Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id B46F5956 for ; Tue, 28 Jun 2016 20:14:55 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail149058.authsmtp.co.uk (outmail149058.authsmtp.co.uk [62.13.149.58]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id ED583CD for ; Tue, 28 Jun 2016 20:14:54 +0000 (UTC) Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232]) by punt20.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKErE4041255; Tue, 28 Jun 2016 21:14:53 +0100 (BST) Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKEo0E089861 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 28 Jun 2016 21:14:51 +0100 (BST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id ED9824015C; Tue, 28 Jun 2016 20:12:39 +0000 (UTC) Received: by localhost (Postfix, from userid 1000) id DBB7D2056A; Tue, 28 Jun 2016 16:14:47 -0400 (EDT) Date: Tue, 28 Jun 2016 16:14:47 -0400 From: Peter Todd To: Eric Voskuil Message-ID: <20160628201447.GA1148@fedora-21-dvm> References: <87h9cecad5.fsf@rustcorp.com.au> <1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org> <577234A4.3030808@jonasschnelli.ch> <360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org> <20160628182202.GA5519@fedora-21-dvm> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="9jxsPFA5p3P2qPhR" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Server-Quench: f874ffc7-3d6c-11e6-829e-00151795d556 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdAoUEkAaAgsB AmAbWVVeUVl7XGI7 bghPaBtcak9QXgdq T0pMXVMcUQALemle BmseWhB6cQQIcX9z YAg0VndfChIpclt+ FkgHCGwHMGF9YGIW BV1YdwJRcQRDe0tA b1YxNiYHcQ5VPz4z GA41ejw8IwAXAgVt ClhQdDoA X-Authentic-SMTP: 61633532353630.1037:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 52.5.185.120/25 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] BIP 151 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2016 20:14:55 -0000 --9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote: > Hi Peter, >=20 > What in this BIP makes a MITM attack easier (or easy) to detect, or incre= ases the probability of one being detected? BIP151 gives users the tools to detect a MITM attack. It's kinda like PGP in that way: lots of PGP users don't properly check key= s, so an attacker won't have a hard time MITM attacking those users. But some users do check keys, a labor intensive manual process, but not a process th= at requires any real cryptographic sophistication, let alone writing any code. It's very difficult for widescale attackers to distinguish the users who do check keys from the ones that don't, so if you MITM attack _any_ user you r= un the risk of running into one of the few that does check, and those users can alert everyone else. The key thing, is we need to get everyones communications encrypted first: = if we don't the MITM attacker can intercept 99% of the communications with 0% = risk of detection, because the non-sophisticated users are trivially distinguish= able =66rom the sophisticated users: just find the users with unencrypted communications! --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --9jxsPFA5p3P2qPhR Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJXctq1AAoJEGOZARBE6K+yArcH/2qGXksCSscEBSWpE12ABOGD U9p3aARNXaIwCPodQyjTi0h7JFPwLyqY0ZvFEZdYKvMVgAz8VS14Ub4XVzgwXsUl a9PaPqNW5TqFkKiOXiMB7IQCqrvGcYdcL9HoRrSLDBKttlAEr7KJT19Za9oYLtd6 4scSxeCquWxaeOrT02/7p0vLqkQ5qUNu/EFU8CdUMkNBANAZwJip2eL9/Yw7bdOZ pI2XkCznwWZGep+kvFFfUF0SZwM1u7IfR5rZK5Zg9+sifw9X8RiHwikUfYcqY2T6 4HCCiR7dwFqLAmDt25hbLcYT1DJUW6nZ+57GtkToDA9swOFwL14fyoAI2m6f1pQ= =Aga6 -----END PGP SIGNATURE----- --9jxsPFA5p3P2qPhR--