Thanks for the reply. I just wonder whether Eclipse Attack remains possible for aMule/eMule, because Eclipse Attack also need to dominate correct node's neighbor set, and aMule/eMule give a very strict rule for contact adding. it means firstly the attacker has to master large resources (different IP etc.) for benefits.
sincerely, -Yunzhao On Tue, Aug 26, 2008 at 3:09 AM, Thibault Cholez <[EMAIL PROTECTED]>wrote: > netbsd a écrit : > > Does anyone notices that the current version of eMule/aMule Using > > Kademlia may mitigate the Sybil Attack! > > The rules for adding new contacts: > > > =============================================================================== > > ------ From aMule 2.2.1/eMule0.49a > > > > * Kad will now enforce certain limits when adding new contacts to > > the routing table: No more than 1 KadNode per IP, 2 similar > > KadNodes (same bin) from a /24 network and at a maximum 10 > > different KadNodes from a /24 network are allowed. This is > > supposed to make routing attacks against Kad more difficult and > > resource-intensive. > > > - Looking at the code, eMule 0.49a also implements a packet > tracking and a flood protection mechanism that help mitigate the Sybil > Attack. > > > ------ From aMule 2.2.2/eMule0.49b > > > > * Kad now ignores multiple IDs pointing to one IP in routing > > request answer > > * Kad contacts will only be able to update themself in others > > routing tables if they provide the proper key (supported by > > 0.49a+ nodes) in order to make it impossible to hijack them > > * Kad uses now a three-way-handshake (or for older version a > > similar check) for new contacts, making sure they do not use a > > spoofed IP > > * Unverified contacts are not used for routing table > > > > > ===================================================================================== > > > > Any ideas? > > > > In fact, I have many ideas on these mechanisms because I am currently > studying them in my thesis. > > My first results show a great improvement of the Sybil Attack defence, > even if eclipse attacks remain possible. > > I think that this kind of "common-sense" protection is the minimum that > every P2P network should have, unless being totally unaware of the Sybil > Attack problem... Before these very last versions, KAD was really > unprotected and very easily and badly hurt with a Sybil Attack (see the > very good paper from Steiner: Exploiting KAD: possible uses and misuses > http://ccr.sigcomm.org/online/files/p65-steiner.pdf ). > > Regards, > > Thibault > > > -Yunzhao > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > p2p-hackers mailing list > > [email protected] > > http://lists.zooko.com/mailman/listinfo/p2p-hackers > > > > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers >
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
