On Tue, Jun 28, 2016 at 10:29:54PM +0200, Eric Voskuil wrote:
> 
> 
> > On Jun 28, 2016, at 10:14 PM, Peter Todd <pete@petertodd.org> wrote:
> > 
> >> On Tue, Jun 28, 2016 at 08:35:26PM +0200, Eric Voskuil wrote:
> >> Hi Peter,
> >> 
> >> What in this BIP makes a MITM attack easier (or easy) to detect, or increases the probability of one being detected?
> > 
> > BIP151 gives users the tools to detect a MITM attack.
> > 
> > It's kinda like PGP in that way: lots of PGP users don't properly check keys,
> 
> PGP requires a secure side channel for transmission of public keys. How does one "check" a key of an anonymous peer? I know you well enough to know you wouldn't trust a PGP key received over an insecure channel.
> 
> All you can prove is that you are talking to a peer and that communications in the session remain with that peer. The peer can be the attacker. As Jonas has acknowledged, authentication is required to actually guard against MITM attacks.

Easy: anonymous peers aren't always actually anonymous.

A MITM attacker can't easily distinguish communications between two nodes that
randomly picked their peers, and nodes that are connected because their
operators manually used -addnode to peer; in the latter case the operators can
check whether or not they're being attacked with an out-of-band key check.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org