On 01/11/17 01:40, Ximin Luo wrote: > After a quick web search on "epistemic attacks", the main paper I can find > [1] has the result that attacks are very strong if each node only knows about > a small fraction (n nodes) of the whole network (N nodes). > > They lay the motivation for this assumption (n << N), by describing a > discovery-based p2p network where each node "samples" (i.e. directly > contacts) a small fraction of the network. This is equating with mere > "knowledge" of a node, so that the act of "sampling" an attacker-controlled > node, gives them (or a GPA) the ability to know exactly which nodes "know" > the target node. > > The paper does not seem to consider the possibility that nodes could discover > more of the network without directly sampling every node, e.g. via gossip > with their neighbours on "which other nodes exist".
The eclipse attack is relevant here. Briefly, if you discover nodes by asking each node you know about which other nodes it knows about, an attacker who controls some fraction d/n of the nodes can control a larger fraction of your view, because honest nodes return a sample with d/n dishonest nodes on average, whereas dishonest nodes can return a set containing only dishonest nodes. If node discovery is ongoing - for example, if you replace nodes in your view that have gone offline by discovering more nodes - then the attacker can eventually control your whole view. (This is from memory and may be inaccurate, it's been a long time since I read the paper.) https://www.eecs.harvard.edu/~mema/courses/cs264/papers/eclipse-infocom06.pdf Cheers, Michael
0x9FC527CC.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
