public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Tom Zander <tomz@freedommail•ch>
To: bitcoin-dev@lists•linuxfoundation.org,
	Jonas Schnelli <dev@jonasschnelli•ch>
Subject: Re: [bitcoin-dev] Unique node identifiers (and BIP150)
Date: Wed, 08 Mar 2017 22:25:46 +0100	[thread overview]
Message-ID: <18390846.ckRIaq9dAb@strawberry> (raw)
In-Reply-To: <30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch>

On Wednesday, 8 March 2017 20:47:54 CET Jonas Schnelli via bitcoin-dev 
wrote:
> Please Eric. Stop spreading FUD.
> BIP150 has a fingerprint-free **OPTIONAL** authentication. It’s designed
> to not reveal any node identifier/identity without first get a
> crypto.-proof from other peer that he already knows your identity.
> **Peers can’t be identified without having the identity-keys pre shared
> by the node operators.**

Do you know the trick of having an open wifi basestation in a public street 
and how that can lead to tracking? Especially if you have a network of them.
The trick is this; you set up an open wifi base station with a hidden ssid 
and phones try to connect to it by saying “Are you ssid=xyz?”
This leads the basestation to know that the phone has known credentials with 
another wifi that has a specific ssid. (the trick is slightly more elaborate, 
but the basics are relevant here).

Your BIP is vulnarable to the same issue, as a node wants to connect using 
the AUTHCHALLENGE which has as an argument the hash of the person I’m trying 
to connect with.

Your BIP says "Fingerprinting the requesting peer is not possible”.
Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. Your 
hash never changes and as you connect to a node anyone listening can see you 
sending the same hash on every connect to that peer, whereever you are or 
connect from.

Just like the wifi hack.

I think you want to use industry standards instead, and a good start may be 
https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
-- 
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel


  parent reply	other threads:[~2017-03-08 21:22 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-03-04 16:04 [bitcoin-dev] Unique node identifiers John Hardy
2017-03-05  6:29 ` Marcel Jamin
2017-03-05 12:55   ` John Hardy
2017-03-05 13:27 ` Btc Drak
2017-03-05 13:57   ` John Hardy
2017-03-07 18:44     ` Eric Voskuil
2017-03-08  2:01       ` bfd
2017-03-08 19:47       ` Jonas Schnelli
2017-03-08 21:09         ` Eric Voskuil
2017-03-08 21:20           ` Jonas Schnelli
2017-03-08 23:12             ` Pieter Wuille
     [not found]               ` <6a5a6a8f-d689-260a-76a9-a91f6bda56c5@voskuil.org>
2017-03-09  1:55                 ` Pieter Wuille
2017-03-09 11:01                   ` Aymeric Vitte
2017-03-09  1:08             ` Eric Voskuil
2017-03-08 21:25         ` Tom Zander [this message]
2017-03-08 21:31           ` [bitcoin-dev] Unique node identifiers (and BIP150) Jonas Schnelli

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=18390846.ckRIaq9dAb@strawberry \
    --to=tomz@freedommail$(echo .)ch \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=dev@jonasschnelli$(echo .)ch \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox