public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Mike Hearn <mike@plan99.net>
To: Cameron Garnham <da2ce7@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
Date: Wed, 20 Aug 2014 16:37:24 +0200	[thread overview]
Message-ID: <CANEZrP0WC2XL3Z0==BMjhWJuA8DgxBKUMKMdhh267JXduCZ0KQ@mail.gmail.com> (raw)
In-Reply-To: <CAACjpwKX9cwowiCruP9xw2UiqfsVXVC1TdKvA1HbQZ6UZ6qBsA@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1367 bytes --]

I would be very happy if we upgraded the P2P protocol with MAC keys and a
simple home grown encryption layer, because:

   1. It's practically guaranteed that 5-eyes intelligence agencies are
   either systematically deanonymising Bitcoin users already (linking
   transactions to real world identities) or close to succeeding. Peter is
   correct. Given the way their infrastructure works, encrypting link level
   traffic would significantly raise the bar to such attacks. Quite possibly
   to the level where it's deemed unprofitable to continue.

   2. Tor is not a complete solution. The most interesting links to monitor
   are those from SPV clients connecting to Core nodes. Whilst Java SPV
   clients have the nice option of an easy bundled Tor client (er, once we fix
   the last bugs) clients that are not based on bitcoinj would have to use the
   full-blown Tor client, which is not only a PITA to bundle as Tor is not at
   all library-fied, but is a giant pile of C which is almost certainly
   exploitable. Even if it runs in a separate address space, for many
   platforms this is insufficient as a compromised Tor client could then go
   ahead and compromise your wallet app too.

Implementing a full Tor client is not a reasonable thing to ask of a wallet
developer, but doing HMAC checks and a simple ECDH exchange + AES would be
quite realistic.

[-- Attachment #2: Type: text/html, Size: 1456 bytes --]

  reply	other threads:[~2014-08-20 14:37 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <c45a638f1e1640fe84bef01d12cda4c3@hotmail.com>
2014-08-20  3:23 ` [Bitcoin-development] Proposal: Encrypt bitcoin messages Un Ix
2014-08-20  5:40   ` Cameron Garnham
2014-08-20 14:37     ` Mike Hearn [this message]
2014-08-23  6:39       ` Troy Benjegerdes
     [not found] <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
2014-08-19  9:49 ` Raúl Martínez
     [not found]   ` <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
2014-08-19 15:11     ` Raúl Martínez
2014-08-19 15:30       ` Richard Moore
2014-08-19 16:07         ` Justus Ranvier
2014-08-19 16:38           ` Gregory Maxwell
2014-08-19 16:58             ` Angel Leon
2014-08-19 17:19               ` Christophe Biocca
2014-08-19 17:35             ` Johnathan Corgan
2014-08-19 23:38               ` J Ross Nicoll
2014-08-19 23:39                 ` Justus Ranvier
2014-08-19 23:54                   ` Gregory Maxwell
2014-08-19 23:40                 ` Jeff Garzik
2014-08-20  0:16                   ` Peter Todd
2014-08-20  0:21                     ` Jeff Garzik
2014-08-20  0:41                       ` Peter Todd
2014-08-20  0:59                         ` William Yager
2014-08-20  1:14                           ` Peter Todd
2014-08-20  1:19                             ` William Yager
2014-08-20  1:27                               ` Peter Todd
2014-08-20  0:49                     ` Justus Ranvier
2014-08-20  0:57                       ` Peter Todd
2014-08-23 16:17                   ` xor
2014-08-23 16:50                     ` Justus Ranvier
2014-08-23 17:50                       ` Troy Benjegerdes
2014-08-23 18:22                         ` William Yager
2014-08-23 18:44                           ` Mike Hearn
2014-08-23 19:02                             ` Luke Dashjr
2014-08-23 22:51                               ` Peter Todd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CANEZrP0WC2XL3Z0==BMjhWJuA8DgxBKUMKMdhh267JXduCZ0KQ@mail.gmail.com' \
    --to=mike@plan99.net \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=da2ce7@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox