1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <pete@petertodd.org>) id 1XJtcF-0000H6-0I
for bitcoin-development@lists.sourceforge.net;
Wed, 20 Aug 2014 00:19:03 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org
designates 62.13.148.96 as permitted sender)
client-ip=62.13.148.96; envelope-from=pete@petertodd.org;
helo=outmail148096.authsmtp.net;
Received: from outmail148096.authsmtp.net ([62.13.148.96])
by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1XJtcD-0004Rd-Oj for bitcoin-development@lists.sourceforge.net;
Wed, 20 Aug 2014 00:19:02 +0000
Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235])
by punt17.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s7K0GXnv004097;
Wed, 20 Aug 2014 01:16:33 +0100 (BST)
Received: from android-61a40235731d80b6.lan (76-10-178-110.dsl.teksavvy.com
[76.10.178.110]) (authenticated bits=0)
by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s7K0GUYb026570
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
Wed, 20 Aug 2014 01:16:31 +0100 (BST)
User-Agent: K-9 Mail for Android
In-Reply-To: <CAJHLa0ORxgQrkc4oiqSa3NdNHLU-0pmZDLjXUSpBKWBsBWTgcQ@mail.gmail.com>
References: <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
<CA+8=xuKRyO1=bu7cgNGHvtAeqgKBxjTH2uUkb61GdCuEQWEu5A@mail.gmail.com>
<0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
<CA+8=xu+KWSF6XYgH-_t87na6M6UOD0CM1su8sizxn5a4b0_Xrw@mail.gmail.com>
<33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com>
<53F37635.5070807@riseup.net>
<CAAS2fgTF6424+FfzaL=+iaio2zu_uM_74yKohi7T3dtz=J9CjA@mail.gmail.com>
<53F38AC9.4000608@corganlabs.com> <53F3DFF7.9070709@jrn.me.uk>
<CAJHLa0ORxgQrkc4oiqSa3NdNHLU-0pmZDLjXUSpBKWBsBWTgcQ@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset=UTF-8
From: Peter Todd <pete@petertodd.org>
Date: Tue, 19 Aug 2014 20:16:28 -0400
To: Jeff Garzik <jgarzik@bitpay.com>, J Ross Nicoll <jrn@jrn.me.uk>
Message-ID: <3476b0a1-e08a-46bf-9ee4-ef56fcb02d72@email.android.com>
X-Server-Quench: 3d3f42b8-27ff-11e4-b396-002590a15da7
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
bgdMdAIUGUATAgsB AmIbW1VeUVt7WmE7 bAxPbAVDY01GQQRr
UFdNRFdNFUsrBmcB cXt3ABlwcQBBeDBx YkNrXj5YCEcscUQv
SlNWEjtQeGZhPWQC AkNRcR5UcAFPdx8U a1UrBXRDAzANdhES
HhM4ODE3eDlSNilR RRkIIFQOdA4zBDkk QAsLGWdnMEsOXTQr
M1QsK0IXG0cXekA/ KkAoVl8DWwA8
X-Authentic-SMTP: 61633532353630.1023:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.110/465
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1XJtcD-0004Rd-Oj
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>,
Justus Ranvier <justusranvier@riseup.net>
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 00:19:03 -0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 19 August 2014 19:40:39 GMT-04:00, Jeff Garzik <jgarzik@bitpay.com> wrote:
>Encryption is of little value if you may deduce the same information
>by observing packet sizes and timings.
That is simply incorrect. The resources required to do that kind of monitoring are very high; even the NSA can't pull it off consistently for non-targetted operations due to limitations on upstream bandwidth and other resources. (remember that many of their taps are non-cooperative ones, obtained by breaking into routers at ISP's) This I've confirmed with direct conversation with Jacob Applebaum and other Tor devs. Every additional bit of encrypted information flowing over the internet increases the work they need to so to deanonymize you. This is not unlike how CoinJoin, while not providing guaranteed anonymity, makes the job of attackers significantly more difficult by creating large amounts of statistical noise. In addition the Bitcoin P2P protocol has natural anti-traffic analysis properties due to its asynchronous nature.
Re: MITM attacks, again, the resources required to conduct them on a large scale instead of passive attacks just don't exist. For instance the NSA has to be relatively selective in using them for fear of being detected; being able to detect attacks is a huge improvement over the status quo anyway.
Having said that using Tor by default in Bitcoin Core is an even easier way of enabling encryption and authentication, and would help protect all Tor users from surveillance. The easiest way to do this would be to make the Debian/Ubuntu packages depend on Tor, and include a install-time script to setup the hidden service. I've verified with the Tor devs that they would welcome the additional load on the Tor network that Bitcoin would add.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.1.1
iQFQBAEBCAA6BQJT8+jcMxxQZXRlciBUb2RkIChsb3cgc2VjdXJpdHkga2V5KSA8
cGV0ZUBwZXRlcnRvZGQub3JnPgAKCRAZnIM7qOfwhU2WB/9XE6BFxTkbjIfVn46U
uH7HCV/FSgCeSConO7LbFR2m6hN5eZ4oKcLzIi65SqRUol2eCGWVoJDsl3vuTmwF
c4gOqdieJQ6SOdHAzcolf+b3p+VwIXXUMMsO2vI6UGZvV6gFJXnZ17GASdSo9+f8
x4VxgLSunZD0xRMiMntaqPMFu1MyplomimQadW5MDt3QTa2BrOsDMwNS10NSQIAL
8ywHSKh8UddVL8ZeinE/Bhf3T1OnDVBIUCVHhhEYnKLqCnwmyY3NXH4lzXpPvo+e
LhzF7HzB5tE22vIQNb/3RimoN5FV7p4FEvgsGwT/kjjUAxgg6/LpNY5WQG6FL8nJ
/8F3
=t4/7
-----END PGP SIGNATURE-----
|
