On Wed, 12 Nov 2003, [iso-8859-1] Some Guy wrote:
Here's a neat paper Zooko (the MNet guy) pointed out: http://citeseer.nj.nec.com/douceur02sybil.html They argue you'd need a central authority to prevent a sybil attack. I think they're wrong.
The author's claim is negative: he proves that given a reasonable set of assumptions, it is impossible for a large network without a certification authority to prevent a single attacker from successfully masquerading as a number of users. Once one or more attackers have done so, they can then expand their foothold by endorsing one another as well as other new attackers.
His analysis applies to any large-scale p2p network. There are at least two defenses: either create some sort of certification authority (perhaps a supervisory p2p network) or allow/encourage fragmentation of the target network.
ugh, depressing. Must go read it now! Thanks guys...
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
