|
----- Original Message -----
From: Newsbyte
To: Newsbyte
Sent: Friday, November 07, 2003 12:31 PM
Subject: Re: A really easy way to defeat datastore probingtiming
attacks? "Did I understand you correctly?
Before we continue, I gotta make sure
we are talking about the same thing." Well, indeed, I'm not sure we are talking about the same
thing neither ;-)
"You want all nodes to use that strategy?"
Well, yes, unless one can figure out a way to estimate if
one is the first node contacted (maybe by the htl?).
"If all nodes used that
strategy, then nothing would ever get done, since no nodes who had the data would ever use option (a)." Apart from the assertion in the middle, this would be
correct. Of course, one must account for the caching/reproducing effect of the
nodes, I'm not sure if or how much requests are currently send through to other
nodes, even when the data is in the node? Toad could answer that one. As far as
I know, however, a node that has the data will not neglect it and go on
searching ;-). (and even if it did, it wouldn't have any major impact on what I
propose).
"So, the amount of time we would have to
wait in (b) would be infinite." How do you figure that?
Look, let's go by this step by step, maybe then we'll see
any error on either of our part. I'll go by the b) case:
I ask data from node A, it has the data in it's store (b
case), it doesn't send it right back, but calculates the time it would take if
it hadn't had it in it's store and had to retrieve it from the next node, and
uses that time-estimate to delay the time it gives the data back.
Is the time infinite, as you claim? No, it takes the same
time as when the node hadn't had the data and actually had to go one node
further.
Variants: it hasn't got the data, it requests it from
another node, this node has it; it takes the time it would have taken if it
didn't had it: time delay is the same as what you would get normally,+ that of
one 1 extra hop.
The same goes for if the data is only found on the
21st node; the time in which it would be retrieved would be exactly the same
without the system I suggest, apart from the 1 extra time-delay on the node that
has the data.
So, where do you see it as being infinite?
|
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
