On Wed, Oct 29, 2003 at 11:43:37AM -0600, Tom Kaitchuck wrote: > On Tuesday 28 October 2003 05:22 pm, Toad wrote: > > I have a better attack. You are targetting a particular area of the > > keyspace. Request a long stream of random keys very close to the target > > key. They will all DNF, and reduce the pDNF in that area of each node > > the node routes the request to, until the estimator is so low that it > > tries a different node. Keep on requesting and you can effectively > > eliminate the node's ability to route requests in that region... I have > > no idea how to fight this attack :(. Anyone have any reason why it > > wouldn't work? > > I think the original attack mentioned would not work, because it would be > distributed across all keyspace, so It would merely decrease the average pDNF > would decrease with no net effect on routing. However if it were targeted at > a particular aria of keyspace it would decrease the preserved specialization > of that aria until in was instead routed somewhere else and the decrease that > until it were routed somewhere else. So it would have the effect of > continually trying to reduce the effectiveness of the best node to that of > the second best node. However at the same time all the other nodes are are > requesting normally. So assuming that normal requests are just as capable of > normalizing the estimates as the attacker is of skewing it, then this > effectively becomes a battle of resorces between the rest of the network and > the attacker. However the rest of the network is not aware that it is > compeating, and the attacker's resources can be targeted. So it is probably > possible for a single attacking node to generate the same number of requests > to a small aria as the rest of the network. Assuming that it has the same > bandwidth as the aria it is attacking, and the nodes being attacked is > normally exactly at capacity, then the the attacker will be successful in > diverting traffic half the time. If they have twice the bandwidth then it > will 2/3rds of the time, etc.
Your logic completely escapes me. And it's not about bandwidth. It's about a large number of queries concentrated into a very tiny space in terms of keyspace. > > So to limit this and other flooding biased attacks, I think we should create a > node blacklist, where your node will simply disconnect from, and for a time, > ban any node that demonstraights significantly deviant behavior. One must > also take care that anything that puts a node on a black list is not > propagated down any single request line so you don't end up banned yourself. No use. Node identity is free. Web of positive trust is the only way to make it non-free, and not only is that a big implementation issue, it's a huge social problem. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
