📅 Original date posted:2016-06-30 📝 Original message:> On Jun 30, 2016, at 2:20 ...

Why Nostr? What is Njump?

Eric Voskuil [ARCHIVE] /

npub1sg…ppx3c

2023-06-07 17:51:43

in reply to nevent1q…rykf

📅 Original date posted:2016-06-30
📝 Original message:> On Jun 30, 2016, at 2:20 PM, Jonas Schnelli <dev at jonasschnelli.ch> wrote:
>
>
>> Yes, this is exactly what I meant. The complexity of the proposed construction is comparable to that of Bitcoin itself. This is not itself prohibitive, but it is clearly worthy of consideration.
>>
>> A question we should ask is whether decentralized anonymous credentials is applicable to the authentication problem posed by BIP151. I propose that it is not.
>>
>> The core problem posed by BIP151 is a MITM attack. The implied solution (BIP151 + authentication) requires that a peer trusts that another is not an attacker.
>
> BIP151 would increase the risks for MITM attackers.
> What are the benefits for Mallory of he can't be sure Alice and Bob may
> know that he is intercepting the channel?

It is not clear to me why you believe an attack on privacy by an anonymous peer is detectable.

> MITM is possible today, it would still be possible (though under higher
> costs) with BIP151.
>
> With BIP151 we would have the basic tool-set to effectively reduce the
> risks of being MITMled.
>
> IMO we should focus on the risks and benefits of BIP151 and not drag
> this discussion into the realm of authentication. This can and should be
> done once we have proposals for authentication (and I'm sure this will
> be a heated debate).
>
> The only valid risk I have on my list from you, Eric, is the false sense
> of security.
>
> My countermeasure for that would be...
> - deploy BIP151 together with the simplest form of authentication
> (know_hosts / authorized_keys file, no TOFU only editable "by hand")
> - make it more clear (in the BIP151 MOTIVATION text) that it won't solve
> the privacy/MITM problem without additional authentication.
>
> Or could you elaborate again – without stepping into the realm of
> authentication/MITM (which is not part of the BIP or possible already
> today) – why BIP151 would make things worse?
>
> </jonas>
>

Author Public Key

npub1sgs97fe0n9wehe6zw7drcxdz4cy9yt9pfqjv8gasz5jlk4zezc0quppx3c

Show more details

Published at

2023-06-07 17:51:43

Kind type

1 Short Text Note

Event JSON

{ "id": "3c10bff004bb94c6f4cb86f792b53f320af1be590671dd910601f534675de915", "pubkey": "82205f272f995d9be742779a3c19a2ae08522ca14824c3a3b01525fb5459161e", "created_at": 1686160303, "kind": 1, "tags": [ [ "e", "d0e8bb25d553b30c0cc0d96d85855c267cf10b5981dd5042024df41c59046cbd", "", "root" ], [ "e", "1b240163f252a18aa7c846ebdf0950a731bc37dfe1a1b647e5eabdb1fda53e01", "", "reply" ], [ "p", "9a463e0fab8963b013698c15a0f2449d19c97f3b88458e5874095b5006df9a0c" ] ], "content": "📅 Original date posted:2016-06-30\n📝 Original message:\u003e On Jun 30, 2016, at 2:20 PM, Jonas Schnelli \u003cdev at jonasschnelli.ch\u003e wrote:\n\u003e \n\u003e \n\u003e\u003e Yes, this is exactly what I meant. The complexity of the proposed construction is comparable to that of Bitcoin itself. This is not itself prohibitive, but it is clearly worthy of consideration.\n\u003e\u003e \n\u003e\u003e A question we should ask is whether decentralized anonymous credentials is applicable to the authentication problem posed by BIP151. I propose that it is not.\n\u003e\u003e \n\u003e\u003e The core problem posed by BIP151 is a MITM attack. The implied solution (BIP151 + authentication) requires that a peer trusts that another is not an attacker.\n\u003e \n\u003e BIP151 would increase the risks for MITM attackers.\n\u003e What are the benefits for Mallory of he can't be sure Alice and Bob may\n\u003e know that he is intercepting the channel?\n\nIt is not clear to me why you believe an attack on privacy by an anonymous peer is detectable.\n\n\u003e MITM is possible today, it would still be possible (though under higher\n\u003e costs) with BIP151.\n\u003e \n\u003e With BIP151 we would have the basic tool-set to effectively reduce the\n\u003e risks of being MITMled.\n\u003e \n\u003e IMO we should focus on the risks and benefits of BIP151 and not drag\n\u003e this discussion into the realm of authentication. This can and should be\n\u003e done once we have proposals for authentication (and I'm sure this will\n\u003e be a heated debate).\n\u003e \n\u003e The only valid risk I have on my list from you, Eric, is the false sense\n\u003e of security.\n\u003e \n\u003e My countermeasure for that would be...\n\u003e - deploy BIP151 together with the simplest form of authentication\n\u003e (know_hosts / authorized_keys file, no TOFU only editable \"by hand\")\n\u003e - make it more clear (in the BIP151 MOTIVATION text) that it won't solve\n\u003e the privacy/MITM problem without additional authentication.\n\u003e \n\u003e Or could you elaborate again – without stepping into the realm of\n\u003e authentication/MITM (which is not part of the BIP or possible already\n\u003e today) – why BIP151 would make things worse?\n\u003e \n\u003e \u003c/jonas\u003e\n\u003e", "sig": "9887176457421cd5f259ab4f3c8a07cd310255142209360143dc73e1f5cdbb757330547d7dbc4a63f7655a024631cebec604632cca912199bd4769d2eed683c3" }