1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <gmaxwell@gmail.com>) id 1W4ff7-00088Z-26
for bitcoin-development@lists.sourceforge.net;
Sat, 18 Jan 2014 23:50:49 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.217.169 as permitted sender)
client-ip=209.85.217.169; envelope-from=gmaxwell@gmail.com;
helo=mail-lb0-f169.google.com;
Received: from mail-lb0-f169.google.com ([209.85.217.169])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1W4ff6-0004Yb-7q
for bitcoin-development@lists.sourceforge.net;
Sat, 18 Jan 2014 23:50:49 +0000
Received: by mail-lb0-f169.google.com with SMTP id q8so4068708lbi.0
for <bitcoin-development@lists.sourceforge.net>;
Sat, 18 Jan 2014 15:50:41 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.153.6.34 with SMTP id cr2mr6547lad.44.1390089041505; Sat, 18
Jan 2014 15:50:41 -0800 (PST)
Received: by 10.112.198.65 with HTTP; Sat, 18 Jan 2014 15:50:41 -0800 (PST)
In-Reply-To: <52F8B4EC-F955-46E4-B871-3BEEFF69907D@taplink.co>
References: <CANEZrP1KAVhi_-cxCYe0rR9LUSYJ8MyW8=6eSJZ65FeY5ZJNuQ@mail.gmail.com>
<20140114225321.GT38964@giles.gnomon.org.uk>
<CANAnSg0tH_bK_19rsRRHOeZgrGYeWMhW89fXPyS4DQGmS4r_7A@mail.gmail.com>
<CALimQCXgc0eXeOcqFGUaCpSF7gKEe87KzvLqHZwUysV3WyjjGw@mail.gmail.com>
<CAAS2fgShChAQryfUOBp60jB-zxn2tH986fu1HfT+LsNdBYnoYg@mail.gmail.com>
<CAJHLa0P5r2+kxy7w8G=h=TAhdk1jUoW5UOiv-euo47uQY0u9ZA@mail.gmail.com>
<op.w9q6jdsayldrnw@laptop-air.hsd1.ca.comcast.net>
<20140116212805.GA4421@petertodd.org>
<CANAnSg2TY7Zh7RnHkBeTz1s-WutGLayum8q5DhdLhtOBMDT9ng@mail.gmail.com>
<CANEZrP1=PMiJn9BoN50K1wz2tOdxx5L80ngjErCJqj5wm2ESPA@mail.gmail.com>
<20140117144601.GA8614@petertodd.org>
<CALimQCU10asn65q=+VwCVNtgbROu9XQOYKzB7jy-TCFoemjEOQ@mail.gmail.com>
<52DA093D.4070505@gmail.com>
<CAAS2fgSdLXfKgbC+MtsiXdp9o7BNp1pc1p_G511LrgwOzGNZFg@mail.gmail.com>
<52F8B4EC-F955-46E4-B871-3BEEFF69907D@taplink.co>
Date: Sat, 18 Jan 2014 15:50:41 -0800
Message-ID: <CAAS2fgRJ_axd-iZzrgt5oiPDGzNt9heyUut7nFWChriOv29oDQ@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Jeremy Spilman <jeremy@taplink.co>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(gmaxwell[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1W4ff6-0004Yb-7q
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Stealth Addresses
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 18 Jan 2014 23:50:49 -0000
On Sat, Jan 18, 2014 at 3:12 PM, Jeremy Spilman <jeremy@taplink.co> wrote:
> In the case where payment is being sent only to Q1, and Q2 is for discove=
ry only, perhaps we could use a 160-bit curve for d2/Q2 and e/P resulting i=
n 20 byte vs 32 bytes in the OP_RETURN, and of course faster multiplication=
.
>
> 80-bits of security I assume still greatly exceeds the actual level of pr=
ivacy you get with the overall solution, and since Q2 is never protecting a=
ctual funds...
>
> But if it's a "real weakening" of the privacy then definitely not worth i=
t, and even the added complexity of another curve seems possibly not worth =
it...
Well super-fast hand optimized code for (your choice of) 160 bit curve
may not ever exist, making it slower in practice. Plus the extra code
to carry around even if it does exist=E2=80=A6
|