Eric Voskuil [ARCHIVE] on Nostr: 📅 Original date posted:2016-06-28 📝 Original message:> On Jun 28, 2016, at ...

📅 Original date posted:2016-06-28
📝 Original message:> On Jun 28, 2016, at 10:36 PM, Peter Todd <pete at petertodd.org> wrote:
>
>> On Tue, Jun 28, 2016 at 10:29:54PM +0200, Eric Voskuil wrote:
>>
>>
>>>> On Jun 28, 2016, at 10:14 PM, Peter Todd <pete at petertodd.org> wrote:
>>>>
>>>> On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
>>>> Hi Peter,
>>>>
>>>> What in this BIP makes a MITM attack easier (or easy) to detect, or increases the probability of one being detected?
>>>
>>> BIP151 gives users the tools to detect a MITM attack.
>>>
>>> It's kinda like PGP in that way: lots of PGP users don't properly check keys,
>>
>> PGP requires a secure side channel for transmission of public keys. How does one "check" a key of an anonymous peer? I know you well enough to know you wouldn't trust a PGP key received over an insecure channel.
>>
>> All you can prove is that you are talking to a peer and that communications in the session remain with that peer. The peer can be the attacker. As Jonas has acknowledged, authentication is required to actually guard against MITM attacks.
>
> Easy: anonymous peers aren't always actually anonymous.
>
> A MITM attacker can't easily distinguish communications between two nodes that
> randomly picked their peers, and nodes that are connected because their operators manually used -addnode to peer; in the latter case the operators can
> check whether or not they're being attacked with an out-of-band key check.

An "out of band key check" is not part of BIP151. It requires a secure channel and is authentication. So BIP151 doesn't provide the tools to detect an attack, that requires authentication. A general requirement for authentication is the issue I have raised.

e