📅 Original date posted:2016-06-08
📝 Original message:On Wed, Jun 8, 2016 at 11:47 PM, Alfie John via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> Hi folks,
>
> Overall I think BIP 151 is a good idea. However unless I'm mistaken, what's to
> prevent someone between peers to suppress the initial 'encinit' message during
> negotiation, causing both to fallback to plaintext?
>
> Peers should negotiate a secure channel from the outset or backout entirely
> with no option of falling back. This can be indicated loudly by the daemon
> listening on an entirely new port.
Reduction to plaintext isn't an interesting attack vector for an
active attacker: they can simply impersonate the remote side.
This is addressed via authentication, where available, which is done
by a separate specification that builds on this one.
Without authentication this only provides protection against passive attackers.
Gregory Maxwell [ARCHIVE] /
npub1f2…crwet
2023-06-07 17:51:02
in reply to nevent1q…ekul
Author Public Key
npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwetPublished at
2023-06-07 17:51:02Event JSON
{
"id": "6d54f2a0fe5cf8734a3f0ec8d4285f03bbb9e480f6f67150a0e52d8c16d60da0",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686160262,
"kind": 1,
"tags": [
[
"e",
"aeda77d61b40be2458afb3260d199e3d7451dcb2584d3b995b1ad50b49ac1ad3",
"",
"root"
],
[
"e",
"deafa374f66fc5df1822f67012fee8cbd709276c00e4bd6e77c48350642fb8b3",
"",
"reply"
],
[
"p",
"62dd2acf551a4b84c7633b4123d4143c9fa10f2f194ac4d1f7a942e5b49c6e4d"
]
],
"content": "📅 Original date posted:2016-06-08\n📝 Original message:On Wed, Jun 8, 2016 at 11:47 PM, Alfie John via bitcoin-dev\n\u003cbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\u003e Hi folks,\n\u003e\n\u003e Overall I think BIP 151 is a good idea. However unless I'm mistaken, what's to\n\u003e prevent someone between peers to suppress the initial 'encinit' message during\n\u003e negotiation, causing both to fallback to plaintext?\n\u003e\n\u003e Peers should negotiate a secure channel from the outset or backout entirely\n\u003e with no option of falling back. This can be indicated loudly by the daemon\n\u003e listening on an entirely new port.\n\nReduction to plaintext isn't an interesting attack vector for an\nactive attacker: they can simply impersonate the remote side.\n\nThis is addressed via authentication, where available, which is done\nby a separate specification that builds on this one.\n\nWithout authentication this only provides protection against passive attackers.",
"sig": "90ddf04367a1cb12e51a00d918e09fa32b48639a04c468a2e1467d396cbc6b449bcca3afdb3da6edfcbef23e729b09d2f58409a252e4c00dd05890415a9d0420"
}