Author: Eric Voskuil 2016-06-28 22:07:45
Published on: 2016-06-28T22:07:45+00:00
In an email exchange between Cameron Garnham and Gregory Maxwell via the bitcoin-dev mailing list, they discuss the effectiveness of unauthenticated link level encryption in preventing MITM (Man-In-The-Middle) attacks. While unauthenticated encryption can be useful in forcing attackers to use active attacks, it is not enough to prevent all types of attacks on Bitcoin. Peers can still connect directly to attackers or accept connections from them without being aware of their true identity. The issue of authentication in a mesh network is a complex problem that has yet to be fully solved. However, there are some low-hanging fruit solutions, such as using semi-trusted index nodes or implementing a simple "who is that" fingerprint authentication method. The main concern with widespread authentication is the implementation of secure side channels.Maxwell notes that BIP151 does not provide tools for detecting an attack that requires authentication, but it does have a session ID for out-of-band key checks. Voskuil raises the issue of the general requirement for authentication and how it is necessary for preventing attacks on Bitcoin addresses, even questioning the authenticity of emails themselves.
Updated on: 2023-06-11T18:56:40.112346+00:00