I'm not quite certian if this attack would work at all, but we were discussing a while back that caching might be changed to a probablistic meathod (like there is a 1/3 chance your node won't cache a file). This would include the node that was inserted directly into (i.e., node at localhost). This would nulify this attack.
(NOTE: I don't know if we discussed the exact ammount of probablity for caching. 1/3 might be too high, or it may be too low. Don't take it as gosphel). ----- Original Message ----- From: Vesa Salento <[email protected]> To: <devl at freenetproject.org> Sent: Thursday, June 14, 2001 11:46 PM Subject: [freenet-devl] attack against publisher anonymity > Somehow my thoughts wandered to Freenet when I was trying to fall asleep > last night and I thought about one kind of attack against Freenet > publisher. > > The thing is that I think it's possible to find out who have inserted the > file into the Freenet. It is possible that I'm wrong since I'm not 100% > certain about how everything works, but I suppose some of you correct me > if that is the case. > > The scenario is very simple: > 1) collect information about as many nodes as possible > 2) request the file from every node using HTL 1 > 3) collect the addresses of the nodes where the request doesn't fail > 4) repeat the procedure for every file that belong together (subspace) > 5) soon you have propably one node that has more references (almost all) > than others and that is the origin node > > The attack is based on the fact that if you insert the file with HTL 15 it > goes to 15 different nodes. If someone can soon after the insert try to > request it from all the nodes the only nodes that replies are those 15 > nodes. If there are several files and they are spread around the Freenet > the only place where they all are is the node of origin. > > Ways to solve the problem: > 1) transient node: (might be incorrect) > I'm not exactly sure how transient node works, but although it might be > possible that it doesn't store the inserted file itself it is still > possible to find out the nearby nodes that has most of the files. After > that you might be able to find that origin transient node if you can get > those node owners to help you. > > 2) request the file you inserted from several nodes > If you always request your own inserted files from several nodes and > use the same nodes every time it is not easy to distinguish your node from > those. When trying this attack those other nodes propably has also all the > files so it's not easy to say that you inserted them. > > 3) modify Freenet insert method > If the insert is modified so that the file isn't added for the first few > nodes this attack is useless. For example if inserting with HTL 15 and 5 > first nodes will not cache the key it is quite impossible to trace where > the file was inserted. This can be implemented by having an extra HTL > value for inserts which tells how many nodes should only pass the file > forward. > > -- > Vesa Salento > > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://lists.freenetproject.org/mailman/listinfo/devl > > _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
