Xrw@mail.gmail.com>
	<33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com>
	<53F37635.5070807@riseup.net>
	<CAAS2fgTF6424+FfzaL=+iaio2zu_uM_74yKohi7T3dtz=J9CjA@mail.gmail.com>
	<53F38AC9.4000608@corganlabs.com> <53F3DFF7.9070709@jrn.me.uk>
	<CAJHLa0ORxgQrkc4oiqSa3NdNHLU-0pmZDLjXUSpBKWBsBWTgcQ@mail.gmail.com>
	<3476b0a1-e08a-46bf-9ee4-ef56fcb02d72@email.android.com>
	<CAJHLa0PnvpAaTgaUej=1G7CJ9=BYSjEWvXybfEaG9pFJxsM8fQ@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
 charset=UTF-8
From: Peter Todd <pete@petertodd.org>
Date: Tue, 19 Aug 2014 20:41:27 -0400
To: Jeff Garzik <jgarzik@bitpay.com>
Message-ID: <b7934ce1-a22f-42d2-92ed-bc5a1c3a27be@email.android.com>
X-Server-Quench: ba4201b9-2802-11e4-b396-002590a15da7
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
	bgdMdAIUGUATAgsB AmIbW1VeVFx7WmM7 bAxPbAVDY01GQQRr
	UFdNRFdNFUsrBmcB UHpMMhlzdQ1CfjBx Y05rWz4JDUB4dUcv
	S1NWHW0EeGZhPWQC AkNRcR5UcAFPdx8U a1UrBXRDAzANdhES
	HhM4ODE3eDlSNilR RRkIIFQOdA4zBDkk QAsLGWdnMEsOXTQr
	M1QsK0IXG0cXekA/ KkAoVl8DWwA8
X-Authentic-SMTP: 61633532353630.1023:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.110/465
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1XJtyF-0008Ml-To
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>,
	Justus Ranvier <justusranvier@riseup.net>
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 00:41:49 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 19 August 2014 20:21:35 GMT-04:00, Jeff Garzik <jgarzik@bitpay.com> wrote:
>On Tue, Aug 19, 2014 at 8:16 PM, Peter Todd <pete@petertodd.org> wrote:
>> That is simply incorrect. The resources required to do that kind of
>monitoring are very high; even the NSA can't pull it off consistently
>for
>
>Hardly.  For example, when a new block arrives on the network, a
>single observer at a single location may obtain a binary "likely|not
>bitcoin protocol" decision from a spike in usage correlated with
>sudden, global network activity after a period of inactivity.  I'll
>not detail all such metrics.

Emphasis on "likely", at best. Forcing you adversary to rely on uncertain statistics is a huge improvement over the status quo. Secondly your example is of a new block; the more general concern is determining where a given transaction originated. In the best of circumstances determining the origin of a few hundred bytes of days interspersed in dozens of kB/s of buffered data streams is very difficult and expensive even without padding and/or random delay features.

Again, I've spoken to people like Jacob Applebaum about this who have a solid understanding of what the NSA is actually capable of, and they've confirmed the above. Don't let perfect be the enemy of good.

Of course, that's not to say we shouldn't cost-benefit analysis the implementation; not using straight OpenSSL for this is a wise decision. Hence the suggestion of using the existing and tested Tor support to encrypt by default.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1

iQFQBAEBCAA6BQJT8+62MxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8
cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhZe/CADI+XvuCzK6N0/UUieD
WzrGexWQsqNxX2hYQpzAiYT3Y5k4CCJ3yvett0udYKS3Piqd/ihvj9RfjWe5nO+d
snPGNwFU7jSRJ+hwPdnlHfFW99LCkKOzBX0hgC+qg11SyLKcsBwE3qaiFM47G1hy
r4f1qX3Te2Kt0bUxP65d1M0Js1M0x+qLxXs6e9Gy3scFSpDjeoamgliJ6jBeeX9U
8H0mambip5CZ+diGbaMeCCRJd19XH7Nz0QgcznYScmz/3krQhtIdEJKts7bs87vh
vZyH7M4wVCiIDmDNxAIO2slo3+eopEvbOPgqjT7L72jrQgp3zVUtbJDzpSAgcB+M
vLhB
=AuCe
-----END PGP SIGNATURE-----