summaryrefslogtreecommitdiff
path: root/b8/82aeefe22a5fddac3857e9bf3f0e95e8513a08
blob: 4dd4a34e2f16735fef9765c3f754c365a04dd151 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
Return-Path: <tomz@freedommail.ch>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 3234EBC0
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Wed,  8 Mar 2017 21:22:30 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mx-out02.mykolab.com (mx.kolabnow.com [95.128.36.1])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3E63F1F6
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Wed,  8 Mar 2017 21:22:29 +0000 (UTC)
X-Virus-Scanned: amavisd-new at kolabnow.com
X-Spam-Score: -2.9
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
	autolearn=ham version=3.3.1
Received: from mx03.mykolab.com (mx03.mykolab.com [10.20.7.101])
	by mx-out02.mykolab.com (Postfix) with ESMTPS id E4BC879026;
	Wed,  8 Mar 2017 22:22:25 +0100 (CET)
From: Tom Zander <tomz@freedommail.ch>
To: bitcoin-dev@lists.linuxfoundation.org,
	Jonas Schnelli <dev@jonasschnelli.ch>
Date: Wed, 08 Mar 2017 22:25:46 +0100
Message-ID: <18390846.ckRIaq9dAb@strawberry>
In-Reply-To: <30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch>
References: <BL2PR03MB435C5077E69D91D0A8092B6EE2A0@BL2PR03MB435.namprd03.prod.outlook.com>
	<D4B674DB-8F2E-4AA1-B271-FEE02A62A274@voskuil.org>
	<30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="UTF-8"
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Mailman-Approved-At: Wed, 08 Mar 2017 21:45:42 +0000
Subject: Re: [bitcoin-dev] Unique node identifiers (and BIP150)
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Mar 2017 21:22:30 -0000

On Wednesday, 8 March 2017 20:47:54 CET Jonas Schnelli via bitcoin-dev=20
wrote:
> Please Eric. Stop spreading FUD.
> BIP150 has a fingerprint-free **OPTIONAL** authentication. It=E2=80=99s d=
esigned
> to not reveal any node identifier/identity without first get a
> crypto.-proof from other peer that he already knows your identity.
> **Peers can=E2=80=99t be identified without having the identity-keys pre =
shared
> by the node operators.**

Do you know the trick of having an open wifi basestation in a public street=
=20
and how that can lead to tracking? Especially if you have a network of them.
The trick is this; you set up an open wifi base station with a hidden ssid=
=20
and phones try to connect to it by saying =E2=80=9CAre you ssid=3Dxyz?=E2=
=80=9D
This leads the basestation to know that the phone has known credentials wit=
h=20
another wifi that has a specific ssid. (the trick is slightly more elaborat=
e,=20
but the basics are relevant here).

Your BIP is vulnarable to the same issue, as a node wants to connect using=
=20
the AUTHCHALLENGE which has as an argument the hash of the person I=E2=80=
=99m trying=20
to connect with.

Your BIP says "Fingerprinting the requesting peer is not possible=E2=80=9D.
Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. Your=
=20
hash never changes and as you connect to a node anyone listening can see yo=
u=20
sending the same hash on every connect to that peer, whereever you are or=20
connect from.

Just like the wifi hack.

I think you want to use industry standards instead, and a good start may be=
=20
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
=2D-=20
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel