Author: Eric Voskuil 2016-06-30 15:22:08
Published on: 2016-06-30T15:22:08+00:00
The email thread discusses the problem of a man in the middle (MITM) attack on privacy by an anonymous peer. BIP151 is proposed as a solution, which would require one peer to trust that another peer is not an attacker. However, it is pointed out that an attack on privacy by an anonymous peer can be undetectable. If Mallory substitutes ephemeral keys in both directions, Alice and Bob can detect him when they do authentication because they know he is listening. However, this assumes that no other peer can connect to these two nodes and maintain the chain. The "middle" in this sense does not have to be the wire directly between these two peers. It can be between either of them and any anonymous connection they allow. This creates pressure to expand their tunnel, leading to the problem of expanding node identity in an effort to preserve privacy. Pieter raises valid points that there will always be tunnels between trusting nodes, and if people become reliant on good node registration, it could lead to the registrar controlling access to the network. Therefore, the proposal of BIP151 becoming widely adopted raises concerns. A simple dummy example is given to explain how BIP151 could detect a MITM attack, but it is clarified that it is not an authentication proposal.
Updated on: 2023-06-11T19:00:24.053051+00:00