public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Richard Moore <me@ricmoo.com>
To: "Raúl Martínez" <rme@i-rme.es>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
Date: Tue, 19 Aug 2014 11:30:45 -0400	[thread overview]
Message-ID: <33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com> (raw)
In-Reply-To: <CA+8=xu+KWSF6XYgH-_t87na6M6UOD0CM1su8sizxn5a4b0_Xrw@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2912 bytes --]

Oh, I see. I misread, thinking you wanted the dev team to have a private key and share the public key, similar to alerts. But each peer would have a public/private key pair and use something akin to ECDH for a symmetric key and transport using a block cipher?

How would you share the public key? If I were a man-in-the-middle, I could intercept the public key, generate my own and pass that along and then decouple the pipe when the other side shares their public key.

Also, you should not ignore your SSH fingerprint, as you exactly open yourself to mitm attacks.



On Aug 19, 2014, at 11:11 AM, Raúl Martínez <rme@i-rme.es> wrote:

> Only messages between peers are encrypted, only during transit.
> 
> Before sending a transaction to Node B you use his public key, so Node B has the key
> 
> El 19/08/2014 17:05, "Richard Moore" <me@ricmoo.com> escribió:
> If you encrypt all messages with an asymmetric cipher, how would each node make use of the blockchain in an encrypted form? Each node would be able to encrypt the data, but only the Bitcoin Core Dev could decrypt it?
> 
> 
> On Aug 19, 2014, at 5:49 AM, Raúl Martínez <rme@i-rme.es> wrote:
> 
>> Hi,
>> I believe that all comunications should be encrypted by default, no matter that is public information (tx info), the only exception I would make would be block packets (to avoid increasing propagation time).
>> 
>> I suggest that Bitcoin Core should generate a public/private key pair and share the public one with peers.
>> 
>> This could provide privacy and integrity but not autentication.
>> 
>> This way you can impersonate a bitcoin node (active mitm) but you cant just be passive and record all transactions send or recieved by an IP address.
>> 
>> Today you can just watch for incoming/outgoing transactions to determine what tx are created in the Node, when you find one you can see the Bitcoin address inputs and outputs and track that person's bitcoins.
>> As an example, SSH provides this kind of encryption, althogh Bitcoin Core should ignore fingerprint changes (caused due to reinstalls).
>> 
>> Please feel free to disqus why this is not needed or why you like this idea.
>> 
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> 
> .·´¯`·.¸¸.·´¯`·.¸¸.·´¯`·.¸¸.·´¯`·.¸¸.·´¯`·.¸><(((º>
> 
> Richard Moore ~ Founder
> Genetic Mistakes Software inc.
> phone: (778) 882-6125
> email: ricmoo@geneticmistakes.com
> www: http://GeneticMistakes.com
> 

.·´¯`·.¸¸.·´¯`·.¸¸.·´¯`·.¸¸.·´¯`·.¸¸.·´¯`·.¸><(((º>

Richard Moore ~ Founder
Genetic Mistakes Software inc.
phone: (778) 882-6125
email: ricmoo@geneticmistakes.com
www: http://GeneticMistakes.com


[-- Attachment #2: Type: text/html, Size: 5094 bytes --]

  reply	other threads:[~2014-08-19 15:59 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
2014-08-19  9:49 ` [Bitcoin-development] Proposal: Encrypt bitcoin messages Raúl Martínez
     [not found]   ` <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
2014-08-19 15:11     ` Raúl Martínez
2014-08-19 15:30       ` Richard Moore [this message]
2014-08-19 16:07         ` Justus Ranvier
2014-08-19 16:38           ` Gregory Maxwell
2014-08-19 16:58             ` Angel Leon
2014-08-19 17:19               ` Christophe Biocca
2014-08-19 17:35             ` Johnathan Corgan
2014-08-19 23:38               ` J Ross Nicoll
2014-08-19 23:39                 ` Justus Ranvier
2014-08-19 23:54                   ` Gregory Maxwell
2014-08-19 23:40                 ` Jeff Garzik
2014-08-20  0:16                   ` Peter Todd
2014-08-20  0:21                     ` Jeff Garzik
2014-08-20  0:41                       ` Peter Todd
2014-08-20  0:59                         ` William Yager
2014-08-20  1:14                           ` Peter Todd
2014-08-20  1:19                             ` William Yager
2014-08-20  1:27                               ` Peter Todd
2014-08-20  0:49                     ` Justus Ranvier
2014-08-20  0:57                       ` Peter Todd
2014-08-23 16:17                   ` xor
2014-08-23 16:50                     ` Justus Ranvier
2014-08-23 17:50                       ` Troy Benjegerdes
2014-08-23 18:22                         ` William Yager
2014-08-23 18:44                           ` Mike Hearn
2014-08-23 19:02                             ` Luke Dashjr
2014-08-23 22:51                               ` Peter Todd
     [not found] <c45a638f1e1640fe84bef01d12cda4c3@hotmail.com>
2014-08-20  3:23 ` Un Ix
2014-08-20  5:40   ` Cameron Garnham
2014-08-20 14:37     ` Mike Hearn
2014-08-23  6:39       ` Troy Benjegerdes

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com \
    --to=me@ricmoo.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=rme@i-rme.es \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox