On 03/22/2014 05:08 PM, Matthew Toseland wrote: > On 22/03/14 14:13, Tom Sparks wrote: >>> On Friday, 21 March 2014 9:55 PM, Matthew Toseland >>> <t...@amphibian.dyndns.org> wrote: >>>> On 21/03/14 04:42, Steve Dougherty wrote: >>>> On Tuesday - March 25th - I have a meeting scheduled with Professor J. >>>> Alex Halderman [0] to talk about security and Freenet. He is one of the >>>> people behind such research as Green Dam arbitrary code execution, [1] >>>> cold boot attacks on disk encryption, [2] and insufficient entropy on >>>> embedded systems leading to weak encryption keys. [3] >>> Nice. >>>> What should I say? I'm planning to mention: >>> Bear in mind that nobody, no matter how brilliant, is an expert in >>> everything. >> that I do agree with > [snip]
They asked more questions about the algorithms and techniques Freenet uses than I expected. I did demonstrate Sone and mentioned its and FLIP's latency. Some things they asked (that I remember and) think would be good to send clarification about: * Does Freenet use padding? I said I thought it does. Does it just pad out packets or also send empty traffic? * How does Freenet protect against correlation attacks and probing for which stores / caches contain blocks? My answer was that directly connected malicious peers are outside the threat model, and that probabilistic decrement and lack of knowledge of network topology beyond the peer's peers make determining these things difficult. Admittedly this is easier (and becomes MAST?) if you allow attackers making new connections closer to the target. * What are the countermeasures against a node inserting bulk quantities of junk to get blocks to fall out? I mentioned that I'd expect one's peers to back off if one was continually inserting, but I wasn't sure how that (is it load balancing?) worked. - Steve
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl