"I suggest that Bitcoin Core should generate a public/private key pair and
share the public one with peers."

I've not read the p2p protocol of Bitcoin core, but I suppose the initial
handshake between 2 peers would be the ideal place to exchange a public
keys.

would it make sense to generate a new random pair of keys per each peer you
connect to?
then each subsequent message to every peer gets encrypted differently,
keeping each conversation isolated from each other encryption-speaking.

These keys would have nothing to do with your wallet, they're just to
encrypt any further communication between peers post-handshake. Would that
be of any use to "This could provide privacy and integrity but not
autentication."?

http://twitter.com/gubatron


On Tue, Aug 19, 2014 at 12:38 PM, Gregory Maxwell <gmaxwell@gmail.com>
wrote:

> On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier
> <justusranvier@riseup.net> wrote:
> > If that's not acceptable, even using TLS with self-signed certificates
> > would be an improvement.
>
> TLS is a huge complex attack surface, any use of it requires an
> additional dependency with a large amount of difficult to audit code.
> TLS is trivially DOS attacked and every major/widely used TLS
> implementation has had multiple memory disclosure or remote execution
> vulnerabilities even in just the last several years.
>
> We've dodged several emergency scale vulnerabilities by not having TLS.
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>