From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <jgarzik@bitpay.com>) id 1XJt85-0007dR-Ct for bitcoin-development@lists.sourceforge.net; Tue, 19 Aug 2014 23:47:53 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of bitpay.com designates 209.85.213.45 as permitted sender) client-ip=209.85.213.45; envelope-from=jgarzik@bitpay.com; helo=mail-yh0-f45.google.com; Received: from mail-yh0-f45.google.com ([209.85.213.45]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XJt84-0006rP-9T for bitcoin-development@lists.sourceforge.net; Tue, 19 Aug 2014 23:47:53 +0000 Received: by mail-yh0-f45.google.com with SMTP id 29so6295140yhl.18 for <bitcoin-development@lists.sourceforge.net>; Tue, 19 Aug 2014 16:47:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=UrrZwUWuAyeRijgIyX07J9F7FX18GEz+ALtp8ol1axY=; b=KkL9FINC0iK/LS3WoC/TbE8hLx24cF0LZ4H18dInvaxNjmXHwF72cQHLQaSI8eRGqT qexsBsflCYkhASh/fewimPufd4y0s0nolVhA6dmpH/OAyASKGOBd2o17AvgL+UAC0aXr oWRQ9MN6fmaco5tI0pP9KL3OUvK3RuNzgbTxsW9aJpT776TDLchCKp/UkKT0tgsa2Sya /VmTmNMpOmBCELs7ocAi/2s68bfH7F8Pj2KCRN6hyTP4IvL4BTktEmkuj0QyZyGkjIXT mDOxZT2ymvbM+kGJCoJ9M2E7i6ap3xCYVkjzNlEsJT471FN8lADTojf1/LU/cz9t8oNK ZYBw== X-Gm-Message-State: ALoCoQniNMegg+PWu3dixfHWLVjsJCkY15IOdfwgF3UCpo3SpPyeKPglT7wlWo/PQR2IXrA4JraU X-Received: by 10.236.39.173 with SMTP id d33mr25028530yhb.104.1408491660006; Tue, 19 Aug 2014 16:41:00 -0700 (PDT) MIME-Version: 1.0 Received: by 10.170.37.200 with HTTP; Tue, 19 Aug 2014 16:40:39 -0700 (PDT) In-Reply-To: <53F3DFF7.9070709@jrn.me.uk> References: <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com> <CA+8=xuKRyO1=bu7cgNGHvtAeqgKBxjTH2uUkb61GdCuEQWEu5A@mail.gmail.com> <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com> <CA+8=xu+KWSF6XYgH-_t87na6M6UOD0CM1su8sizxn5a4b0_Xrw@mail.gmail.com> <33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com> <53F37635.5070807@riseup.net> <CAAS2fgTF6424+FfzaL=+iaio2zu_uM_74yKohi7T3dtz=J9CjA@mail.gmail.com> <53F38AC9.4000608@corganlabs.com> <53F3DFF7.9070709@jrn.me.uk> From: Jeff Garzik <jgarzik@bitpay.com> Date: Tue, 19 Aug 2014 19:40:39 -0400 Message-ID: <CAJHLa0ORxgQrkc4oiqSa3NdNHLU-0pmZDLjXUSpBKWBsBWTgcQ@mail.gmail.com> To: J Ross Nicoll <jrn@jrn.me.uk> Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XJt84-0006rP-9T Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>, Justus Ranvier <justusranvier@riseup.net> Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Tue, 19 Aug 2014 23:47:53 -0000 Encryption is of little value if you may deduce the same information by observing packet sizes and timings. On Tue, Aug 19, 2014 at 7:38 PM, J Ross Nicoll <jrn@jrn.me.uk> wrote: > The concern is that if you can monitor traffic in and out of a single node, > you can determine which transactions originate from it vs those which it > relays. That's not great, certainly, but how many nodes actually require > that level of security, and surely they can use Tor or VPN services if so? > > Further, unless the remote nodes are in some way trusted, you're changing > the attack from read-only to requiring the ability to perform a man in the > middle attack - that doesn't seem much harder to me. > > As Gregory states, there's been at least two recent serious if not > catastrophic OpenSSL bugs, and the consequences of Heartbleed if the Bitcoin > network had been vulnerable are the stuff of nightmares. > > Very difficult to see the risk/reward payoff being worthwhile. > > Ross > > > On 19/08/2014 18:35, Johnathan Corgan wrote: > > On 08/19/2014 09:38 AM, Gregory Maxwell wrote: > > We've dodged several emergency scale vulnerabilities by not having TLS. > > I'm still trying to understand the original premise that we want > encrypted communications between nodes. > > I can certainly see the value of having *authenticated* traffic with > specific nodes, using an HMAC for the protocol messages in place of the > current checksum. > > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > -- Jeff Garzik Bitcoin core developer and open source evangelist BitPay, Inc. https://bitpay.com/