On Tuesday 04 Sep 2012 18:45:47 Matthew Toseland wrote: > On Tuesday 04 Sep 2012 18:13:04 Evan Daniel wrote: > > On Tue, Sep 4, 2012 at 12:29 PM, Matthew Toseland > > <toad at amphibian.dyndns.org> wrote: > > > The paper, "A Traceback Attack on Freenet" ( > > > http://www.ee.hawaii.edu/~dong/traceback/1569649421.pdf ) presents a new > > > attack which relies on being able to 1) quickly connect to a node via > > > announcement and 2) Query it to determine whether a given request UID has > > > visited this node. The attack allows them (prior to 1411) to trace a > > > request back to its originator. > > > > > > 1411 makes this dramatically more difficult by not tracking UIDs of > > > completed requests. However, it may still be possible to do some variant > > > of this attack, and we should improve things further. > > > > ... > > > > > > Ian's solution > > > ======== > > > > > > Get rid of RejectedLoop. Always accept, never route to the same peer as > > > we've already routed that UID to, and RNF if we can't find any more nodes > > > to route to. > > > > > > I am worried about what this could do to routing. I don't think we should > > > implement it without some theoretical/simulation analysis? I can see that > > > it might improve things, but we need more than that given it could be > > > fairly significant. > > > > > > However it is the most comprehensive way to get rid of these problems, > > > and might have the least performance impact. > > > > I like this solution. It was my immediate reaction to the problem > > description. > > > > It will make local minimums harder to escape. Basically, you prevent > > duplicating an edge along a route, rather than a node. That's a much > > less powerful approach to avoiding minimums. I suspect FOAF routing > > helps a lot here, but that seems like it might be problematic from a > > security perspective as well. > > > > In general, making routing better (link length distribution, mainly) > > will make this less of an issue; local minimums are a problem that > > results when you have too few short links, which is the current > > problem with the network. > > How concrete is this view that it will improve performance? What would it > take to put it on a solid footing? Is there relevant published work? Can you > suggest how to build a simulation to compare the two approaches (say with > many-nodes-one-VM to make it easy)? > > I would be delighted to implement it ... but only if I can be fairly sure it > won't make things worse.
Okay, Evan has clarified: It will reduce performance but only slightly. I suspect it might be more than slightly on the poor topology we are likely to see on darknet. So IMHO we need more information. Having said that, 99% of the risk is gone right now... -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20120904/1e5ee743/attachment.pgp>
