On Wed, Mar 05, 2014 at 12:54:04PM -0800, Gregory Maxwell wrote: > On Wed, Mar 5, 2014 at 12:32 PM, Peter Todd <p...@petertodd.org> wrote: > > That's nice, but I wrote my advice to show people how even if they don't > > know any crypto beyond what the "black boxes" do - the absolute minimum > > you need to know to write any Bitcoin software - you can still defend > > yourself against that attack and many others. > > But it's still incomplete. > > Say you have an address— used only once!— with a txout with a lot of value. > > Someone starts paying you small amounts to that address over and over > again. You haven't asked them to, they're just doing it. > > Do you ignore the funds?— maybe tell some customer that was ignorantly > paying you over and over again to a single address "sorry, those are > my rules: I only acknowledge the first payment, those funds are > lost!". > > No, of course not. You spend the darn coins and if you're on a shared > host perhaps you disclose a private key. > > The probability of an attack actually going on is low enough compared > to the cost of spending the coins in that case that even someone with > good knoweldge of the risks will choose to do so. > > So absolutely, not reusing addresses massively increases your safety > and limits losses when there is theft. But it isn't enough alone. (Nor > is smarter signing, considering complex software like this has bugs > and its hard to be confident that something is side channel free— esp > when you allow attacker interference).
I think you're misunderstanding me: I'm assuming one of the n parties signing transactions in my multi-factor authentication scheme is uncompromised - much easier to do when it's a low-bandwidth box sitting in a secure location. Not re-using keys is nice too of course, and while not perfect - your above scenario - certainely helps limit losses. -- 'peter'[:-1]@petertodd.org 0000000000000000afcad9265e8b44bf1171a08165c09b329fab2893bf13ec69
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development