On Wed, Oct 29, 2003 at 04:56:05PM -0600, Tom Kaitchuck wrote: > On Wednesday 29 October 2003 04:41 pm, Tom Kaitchuck wrote: > > On Wednesday 29 October 2003 12:11 pm, Toad wrote: > > > > So to limit this and other flooding biased attacks, I think we should > > > > create a node blacklist, where your node will simply disconnect from, > > > > and for a time, ban any node that demonstraights significantly deviant > > > > behavior. One must also take care that anything that puts a node on a > > > > black list is not propagated down any single request line so you don't > > > > end up banned yourself. > > > > > > No use. Node identity is free. Web of positive trust is the only way to > > > make it non-free, and not only is that a big implementation issue, it's > > > a huge social problem. > > > > Humm, perhaps make noderefs contain some sort of complex calculation biased > > on the IP and then have somesort of system where nodes can insert > > references of misbehaving nodes and if a sufficient number of nodes voted > > one as bad nobody could connect to it. Of course all this is fraught with > > problems. Surely someone can come up with a better solution. > > WAIT. I've got it! Add another level of hashing. So the content is encrypted > with it's hash, and it is stored in the hash of the hash of the hash, and > attached to the request is the hash of the hash. This way they the attack is > impossible to target. They would have to go through hashing values until they > found ones that falls in the aria they are trying to attack. To make this > more CPU intensive we could use a different hash algorithm, one with enough > bit depth that trying to create even a limited lookup table based on it would > be very impractical. This would break network compatability and require total > datastore reset, so lets throughly discuss this and/or other solutions before > implementing it.
It's a nice idea but they could easily brute force the first few bytes. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
