📅 Original date posted:2015-10-19
📝 Original message:
On Mon, Oct 19, 2015 at 10:51:52AM +0200, Mats Jerratsch wrote:
> Hm interesting. So far the IP-PubKey-Relationship was public for me
> (furthermore, I even think about adding it to the gossip protocol, see
> other post).
Yeah, it's definitely easier to think about that way.
> I think we can mitigate the risks associated fairly well. Suppose
> lightning nodes run on dedicated machines, firewalled against any
> incoming connections (except ones on the lightning port).
(I don't think lightning wallets can realistically run on dedicated
machines/IPs; so that makes a significant distinction between wallets
for consumers and nodes for routing/merchants I think)
> Against MITM and eavesdropping your pubkey to a stranger connecting to
> your node, we can change the protocol such that the one initiating the
> connection always sends his signed pubkey object first.
I don't thnk that works -- if you can MITM Alice and Bob, then you just do
that while they're in the middle of a connection. When Alice reconnects,
she immediately tells you who she is. If Bob tries reconnecting as well,
you find out who he is too. Sending a shared secret nonce instead,
then just sending signatures avoids that; either one can re-establish
the connection if they can actually talk, and if there's a MITM they
reveal nothing, but do discover they can't talk.
Cheers,
aj
Anthony Towns [ARCHIVE] /
npub17r…x9l2h
2023-06-09 12:44:54
in reply to nevent1q…luhq
Author Public Key
npub17rld56k4365lfphyd8u8kwuejey5xcazdxptserx03wc4jc9g24stx9l2hPublished at
2023-06-09 12:44:54Event JSON
{
"id": "d9b71c7e62a1a03ca1c3e35d3ae7b796d551aa0599bf60b1d4567ea5918600f9",
"pubkey": "f0feda6ad58ea9f486e469f87b3b9996494363a26982b864667c5d8acb0542ab",
"created_at": 1686314694,
"kind": 1,
"tags": [
[
"e",
"3349bac3c0093cc138cf165a35e427e33b66da31c2652f9bf128f3286a54941b",
"",
"root"
],
[
"e",
"e5c86d6993a8ec61320331a2f9008e831e9ba871d418864050fed6092259bdbe",
"",
"reply"
],
[
"p",
"b8a27d18150405cdfcd44c0dd8db860f5270312300248389bf57ce555c784528"
]
],
"content": "📅 Original date posted:2015-10-19\n📝 Original message:\nOn Mon, Oct 19, 2015 at 10:51:52AM +0200, Mats Jerratsch wrote:\n\u003e Hm interesting. So far the IP-PubKey-Relationship was public for me\n\u003e (furthermore, I even think about adding it to the gossip protocol, see\n\u003e other post).\n\nYeah, it's definitely easier to think about that way.\n\n\u003e I think we can mitigate the risks associated fairly well. Suppose\n\u003e lightning nodes run on dedicated machines, firewalled against any\n\u003e incoming connections (except ones on the lightning port).\n\n(I don't think lightning wallets can realistically run on dedicated\nmachines/IPs; so that makes a significant distinction between wallets\nfor consumers and nodes for routing/merchants I think)\n\n\u003e Against MITM and eavesdropping your pubkey to a stranger connecting to\n\u003e your node, we can change the protocol such that the one initiating the\n\u003e connection always sends his signed pubkey object first.\n\nI don't thnk that works -- if you can MITM Alice and Bob, then you just do\nthat while they're in the middle of a connection. When Alice reconnects,\nshe immediately tells you who she is. If Bob tries reconnecting as well,\nyou find out who he is too. Sending a shared secret nonce instead,\nthen just sending signatures avoids that; either one can re-establish\nthe connection if they can actually talk, and if there's a MITM they\nreveal nothing, but do discover they can't talk.\n\nCheers,\naj",
"sig": "80a64e3bfeaccc07fc299becfbf6d1deefad1a17c016140857a0c1e71846b349b961089a628d656c4af0e5b3f10ee787e59f1c1e14e5be60ece1544942afc661"
}