Unauthenticated link level encryption is wonderful! MITM attacks are overrated; as they require an active attacker.

Stopping passive attacks is the low hanging fruit. This should be taken first.

Automated and secure peer authentication in a mesh network is a huge topic. One of the unsolved problems in computer science.

A simple 'who is that' by asking for the fingerprint of your peers from your other peers is a very simple way to get 'some' authentication. Semi-trusted index nodes also is a low hanging fruit for authentication.

However, let's first get unauthenticated encryption. Force the attackers to use active attacks. (That are thousands times more costly to couduct).

Sent from my iPhone

On 29 Jun 2016, at 00:36, Gregory Maxwell via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

On Tue, Jun 28, 2016 at 9:22 PM, Eric Voskuil via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:

An "out of band key check" is not part of BIP151.

It has a session ID for this purpose.

It requires a secure channel and is authentication. So BIP151 doesn't provide the tools to detect an attack, that requires authentication. A general requirement for authentication is the issue I have raised.

One might wonder how you ever use a Bitcoin address, or even why we
might guess these emails from "you" aren't actually coming from the
NSA.
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev