--- Toad <[EMAIL PROTECTED]> wrote: > On Tue, Oct 28, 2003 at 11:22:02PM +0000, Toad wrote: > > I have a better attack. You are targetting a particular area of the > > keyspace. Request a long stream of random keys very close to the target > > key. They will all DNF, and reduce the pDNF in that area of each node > > the node routes the request to, until the estimator is so low that it > > tries a different node. Keep on requesting and you can effectively > > eliminate the node's ability to route requests in that region... I have > > no idea how to fight this attack :(. Anyone have any reason why it > > wouldn't work? > > Here's a start: If pLegitDNF accurately reflects the attack, we have > little to fear, because it will affect all nodes equally. Unfortunately > getting an accurate pLegitDNF that varies per key is a bit of a bastard. > Currently we use the lowest average pDNF (not per key) of those nodes in > the RT which we alchemically choose to be mature enough to matter. This > is not exactly satisfactory, of course, and to defeat this attack we > need an accurate pLegitDNF which takes the key as a parameter. We used > to use the same alchemical choice on the estimators for the key we were > routing, which would seem to solve the problem - but it turns out that > the estimators may well not have learned much in the area of the key we > are searching for, and result in an absurd estimated pDNF. We have > maturity data (total amount of influence on a given point) provided by > the NGRouting aging algorithm, but we would have to set an arbitrary > cutoff point, which we must presumably determine empirically...
Sure if a node had a good estimate of what the global pDNF was in all hashspace, it could correct for extra DNFs in an area of hashspace. It doesn't though. What it can do is record data over all it's neighbors together. If my first neighbors seems to fail a bunch in space X, I can switch back to the node I used last week. If he seems to suck, I can switch a few more times, maybe try out some newbies. Sooner or later after a couple have problems with space X, I can start to assume space X is the problem. I'm not sure you can be this smart. :-( Even if you tried to be this smart it would take a while to figuar out. You're right that the standard NG estimators won't work to detect the space Xes. If the estimator only uses a few points, there is no way it could detect 100 of these attacks. Here's another dimension to the attack: Cancer Nodes. The adversary could request things which aren't there, but wait his cancer nodes have the data. This could let him steer his nodes quickly into an area of specialization, where he could then wipe out data and move on to the next area. He could "plough" freenet, overturning perfectly good nodes, causing data to be lost. He just moves the junk requests slowly across hashspace and lets his nodes follow. Does this attack work or am I missing something? As fragile as specialization is it seems you could break it with something like this, at least in some areas. __________________________________________________________________ Gesendet von Yahoo! Mail - http://mail.yahoo.de Logos und Klingeltöne fürs Handy bei http://sms.yahoo.de _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
