Here is how to make unobtanium routing resistant against specialization probing attacks:
With each (data or insert) request a node also sends the closest key for that it knows that the recieving node declared itself the data source of. In classic routing this key would be the routing table entry that made it route the request to that particular node. However we choose the node according to the NGR algorithm first and lookup the closest key afterwards.
The other node verifies that it really is the data source of this attached key. Then it calculates the difference between this key and the requested key. Higher distance of keys means lower priority for the request. The requests with lower priority can either be queued or rejected. I prefer rejecting with a query reject message that declares overload as the reason. This allows the requesting node to forecast, that other queries with a higher distance will be rejected, too. In these cases it will skip the overloaded node.
Unfortunately this modification introduces quite some overhead: The attached key in the requests requires bandwidth. And the routing table for keeping the data sources that one otherwise would not need in NGR requires memory.
Nodes may disagree on which keys they are data source of, because the data source node has dropped the key or some other node declared it as the data source. The straight forward solution is to sign the key, when the node resets the data source to itself. But the signatures and public key crypto then introduce even more overhead.
New nodes do not know any keys of other nodes yet and may get locked out of a busy network. This can be solved by configuring the nodes that are published as seed nodes not to reset the data source to themselfs. New nodes will rarely contact them anymore after they have learned about other nodes.
-- Thomas Leske
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
