> On Jun 28, 2016, at 10:14 PM, Peter Todd <p...@petertodd.org> wrote: > >> On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote: >> Hi Peter, >> >> What in this BIP makes a MITM attack easier (or easy) to detect, or >> increases the probability of one being detected? > > BIP151 gives users the tools to detect a MITM attack. > > It's kinda like PGP in that way: lots of PGP users don't properly check keys,
PGP requires a secure side channel for transmission of public keys. How does one "check" a key of an anonymous peer? I know you well enough to know you wouldn't trust a PGP key received over an insecure channel. All you can prove is that you are talking to a peer and that communications in the session remain with that peer. The peer can be the attacker. As Jonas has acknowledged, authentication is required to actually guard against MITM attacks. > so an attacker won't have a hard time MITM attacking those users. But some > users do check keys, a labor intensive manual process, but not a process that > requires any real cryptographic sophistication, let alone writing any code. > It's very difficult for widescale attackers to distinguish the users who do > check keys from the ones that don't, so if you MITM attack _any_ user you run > the risk of running into one of the few that does check, and those users can > alert everyone else. > > The key thing, is we need to get everyones communications encrypted first: if > we don't the MITM attacker can intercept 99% of the communications with 0% > risk > of detection, because the non-sophisticated users are trivially > distinguishable from the sophisticated users: just find the users with > unencrypted > communications! > > -- > https://petertodd.org 'peter'[:-1]@petertodd.org _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
