[Cryptography] The Trouble with Certificate Transparency

Greg greg at kinostudios.com
Sat Sep 27 18:15:25 EDT 2014 

On Sep 27, 2014, at 2:55 PM, Tony Arcieri <bascule at gmail.com> wrote:

> Do you really think that the NSA cant pull off the 51% attack on Namecoin?

Ah, now you're talking sense. :-)

I really don't think that, and it's discussed in the blog post:

https://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/

51% attack is a legitimate problem that can result in censorship of the network.

Note that it doesn't allow the NSA to lie about a certificate though. In many ways, 51% attack is just another form of censorship. They would probably prefer to just censor the connection.

Details of what 51% allows and does not allow are copied here from the bitcoin wiki:
An attacker that controls more than 50% of the network's computing power can, for the time that he is in control, exclude and modify the ordering of transactions. This allows him to:

Reverse transactions that he sends while he's in control. This has the potential to double-spend transactions that previously had already been seen in the block chain.
Prevent some or all transactions from gaining any confirmations
Prevent some or all other miners from mining any valid blocks
The attacker can't:

Reverse other people's transactions
Prevent transactions from being sent at all (they'll show as 0/unconfirmed)
Change the number of coins generated per block
Create coins out of thin air
Send coins that never belonged to him
From: https://en.bitcoin.it/wiki/Weaknesses#Attacker_has_a_lot_of_computing_power

Kind regards,
Greg Slepak

--
Please do not email me anything that you are not comfortable also sharing with the NSA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140927/819cc519/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140927/819cc519/attachment.sig>

More information about the cryptography mailing list