On Tuesday 04 Sep 2012 18:45:47 Matthew Toseland wrote:
> On Tuesday 04 Sep 2012 18:13:04 Evan Daniel wrote:
> > On Tue, Sep 4, 2012 at 12:29 PM, Matthew Toseland
> > <toad at amphibian.dyndns.org> wrote:
> > > The paper, "A Traceback Attack on Freenet" ( 
> > > http://www.ee.hawaii.edu/~dong/traceback/1569649421.pdf ) presents a new 
> > > attack which relies on being able to 1) quickly connect to a node via 
> > > announcement and 2) Query it to determine whether a given request UID has 
> > > visited this node. The attack allows them (prior to 1411) to trace a 
> > > request back to its originator.
> > >
> > > 1411 makes this dramatically more difficult by not tracking UIDs of 
> > > completed requests. However, it may still be possible to do some variant 
> > > of this attack, and we should improve things further.
> > >
> ...
> > >
> > > Ian's solution
> > > ========
> > >
> > > Get rid of RejectedLoop. Always accept, never route to the same peer as 
> > > we've already routed that UID to, and RNF if we can't find any more nodes 
> > > to route to.
> > >
> > > I am worried about what this could do to routing. I don't think we should 
> > > implement it without some theoretical/simulation analysis? I can see that 
> > > it might improve things, but we need more than that given it could be 
> > > fairly significant.
> > >
> > > However it is the most comprehensive way to get rid of these problems, 
> > > and might have the least performance impact.
> > 
> > I like this solution. It was my immediate reaction to the problem 
> > description.
> > 
> > It will make local minimums harder to escape. Basically, you prevent
> > duplicating an edge along a route, rather than a node. That's a much
> > less powerful approach to avoiding minimums. I suspect FOAF routing
> > helps a lot here, but that seems like it might be problematic from a
> > security perspective as well.
> > 
> > In general, making routing better (link length distribution, mainly)
> > will make this less of an issue; local minimums are a problem that
> > results when you have too few short links, which is the current
> > problem with the network.
> 
> How concrete is this view that it will improve performance? What would it 
> take to put it on a solid footing? Is there relevant published work? Can you 
> suggest how to build a simulation to compare the two approaches (say with 
> many-nodes-one-VM to make it easy)?
> 
> I would be delighted to implement it ... but only if I can be fairly sure it 
> won't make things worse.

Okay, Evan has clarified: It will reduce performance but only slightly. I 
suspect it might be more than slightly on the poor topology we are likely to 
see on darknet. So IMHO we need more information.

Having said that, 99% of the risk is gone right now...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: 
<https://emu.freenetproject.org/pipermail/devl/attachments/20120904/1e5ee743/attachment.pgp>

Reply via email to