Unauthenticated link level encryption is wonderful! MITM attacks are overrated; as they require an active attacker.
Stopping passive attacks is the low hanging fruit. This should be taken first. Automated and secure peer authentication in a mesh network is a huge topic. One of the unsolved problems in computer science. A simple 'who is that' by asking for the fingerprint of your peers from your other peers is a very simple way to get 'some' authentication. Semi-trusted index nodes also is a low hanging fruit for authentication. However, let's first get unauthenticated encryption. Force the attackers to use active attacks. (That are thousands times more costly to couduct). Sent from my iPhone > On 29 Jun 2016, at 00:36, Gregory Maxwell via bitcoin-dev > <bitcoin-dev@lists.linuxfoundation.org> wrote: > > On Tue, Jun 28, 2016 at 9:22 PM, Eric Voskuil via bitcoin-dev > <bitcoin-dev@lists.linuxfoundation.org> wrote: >> An "out of band key check" is not part of BIP151. > > It has a session ID for this purpose. > >> It requires a secure channel and is authentication. So BIP151 doesn't >> provide the tools to detect an attack, that requires authentication. A >> general requirement for authentication is the issue I have raised. > > One might wonder how you ever use a Bitcoin address, or even why we > might guess these emails from "you" aren't actually coming from the > NSA. > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
_______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
