Tom Zander [ARCHIVE] on Nostr: 📅 Original date posted:2017-03-08 📝 Original message:On Wednesday, 8 March 2017 ...
📅 Original date posted:2017-03-08
📝 Original message:On Wednesday, 8 March 2017 20:47:54 CET Jonas Schnelli via bitcoin-dev
wrote:
> Please Eric. Stop spreading FUD.
> BIP150 has a fingerprint-free **OPTIONAL** authentication. It’s designed
> to not reveal any node identifier/identity without first get a
> crypto.-proof from other peer that he already knows your identity.
> **Peers can’t be identified without having the identity-keys pre shared
> by the node operators.**
Do you know the trick of having an open wifi basestation in a public street
and how that can lead to tracking? Especially if you have a network of them.
The trick is this; you set up an open wifi base station with a hidden ssid
and phones try to connect to it by saying “Are you ssid=xyz?”
This leads the basestation to know that the phone has known credentials with
another wifi that has a specific ssid. (the trick is slightly more elaborate,
but the basics are relevant here).
Your BIP is vulnarable to the same issue, as a node wants to connect using
the AUTHCHALLENGE which has as an argument the hash of the person I’m trying
to connect with.
Your BIP says "Fingerprinting the requesting peer is not possible”.
Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. Your
hash never changes and as you connect to a node anyone listening can see you
sending the same hash on every connect to that peer, whereever you are or
connect from.
Just like the wifi hack.
I think you want to use industry standards instead, and a good start may be
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
--
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel
📝 Original message:On Wednesday, 8 March 2017 20:47:54 CET Jonas Schnelli via bitcoin-dev
wrote:
> Please Eric. Stop spreading FUD.
> BIP150 has a fingerprint-free **OPTIONAL** authentication. It’s designed
> to not reveal any node identifier/identity without first get a
> crypto.-proof from other peer that he already knows your identity.
> **Peers can’t be identified without having the identity-keys pre shared
> by the node operators.**
Do you know the trick of having an open wifi basestation in a public street
and how that can lead to tracking? Especially if you have a network of them.
The trick is this; you set up an open wifi base station with a hidden ssid
and phones try to connect to it by saying “Are you ssid=xyz?”
This leads the basestation to know that the phone has known credentials with
another wifi that has a specific ssid. (the trick is slightly more elaborate,
but the basics are relevant here).
Your BIP is vulnarable to the same issue, as a node wants to connect using
the AUTHCHALLENGE which has as an argument the hash of the person I’m trying
to connect with.
Your BIP says "Fingerprinting the requesting peer is not possible”.
Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. Your
hash never changes and as you connect to a node anyone listening can see you
sending the same hash on every connect to that peer, whereever you are or
connect from.
Just like the wifi hack.
I think you want to use industry standards instead, and a good start may be
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
--
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel