If you compare this to the reasons behind the probabalistic HTL-1 forwarding, I think it would be better just to abandon HTL altogether, and go for a completely probabalistic approach. Each request would be forwarded with a certain probability of being sent further. This would make it impossible for any analysis of the HTL value (solving the first few hops problem), and would make it much more difficult to determine wether or not a node has specific data (solving the HTL-1 problem). A malicious node would have no say in how far a request goes.
Scott Young ----- Original Message ----- From: "Matthew Toseland" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, November 06, 2002 6:09 PM Subject: [Tech] The first few hops problem > Possible solution to the problem that you can see that a request has > been initiated on a given node: > Requests can have either HTL, or HTL|P, where P is a number between 0 > and 1 (this would be limited to a more realistic range by each node it > passed through). If request only has HTL, it is processed normally. If > request has HTL|P, there is a P chance that it is forwarded as is, and a > 1-P chance that it is turned into an HTL only request. So depending on > the value of P, which can be set at the client end, we have a variable, > random number of hops before the main HTL starts. This should greatly > reduce the vulnerability to nodes seeing that requests are at a fixed > request HTL, without needing huge packets (mixmastered first few hops), > and without greatly increasing the variance of the request time, unless > the probability is set to a very high value. The bounds are a topic of > interest, as is the possible information leak of the probability - we > probably want a limited set of probabilities available to clients, > rather than the whole range, to avoid leaking too much information that > could uniquely identify a requestor. What do people think? > -- > Matthew Toseland > [EMAIL PROTECTED] > [EMAIL PROTECTED] > Freenet/Coldstore open source hacker. > Employed full time by Freenet Project Inc. from 11/9/02 to 11/11/02. > http://freenetproject.org/ _______________________________________________ Tech mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/tech
