Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 7FEFC360 for ; Sat, 25 Feb 2017 21:54:18 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-it0-f67.google.com (mail-it0-f67.google.com [209.85.214.67]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 0DCB2AF for ; Sat, 25 Feb 2017 21:54:17 +0000 (UTC) Received: by mail-it0-f67.google.com with SMTP id 203so7821505ith.2 for ; Sat, 25 Feb 2017 13:54:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=cG7eerOsV9A0HFh5XinItOlz4ZlbOSIjCaQ3vvOyx+Y=; b=qVv/dlf2vcOS4pbYOSv7zf1uYekWMcO/WEk64ZM2ycjzKft/dYHimaUVEiLJjLAVQm DJ3C8f+ETGePueCP7ws3fPd0PZkDe8yaTeFyOEtLGlH7WkFLltbBuhbNJ07njV0Flwsp Tdw8mw07jOR63DtRxz/CZjcWn/NH38aLE7WYquOgTnCapdLApDSDW0QfXky7BQFGU3kd GiDRCX7G0jhjuK9lu/CgNdE0+AeNIBfHiH5ObtO2fV2oLXDafTEO0SNtT+pVhnNrGly7 DljNNc8M0fQdcbv3UeOBPtrn3oSxr1mXdzwH7qqCW84iFIRT6UWyLs/6xnZ7+JGQwyYL YHgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=cG7eerOsV9A0HFh5XinItOlz4ZlbOSIjCaQ3vvOyx+Y=; b=YzxUtgiPT4e2n9RWzkYxEZ0ETieG40dld9x1HDc9Jz3eqmX27YyuuHK5gfcL8YrXhv baLWEiZ3kb/vOyv6UQRIwJXYG3Ccv56zHmLdgSVnlPk8scwcy6YwIUnanoXarl7emDLa zd0fATTUZ+5QbG0N2yX44J8ZPxR21ScGiQECohxlyzZHxzNGLKtmvLoVhsd2yv1IRFur qirb1f3FNOdw4H25Lnz+2Dttd+tfN9ymP1TxKHdTGwrP+okgT1iXcsCZKCZ7dJbOoVTs ElIXG7tw00mt3ryBiv4L3y7PNnSG4RPOhUYrTcv4iT6RmxJBFwPNzGCsvtfIZ+mmXPvY mYFQ== X-Gm-Message-State: AMke39nOnpRPKxPh2rq1q5UA2QH3ZmhOIUyIq+onYYfq3i09VHQ/ge2jQ/u4fPwNdj8dfw== X-Received: by 10.36.181.69 with SMTP id j5mr8435293iti.13.1488059657425; Sat, 25 Feb 2017 13:54:17 -0800 (PST) Received: from [10.0.1.42] (71-81-80-204.dhcp.stls.mo.charter.com. [71.81.80.204]) by smtp.gmail.com with ESMTPSA id a22sm2430250itb.29.2017.02.25.13.54.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 25 Feb 2017 13:54:16 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) From: Steve Davis In-Reply-To: <20170225214018.GA16524@savin.petertodd.org> Date: Sat, 25 Feb 2017 15:54:16 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: References: <8F096BE1-D305-43D4-AF10-2CC48837B14F@gmail.com> <20170225010122.GA10233@savin.petertodd.org> <208F93FE-B7C8-46BE-8E00-52DBD0F43415@gmail.com> <20170225191201.GA15472@savin.petertodd.org> <20170225210406.GA16196@savin.petertodd.org> <4FE38F6A-0560-4989-9C53-7F8C94EA4C76@gmail.com> <20170225214018.GA16524@savin.petertodd.org> To: Peter Todd X-Mailer: Apple Mail (2.3259) X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Sat, 25 Feb 2017 22:08:47 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] SHA1 collisions make Git vulnerable to attakcs by third-parties, not just repo maintainers X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Feb 2017 21:54:18 -0000 Hi Peter, > On Feb 25, 2017, at 3:40 PM, Peter Todd wrote: >=20 > On Sat, Feb 25, 2017 at 03:34:33PM -0600, Steve Davis wrote: >> Yea, well. I don=E2=80=99t think it is ethical to post instructions = without an associated remediation (BIP) if you don=E2=80=99t see the = potential attack. >=20 > I can't agree with you at all there: we're still at the point where = the > computational costs of such attacks limit their real-world impact, = which is > exactly when you want the *maximum* exposure to what they are and what = the > risks are, so that people develop mitigations. >=20 I agree with the latter part of your statement but am actually much less = confident about the first part=E2=80=A6 I need to run some numbers on = that. > Keeping details secret tends to keep the attacks out of public view, = which > might be a good trade-off in a situation where the attacks are = immediately > practical and the need to deploy a fix is well understood. But we're = in the > exact opposite situation. >=20 >> I was rather hoping that we could have a fuller discussion of what = the best practical response would be to such an issue? >=20 > Deploying segwit's 256-bit digests is a response that's already fully = coded and > ready to deploy, with the one exception of a new address format. That = address > format is being actively worked on, and could be deployed relatively = quickly if > needed. >=20 I really, really don=E2=80=99t want to get into it but segwit has many = aspects that are less appealing, not least of which being the amount of = time it would take to reach the critical mass.=20 Surely there's a number of alternative approaches which could be = explored, even if only to make a fair assessment of a best response? /s=