Author: René Pickhardt 2018-11-29 16:32:18
Published on: 2018-11-29T16:32:18+00:00
In a discussion on the Lightning-dev mailing list, participant Corné Plooy questioned the necessity of HMACs in Sphinx and asked what could go wrong if they were removed. Responding to this query, Rene noted that while the mix network can ensure no wrong messages are delivered, it cannot ensure that unseen and unknown messages are not intercepted. He also pointed out that the main use case for HMAC values is the special case of a 0-valued HMAC indicating the end of the route, which he called "silly" and not a cryptographic verification. While the thread model described in chapter 2.1 of the Sphinx paper highlights the need for HMACs to prevent man-in-the-middle attacks, Rene believes that if an attacker speaks the BOLT protocol, they could exchange the entire package and provide a new HMAC as a previous hop could do. Despite this, he agrees with Plooy's criticism and sees no necessity for HMACs since the message is encrypted anyway.
Updated on: 2023-06-02T15:24:16.320519+00:00