On Thu, Jun 22, 2006 at 09:59:00AM +0200, Lars Juel Nielsen wrote: > On 6/22/06, Matthew Toseland <toad at amphibian.dyndns.org> wrote: > >On Wed, Jun 21, 2006 at 08:46:57PM -0400, Evan Daniel wrote: > >> On 6/21/06, Matthew Toseland <toad at amphibian.dyndns.org> wrote: > >> >Should we have a dropdown for each peer to indicate our level of trust > >> >for that node? > >> > > >> >Implicit - 100% trust, can send local requests to this node even if its > >> > our only peer. > >> >Strong - can send local requests to this node if we have at least 3 > >> > connected peers > >> >Marginal - can send local requests to this node if we have at least 5 > >> > connected peers > >> >Untrusted - don't ever send local requests to this node > >> > >> Doesn't this give the trusted nodes attack opportunities? :) > >> > >> If most of a node's requests sent to me are in one region of the > >> keyspace, except for an occasional few, then can't I assume that those > >> few are local requests sent to me because I am the best node with a > >> sufficient trust level? (ie I'm deducing that he doesn't have enough > >> connected nodes to use a different, less trusted, but better routing > >> location peer instead of me.) > >> > >> Of course, there's a tradeoff here... > > > >Well, we can play that sort of game anyway; it's called a correlation > >attack... > > And if it really bothered you that they might be able to make a more > precise guess you could just set all nodes to have the highest trust > level and it wouldn't have any different effect than it do now without > the feature.
The point is that: - The nodes we don't trust at all never get locally generated requests so can't do correlation attacks. - The nodes we trust marginally only get locally generated requests if there are many of them. If there's only one node and it's marginally trusted then we don't send any local requests, because if it knows then it can tell which of our requests are local! -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060622/4d3573b2/attachment.pgp>
