public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: J Ross Nicoll <jrn@jrn.me.uk>
To: Johnathan Corgan <johnathan@corganlabs.com>,
	 Gregory Maxwell <gmaxwell@gmail.com>,
	Justus Ranvier <justusranvier@riseup.net>
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
Date: Wed, 20 Aug 2014 00:38:31 +0100	[thread overview]
Message-ID: <53F3DFF7.9070709@jrn.me.uk> (raw)
In-Reply-To: <53F38AC9.4000608@corganlabs.com>

[-- Attachment #1: Type: text/plain, Size: 1510 bytes --]

The concern is that if you can monitor traffic in and out of a single
node, you can determine which transactions originate from it vs those
which it relays. That's not great, certainly, but how many nodes
actually require that level of security, and surely they can use Tor or
VPN services if so?

Further, unless the remote nodes are in some way trusted, you're
changing the attack from read-only to requiring the ability to perform 
a man in the middle attack - that doesn't seem much harder to me.

As Gregory states, there's been at least two recent serious if not
catastrophic OpenSSL bugs, and the consequences of Heartbleed if the
Bitcoin network had been vulnerable are the stuff of nightmares.

Very difficult to see the risk/reward payoff being worthwhile.

Ross


On 19/08/2014 18:35, Johnathan Corgan wrote:
> On 08/19/2014 09:38 AM, Gregory Maxwell wrote:
>
>> We've dodged several emergency scale vulnerabilities by not having TLS.
> I'm still trying to understand the original premise that we want
> encrypted communications between nodes.
>
> I can certainly see the value of having *authenticated* traffic with
> specific nodes, using an HMAC for the protocol messages in place of the
> current checksum.
>
>
>
> ------------------------------------------------------------------------------
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development


[-- Attachment #2: Type: text/html, Size: 2471 bytes --]

  reply	other threads:[~2014-08-19 23:38 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
2014-08-19  9:49 ` [Bitcoin-development] Proposal: Encrypt bitcoin messages Raúl Martínez
     [not found]   ` <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
2014-08-19 15:11     ` Raúl Martínez
2014-08-19 15:30       ` Richard Moore
2014-08-19 16:07         ` Justus Ranvier
2014-08-19 16:38           ` Gregory Maxwell
2014-08-19 16:58             ` Angel Leon
2014-08-19 17:19               ` Christophe Biocca
2014-08-19 17:35             ` Johnathan Corgan
2014-08-19 23:38               ` J Ross Nicoll [this message]
2014-08-19 23:39                 ` Justus Ranvier
2014-08-19 23:54                   ` Gregory Maxwell
2014-08-19 23:40                 ` Jeff Garzik
2014-08-20  0:16                   ` Peter Todd
2014-08-20  0:21                     ` Jeff Garzik
2014-08-20  0:41                       ` Peter Todd
2014-08-20  0:59                         ` William Yager
2014-08-20  1:14                           ` Peter Todd
2014-08-20  1:19                             ` William Yager
2014-08-20  1:27                               ` Peter Todd
2014-08-20  0:49                     ` Justus Ranvier
2014-08-20  0:57                       ` Peter Todd
2014-08-23 16:17                   ` xor
2014-08-23 16:50                     ` Justus Ranvier
2014-08-23 17:50                       ` Troy Benjegerdes
2014-08-23 18:22                         ` William Yager
2014-08-23 18:44                           ` Mike Hearn
2014-08-23 19:02                             ` Luke Dashjr
2014-08-23 22:51                               ` Peter Todd
     [not found] <c45a638f1e1640fe84bef01d12cda4c3@hotmail.com>
2014-08-20  3:23 ` Un Ix
2014-08-20  5:40   ` Cameron Garnham
2014-08-20 14:37     ` Mike Hearn
2014-08-23  6:39       ` Troy Benjegerdes

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53F3DFF7.9070709@jrn.me.uk \
    --to=jrn@jrn.me.uk \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=gmaxwell@gmail.com \
    --cc=johnathan@corganlabs.com \
    --cc=justusranvier@riseup.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox