summaryrefslogtreecommitdiff
path: root/56/ee2027c22d0364c6181865dc7009b19a22bdc9
blob: 7cee882e1ae6bdd1431f981b80da534ba3bef122 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
Return-Path: <pete@petertodd.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 2826A9F8
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 20:36:13 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from outmail148110.authsmtp.com (outmail148110.authsmtp.com
	[62.13.148.110])
	by smtp1.linuxfoundation.org (Postfix) with ESMTP id 62D3A292
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Tue, 28 Jun 2016 20:36:12 +0000 (UTC)
Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232])
	by punt20.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKaAcA091742;
	Tue, 28 Jun 2016 21:36:10 +0100 (BST)
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
	[52.5.185.120]) (authenticated bits=0)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5SKa7Bl054929
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 28 Jun 2016 21:36:08 +0100 (BST)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by petertodd.org (Postfix) with ESMTPSA id 2EB6B4015C;
	Tue, 28 Jun 2016 20:33:57 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000)
	id A32CB2056A; Tue, 28 Jun 2016 16:36:05 -0400 (EDT)
Date: Tue, 28 Jun 2016 16:36:05 -0400
From: Peter Todd <pete@petertodd.org>
To: Eric Voskuil <eric@voskuil.org>
Message-ID: <20160628203605.GA1328@fedora-21-dvm>
References: <87h9cecad5.fsf@rustcorp.com.au>
	<1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
	<577234A4.3030808@jonasschnelli.ch>
	<360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org>
	<20160628182202.GA5519@fedora-21-dvm>
	<D40F9E9D-DB6C-4083-A9E8-C5EBC363DB30@voskuil.org>
	<20160628201447.GA1148@fedora-21-dvm>
	<4DCF7DD2-6533-4F79-8CA1-871B67C01BDA@voskuil.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="sm4nu43k4a2Rpi4c"
Content-Disposition: inline
In-Reply-To: <4DCF7DD2-6533-4F79-8CA1-871B67C01BDA@voskuil.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Server-Quench: f1ebb6a4-3d6f-11e6-829e-00151795d556
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
	aQdMdAoUEkAaAgsB AmAbWVVeU1t7WWo7 bghPaBtcak9QXgdq
	T0pMXVMcUQALek0G dEIeVx17dQwIeX5w YUIsCHEODhZ8JEJg
	QRpSQ3AHZDJmdWgd WRVFdwNVdQJNdxoR b1V5GhFYa3VsNCMk
	FAgyOXU9MCtqYA50 eklUcAt6
X-Authentic-SMTP: 61633532353630.1037:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
	autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] BIP 151
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2016 20:36:13 -0000


--sm4nu43k4a2Rpi4c
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Jun 28, 2016 at 10:29:54PM +0200, Eric Voskuil wrote:
>=20
>=20
> > On Jun 28, 2016, at 10:14 PM, Peter Todd <pete@petertodd.org> wrote:
> >=20
> >> On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
> >> Hi Peter,
> >>=20
> >> What in this BIP makes a MITM attack easier (or easy) to detect, or in=
creases the probability of one being detected?
> >=20
> > BIP151 gives users the tools to detect a MITM attack.
> >=20
> > It's kinda like PGP in that way: lots of PGP users don't properly check=
 keys,
>=20
> PGP requires a secure side channel for transmission of public keys. How d=
oes one "check" a key of an anonymous peer? I know you well enough to know =
you wouldn't trust a PGP key received over an insecure channel.
>=20
> All you can prove is that you are talking to a peer and that communicatio=
ns in the session remain with that peer. The peer can be the attacker. As J=
onas has acknowledged, authentication is required to actually guard against=
 MITM attacks.

Easy: anonymous peers aren't always actually anonymous.

A MITM attacker can't easily distinguish communications between two nodes t=
hat
randomly picked their peers, and nodes that are connected because their
operators manually used -addnode to peer; in the latter case the operators =
can
check whether or not they're being attacked with an out-of-band key check.

--=20
https://petertodd.org 'peter'[:-1]@petertodd.org

--sm4nu43k4a2Rpi4c
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJXct+yAAoJEGOZARBE6K+y3xsH/Rj54dTZN0nFB2vU4CzonS00
Iljo9i0FXlo12qHcMgDRBnXu27Lh6wVuAlADf+gIPiGUKC8PUvGDxtqvIPTz7R+r
lAoHvycHZ+PxVX4QdV8FCjzRlHRRV/2cHuhqemBBqGNx/rJskp59Ed2bnEur0wh3
CrU3Kd32h5aXBZA0FHcYSvL7GSig6GNqk3in8q6iYpC5Zs5djqm5kg5/3wWINNyF
9UVhJyjSbYTHk9ow3MRg4AKaxlB1Ksf2nWRrq+1J7U7v9ACjMjEttU30PmPugiFE
rhYuS/q6wXgjvajrvCuiRirxVAUiFwRvsqrGWqNXZzYij1f4JgyR3JTFX/bo1QM=
=t4hw
-----END PGP SIGNATURE-----

--sm4nu43k4a2Rpi4c--