Author: Eric Voskuil 2016-06-30 15:10:52
Published on: 2016-06-30T15:10:52+00:00
A discussion between Pieter Wuille and Eric Voskuil, via bitcoin-dev mailing list, revolves around the concern of node identity proliferation, which relates to privacy and network security. The discussion highlights that node identity is already being used widely in different ways. BIP 151 on its own gives opportunistic encryption but does not protect from active attackers. However, a simple optional pre-shared-secret authentication extension can improve upon pure IP-based authentication. A non-leaking public key authentication scheme with keys specific to the IP addresses can give TOFU-like security. While it will require explicit configuration, this proposal can be a building block for further improvements. The privacy properties of Bitcoin are often misrepresented, and education is necessary to solve this issue. The complexity of the proposed construction is comparable to diffie-hellman handshake and stream cipher, both very common constructions, and the cryptographic code can be directly reused from a well-known project (OpenSSH), and is very small in size.
Updated on: 2023-06-11T18:55:47.538666+00:00