Peter Todd [ARCHIVE] on Nostr: š Original date posted:2016-06-28 š Original message:On Tue, Jun 28, 2016 at ...
š
Original date posted:2016-06-28
š Original message:On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
> Hi Peter,
>
> What in this BIP makes a MITM attack easier (or easy) to detect, or increases the probability of one being detected?
BIP151 gives users the tools to detect a MITM attack.
It's kinda like PGP in that way: lots of PGP users don't properly check keys,
so an attacker won't have a hard time MITM attacking those users. But some
users do check keys, a labor intensive manual process, but not a process that
requires any real cryptographic sophistication, let alone writing any code.
It's very difficult for widescale attackers to distinguish the users who do
check keys from the ones that don't, so if you MITM attack _any_ user you run
the risk of running into one of the few that does check, and those users can
alert everyone else.
The key thing, is we need to get everyones communications encrypted first: if
we don't the MITM attacker can intercept 99% of the communications with 0% risk
of detection, because the non-sophisticated users are trivially distinguishable
from the sophisticated users: just find the users with unencrypted
communications!
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160628/a26f4f33/attachment-0001.sig>;
š Original message:On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
> Hi Peter,
>
> What in this BIP makes a MITM attack easier (or easy) to detect, or increases the probability of one being detected?
BIP151 gives users the tools to detect a MITM attack.
It's kinda like PGP in that way: lots of PGP users don't properly check keys,
so an attacker won't have a hard time MITM attacking those users. But some
users do check keys, a labor intensive manual process, but not a process that
requires any real cryptographic sophistication, let alone writing any code.
It's very difficult for widescale attackers to distinguish the users who do
check keys from the ones that don't, so if you MITM attack _any_ user you run
the risk of running into one of the few that does check, and those users can
alert everyone else.
The key thing, is we need to get everyones communications encrypted first: if
we don't the MITM attacker can intercept 99% of the communications with 0% risk
of detection, because the non-sophisticated users are trivially distinguishable
from the sophisticated users: just find the users with unencrypted
communications!
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160628/a26f4f33/attachment-0001.sig>;