On Wednesday 03 December 2003 11:44 am, Tom Kaitchuck wrote: > On Sunday 30 November 2003 01:04 pm, Martin Stone Davis wrote: > > [EMAIL PROTECTED] wrote: > > > I know that may not seem straight forward. But I didn't come up with > > > this proposial in an hour. I spent a long time thinking about the > > > problems with the network, and decided that time, rather than HTL was > > > the way to go. as did you. > > > > Okay, fine. > > > > > That presented a lot of problems too. (and > > > security issues) > > > > Well, I'm not convinced that the security issues are the most important > > thing. Can you show how using time-to-live rather than hops-to-live > > leads to security problems? > > Right, there aren't any anonymity issues beyond possibly spotting the > original requester, because of a nice even time, and timing attacks. But > the first is nothing that premix routing couldn't solve and I had planned > to include something about timing attacks, but I did not. So just ignore > that. > > > > The way I worked out how to solve them was to use > > > trust as a means of deturmaning time. > > > > > > Read my proposial, it is simple, and easy to impliment, and does > > > both. > > > > As for the design problems it presents, I outline some of the details > > Toad's plan needs here: > > http://article.gmane.org/gmane.network.freenet.devel/8184. None of that > > involves solving whatever security problems are present. If your plan > > (with the exception of the trust stuff) is a completed version of Toad's > > idea, you should be able to fill in those details. > > > > I would like to understand your idea better, so please don't just say > > "read my proposal". If the questions are answered there, then show me > > the way. > > OK, from your questions: > > 1. How should we calculate pLegitDNF? > A. There is no pLegitDNF or even a pDNF. This is because all failures to > find data are considered a timeout. This means this means the NGrouting > formula only has one varable, you just go with whatever node is fastest for > that key value. So if there are a bunch of DNFs then you still have a > ranking of the nodes. > > Under such a system an anti-specialization attack would be harder, because > there is no pDNF to attack, only time, which has an upperbound on how bad > it can make the other node look and will have already have decremented > substantially by the time the request gets there, or if the attacker > succeeds in making a node look bad to another node, it will go to a third > node instead which would then possibly route to the first node, but the > attack would be less effective because of the additional hop. > > None the less, such an attack is still possible. To prevent this, using a > trust biased system is important.
Oh, one imporntant thing is that the transfer time should NOT be included when considering which node to route to. However it SHOULD be considered when awarding trust. This prevents favoring fast nodes too much, because some requests are bound to fail. While still rewarding good preformance. > 2. How do other estimators such as pDNFGivenSearchSuccess depend on the > time allotment? > > Same situation. That estimator would no longer exist. > > 3. How should we handle failure tables? > > A failure table or a "Success table" could work exactly the same as they > otherwise would. We just kill any request with the same or lower TTL. > > _______________________________________________ > Devl mailing list > [EMAIL PROTECTED] > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
