On Feb 6, 2008, at 3:16 PM, Michael Rogers wrote: > Matthew Toseland wrote: >> The other problem with swapping - which may also be a fatal flaw, >> and may be >> another variant of the same bug - is that an attacker can send >> bogus swap >> requests, which can be catastrophic. > > Currently an attacker can wait until it sees the other node's location > and peer-locations, then reply with a location and peer-locations that > will persuade the other node to swap, right? > > I wonder if we can work out a way for the two swapping nodes to commit > to their locations and peer-locations without revealing them until the > swap has been agreed? (For example by sending the hash of the list > instead of the list?) > > An attacker could still abort the swap after agreeing, but at least it > would have to pick locations by trial and error instead of choosing > them > after seeing those of the other node. And the limit on the number of > swap requests per link would limit the amount of trial and error... > > Cheers, > Michael
I have always been leary of transmitting the location lists. It seems like we only need to transmit the locations. It would add an extra interchange, but it amounts to: Node A -> "want location 0.8? my stress weight is: 0.01" Node B (computes...) Node B <- "sure; my location was 0.81; stress weight was: 0.03" Node A (computes and may or may not agree) Node A -> Ack/Decline Node B sets it's location after receving an Ack. Node A has already set it's location if it agrees An attacker could just as easily forge the stress metro-stress computation as supplying a fake list of locations, right? Whereas with an extra interchange might require a Sybil network to maintain more state for longer. But then we loose the pretty network donut graphs :( Relatedly... I believe the way it is presently implemented (where the probability is decided twice), makes it 1/2 as likely to succeed as it should. That is to say, for the shouldSwap() method's probabilistically-disfavored-swap, both nodes must pick random()<prob; and so it is 1/2 as likely as the algorithim intends. -- Robert Hailey
