1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
Return-Path: <nbvfour@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 0E449949
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 24 Aug 2016 23:03:19 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-qk0-f172.google.com (mail-qk0-f172.google.com
[209.85.220.172])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5FBFBAC
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 24 Aug 2016 23:03:18 +0000 (UTC)
Received: by mail-qk0-f172.google.com with SMTP id z190so30506953qkc.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 24 Aug 2016 16:03:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:from:date:message-id
:subject:to:cc;
bh=DZ4+TiKWmgBSvk0cGUuZSlgePvBLbLw6qvoXe9cwkKc=;
b=CBbPvhmm5M6OJhq6XUqco8Uyhxdwa/VX1ATEVjk5Zh6iybEkbkwU/HqhRtmJPSqfbJ
CfsErZAu5T1nl+d+ZKdowpAAst7ONdBODXsBd9HLaKLwao4gvOfoT3Mu0RgpfzJ47Zg8
EGLpnQau6Ks4wadcNazI4Czf5y6jEBdjqRheYQ63G+m2NTx9lR6BBAsHYSHIJ/q5dD9e
AwmGf088gnsVxKhvSHkKdx4BnMmDVazsOVroonpg6tHQDC4j5KKle+Ap0mguBeMSaI/R
W47HVjvT5d6WJHr4VvA/dNTCE1mwJ0M0CcdFaiRnqvaL8EZiDZpW2s6E8zqf10U9YwXB
HmLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
:date:message-id:subject:to:cc;
bh=DZ4+TiKWmgBSvk0cGUuZSlgePvBLbLw6qvoXe9cwkKc=;
b=l1XGykwee1uHiLbQk7Hh3I0DkJWcfKItXU2yIW6ETWK0hrAhlQ9rqyqS0G/QvZcqEE
2EeXEvj4Z0G6ZnSioQNi2OgLPEwBq+0bZu/IljLg0MoHCCLwA+z8T9quG/zaV7VG6Lvb
l0fJ6A+87O+25ah013HDUoH3hwDS5gjeWh7MmqZEbsfuXC4zrMMNrFzWuEsEJxVcSU12
qQNr/EUUIRF6rV07nzpOxXWtJqFKwYGHWtoi4JAIXpdoPz3a7pScRBq5LhZRU8VfaLNz
OIOgzQvg5diVqeYY1tqmkRA1NG9N25yyiR2GNKiNAmW65XvQBun0AHxakh0bW0xtrFjl
OE8w==
X-Gm-Message-State: AE9vXwNi46K/dT6Nk6qjVeqQYtjComDYsIXn9nf6/5tDnWi9cImbSC9ZWNkCPSF2cZSH6jWljia6xRi8WMdy4A==
X-Received: by 10.233.222.193 with SMTP id s184mr6478922qkf.154.1472079797541;
Wed, 24 Aug 2016 16:03:17 -0700 (PDT)
MIME-Version: 1.0
Sender: nbvfour@gmail.com
Received: by 10.237.55.199 with HTTP; Wed, 24 Aug 2016 16:03:16 -0700 (PDT)
In-Reply-To: <20160824192211.GB24668@fedora-21-dvm>
References: <20160824014634.GA19905@fedora-21-dvm>
<CAAEDBiEkGtj0HSBVgM1KGfsoLmpwK7QxGCTQE1z7FaCPtG2V6g@mail.gmail.com>
<20160824192211.GB24668@fedora-21-dvm>
From: Chris Priest <cp368202@ohiou.edu>
Date: Wed, 24 Aug 2016 16:03:16 -0700
X-Google-Sender-Auth: -sWHQaPgK7fVMK7wgze8_zfR0M0
Message-ID: <CAAcC9yvh_BSerOeGka=9T_wOkUDw6bMGj=MWoBP4N16EswcKcw@mail.gmail.com>
To: Peter Todd <pete@petertodd.org>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: text/plain; charset=UTF-8
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Capital Efficient Honeypots w/ "Scorched Earth"
Doublespending Protection
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2016 23:03:19 -0000
How does your system prevent against insider attacks? How do you know
the money is stolen by someone who compromised server #4, and not
stolen by the person who set up server #4? It is my understanding
these days most attacks are inside jobs.
On 8/24/16, Peter Todd via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> On Thu, Aug 25, 2016 at 01:37:34AM +1000, Matthew Roberts wrote:
>> Really nice idea. So its like a smart contract that incentivizes
>> publication that a server has been hacked? I also really like how the
>> funding has been handled -- with all the coins stored in the same address
>> and then each server associated with a unique signature. That way, you
>> don't have to split up all the coins among every server and reduce the
>> incentive for an attacker yet you can still identify which server was
>> hacked.
>>
>> It would be nice if after the attacker broke into the server that they
>> were
>> also incentivized to act on the information as soon as possible
>> (revealing
>> early on when the server was compromised.) I suppose you could split up
>> the
>> coins into different outputs that could optimally be redeemed by the
>> owner
>> at different points in the future -- so they're incentivzed to act lest
>
> Remember that it's _always_ possible for the owner to redeem the coins at
> any
> time, and there's no way to prevent that.
>
> The incentive for the intruder to collect the honeypot in a timely manner
> is
> simple: once they've broken in, the moment the honeypot owner learns about
> the
> compromise they have every reason to attempt to recover the funds, so the
> intruder needs to act as fast as possible to maximize their chances of
> being
> rewarded.
>
> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
>
|
