> Some Guy wrote:<snip>--- Martin Stone Davis <[EMAIL PROTECTED]> wrote: <big snip>
I'm having a lot of trouble coming up with a good solution. Thoughts?
Here are some:
4) Inserter/requestor anonymity can be improved with another layer of onion style routing. ForYes, that would certainly strengthen inserter/requestor anonymity at the time of insertion/requesting, but doesn't it still allow for probing the DS?
example I pick n nodes, I build a chain up only talking to the first one. Each node gets a
symetric key and the last node acts as my proxy for insertion an deletion. In order for them to
link it to me all n nodes have to be compromised.
You can improve this buy making a few of these chains and using each one for a particular peice of
hashspace and connecting them to nodes which might be specailized in the area (or let them become
so).
I believe Toad mentioned doing this for maybe just two hops or so.
However, that gives me an idea: Node C would have a much harder mounting a timing attack on A if he had to go through some node D (who is chosen by A) in order to do it.
Could we somehow require all nodes making a query of us to prove that the query had previously been routed through at least one other node chosen by us? Actually, such a requirement is too stringent.
SOLUTION #3: Instead, say E queries D queries C queries B queries A. Even though B doesn't know about D, he is (somehow) able to prove to A that D is further up in the chain. (Let's leave how that all is possible for further discussion. I'm just trying to work out the basic idea here.)
Now, A can decide whether to REALLY trust B (in which case he checks his
datastore for the key and replies if he has it, or if he doesn't have it, he routes as usual to another node) or NOT trust B (in which case he simply routes to another node). His decision on whether to trust B is based on A's knowledge of B and D. If B and D had routed through each other too many times in the past, then A will suspect B and D of being in cahoots (like B and C of my AAIR hypothetical). However, if A sees that B hasn't had much experience with D, then A will trust B.
I'm sure the idea could be further improved/optimized, but if such a thing is possible, it may be the solution to timing attacks.
-Martin
P.S. Fish, I'll read your comments now.
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
