From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XJt85-0007dR-Ct for bitcoin-development@lists.sourceforge.net; Tue, 19 Aug 2014 23:47:53 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of bitpay.com designates 209.85.213.45 as permitted sender) client-ip=209.85.213.45; envelope-from=jgarzik@bitpay.com; helo=mail-yh0-f45.google.com; Received: from mail-yh0-f45.google.com ([209.85.213.45]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XJt84-0006rP-9T for bitcoin-development@lists.sourceforge.net; Tue, 19 Aug 2014 23:47:53 +0000 Received: by mail-yh0-f45.google.com with SMTP id 29so6295140yhl.18 for ; Tue, 19 Aug 2014 16:47:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=UrrZwUWuAyeRijgIyX07J9F7FX18GEz+ALtp8ol1axY=; b=KkL9FINC0iK/LS3WoC/TbE8hLx24cF0LZ4H18dInvaxNjmXHwF72cQHLQaSI8eRGqT qexsBsflCYkhASh/fewimPufd4y0s0nolVhA6dmpH/OAyASKGOBd2o17AvgL+UAC0aXr oWRQ9MN6fmaco5tI0pP9KL3OUvK3RuNzgbTxsW9aJpT776TDLchCKp/UkKT0tgsa2Sya /VmTmNMpOmBCELs7ocAi/2s68bfH7F8Pj2KCRN6hyTP4IvL4BTktEmkuj0QyZyGkjIXT mDOxZT2ymvbM+kGJCoJ9M2E7i6ap3xCYVkjzNlEsJT471FN8lADTojf1/LU/cz9t8oNK ZYBw== X-Gm-Message-State: ALoCoQniNMegg+PWu3dixfHWLVjsJCkY15IOdfwgF3UCpo3SpPyeKPglT7wlWo/PQR2IXrA4JraU X-Received: by 10.236.39.173 with SMTP id d33mr25028530yhb.104.1408491660006; Tue, 19 Aug 2014 16:41:00 -0700 (PDT) MIME-Version: 1.0 Received: by 10.170.37.200 with HTTP; Tue, 19 Aug 2014 16:40:39 -0700 (PDT) In-Reply-To: <53F3DFF7.9070709@jrn.me.uk> References: <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com> <33D4B2E3-DBF0-444E-B76A-765C4C17E964@ricmoo.com> <53F37635.5070807@riseup.net> <53F38AC9.4000608@corganlabs.com> <53F3DFF7.9070709@jrn.me.uk> From: Jeff Garzik Date: Tue, 19 Aug 2014 19:40:39 -0400 Message-ID: To: J Ross Nicoll Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XJt84-0006rP-9T Cc: Bitcoin Development , Justus Ranvier Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Aug 2014 23:47:53 -0000 Encryption is of little value if you may deduce the same information by observing packet sizes and timings. On Tue, Aug 19, 2014 at 7:38 PM, J Ross Nicoll wrote: > The concern is that if you can monitor traffic in and out of a single node, > you can determine which transactions originate from it vs those which it > relays. That's not great, certainly, but how many nodes actually require > that level of security, and surely they can use Tor or VPN services if so? > > Further, unless the remote nodes are in some way trusted, you're changing > the attack from read-only to requiring the ability to perform a man in the > middle attack - that doesn't seem much harder to me. > > As Gregory states, there's been at least two recent serious if not > catastrophic OpenSSL bugs, and the consequences of Heartbleed if the Bitcoin > network had been vulnerable are the stuff of nightmares. > > Very difficult to see the risk/reward payoff being worthwhile. > > Ross > > > On 19/08/2014 18:35, Johnathan Corgan wrote: > > On 08/19/2014 09:38 AM, Gregory Maxwell wrote: > > We've dodged several emergency scale vulnerabilities by not having TLS. > > I'm still trying to understand the original premise that we want > encrypted communications between nodes. > > I can certainly see the value of having *authenticated* traffic with > specific nodes, using an HMAC for the protocol messages in place of the > current checksum. > > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > > > ------------------------------------------------------------------------------ > Slashdot TV. > Video for Nerds. Stuff that matters. > http://tv.slashdot.org/ > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > -- Jeff Garzik Bitcoin core developer and open source evangelist BitPay, Inc. https://bitpay.com/