Return-Path: <pete@petertodd.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id B46F5956
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 20:14:55 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from outmail149058.authsmtp.co.uk (outmail149058.authsmtp.co.uk
	[62.13.149.58])
	by smtp1.linuxfoundation.org (Postfix) with ESMTP id ED583CD
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 20:14:54 +0000 (UTC)
Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232])
	by punt20.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKErE4041255;
	Tue, 28 Jun 2016 21:14:53 +0100 (BST)
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
	[52.5.185.120]) (authenticated bits=0)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKEo0E089861
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 28 Jun 2016 21:14:51 +0100 (BST)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by petertodd.org (Postfix) with ESMTPSA id ED9824015C;
	Tue, 28 Jun 2016 20:12:39 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000)
	id DBB7D2056A; Tue, 28 Jun 2016 16:14:47 -0400 (EDT)
Date: Tue, 28 Jun 2016 16:14:47 -0400
From: Peter Todd <pete@petertodd.org>
To: Eric Voskuil <eric@voskuil.org>
Message-ID: <20160628201447.GA1148@fedora-21-dvm>
References: <87h9cecad5.fsf@rustcorp.com.au>
	<1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
	<577234A4.3030808@jonasschnelli.ch>
	<360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org>
	<20160628182202.GA5519@fedora-21-dvm>
	<D40F9E9D-DB6C-4083-A9E8-C5EBC363DB30@voskuil.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="9jxsPFA5p3P2qPhR"
Content-Disposition: inline
In-Reply-To: <D40F9E9D-DB6C-4083-A9E8-C5EBC363DB30@voskuil.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Server-Quench: f874ffc7-3d6c-11e6-829e-00151795d556
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
	aQdMdAoUEkAaAgsB AmAbWVVeUVl7XGI7 bghPaBtcak9QXgdq
	T0pMXVMcUQALemle BmseWhB6cQQIcX9z YAg0VndfChIpclt+
	FkgHCGwHMGF9YGIW BV1YdwJRcQRDe0tA b1YxNiYHcQ5VPz4z
	GA41ejw8IwAXAgVt ClhQdDoA
X-Authentic-SMTP: 61633532353630.1037:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
	autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] BIP 151
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2016 20:14:55 -0000


--9jxsPFA5p3P2qPhR
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
> Hi Peter,
>=20
> What in this BIP makes a MITM attack easier (or easy) to detect, or incre=
ases the probability of one being detected?

BIP151 gives users the tools to detect a MITM attack.

It's kinda like PGP in that way: lots of PGP users don't properly check key=
s,
so an attacker won't have a hard time MITM attacking those users. But some
users do check keys, a labor intensive manual process, but not a process th=
at
requires any real cryptographic sophistication, let alone writing any code.
It's very difficult for widescale attackers to distinguish the users who do
check keys from the ones that don't, so if you MITM attack _any_ user you r=
un
the risk of running into one of the few that does check, and those users can
alert everyone else.

The key thing, is we need to get everyones communications encrypted first: =
if
we don't the MITM attacker can intercept 99% of the communications with 0% =
risk
of detection, because the non-sophisticated users are trivially distinguish=
able
=66rom the sophisticated users: just find the users with unencrypted
communications!

--=20
https://petertodd.org 'peter'[:-1]@petertodd.org

--9jxsPFA5p3P2qPhR
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJXctq1AAoJEGOZARBE6K+yArcH/2qGXksCSscEBSWpE12ABOGD
U9p3aARNXaIwCPodQyjTi0h7JFPwLyqY0ZvFEZdYKvMVgAz8VS14Ub4XVzgwXsUl
a9PaPqNW5TqFkKiOXiMB7IQCqrvGcYdcL9HoRrSLDBKttlAEr7KJT19Za9oYLtd6
4scSxeCquWxaeOrT02/7p0vLqkQ5qUNu/EFU8CdUMkNBANAZwJip2eL9/Yw7bdOZ
pI2XkCznwWZGep+kvFFfUF0SZwM1u7IfR5rZK5Zg9+sifw9X8RiHwikUfYcqY2T6
4HCCiR7dwFqLAmDt25hbLcYT1DJUW6nZ+57GtkToDA9swOFwL14fyoAI2m6f1pQ=
=Aga6
-----END PGP SIGNATURE-----

--9jxsPFA5p3P2qPhR--