On Sunday 30 November 2003 01:04 pm, Martin Stone Davis wrote: > [EMAIL PROTECTED] wrote: > > I know that may not seem straight forward. But I didn't come up with > > this proposial in an hour. I spent a long time thinking about the > > problems with the network, and decided that time, rather than HTL was > > the way to go. as did you. > > Okay, fine. > > > That presented a lot of problems too. (and > > security issues) > > Well, I'm not convinced that the security issues are the most important > thing. Can you show how using time-to-live rather than hops-to-live > leads to security problems?
Right, there aren't any anonymity issues beyond possibly spotting the original requester, because of a nice even time, and timing attacks. But the first is nothing that premix routing couldn't solve and I had planned to include something about timing attacks, but I did not. So just ignore that. > > The way I worked out how to solve them was to use > > trust as a means of deturmaning time. > > > > Read my proposial, it is simple, and easy to impliment, and does > > both. > > As for the design problems it presents, I outline some of the details > Toad's plan needs here: > http://article.gmane.org/gmane.network.freenet.devel/8184. None of that > involves solving whatever security problems are present. If your plan > (with the exception of the trust stuff) is a completed version of Toad's > idea, you should be able to fill in those details. > > I would like to understand your idea better, so please don't just say > "read my proposal". If the questions are answered there, then show me > the way. OK, from your questions: 1. How should we calculate pLegitDNF? A. There is no pLegitDNF or even a pDNF. This is because all failures to find data are considered a timeout. This means this means the NGrouting formula only has one varable, you just go with whatever node is fastest for that key value. So if there are a bunch of DNFs then you still have a ranking of the nodes. Under such a system an anti-specialization attack would be harder, because there is no pDNF to attack, only time, which has an upperbound on how bad it can make the other node look and will have already have decremented substantially by the time the request gets there, or if the attacker succeeds in making a node look bad to another node, it will go to a third node instead which would then possibly route to the first node, but the attack would be less effective because of the additional hop. None the less, such an attack is still possible. To prevent this, using a trust biased system is important. 2. How do other estimators such as pDNFGivenSearchSuccess depend on the time allotment? Same situation. That estimator would no longer exist. 3. How should we handle failure tables? A failure table or a "Success table" could work exactly the same as they otherwise would. We just kill any request with the same or lower TTL. _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
