Proposal: Only route high HTL requests (say 15+) to nodes which are no longer "newbies", that is, which have uptime of over 5 minutes. Nodes which are newbie are not dropped even if they are at the bottom of the LRU; nodes over this have survived through being useful.
This should increase the cost of attacks involving maintaining connections to lots of opennet peers. The catch is that this might affect routing resulting in new nodes having too few long links??? Maybe we could simulate it at some point? What this would do to attacks is force an attacker to maintain *useful* connections to each node, rather than just constantly abusing announcement and path folding, thus increasing the bandwidth cost significantly. Unfortunately even with this it seems likely they'd only need 1500 bytes/sec/peer or thereabouts ... Random rendezvous tunnels, provided they are long enough to provide a usable anonymity set (subject to gathering data on the network but IMHO something between 3 and 6 hops should suffice), would avoid this problem. I would enable them at NORMAL and MAXIMUM seclevel, and not at LOW and HIGH (unless friends seclevel is set to LOW) - because they aren't really necessary on darknet. Obviously we need freenet to be really fast in the absence of tunnels for this to be worth seriously considering as a default... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20101023/ec65a7f8/attachment.pgp>
