1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <da2ce7@gmail.com>) id 1XJydl-000825-Kx
for bitcoin-development@lists.sourceforge.net;
Wed, 20 Aug 2014 05:40:57 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.212.178 as permitted sender)
client-ip=209.85.212.178; envelope-from=da2ce7@gmail.com;
helo=mail-wi0-f178.google.com;
Received: from mail-wi0-f178.google.com ([209.85.212.178])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1XJydk-0007Og-4I
for bitcoin-development@lists.sourceforge.net;
Wed, 20 Aug 2014 05:40:57 +0000
Received: by mail-wi0-f178.google.com with SMTP id hi2so6331710wib.11
for <bitcoin-development@lists.sourceforge.net>;
Tue, 19 Aug 2014 22:40:49 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.180.187.20 with SMTP id fo20mr4761306wic.58.1408513249889;
Tue, 19 Aug 2014 22:40:49 -0700 (PDT)
Received: by 10.194.48.51 with HTTP; Tue, 19 Aug 2014 22:40:49 -0700 (PDT)
Received: by 10.194.48.51 with HTTP; Tue, 19 Aug 2014 22:40:49 -0700 (PDT)
In-Reply-To: <BLU402-EAS2546AD6C97DCED8FCE9C04CC6D20@phx.gbl>
References: <c45a638f1e1640fe84bef01d12cda4c3@hotmail.com>
<BLU402-EAS2546AD6C97DCED8FCE9C04CC6D20@phx.gbl>
Date: Wed, 20 Aug 2014 07:40:49 +0200
Message-ID: <CAACjpwKX9cwowiCruP9xw2UiqfsVXVC1TdKvA1HbQZ6UZ6qBsA@mail.gmail.com>
From: Cameron Garnham <da2ce7@gmail.com>
To: Un Ix <slashdevnull@hotmail.com>
Content-Type: multipart/alternative; boundary=001a11c38366ebd3b20501090b01
X-Spam-Score: -0.1 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(da2ce7[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (da2ce7[at]gmail.com)
1.0 HTML_MESSAGE BODY: HTML included in message
0.3 HTML_FONT_FACE_BAD BODY: HTML font face is not a word
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1XJydk-0007Og-4I
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 05:40:57 -0000
--001a11c38366ebd3b20501090b01
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
We should aim to use perfect forward secrecy between all nodes by default.
This forces the attacker to do a MITM attack that is far more expensive on
the large scale.
I don't see why this is seen as so controversial. It is relatively cheap
to implement on our side, and has a dramatic increase of cost for any
attackers.
Cam.
On 20/08/2014 5:49 am, "Un Ix" <slashdevnull@hotmail.com> wrote:
> Excuse the ignorance, but there is something I=E2=80=99m not getting in =
this
> discussion.
>
> Given it=E2=80=99s a published protocol, with available source code runni=
ng on an
> open P2P network, why would any messages between nodes benefit from being
> encrypted? Surely all the data being processed by the network is known to
> any persistent client node(s)?
>
> Seems like that solution is orthogonal to the root problem, where
> attackers could monitor the network and deduce IP addresses by e.g. mappi=
ng
> senders of transactions.
>
> *From:* Peter Todd <pete@petertodd.org>
> *Sent:* =E2=80=8EWednesday=E2=80=8E, =E2=80=8EAugust=E2=80=8E =E2=80=8E20=
=E2=80=8E, =E2=80=8E2014 =E2=80=8E9=E2=80=8E:=E2=80=8E28=E2=80=8E =E2=80=8E=
AM
> *To:* William Yager <will.yager@gmail.com>,
> bitcoin-development@lists.sourceforge.net
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
>
>
> On 19 August 2014 21:19:43 GMT-04:00, William Yager <will.yager@gmail.com=
>
> wrote:
> >On Tue, Aug 19, 2014 at 8:14 PM, Peter Todd <pete@petertodd.org> wrote:
> >> In any case, my suggestion of enabling hidden service support by
> >default
> >> adds both encryption and reasonably good authentication.
> >
> >
> >Enabling hidden service support by default would introduce an insanely
> >huge
> >attack surface.
>
> Hence my suggestion of separating that surface by using the standalone To=
r
> binary, which runs under a different user to the Bitcoin Core binary.
>
> >And you're conflating two different things; using Tor is valuable to
> >Bitcoin because it would provide some anonymity. The encryption aspect
> >is
> >pretty much useless for us.
>
> First of all, without encryption we're leaking significant amounts of
> information to any passive attacker trying to trace the origin of Bitcoin
> transactions, a significant privacy risk.
>
> Secondly the upcoming v0.10's fee estimation implementation is quite
> vulnerable to Sybil attacks. Authentication and encryption are needed to
> make it secure from ISP-level targeting to ensure that your view of the
> network is representative. Tor support used in parallel with native
> connection is ideal here, as neither the Tor network nor your ISP alone c=
an
> Sybil attack you. It's notable that Bitcoinj has already implemented Tor
> support for these same reasons.
> -----BEGIN PGP SIGNATURE-----
> Version: APG v1.1.1
>
> iQFQBAEBCAA6BQJT8/mSMxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8
> cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhRZjCAC4PSpQ68qgtFMR77xf
> zXZLr/iMKX6yyJwXRj+vGi+0Ng/sv9NlYjYnDeflom37WlpGo/sCOFcVWImhnS2d
> kUFoUH92iXwRuEt/SN/LrHghkLWOxtVu9wa49eS/piGZFF3JWllk82MgdBZ6vjNw
> B6WuInEIurK+h8rUbAi2HjFkxVN0K0SsrFt/P0tHj10ABcMealBRoJh2Jx7fLNdS
> uTKddqeLyThEpLGNti3k+lhwQ2dA5RUBq6q3GUS/hWvTHRnU+viGMJSYv62LXRN5
> t87BXRY/R9UBpnudf3TIlPtOuIWcv2LhlXVjvbDDQqwJkvB3Qf4ejE3RZ28S5IUr
> OBQH
> =3DGy7X
> -----END PGP SIGNATURE-----
>
>
>
> -------------------------------------------------------------------------=
-----
> Slashdot TV.
> Video for Nerds. Stuff that matters.
> http://tv.slashdot.org/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
> -------------------------------------------------------------------------=
-----
> Slashdot TV.
> Video for Nerds. Stuff that matters.
> http://tv.slashdot.org/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
--001a11c38366ebd3b20501090b01
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<p dir=3D"ltr"><br>
We should aim to use perfect forward secrecy between all nodes by default.<=
/p>
<p dir=3D"ltr">This forces the attacker to do a MITM attack that is far mor=
e expensive on the large scale.</p>
<p dir=3D"ltr">I don't see why this is seen as so controversial.=C2=A0 =
It is relatively cheap to implement on our side,=C2=A0 and has a dramatic i=
ncrease of cost for any attackers.</p>
<p dir=3D"ltr">Cam.<br></p>
<div class=3D"gmail_quote">On 20/08/2014 5:49 am, "Un Ix" <<a =
href=3D"mailto:slashdevnull@hotmail.com">slashdevnull@hotmail.com</a>> w=
rote:<br type=3D"attribution"><blockquote class=3D"gmail_quote" style=3D"ma=
rgin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir=3D"ltr">
<div dir=3D"ltr" style=3D"font-family:'Calibri','Segoe UI',=
'Meiryo','Microsoft YaHei UI','Microsoft JhengHei UI=
9;,'Malgun Gothic','sans-serif';font-size:12pt"><div>Excuse=
the ignorance, but there is something I=E2=80=99m not getting in this disc=
ussion.</div>
<div><br></div><div>Given it=E2=80=99s a published protocol, with available=
source code running on an open P2P network, why would any messages between=
nodes benefit from=C2=A0being encrypted? Surely all the data being process=
ed by the network is known to any persistent client node(s)? </div>
<div><br></div><div>Seems like that solution is orthogonal to the root prob=
lem, where attackers could=C2=A0monitor the network and deduce IP addresses=
by=C2=A0e.g. mapping senders of transactions.</div><div>=C2=A0=C2=A0<br></=
div><div style=3D"padding-top:5px;border-top-color:rgb(229,229,229);border-=
top-width:1px;border-top-style:solid">
<div><font face=3D" 'Calibri', 'Segoe UI', 'Meiryo'=
, 'Microsoft YaHei UI', 'Microsoft JhengHei UI', 'Malgu=
n Gothic', 'sans-serif'" style=3D"line-height:15pt;letter-spaci=
ng:0.02em;font-family:"Calibri","Segoe UI","Meiryo=
","Microsoft YaHei UI","Microsoft JhengHei UI",&qu=
ot;Malgun Gothic","sans-serif";font-size:12pt"><b>From:</b>=
=C2=A0<a href=3D"mailto:pete@petertodd.org" target=3D"_blank">Peter Todd</a=
><br>
<b>Sent:</b>=C2=A0=E2=80=8EWednesday=E2=80=8E, =E2=80=8EAugust=E2=80=8E =E2=
=80=8E20=E2=80=8E, =E2=80=8E2014 =E2=80=8E9=E2=80=8E:=E2=80=8E28=E2=80=8E =
=E2=80=8EAM<br><b>To:</b>=C2=A0<a href=3D"mailto:will.yager@gmail.com" targ=
et=3D"_blank">William Yager</a>, <a href=3D"mailto:bitcoin-development@list=
s.sourceforge.net" target=3D"_blank">bitcoin-development@lists.sourceforge.=
net</a></font></div>
</div><div><br></div><div dir=3D"">
<div>-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
<br>
<br>
On 19 August 2014 21:19:43 GMT-04:00, William Yager <<a href=3D"mailto:w=
ill.yager@gmail.com" target=3D"_blank">will.yager@gmail.com</a>> wrote:<=
br>
>On Tue, Aug 19, 2014 at 8:14 PM, Peter Todd <<a href=3D"mailto:pete@=
petertodd.org" target=3D"_blank">pete@petertodd.org</a>> wrote:<br>
>> In any case, my suggestion of enabling hidden service support by<b=
r>
>default<br>
>> adds both encryption and reasonably good authentication.<br>
><br>
><br>
>Enabling hidden service support by default would introduce an insanely<=
br>
>huge<br>
>attack surface.<br>
<br>
Hence my suggestion of separating that surface by using the standalone Tor =
binary, which runs under a different user to the Bitcoin Core binary.<br>
<br>
>And you're conflating two different things; using Tor is valuable t=
o<br>
>Bitcoin because it would provide some anonymity. The encryption aspect<=
br>
>is<br>
>pretty much useless for us.<br>
<br>
First of all, without encryption we're leaking significant amounts of i=
nformation to any passive attacker trying to trace the origin of Bitcoin tr=
ansactions, a significant privacy risk.<br>
<br>
Secondly the upcoming v0.10's fee estimation implementation is quite vu=
lnerable to Sybil attacks. Authentication and encryption are needed to make=
it secure from ISP-level targeting to ensure that your view of the network=
is representative. Tor support used in parallel with native connection is =
ideal here, as neither the Tor network nor your ISP alone can Sybil attack =
you. It's notable that Bitcoinj has already implemented Tor support for=
these same reasons.<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: APG v1.1.1<br>
<br>
iQFQBAEBCAA6BQJT8/mSMxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8<br>
cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhRZjCAC4PSpQ68qgtFMR77xf<br>
zXZLr/iMKX6yyJwXRj+vGi+0Ng/sv9NlYjYnDeflom37WlpGo/sCOFcVWImhnS2d<br>
kUFoUH92iXwRuEt/SN/LrHghkLWOxtVu9wa49eS/piGZFF3JWllk82MgdBZ6vjNw<br>
B6WuInEIurK+h8rUbAi2HjFkxVN0K0SsrFt/P0tHj10ABcMealBRoJh2Jx7fLNdS<br>
uTKddqeLyThEpLGNti3k+lhwQ2dA5RUBq6q3GUS/hWvTHRnU+viGMJSYv62LXRN5<br>
t87BXRY/R9UBpnudf3TIlPtOuIWcv2LhlXVjvbDDQqwJkvB3Qf4ejE3RZ28S5IUr<br>
OBQH<br>
=3DGy7X<br>
-----END PGP SIGNATURE-----<br>
<br>
<br>
---------------------------------------------------------------------------=
---<br>
Slashdot TV.=C2=A0 <br>
Video for Nerds.=C2=A0 Stuff that matters.<br>
<a href=3D"http://tv.slashdot.org/" target=3D"_blank">http://tv.slashdot.or=
g/</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net" target=3D"_bla=
nk">Bitcoin-development@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</div>
</div></div>
</div>
<br>-----------------------------------------------------------------------=
-------<br>
Slashdot TV.<br>
Video for Nerds.=C2=A0 Stuff that matters.<br>
<a href=3D"http://tv.slashdot.org/" target=3D"_blank">http://tv.slashdot.or=
g/</a><br>_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div>
--001a11c38366ebd3b20501090b01--
|