Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XK712-0005kW-DF for bitcoin-development@lists.sourceforge.net; Wed, 20 Aug 2014 14:37:32 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.218.53 as permitted sender) client-ip=209.85.218.53; envelope-from=mh.in.england@gmail.com; helo=mail-oi0-f53.google.com; Received: from mail-oi0-f53.google.com ([209.85.218.53]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XK710-0005i6-GS for bitcoin-development@lists.sourceforge.net; Wed, 20 Aug 2014 14:37:31 +0000 Received: by mail-oi0-f53.google.com with SMTP id e131so5589666oig.26 for ; Wed, 20 Aug 2014 07:37:25 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.60.158.8 with SMTP id wq8mr49156390oeb.40.1408545445003; Wed, 20 Aug 2014 07:37:25 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.76.97.132 with HTTP; Wed, 20 Aug 2014 07:37:24 -0700 (PDT) In-Reply-To: References: Date: Wed, 20 Aug 2014 16:37:24 +0200 X-Google-Sender-Auth: SKmuFlZAsDpL1yvXvj70x-Um6GY Message-ID: From: Mike Hearn To: Cameron Garnham Content-Type: multipart/alternative; boundary=047d7bd6ac48e67bbe0501108a11 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XK710-0005i6-GS Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2014 14:37:32 -0000 --047d7bd6ac48e67bbe0501108a11 Content-Type: text/plain; charset=UTF-8 I would be very happy if we upgraded the P2P protocol with MAC keys and a simple home grown encryption layer, because: 1. It's practically guaranteed that 5-eyes intelligence agencies are either systematically deanonymising Bitcoin users already (linking transactions to real world identities) or close to succeeding. Peter is correct. Given the way their infrastructure works, encrypting link level traffic would significantly raise the bar to such attacks. Quite possibly to the level where it's deemed unprofitable to continue. 2. Tor is not a complete solution. The most interesting links to monitor are those from SPV clients connecting to Core nodes. Whilst Java SPV clients have the nice option of an easy bundled Tor client (er, once we fix the last bugs) clients that are not based on bitcoinj would have to use the full-blown Tor client, which is not only a PITA to bundle as Tor is not at all library-fied, but is a giant pile of C which is almost certainly exploitable. Even if it runs in a separate address space, for many platforms this is insufficient as a compromised Tor client could then go ahead and compromise your wallet app too. Implementing a full Tor client is not a reasonable thing to ask of a wallet developer, but doing HMAC checks and a simple ECDH exchange + AES would be quite realistic. --047d7bd6ac48e67bbe0501108a11 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I would be very happy if we upg= raded the P2P protocol with MAC keys and a simple home grown encryption lay= er, because:
  1. It's practically g= uaranteed that 5-eyes intelligence agencies are either systematically deano= nymising Bitcoin users already (linking transactions to real world identiti= es) or close to succeeding. Peter is correct. Given the way their infrastru= cture works, encrypting link level traffic would significantly raise the ba= r to such attacks. Quite possibly to the level where it's deemed unprof= itable to continue.

  2. Tor is not a complete solution. The most interesting links to = monitor are those from SPV clients connecting to Core nodes. Whilst Java SP= V clients have the nice option of an easy bundled Tor client (er, once we f= ix the last bugs) clients that are not based on bitcoinj would have to use = the full-blown Tor client, which is not only a PITA to bundle as Tor is not= at all library-fied, but is a giant pile of C which is almost certainly ex= ploitable. Even if it runs in a separate address space, for many platforms = this is insufficient as a compromised Tor client could then go ahead and co= mpromise your wallet app too.
Implementing a full Tor client is not a reasonable thing to = ask of a wallet developer, but doing HMAC checks and a simple ECDH exchange= + AES would be quite realistic.
--047d7bd6ac48e67bbe0501108a11--