[Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Raúl Martínez
Hi, I believe that all comunications should be encrypted by default, no matter that is public information (tx info), the only exception I would make would be block packets (to avoid increasing propagation time). I suggest that Bitcoin Core should generate a public/private key pair and share the

[Bitcoin-development] Reconsidering github

2014-08-19 Thread Jeff Garzik
It would be nice if the issues and git repo for Bitcoin Core were not on such a centralized service as github, nice and convenient as it is. To that end, I note that Linux does its own git repo, and now requires 2FA:

Re: [Bitcoin-development] Reconsidering github

2014-08-19 Thread Dāvis Mosāns
There's actually a pretty good alternative - GitLab https://about.gitlab.com/ it's open source, self-hosted and provides similar features to GitHub 2014-08-19 15:02 GMT+03:00 Jeff Garzik jgar...@bitpay.com: It would be nice if the issues and git repo for Bitcoin Core were not on such a

Re: [Bitcoin-development] Reconsidering github

2014-08-19 Thread Wladimir
On Tue, Aug 19, 2014 at 2:02 PM, Jeff Garzik jgar...@bitpay.com wrote: It would be nice if the issues and git repo for Bitcoin Core were not on such a centralized service as github, nice and convenient as it is. Despite my complaining about github, I don't like the idea of moving somewhere

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Raúl Martínez
Only messages between peers are encrypted, only during transit. Before sending a transaction to Node B you use his public key, so Node B has the key El 19/08/2014 17:05, Richard Moore m...@ricmoo.com escribió: If you encrypt all messages with an asymmetric cipher, how would each node make use

Re: [Bitcoin-development] Reconsidering github

2014-08-19 Thread Bryan Bishop
On Tue, Aug 19, 2014 at 7:02 AM, Jeff Garzik jgar...@bitpay.com wrote: As a first step, one possibility is putting the primary repo on bitcoin.org somewhere, and simply mirroring that to github for each push. Smaller first step would be to mirror the git repository on bitcoin.org, which is

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Richard Moore
Oh, I see. I misread, thinking you wanted the dev team to have a private key and share the public key, similar to alerts. But each peer would have a public/private key pair and use something akin to ECDH for a symmetric key and transport using a block cipher? How would you share the public

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Justus Ranvier
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 08/19/2014 03:30 PM, Richard Moore wrote: Oh, I see. I misread, thinking you wanted the dev team to have a private key and share the public key, similar to alerts. But each peer would have a public/private key pair and use something akin to

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Gregory Maxwell
On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier justusranv...@riseup.net wrote: If that's not acceptable, even using TLS with self-signed certificates would be an improvement. TLS is a huge complex attack surface, any use of it requires an additional dependency with a large amount of difficult

Re: [Bitcoin-development] Reconsidering github

2014-08-19 Thread Angel Leon
-1 http://twitter.com/gubatron On Tue, Aug 19, 2014 at 11:44 AM, Bryan Bishop kanz...@gmail.com wrote: On Tue, Aug 19, 2014 at 7:02 AM, Jeff Garzik jgar...@bitpay.com wrote: As a first step, one possibility is putting the primary repo on bitcoin.org somewhere, and simply mirroring that to

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Christophe Biocca
If your threat model is passive listeners, it seems to me that simply establishing a symmetric key for each connection at handshake time using diffie-hellman is all you need. No public private crypto needed at all. The whole thing seems like a bit of security theater unfortunately. The kind of

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Johnathan Corgan
On 08/19/2014 09:38 AM, Gregory Maxwell wrote: We've dodged several emergency scale vulnerabilities by not having TLS. I'm still trying to understand the original premise that we want encrypted communications between nodes. I can certainly see the value of having *authenticated* traffic with

[Bitcoin-development] BIP43 Purpose code for voting pool HD wallets

2014-08-19 Thread Justus Ranvier
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 We'd like to reserve two purpose codes for the HD multisig structure that will be used for the Bitcoin wallets used for voting pools, so we've documented the structure in the form of two BIPs. One is used for the wallets suitable for storing bulk

Re: [Bitcoin-development] Reconsidering github

2014-08-19 Thread Gregory Maxwell
On Tue, Aug 19, 2014 at 5:02 AM, Jeff Garzik jgar...@bitpay.com wrote: It would be nice if the issues and git repo for Bitcoin Core were not on such a centralized service as github, nice and convenient as it is. To that end, I note that Linux does its own git repo, and now requires 2FA:

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread J Ross Nicoll
The concern is that if you can monitor traffic in and out of a single node, you can determine which transactions originate from it vs those which it relays. That's not great, certainly, but how many nodes actually require that level of security, and surely they can use Tor or VPN services if so?

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Justus Ranvier
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 08/19/2014 11:38 PM, J Ross Nicoll wrote: That's not great, certainly, but how many nodes actually require that level of security All of them. While the rest of the 'net is busy deprecating HTTP and all other unencrypted transport methods,

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Jeff Garzik
Encryption is of little value if you may deduce the same information by observing packet sizes and timings. On Tue, Aug 19, 2014 at 7:38 PM, J Ross Nicoll j...@jrn.me.uk wrote: The concern is that if you can monitor traffic in and out of a single node, you can determine which transactions

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Gregory Maxwell
On Tue, Aug 19, 2014 at 4:39 PM, Justus Ranvier justusranv...@riseup.net wrote: While the rest of the 'net is busy deprecating HTTP and all other unencrypted transport methods, why is it(*) even a debate? I think it's desirable (and you can go look in #bitcoin-dev logs for me talking about it

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Peter Todd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 19 August 2014 19:40:39 GMT-04:00, Jeff Garzik jgar...@bitpay.com wrote: Encryption is of little value if you may deduce the same information by observing packet sizes and timings. That is simply incorrect. The resources required to do that

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Jeff Garzik
On Tue, Aug 19, 2014 at 8:16 PM, Peter Todd p...@petertodd.org wrote: On 19 August 2014 19:40:39 GMT-04:00, Jeff Garzik jgar...@bitpay.com wrote: Encryption is of little value if you may deduce the same information by observing packet sizes and timings. That is simply incorrect. The resources

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Peter Todd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 19 August 2014 20:21:35 GMT-04:00, Jeff Garzik jgar...@bitpay.com wrote: On Tue, Aug 19, 2014 at 8:16 PM, Peter Todd p...@petertodd.org wrote: That is simply incorrect. The resources required to do that kind of monitoring are very high; even

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Peter Todd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 19 August 2014 20:49:01 GMT-04:00, Justus Ranvier justusranv...@riseup.net wrote: On 08/20/2014 12:16 AM, Peter Todd wrote: The easiest way to do this would be to make the Debian/Ubuntu packages depend on Tor, and include a install-time

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread William Yager
What, exactly, do we hope to achieve from having end-to-end encryption? Even if it worked perfectly, it wouldn't be very useful. But it won't work perfectly, because we don't have any method of authentication. The bitcoin network is trivially MITMable. It's designed to work even in the face of

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Peter Todd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 19 August 2014 20:59:14 GMT-04:00, William Yager will.ya...@gmail.com wrote: What, exactly, do we hope to achieve from having end-to-end encryption? Even if it worked perfectly, it wouldn't be very useful. But it won't work perfectly,

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread William Yager
On Tue, Aug 19, 2014 at 8:14 PM, Peter Todd p...@petertodd.org wrote: Don't let perfect be the enemy of good. I'm not. I don't think this proposal is even good. You realize that by your own definition even the NSA is mostly a weak passive attacker They do *not* have the ability to attack

Re: [Bitcoin-development] Reconsidering github

2014-08-19 Thread Troy Benjegerdes
On Tue, Aug 19, 2014 at 04:58:48PM +0200, Wladimir wrote: On Tue, Aug 19, 2014 at 2:02 PM, Jeff Garzik jgar...@bitpay.com wrote: It would be nice if the issues and git repo for Bitcoin Core were not on such a centralized service as github, nice and convenient as it is. Despite my

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Peter Todd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 19 August 2014 21:19:43 GMT-04:00, William Yager will.ya...@gmail.com wrote: On Tue, Aug 19, 2014 at 8:14 PM, Peter Todd p...@petertodd.org wrote: In any case, my suggestion of enabling hidden service support by default adds both encryption

Re: [Bitcoin-development] Reconsidering github

2014-08-19 Thread Gregory Maxwell
On Tue, Aug 19, 2014 at 6:26 PM, Troy Benjegerdes ho...@hozed.org wrote: If a project cannot be organized enough to run its own hosting/web presense/ counterintelligence/security that starts with installing an OS and patching kernels, then it is really not wise for me to trust my financial

[Bitcoin-development] BIP: Custodial Identities

2014-08-19 Thread 21 e14
As suggested before submitting a BIP, I am sending this to the mailing list. Bitcoin is often described as “the currency of the Internet”, “the TCP/IP of money”, or simply “the Internet of Money”. What is needed is an optional identity layer — a Bitcoin Assigned Custodial Identities Authority,

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Un Ix
Excuse the ignorance, but there is something I’m not getting in this discussion. Given it’s a published protocol, with available source code running on an open P2P network, why would any messages between nodes benefit from being encrypted? Surely all the data being processed by the network is

Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages

2014-08-19 Thread Cameron Garnham
We should aim to use perfect forward secrecy between all nodes by default. This forces the attacker to do a MITM attack that is far more expensive on the large scale. I don't see why this is seen as so controversial. It is relatively cheap to implement on our side, and has a dramatic increase