summaryrefslogtreecommitdiff
path: root/7c/3a8b66e018c263ba0cc9cfdf7788b29b113861
blob: a14d209b240dd3fc9e63c8f81c2135b7e4ec4d64 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <christophe.biocca@gmail.com>) id 1XJn4Y-0003Sy-DD
	for bitcoin-development@lists.sourceforge.net;
	Tue, 19 Aug 2014 17:19:50 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.213.179 as permitted sender)
	client-ip=209.85.213.179;
	envelope-from=christophe.biocca@gmail.com;
	helo=mail-ig0-f179.google.com; 
Received: from mail-ig0-f179.google.com ([209.85.213.179])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1XJn4X-0007bw-Dz
	for bitcoin-development@lists.sourceforge.net;
	Tue, 19 Aug 2014 17:19:50 +0000
Received: by mail-ig0-f179.google.com with SMTP id h18so9972390igc.6
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 19 Aug 2014 10:19:44 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.42.247.137 with SMTP id mc9mr42109798icb.13.1408468784115;
	Tue, 19 Aug 2014 10:19:44 -0700 (PDT)
Received: by 10.64.78.161 with HTTP; Tue, 19 Aug 2014 10:19:44 -0700 (PDT)
In-Reply-To: <CADZB0_YfNQQstWsFt2+efYQNEhQ6ig8GD+hmbKBW6reZwEqOuQ@mail.gmail.com>
References: <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
	<CA+8=xuKRyO1=bu7cgNGHvtAeqgKBxjTH2uUkb61GdCuEQWEu5A@mail.gmail.com>
	<0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
	<CA+8=xu+KWSF6XYgH-_t87na6M6UOD0CM1su8sizxn5a4b0_Xrw@mail.gmail.com>
	<33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com>
	<53F37635.5070807@riseup.net>
	<CAAS2fgTF6424+FfzaL=+iaio2zu_uM_74yKohi7T3dtz=J9CjA@mail.gmail.com>
	<CADZB0_YfNQQstWsFt2+efYQNEhQ6ig8GD+hmbKBW6reZwEqOuQ@mail.gmail.com>
Date: Tue, 19 Aug 2014 13:19:44 -0400
Message-ID: <CANOOu=8Wce50qmWQs1inuLvxL84rpKTQWKxYsaKvqqJ_vbpZrw@mail.gmail.com>
From: Christophe Biocca <christophe.biocca@gmail.com>
To: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Content-Type: text/plain; charset=UTF-8
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(christophe.biocca[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1XJn4X-0007bw-Dz
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 19 Aug 2014 17:19:50 -0000

If your threat model is passive listeners, it seems to me that simply
establishing a symmetric key for each connection at handshake time
using diffie-hellman is all you need. No public private crypto needed
at all.

The whole thing seems like a bit of security theater unfortunately.
The kind of attacker that can pull off widespread passive listening is
probably able and willing to do active MITM. It's not a huge
incremental cost.

Instead, those users that do have a need for security should probably
connect to the network using Tor or I2P, which can give much better
security guarantees than anything being discussed here.

On Tue, Aug 19, 2014 at 12:58 PM, Angel Leon <gubatron@gmail.com> wrote:
> "
> I suggest that Bitcoin Core should generate a public/private key pair and
> share the public one with peers."
>
> I've not read the p2p protocol of Bitcoin core, but I suppose the initial
> handshake between 2 peers would be the ideal place to exchange a public
> keys.
>
> would it make sense to generate a new random pair of keys per each peer you
> connect to?
> then each subsequent message to every peer gets encrypted differently,
> keeping each conversation isolated from each other encryption-speaking.
>
> These keys would have nothing to do with your wallet, they're just to
> encrypt any further communication between peers post-handshake. Would that
> be of any use to "This could provide privacy and integrity but not
> autentication."?
>
> http://twitter.com/gubatron
>
>
> On Tue, Aug 19, 2014 at 12:38 PM, Gregory Maxwell <gmaxwell@gmail.com>
> wrote:
>>
>> On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier
>> <justusranvier@riseup.net> wrote:
>> > If that's not acceptable, even using TLS with self-signed certificates
>> > would be an improvement.
>>
>> TLS is a huge complex attack surface, any use of it requires an
>> additional dependency with a large amount of difficult to audit code.
>> TLS is trivially DOS attacked and every major/widely used TLS
>> implementation has had multiple memory disclosure or remote execution
>> vulnerabilities even in just the last several years.
>>
>> We've dodged several emergency scale vulnerabilities by not having TLS.
>>
>>
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>