Author: Peter Todd 2016-06-28 20:36:05
Published on: 2016-06-28T20:36:05+00:00
Eric Voskuil questioned Peter Todd about what in BIP makes a MITM attack easier to detect or increases the probability of one being detected. Peter explained that BIP151 gives users the tools to detect a MITM attack, similar to PGP where many users don't properly check keys. Eric pointed out that PGP requires a secure side channel for transmission of public keys and asked how one can "check" a key of an anonymous peer. Peter responded by saying that all you can prove is that you are talking to a peer and that communications in the session remain with that peer. Peter explained that anonymous peers aren't always actually anonymous, and a MITM attacker can't easily distinguish communications between two nodes that randomly picked their peers, and nodes that are connected because their operators manually used -addnode to peer. In the latter case, the operators can check whether or not they're being attacked with an out-of-band key check.
Updated on: 2023-06-11T18:56:30.917628+00:00