Re: [p2p-hackers] aMule/eMule's solution for Sybil Attack

Tue, 26 Aug 2008 01:09:54 -0700 

netbsd a écrit :
> Does anyone notices that the current version of eMule/aMule Using 
> Kademlia may mitigate the Sybil Attack!
> The rules for adding new contacts:
> ===============================================================================
> ------ From aMule 2.2.1/eMule0.49a
>
>     * Kad will now enforce certain limits when adding new contacts to
>       the routing table: No more than 1 KadNode per IP, 2 similar
>       KadNodes (same bin) from a /24 network and at a maximum 10
>       different KadNodes from a /24 network are allowed. This is
>       supposed to make routing attacks against Kad more difficult and
>       resource-intensive.
>
         - Looking at the code, eMule 0.49a also implements a packet 
tracking and a flood protection mechanism that help mitigate the Sybil 
Attack.

> ------ From aMule 2.2.2/eMule0.49b
>
>     * Kad now ignores multiple IDs pointing to one IP in routing
>       request answer
>     * Kad contacts will only be able to update themself in others
>       routing tables if they provide the proper key (supported by
>       0.49a+ nodes) in order to make it impossible to hijack them
>     * Kad uses now a three-way-handshake (or for older version a
>       similar check) for new contacts, making sure they do not use a
>       spoofed IP
>     * Unverified contacts are not used for routing table
>
> =====================================================================================
>
> Any ideas?
>

In fact, I have many ideas on these mechanisms because I am currently 
studying them in my thesis.

My first results show a great improvement of the Sybil Attack defence, 
even if eclipse attacks remain  possible.

I think that this kind of "common-sense" protection is the minimum that 
every P2P network should have, unless being totally unaware of the Sybil 
Attack problem... Before these very last versions, KAD was really 
unprotected and very easily and badly hurt with a Sybil Attack (see the 
very good paper from Steiner: Exploiting KAD: possible uses and misuses 
http://ccr.sigcomm.org/online/files/p65-steiner.pdf ).

Regards,

Thibault

> -Yunzhao
> ------------------------------------------------------------------------
>
> _______________________________________________
> p2p-hackers mailing list
> [email protected]
> http://lists.zooko.com/mailman/listinfo/p2p-hackers
>   

_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers

Reply via email to