Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XJtcF-0000H6-0I for bitcoin-development@lists.sourceforge.net; Wed, 20 Aug 2014 00:19:03 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.96 as permitted sender) client-ip=62.13.148.96; envelope-from=pete@petertodd.org; helo=outmail148096.authsmtp.net; Received: from outmail148096.authsmtp.net ([62.13.148.96]) by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1XJtcD-0004Rd-Oj for bitcoin-development@lists.sourceforge.net; Wed, 20 Aug 2014 00:19:02 +0000 Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235]) by punt17.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s7K0GXnv004097; Wed, 20 Aug 2014 01:16:33 +0100 (BST) Received: from android-61a40235731d80b6.lan (76-10-178-110.dsl.teksavvy.com [76.10.178.110]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s7K0GUYb026570 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 20 Aug 2014 01:16:31 +0100 (BST) User-Agent: K-9 Mail for Android In-Reply-To: References: <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com> <33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com> <53F37635.5070807@riseup.net> <53F38AC9.4000608@corganlabs.com> <53F3DFF7.9070709@jrn.me.uk> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 From: Peter Todd Date: Tue, 19 Aug 2014 20:16:28 -0400 To: Jeff Garzik , J Ross Nicoll Message-ID: <3476b0a1-e08a-46bf-9ee4-ef56fcb02d72@email.android.com> X-Server-Quench: 3d3f42b8-27ff-11e4-b396-002590a15da7 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR bgdMdAIUGUATAgsB AmIbW1VeUVt7WmE7 bAxPbAVDY01GQQRr UFdNRFdNFUsrBmcB cXt3ABlwcQBBeDBx YkNrXj5YCEcscUQv SlNWEjtQeGZhPWQC AkNRcR5UcAFPdx8U a1UrBXRDAzANdhES HhM4ODE3eDlSNilR RRkIIFQOdA4zBDkk QAsLGWdnMEsOXTQr M1QsK0IXG0cXekA/ KkAoVl8DWwA8 X-Authentic-SMTP: 61633532353630.1023:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 76.10.178.110/465 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1XJtcD-0004Rd-Oj Cc: Bitcoin Development , Justus Ranvier Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2014 00:19:03 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 19 August 2014 19:40:39 GMT-04:00, Jeff Garzik wrote: >Encryption is of little value if you may deduce the same information >by observing packet sizes and timings. That is simply incorrect. The resources required to do that kind of monitoring are very high; even the NSA can't pull it off consistently for non-targetted operations due to limitations on upstream bandwidth and other resources. (remember that many of their taps are non-cooperative ones, obtained by breaking into routers at ISP's) This I've confirmed with direct conversation with Jacob Applebaum and other Tor devs. Every additional bit of encrypted information flowing over the internet increases the work they need to so to deanonymize you. This is not unlike how CoinJoin, while not providing guaranteed anonymity, makes the job of attackers significantly more difficult by creating large amounts of statistical noise. In addition the Bitcoin P2P protocol has natural anti-traffic analysis properties due to its asynchronous nature. Re: MITM attacks, again, the resources required to conduct them on a large scale instead of passive attacks just don't exist. For instance the NSA has to be relatively selective in using them for fear of being detected; being able to detect attacks is a huge improvement over the status quo anyway. Having said that using Tor by default in Bitcoin Core is an even easier way of enabling encryption and authentication, and would help protect all Tor users from surveillance. The easiest way to do this would be to make the Debian/Ubuntu packages depend on Tor, and include a install-time script to setup the hidden service. I've verified with the Tor devs that they would welcome the additional load on the Tor network that Bitcoin would add. -----BEGIN PGP SIGNATURE----- Version: APG v1.1.1 iQFQBAEBCAA6BQJT8+jcMxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8 cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhU2WB/9XE6BFxTkbjIfVn46U uH7HCV/FSgCeSConO7LbFR2m6hN5eZ4oKcLzIi65SqRUol2eCGWVoJDsl3vuTmwF c4gOqdieJQ6SOdHAzcolf+b3p+VwIXXUMMsO2vI6UGZvV6gFJXnZ17GASdSo9+f8 x4VxgLSunZD0xRMiMntaqPMFu1MyplomimQadW5MDt3QTa2BrOsDMwNS10NSQIAL 8ywHSKh8UddVL8ZeinE/Bhf3T1OnDVBIUCVHhhEYnKLqCnwmyY3NXH4lzXpPvo+e LhzF7HzB5tE22vIQNb/3RimoN5FV7p4FEvgsGwT/kjjUAxgg6/LpNY5WQG6FL8nJ /8F3 =t4/7 -----END PGP SIGNATURE-----