On Thursday 14 February 2008 14:10, Michael Rogers wrote: > Matthew Toseland wrote: > > The datastructure implementing this is limited to 10,000 keys > > on each node (this will take up some RAM). > > Hmm, so how much bandwidth does an attacker need to spend sending ULPRs > for nonexistent keys before subscriptions for real keys start getting > pushed out of the data structure, breaking up the subscription trees for > those keys? > > The attacker needs to make 10,000 requests per hour to overflow a peer's > data structure... less than 3 per second. Assuming ULPRs are 1000 bytes > including overhead, an attacker with a 10 Mbps connection could affect > 450 opennet peers. > > "Ultra-lightweight" could actually be a disadvantage here, because if > the peers can easily handle that number of requests they won't throttle > the attacker.
No, he has to do a real request to get a ULPR subscription. Therefore it is subject to all the normal throttling mechanisms. > > Cheers, > Michael
pgpUyDrjDZY9R.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
