On Tue, Jun 28, 2016 at 06:45:58PM +0200, Eric Voskuil via bitcoin-dev wrote: > > 1) Transaction censorship > > ISPs, WIFI provider or any other MITM, can holdback/censor unconfirmed > > transactions. Regardless if you are a miner or a validation/wallet node. > > > > 2) Peer censorship > > MITM can remove or add entries from a "addr" message. > > > > 3) Fingerprinting > > ISPs or any other MITM can intercept/inject fingerprinting relevant > > messages like "mempool" to analyze the bitcoin network. > > Encryption alone cannot protect against a MITM attack in an anonymous and > permissionless network. This is accepted in the BIP (and your follow-up > reply).
Being able to easily detect MITM attacks is a _huge_ step forward that shouldn't be underestimated; even if 99% of users aren't in a position to detect the MITM you only need a small subset of users that do the necessary checks to alert the wider community, who can then respond with stronger security measures. Those measures are likely to be more costly - authenticated systems are significantly harder than not - so better to save your efforts until the need for them is more obvious. Also the fact that an attack has a reasonable probability of detection is a big disincentive for many types of attackers - note how one of the things revealed in the Snowden leaks was the fact that the NSA generally tries quite hard to avoid tipping off targets to the fact that they're being surveilled, with a myriad of carefully scripted policies to control when and how exploits are used against targets. -- https://petertodd.org 'peter'[:-1]@petertodd.org
signature.asc
Description: Digital signature
_______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
