That's not the point. We already intend to make HTL=0 attacks infeasible, and they go well beyond datastore probing (think social engineering with NIM forms, Frost posts; put a different KSK/SSK on each node).
The point is, you can still time it, and there's no real way to beat timing attacks in this area. On Thu, Sep 22, 2005 at 01:38:10PM +0100, Volodya Mozhenkov wrote: > Matthew Toseland wrote: > >No, but it might not cache it in the first place if it's the result of a > >local request. This is to beat the Register attack. Unfortunately it > >means that you are highly vulnerable to your immediate neighbours. It is > >possible to increase the effort needed to break your anonymity somewhat > >at the cost of performance. > > > >On Thu, Sep 22, 2005 at 10:16:02AM +0100, Volodya Mozhenkov wrote: > > > >>I have heard somewhere that in the 0.7 your node might chose not to give > >>a block that it has, in order to protect the anonymity. Is that true? If > >>so will that also apply at HTL=0? > > Well, not necessarily. Here is one way to approach the problem: > > 1. Increase the probability of a forced decreace of HTL in the range of > 15-25. > 2. Keep it the same for 5-14 > 3. Actually have a larger chance of increase of HTL between 1-5. > > Pseudocode: > > If DATAINLOCALSTORE Then Return DATA > > If HTL > 25 Then HTL = 25 > > If HTL <=25 AND HTL >=15 Then > If RANDOMNUMBER > 0.9 Then HTL = HTL-2 > Elseif RANDOMNUMBER > 0.7 Then HTL = HTL-1 > End If > > If HTL <=1 AND HTL <=5 Then > If RANDOMNUMBER > 0.9 Then HTL = HTL+2 > Elseif RANDOMNUMBER > 0.7 Then HTL = HTL+1 > End If > > Return GETDATA(HTL-1) > > :End Pseudocode > > As far as i understand it such thing already exists, i'm just saying that > if you play around with numbers you make HTL=1 attack useless (since there > is 30% chance that the request was passed to another node, and about 15% > chance that it was passed to more than one). Of course if you make the > numbers too large you risk requests going on forever (or nearly so). > > -- > > > > > === > Contact details: > Alt e-mail: k0324474 at kingston.ac.uk > ICQ: 253627744 > Frost: VolodyA! V A at r0pa7z7JA1hAf2xtTt7AKLRe+yw > pm4pigs: VolodyA! V A at cbp7LznKx9JltftFQSSc2QVKhzc,5T0rxHZ7rar4uOtnHlSY5A > Forum: ethical_anarhist on www.kingstonuniversity.org > > Please visit http://www.whengendarmesleeps.org/ > When Gendarme Sleeps - Anarchy's Zine of Poetry > > ======================== > "None of us are free until all of us are free." > ~ Mihail Bakunin > _______________________________________________ > Support mailing list > Support at freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-request at freenetproject.org?subject=unsubscribe -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/support/attachments/20050922/172d5bdb/attachment.pgp>
