From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 3234EBC0 for ; Wed, 8 Mar 2017 21:22:30 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mx-out02.mykolab.com (mx.kolabnow.com [95.128.36.1]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3E63F1F6 for ; Wed, 8 Mar 2017 21:22:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at kolabnow.com X-Spam-Score: -2.9 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 Received: from mx03.mykolab.com (mx03.mykolab.com [10.20.7.101]) by mx-out02.mykolab.com (Postfix) with ESMTPS id E4BC879026; Wed, 8 Mar 2017 22:22:25 +0100 (CET) From: Tom Zander To: bitcoin-dev@lists.linuxfoundation.org, Jonas Schnelli Date: Wed, 08 Mar 2017 22:25:46 +0100 Message-ID: <18390846.ckRIaq9dAb@strawberry> In-Reply-To: <30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch> References: <30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Wed, 08 Mar 2017 21:45:42 +0000 Subject: Re: [bitcoin-dev] Unique node identifiers (and BIP150) X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 21:22:30 -0000 On Wednesday, 8 March 2017 20:47:54 CET Jonas Schnelli via bitcoin-dev=20 wrote: > Please Eric. Stop spreading FUD. > BIP150 has a fingerprint-free **OPTIONAL** authentication. It=E2=80=99s d= esigned > to not reveal any node identifier/identity without first get a > crypto.-proof from other peer that he already knows your identity. > **Peers can=E2=80=99t be identified without having the identity-keys pre = shared > by the node operators.** Do you know the trick of having an open wifi basestation in a public street= =20 and how that can lead to tracking? Especially if you have a network of them. The trick is this; you set up an open wifi base station with a hidden ssid= =20 and phones try to connect to it by saying =E2=80=9CAre you ssid=3Dxyz?=E2= =80=9D This leads the basestation to know that the phone has known credentials wit= h=20 another wifi that has a specific ssid. (the trick is slightly more elaborat= e,=20 but the basics are relevant here). Your BIP is vulnarable to the same issue, as a node wants to connect using= =20 the AUTHCHALLENGE which has as an argument the hash of the person I=E2=80= =99m trying=20 to connect with. Your BIP says "Fingerprinting the requesting peer is not possible=E2=80=9D. Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. Your= =20 hash never changes and as you connect to a node anyone listening can see yo= u=20 sending the same hash on every connect to that peer, whereever you are or=20 connect from. Just like the wifi hack. I think you want to use industry standards instead, and a good start may be= =20 https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange =2D-=20 Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel