On 01/04/14 18:52, Arne Babenhauserheide wrote: > Am Montag, 31. März 2014, 19:53:27 schrieb Matthew Toseland: >> Large files are divided into thousands of blocks. The blocks' locations >> are effectively random. Therefore you're bound to receive some requests > So you monitor all insert requests and when you later see a key for a file, > you know which of the blocks belonged to that file? > > Then you move a bit closer. > > And when the next time a file is inserted and the key shared, you monitor all > insert requests again. When the key is shared, you move closer. > > Then you move a bit closer. > > … and so on. > > And that’s why it only works if people publish many times. > > Is that correct? Mostly.
For a basic correlation attack, you either connect to everyone, or you already have a few suspects. You log their inserts, and check them against keys which get posted later. If a large enough proportion of the keys go over the connections you've monitored, it's likely that they inserted it. You can confirm this by adding more connections to the nodes which appear to be originating the most keys, and/or surrounding them completely. For "fast MAST", you can identify the blocks immediately, because the user is doing something foolish: - Reinserting a file to the existing key. - Inserting known content to a CHK. - Posting prolifically on FLIP, streaming apps over Freenet etc. - Downloading a big file when nobody else is. (Downloaders are generally regarded as less valuable than uploaders) For any given insert (or request), the fact that the node was routed to a particular connection location tells us something about where the originator is. Generally we can eliminate at least half the keyspace - provided that we intercept the insert (or request) before it reaches the target node, i.e. during the "high HTL" phase. So we move to the new location range, with one or many connections. Hence we get an exponential speedup. "Slow MAST" is possible where e.g. the user is posting to a forum a few times a day. To see any inserts at all the attacker will need a fairly large number of connections, but the time to find the target is only going to be a few times the time to receive the first insert, because of the exponential speedup. Random routing the first few hops doesn't help much either. For slow MAST, the attacker probably needs to connect to all nodes to start with if he wants fast results. With random routing, the originator is going to be the node which sends the most inserts ... and we can confirm the guess by surrounding it. Even if we can't connect to everyone we can get an idea where they are topologically by comparing request rates.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
