> I've just demonstrated how an attacker can perform a man-in-the-middle attack > which lets them publish a malicious key under a name that the victim assumes > is theirs. You don't care? > An attacker who can mine a Namecoin fork in Alice's view of split-brain world > could convince Alice she's successfully claimed the name.
What you are describing implies a persistent, 24/7 MITM on Alice’s network, waiting for Alice to register her name (assuming she hasn’t already). That already, by itself, is pretty much not going to ever happen simply because it is too costly. There are far cheaper attacks this adversary could do to Alice. So I put such targeted attacks on a local network outside of the realm of practical feasibility. Also, even if this happened, Alice’s client could detect the attack the second she moved outside of the MITM’d network. So, the only real option left is for a persistent, 24/7 global MITM. At that point you are no longer dealing with the Internet anymore. You might as well smash Alice’s computer with a brick and declare a successful “attack” on Namecoin. > This is particularly easy right now because very few people are mining > Namecoin. Since there's so little actual Namecoin mining going on […] Namecoin is merge-mined with Bitcoin. - Greg -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
