BIP 151 MITM [combined summary]

Individual post summaries:

BIP 151 MITM Alfie John 2016-06-09 07:00:51+00:00
BIP 151 MITM Jonas Schnelli 2016-06-09 06:57:29+00:00
BIP 151 MITM Alfie John 2016-06-09 01:42:59+00:00
BIP 151 MITM Gregory Maxwell 2016-06-09 01:24:09+00:00
BIP 151 MITM Alfie John 2016-06-08 23:47:28+00:00

Click here to read the original discussion on the bitcoin-dev mailing list

Published on: 2016-06-09T07:00:51+00:00

Summary:

In a recent bitcoin-dev mailing list discussion, Jonas Schnelli announced that he is currently working on an Auth-BIP, which is not yet ready for review. However, he kindly provided a link to his work on Github for those interested in taking a look. He also shared the most recent MITM/auth discussion that took place on IRC. Another member of the group, Alfie John, expressed gratitude towards Jonas for sharing the links.The conversation revolved around concerns raised by Gregory Maxwell regarding plaintext attacks. He stated that active attackers find plaintext reduction uninteresting, as they can easily impersonate the remote side. To address this issue, authentication is mentioned as a separate specification that builds upon the ongoing work. This leads to Alfie John's query about how authentication can be achieved. In response, Jonas Schnelli suggests reviewing his current work on Auth-BIP and provides a link to both his Github repository and the most recent MITM/auth discussion.In a discussion thread from June 9, 2016, Gregory Maxwell discussed the lack of interest in plaintext attacks for active attackers, who can instead impersonate the remote side. The solution to this concern is authentication, which is addressed through a separate specification building on the ongoing work. Alfie John, a participant in the discussion, requested links to further discussions on authentication methods.During the discussion, Alfie John raised concerns about the potential manipulation of the initial 'encinit' message during negotiation in BIP 151. This manipulation could lead to both peers falling back to plaintext. While some argue that reducing to plaintext is not a significant attack vector for active attackers, as they can simply impersonate the remote side, authentication is seen as the solution. However, without authentication, the protection provided only defends against passive attackers. The suggestion is made that peers should negotiate a secure channel from the beginning or entirely back out, with no option of falling back. Additionally, it is proposed that the daemon listening on a completely new port can loudly indicate this. The message is signed by Alfie John and includes a link to their personal website, https://www.alfie.wtf.

Updated on: 2023-08-01T18:26:37.232245+00:00