summaryrefslogtreecommitdiff
path: root/bf/ffddb5587b11026a956053dde21b56c923bbfe
blob: ca4d9182896e9fcded909a1dabd8df2967fef228 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <jgarzik@bitpay.com>) id 1XJt85-0007dR-Ct
	for bitcoin-development@lists.sourceforge.net;
	Tue, 19 Aug 2014 23:47:53 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of bitpay.com
	designates 209.85.213.45 as permitted sender)
	client-ip=209.85.213.45; envelope-from=jgarzik@bitpay.com;
	helo=mail-yh0-f45.google.com; 
Received: from mail-yh0-f45.google.com ([209.85.213.45])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1XJt84-0006rP-9T
	for bitcoin-development@lists.sourceforge.net;
	Tue, 19 Aug 2014 23:47:53 +0000
Received: by mail-yh0-f45.google.com with SMTP id 29so6295140yhl.18
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 19 Aug 2014 16:47:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc:content-type;
	bh=UrrZwUWuAyeRijgIyX07J9F7FX18GEz+ALtp8ol1axY=;
	b=KkL9FINC0iK/LS3WoC/TbE8hLx24cF0LZ4H18dInvaxNjmXHwF72cQHLQaSI8eRGqT
	qexsBsflCYkhASh/fewimPufd4y0s0nolVhA6dmpH/OAyASKGOBd2o17AvgL+UAC0aXr
	oWRQ9MN6fmaco5tI0pP9KL3OUvK3RuNzgbTxsW9aJpT776TDLchCKp/UkKT0tgsa2Sya
	/VmTmNMpOmBCELs7ocAi/2s68bfH7F8Pj2KCRN6hyTP4IvL4BTktEmkuj0QyZyGkjIXT
	mDOxZT2ymvbM+kGJCoJ9M2E7i6ap3xCYVkjzNlEsJT471FN8lADTojf1/LU/cz9t8oNK
	ZYBw==
X-Gm-Message-State: ALoCoQniNMegg+PWu3dixfHWLVjsJCkY15IOdfwgF3UCpo3SpPyeKPglT7wlWo/PQR2IXrA4JraU
X-Received: by 10.236.39.173 with SMTP id d33mr25028530yhb.104.1408491660006; 
	Tue, 19 Aug 2014 16:41:00 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.170.37.200 with HTTP; Tue, 19 Aug 2014 16:40:39 -0700 (PDT)
In-Reply-To: <53F3DFF7.9070709@jrn.me.uk>
References: <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
	<CA+8=xuKRyO1=bu7cgNGHvtAeqgKBxjTH2uUkb61GdCuEQWEu5A@mail.gmail.com>
	<0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
	<CA+8=xu+KWSF6XYgH-_t87na6M6UOD0CM1su8sizxn5a4b0_Xrw@mail.gmail.com>
	<33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com>
	<53F37635.5070807@riseup.net>
	<CAAS2fgTF6424+FfzaL=+iaio2zu_uM_74yKohi7T3dtz=J9CjA@mail.gmail.com>
	<53F38AC9.4000608@corganlabs.com> <53F3DFF7.9070709@jrn.me.uk>
From: Jeff Garzik <jgarzik@bitpay.com>
Date: Tue, 19 Aug 2014 19:40:39 -0400
Message-ID: <CAJHLa0ORxgQrkc4oiqSa3NdNHLU-0pmZDLjXUSpBKWBsBWTgcQ@mail.gmail.com>
To: J Ross Nicoll <jrn@jrn.me.uk>
Content-Type: text/plain; charset=UTF-8
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1XJt84-0006rP-9T
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>,
	Justus Ranvier <justusranvier@riseup.net>
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 19 Aug 2014 23:47:53 -0000

Encryption is of little value if you may deduce the same information
by observing packet sizes and timings.


On Tue, Aug 19, 2014 at 7:38 PM, J Ross Nicoll <jrn@jrn.me.uk> wrote:
> The concern is that if you can monitor traffic in and out of a single node,
> you can determine which transactions originate from it vs those which it
> relays. That's not great, certainly, but how many nodes actually require
> that level of security, and surely they can use Tor or VPN services if so?
>
> Further, unless the remote nodes are in some way trusted, you're changing
> the attack from read-only to requiring the ability to perform  a man in the
> middle attack - that doesn't seem much harder to me.
>
> As Gregory states, there's been at least two recent serious if not
> catastrophic OpenSSL bugs, and the consequences of Heartbleed if the Bitcoin
> network had been vulnerable are the stuff of nightmares.
>
> Very difficult to see the risk/reward payoff being worthwhile.
>
> Ross
>
>
> On 19/08/2014 18:35, Johnathan Corgan wrote:
>
> On 08/19/2014 09:38 AM, Gregory Maxwell wrote:
>
> We've dodged several emergency scale vulnerabilities by not having TLS.
>
> I'm still trying to understand the original premise that we want
> encrypted communications between nodes.
>
> I can certainly see the value of having *authenticated* traffic with
> specific nodes, using an HMAC for the protocol messages in place of the
> current checksum.
>
>
>
> ------------------------------------------------------------------------------
>
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
>
> ------------------------------------------------------------------------------
> Slashdot TV.
> Video for Nerds.  Stuff that matters.
> http://tv.slashdot.org/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>



-- 
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc.      https://bitpay.com/