On Thu, Jul 20, 2006 at 12:35:05PM +0300, Jusa Saari wrote: > On Tue, 11 Jul 2006 02:23:52 +0100, Matthew Toseland wrote: > > > Apart from the preference issue, the other obvious question with opennet > > and the new load limiting algorithm is flooding attacks. This is not > > entirely a matter of the new load limiting algorithm; there are issues > > with any load limiting algorithm and opennet. > > > > In the new load limiting algorithm, nodes may not send a request unless > > they have a token from the node which they want to send the request to. > > Tokens are effectively propagated; a new token is created when a request > > completes. The result is that load is effectively managed, hopefully. Of > > course we must create some tokens in the first place: When a new node is > > added, we allocate it a certain number of new tokens. > > > > A malicious node which wants to maximize its performance, as opposed to > > one which wants to actively attack the network, would probably do > > something like the following: > > > > Log every node it ever hears about, and attempt to connect to each node. > > Reject all requests from all connected nodes. (To conserve valuable > > upstream bandwidth! Remember most domestic connections are asymmetric). > > Exploit the newbie node's marginal trust by using all the initially > > allocated tokens to send requests. > > Constantly shift identities, in order to connect to nodes more than once. > > Constantly make announcement requests, either sending packets to known > > seednodes, or pretending to relay announcement requests from one of its > > alternate identities. > > Make establishing connections harder. For example, require that a node > making a connection solves some CPU-intensive problem. This effectively > prevents a node from constantly creating new identities. Google for hash > cash for a better explanation.
Hash cash may be a solution for incentives reversal but for it to mean anything it would have to significantly slow down connection establishment, and this would hurt real newbies, which is unacceptable. Hash cash on node identities is another option, but again it would hurt newbies. And while the above might be discouraged by hashcash, more industrial scale attacks would not be seriously discouraged because they would be able to compute hashcash more efficiently and cheaply than we could. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060722/c520d55a/attachment.pgp>
