On Wednesday, 8 March 2017 20:47:54 CET Jonas Schnelli via bitcoin-dev wrote: > Please Eric. Stop spreading FUD. > BIP150 has a fingerprint-free **OPTIONAL** authentication. It’s designed > to not reveal any node identifier/identity without first get a > crypto.-proof from other peer that he already knows your identity. > **Peers can’t be identified without having the identity-keys pre shared > by the node operators.**
Do you know the trick of having an open wifi basestation in a public street and how that can lead to tracking? Especially if you have a network of them. The trick is this; you set up an open wifi base station with a hidden ssid and phones try to connect to it by saying “Are you ssid=xyz?” This leads the basestation to know that the phone has known credentials with another wifi that has a specific ssid. (the trick is slightly more elaborate, but the basics are relevant here). Your BIP is vulnarable to the same issue, as a node wants to connect using the AUTHCHALLENGE which has as an argument the hash of the person I’m trying to connect with. Your BIP says "Fingerprinting the requesting peer is not possible”. Unfortunately, this is wrong. Yes the peer is trivial to fingerprint. Your hash never changes and as you connect to a node anyone listening can see you sending the same hash on every connect to that peer, whereever you are or connect from. Just like the wifi hack. I think you want to use industry standards instead, and a good start may be https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange -- Tom Zander Blog: https://zander.github.io Vlog: https://vimeo.com/channels/tomscryptochannel _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
