On Sat, 16 Jun 2001, Timm Murray wrote: > I'm not quite certian if this attack would work at all, but we were > discussing a while back that caching might be changed to a probablistic > meathod (like there is a 1/3 chance your node won't cache a file). This > would include the node that was inserted directly into (i.e., node at > localhost). This would nulify this attack.
I think you're incorrect. The only thing that propabilistic method would solve would be that the local node wouldn't have all the files. But if without that method the local node would have had N files and some other node would have had M files (where N > M) then after that method local node would have 0,3*N and the other 0,3*M (where still 0,3*N > 0,3*M). If the local node caches the insert like any other node then there is no way some other node could have as many of the files as the local node. When the local node decides where to send the file when it is being inserted it only selects one from all known nodes and that selection means that the inserts are being spread to quite large amount of nodes. If there are x known nodes then the propability of local node having the file is P(local)=1 when other nodes have P(other)=1/x. Of course the file could get to other nodes on the list also but the propability would never come even near that P(local). > (NOTE: I don't know if we discussed the exact ammount of probablity for > caching. 1/3 might be too high, or it may be too low. Don't take it as > gosphel). The more there are files (for example on one site) the less the propability means. If the question is about one file then it has some meaning but if it is some collection of files then the amount means nothing. Vesa Salento > > Somehow my thoughts wandered to Freenet when I was trying to fall asleep > > last night and I thought about one kind of attack against Freenet > > publisher. > > > > The thing is that I think it's possible to find out who have inserted the > > file into the Freenet. It is possible that I'm wrong since I'm not 100% > > certain about how everything works, but I suppose some of you correct me > > if that is the case. > > > > The scenario is very simple: > > 1) collect information about as many nodes as possible > > 2) request the file from every node using HTL 1 > > 3) collect the addresses of the nodes where the request doesn't fail > > 4) repeat the procedure for every file that belong together (subspace) > > 5) soon you have propably one node that has more references (almost all) > > than others and that is the origin node > > > > The attack is based on the fact that if you insert the file with HTL 15 it > > goes to 15 different nodes. If someone can soon after the insert try to > > request it from all the nodes the only nodes that replies are those 15 > > nodes. If there are several files and they are spread around the Freenet > > the only place where they all are is the node of origin. > > > > Ways to solve the problem: > > 1) transient node: (might be incorrect) > > I'm not exactly sure how transient node works, but although it might be > > possible that it doesn't store the inserted file itself it is still > > possible to find out the nearby nodes that has most of the files. After > > that you might be able to find that origin transient node if you can get > > those node owners to help you. > > > > 2) request the file you inserted from several nodes > > If you always request your own inserted files from several nodes and > > use the same nodes every time it is not easy to distinguish your node from > > those. When trying this attack those other nodes propably has also all the > > files so it's not easy to say that you inserted them. > > > > 3) modify Freenet insert method > > If the insert is modified so that the file isn't added for the first few > > nodes this attack is useless. For example if inserting with HTL 15 and 5 > > first nodes will not cache the key it is quite impossible to trace where > > the file was inserted. This can be implemented by having an extra HTL > > value for inserts which tells how many nodes should only pass the file > > forward. > > > > -- > > Vesa Salento _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
