Author: Eric Voskuil 2015-02-10 17:56:39
Published on: 2015-02-10T17:56:39+00:00
The conversation between Martin Habovštiak and Eric Voskuil revolves around the security and privacy concerns related to Bitcoin transactions. They discuss the use of a commit protocol for encryption and authentication, using ECDH or DH to establish authenticated and encrypted communication. The commit protocol involves sending a hash of the initiator's temporary public ECDH part, receiving the public ECDH part of the second party, and then sending the initiator's public ECDH part in open. All three messages are hashed together, and the first two bytes are used to select two words from a shared dictionary, which are displayed on the screen of both parties. These words are communicated and verified to match before proceeding with the transaction. The conversation also touches upon the need for manual verification and the possibility of differing verification strings resulting in a new address being generated, as well as the limitations and vulnerabilities of using addresses for verification. Eric expresses his concerns about smartphone platforms for secure communication and data exchange and suggests that a shared secret or trusted public key is necessary to prevent privacy loss. They agree that proximity-based communication is the best way to ensure privacy and integrity in a broadcast model, while narrowing the cast can use proximity to establish trust.
Updated on: 2023-06-09T16:34:44.423930+00:00