summaryrefslogtreecommitdiff
path: root/d9/9d8c1489df5020adc132aeefd472838955dc91
blob: 6973a5e6c78309ab48974353f73fb7cc44b559d0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
Return-Path: <eric@voskuil.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 02ECF9EB
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 20:29:59 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wm0-f46.google.com (mail-wm0-f46.google.com [74.125.82.46])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2FAED1FE
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 20:29:58 +0000 (UTC)
Received: by mail-wm0-f46.google.com with SMTP id a66so44122679wme.0
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 13:29:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=voskuil-org.20150623.gappssmtp.com; s=20150623;
	h=mime-version:subject:from:in-reply-to:date:cc
	:content-transfer-encoding:message-id:references:to;
	bh=GPngk4K78dRiDVbpHCReP61E8+fER4y6+Y7Cf5x6wvY=;
	b=wp9lFN0oDslJ4mVvCemm9j3cdYh/TwqFEDQbjyr0Q/HHDQiSyykc0brYCbaFsN529e
	tPqB8cZoGyGAX8qS7wLNnh/6w8MzQtMrJLpxXLUTvJrQWhV3F3VBPtIBL5Q+4CdiCMuX
	CmtTCjeAkrNQcM56U6HRmIlDerzE183lrKplVfzysibA9zsCRvTDpa7ri3A0H3dLwyn1
	7yzNf4IujFz/k/130xmbOkSbdvgk4c3HUBNy7mQNdxA3zEL1LMk1UOS/MYf2p31FkVQo
	sL2qJQ/iYZ5uQ/KBpOqypiSlf04SJsh9OPJi8D5f4GnzzSEKSSVFgx1237jhhmLH4xts
	sKFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
	:content-transfer-encoding:message-id:references:to;
	bh=GPngk4K78dRiDVbpHCReP61E8+fER4y6+Y7Cf5x6wvY=;
	b=U5YZFcl/VzgRKXIlp0cXD0LkmdkkHTDbT5NxWdnFQ0jEr8WooARkbtDC0mGS6D9kMu
	FzZKC9Y/+yPwKVZYipK25araUswEa+HlkmBjA6sE9YDEEJ6xSnGjf36WWbk8e6zsnfVe
	WBOrAci4eiIMO1zFTak9FFcFgFgOURjzNoHan6/R5pu4Hf3+NglRAzEa9GAp6bsMfMj0
	lV+bFms3SuEfM1zrRjHExlRwNsw63v17v94Up1m9qRhqYltThDV+HLsxokI6KDESM8an
	hzxBuffYs0xJQR0KvRJVSP2HyssGf+Jemt9nqOsFhaQ1Jn69vl5Uu8z1272Hk2ttSMHA
	+uPA==
X-Gm-Message-State: ALyK8tJkg4ATl+S1rRLFcVCgSimW0DfeL1lUCJpgijIg1tBZwAwWOy1QQI+GF+5HlXMChw==
X-Received: by 10.194.190.163 with SMTP id gr3mr4766328wjc.148.1467145796752; 
	Tue, 28 Jun 2016 13:29:56 -0700 (PDT)
Received: from [10.114.7.71] ([41.33.219.254])
	by smtp.gmail.com with ESMTPSA id r6sm609461wme.14.2016.06.28.13.29.55
	(version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 28 Jun 2016 13:29:55 -0700 (PDT)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Eric Voskuil <eric@voskuil.org>
X-Mailer: iPhone Mail (13F69)
In-Reply-To: <20160628201447.GA1148@fedora-21-dvm>
Date: Tue, 28 Jun 2016 22:29:54 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <4DCF7DD2-6533-4F79-8CA1-871B67C01BDA@voskuil.org>
References: <87h9cecad5.fsf@rustcorp.com.au>
	<1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
	<577234A4.3030808@jonasschnelli.ch>
	<360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org>
	<20160628182202.GA5519@fedora-21-dvm>
	<D40F9E9D-DB6C-4083-A9E8-C5EBC363DB30@voskuil.org>
	<20160628201447.GA1148@fedora-21-dvm>
To: Peter Todd <pete@petertodd.org>
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, MIME_QP_LONG_LINE,
	RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] BIP 151
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2016 20:29:59 -0000



> On Jun 28, 2016, at 10:14 PM, Peter Todd <pete@petertodd.org> wrote:
>=20
>> On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
>> Hi Peter,
>>=20
>> What in this BIP makes a MITM attack easier (or easy) to detect, or incre=
ases the probability of one being detected?
>=20
> BIP151 gives users the tools to detect a MITM attack.
>=20
> It's kinda like PGP in that way: lots of PGP users don't properly check ke=
ys,

PGP requires a secure side channel for transmission of public keys. How does=
 one "check" a key of an anonymous peer? I know you well enough to know you w=
ouldn't trust a PGP key received over an insecure channel.

All you can prove is that you are talking to a peer and that communications i=
n the session remain with that peer. The peer can be the attacker. As Jonas h=
as acknowledged, authentication is required to actually guard against MITM a=
ttacks.

> so an attacker won't have a hard time MITM attacking those users. But some=

> users do check keys, a labor intensive manual process, but not a process t=
hat
> requires any real cryptographic sophistication, let alone writing any code=
.
> It's very difficult for widescale attackers to distinguish the users who d=
o
> check keys from the ones that don't, so if you MITM attack _any_ user you r=
un
> the risk of running into one of the few that does check, and those users c=
an
> alert everyone else.
>=20
> The key thing, is we need to get everyones communications encrypted first:=
 if
> we don't the MITM attacker can intercept 99% of the communications with 0%=
 risk
> of detection, because the non-sophisticated users are trivially distinguis=
hable from the sophisticated users: just find the users with unencrypted
> communications!
>=20
> --=20
> https://petertodd.org 'peter'[:-1]@petertodd.org