[Cryptography] DNSNMC deprecates Certificate Authorities and fixes HTTPS security

Greg greg at kinostudios.com
Fri Feb 14 16:57:09 EST 2014


Please don't freak out, I'm not trimming the stuff at the bottom because this is a somewhat old thread and I don't want the context to be lost.

I'll trim subsequent replies though.

Hey Ben,

On Dec 19, 2013, at 12:38 AM, Greg <greg at kinostudios.com> wrote:

> On Dec 18, 2013, at 5:50 PM, Ben Laurie <ben at links.org> wrote:
>>> As far as I was able to tell, the paper was a restatement of the well-known
>>> 51% problem.
>> 
>> Let us suppose for a moment that this is correct. What is the
>> well-known solution to the well-known 51% problem?

I want to apologize to you, because I think I've changed my mind about the 51% problem.

Previously, from the reading I had done on the subject, I had come to the conclusion that this is a problem that was being addressed (or would be addressed in the near future).

Now, after having spoken with Emin Gün Sirer (author of the "Majority is not Enough: Bitcoin Mining is Vulnerable" paper), as well as some of the core developers of Bitcoin, I've changed my mind about this, and will be updating the okturtles.com site to reflect this slight change in position.

From my conversations with the bitcoin devs, I've come to the conclusion that they do not care about this problem enough to put much serious effort into fixing it. They appear to be mostly ignoring it.

Their "solution" to it is Getblocktemplate (GBT): https://en.bitcoin.it/wiki/Getblocktemplate

GBT is not a solution, however.

It is a monkey patch, and doesn't prevent the problem from happening. It merely makes it more difficult to put into practice, but provides no guarantees.

Imagine someone driving really fast with one hand on the wheel, while covering their face with the other and peeping at the road of ahead of them between their fingers. That is Bitcoin right now.

All that is not to say that I have lost faith in this approach. Indeed, there are approaches that use a blockchain that *DO* actually fix this problem (NXT is an example). However, they come with their own problems.

It's a work in progress, but as far as I know it's the best we've got right now.

Cheers,
Greg

--
Please do not email me anything that you are not comfortable also sharing with the NSA.

On Dec 19, 2013, at 12:38 AM, Greg <greg at kinostudios.com> wrote:

> On Dec 18, 2013, at 5:50 PM, Ben Laurie <ben at links.org> wrote:
>>> As far as I was able to tell, the paper was a restatement of the well-known
>>> 51% problem.
>> 
>> Let us suppose for a moment that this is correct. What is the
>> well-known solution to the well-known 51% problem?
> 
> 
> I included this link in my reply to you:
> 
> https://en.bitcoin.it/wiki/Proof_of_blockchain_fair_sharing
> 
> Proof of blockchain fair sharing is a draft Bitcoin protocol change proposal by Iain Stewart, with the goal of allowing the network to continue to settle on a sensible consensus blockchain even when subject to a considerably-greater-than-50% attack.
> 
> The protocol is under construction. The following description is a "teaser", establishing its basic flavour and sketching how it exploits an asymmetry in the goals of the honest (<50%) and malicious (>50%) miners to avoid the usual reductio ad absurdum argument against any protocol surviving a >50% attack. 
> 
> 
> - Greg
> 
> --
> Please do not email me anything that you are not comfortable also sharing with the NSA.
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140214/7623362d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140214/7623362d/attachment.pgp>


More information about the cryptography mailing list