> My first results show a great improvement of the Sybil Attack defence, > even if eclipse attacks remain possible.
Would be great if you give us a link for that. > I think that this kind of "common-sense" protection is the minimum that > every P2P network should have, unless being totally unaware of the Sybil > Attack problem... Before these very last versions, KAD was really > unprotected and very easily and badly hurt with a Sybil Attack (see the > very good paper from Steiner: Exploiting KAD: possible uses and misuses > http://ccr.sigcomm.org/online/files/p65-steiner.pdf ). It's true, and this kind of *protection* work to a certain extends. But: 1. People seem to forget that IP addressed can be forged. 2. Multiple IDs are often related to Sybil attack, which I think the term *attack* is being abused. Sometimes, having multiple identities help balance the load in the system, e.g. Virtual Servers used in Chord' s File System (if it still exists). Or someone just happen to be running several *innocent* instances of the client in multiple Virtual Machines. Those should not be called *attacks*. 3. For me, Sybils is an effective mechanism to amplify an attack, but ones often pays less attention to define what that attack is, and whether there is a way detect and mitigate that attack first. In theory, there could be an attack so well-thought that it may damage the system just by using one peer. Anh. _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
