[Bitcoin-development] Proposal: Encrypt bitcoin messages

Jeff Garzik jgarzik at bitpay.com
Tue Aug 19 23:40:39 UTC 2014


Encryption is of little value if you may deduce the same information
by observing packet sizes and timings.


On Tue, Aug 19, 2014 at 7:38 PM, J Ross Nicoll <jrn at jrn.me.uk> wrote:
> The concern is that if you can monitor traffic in and out of a single node,
> you can determine which transactions originate from it vs those which it
> relays. That's not great, certainly, but how many nodes actually require
> that level of security, and surely they can use Tor or VPN services if so?
>
> Further, unless the remote nodes are in some way trusted, you're changing
> the attack from read-only to requiring the ability to perform  a man in the
> middle attack - that doesn't seem much harder to me.
>
> As Gregory states, there's been at least two recent serious if not
> catastrophic OpenSSL bugs, and the consequences of Heartbleed if the Bitcoin
> network had been vulnerable are the stuff of nightmares.
>
> Very difficult to see the risk/reward payoff being worthwhile.
>
> Ross
>
>
> On 19/08/2014 18:35, Johnathan Corgan wrote:
>
> On 08/19/2014 09:38 AM, Gregory Maxwell wrote:
>
> We've dodged several emergency scale vulnerabilities by not having TLS.
>
> I'm still trying to understand the original premise that we want
> encrypted communications between nodes.
>
> I can certainly see the value of having *authenticated* traffic with
> specific nodes, using an HMAC for the protocol messages in place of the
> current checksum.
>
>
>
> ------------------------------------------------------------------------------
>
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
>
> ------------------------------------------------------------------------------
> Slashdot TV.
> Video for Nerds.  Stuff that matters.
> http://tv.slashdot.org/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>



-- 
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc.      https://bitpay.com/




More information about the bitcoin-dev mailing list