[bitcoin-dev] BIP 151
Eric Voskuil
eric at voskuil.org
Tue Jun 28 20:29:54 UTC 2016
> On Jun 28, 2016, at 10:14 PM, Peter Todd <pete at petertodd.org> wrote:
>
>> On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
>> Hi Peter,
>>
>> What in this BIP makes a MITM attack easier (or easy) to detect, or increases the probability of one being detected?
>
> BIP151 gives users the tools to detect a MITM attack.
>
> It's kinda like PGP in that way: lots of PGP users don't properly check keys,
PGP requires a secure side channel for transmission of public keys. How does one "check" a key of an anonymous peer? I know you well enough to know you wouldn't trust a PGP key received over an insecure channel.
All you can prove is that you are talking to a peer and that communications in the session remain with that peer. The peer can be the attacker. As Jonas has acknowledged, authentication is required to actually guard against MITM attacks.
> so an attacker won't have a hard time MITM attacking those users. But some
> users do check keys, a labor intensive manual process, but not a process that
> requires any real cryptographic sophistication, let alone writing any code.
> It's very difficult for widescale attackers to distinguish the users who do
> check keys from the ones that don't, so if you MITM attack _any_ user you run
> the risk of running into one of the few that does check, and those users can
> alert everyone else.
>
> The key thing, is we need to get everyones communications encrypted first: if
> we don't the MITM attacker can intercept 99% of the communications with 0% risk
> of detection, because the non-sophisticated users are trivially distinguishable from the sophisticated users: just find the users with unencrypted
> communications!
>
> --
> https://petertodd.org 'peter'[:-1]@petertodd.org
More information about the bitcoin-dev
mailing list