Author: Christophe Biocca 2014-08-19 17:19:44
Published on: 2014-08-19T17:19:44+00:00
A user suggests that Bitcoin Core generate a public/private key pair and share the public one with peers. Gregory Maxwell responds, stating that if your threat model is passive listeners, establishing a symmetric key for each connection using Diffie-Hellman at handshake time is all you need, no public-private crypto needed at all. He goes further to say that those users that do have a need for security should probably connect to the network using Tor or I2P which can give much better security guarantees than anything being discussed here. Justus Ranvier suggests using TLS with self-signed certificates as an improvement, but Maxwell argues that TLS is a huge complex attack surface, trivially DOS attacked, and every major/widely used TLS implementation has had multiple memory disclosure or remote execution vulnerabilities even in just the last several years. He concludes that we've dodged several emergency scale vulnerabilities by not having TLS.
Updated on: 2023-06-09T02:13:17.174658+00:00