On 07/14/2013 10:00 PM, Mitar wrote: > Hi! > > On Sun, Jul 14, 2013 at 10:25 AM, Caleb James DeLisle > <calebdeli...@lavabit.com> wrote: >> The most scary general attack on the idea is a node who drops 10% of the >> packets sent through them. I don't know how to detect it statelessly and >> they can do quite a bit of damage. > > Exactly. You don't have to black hole everything, just enough to make > the network behave badly.
If you blackhole everything then the network routes around you. The obvious example is when a node disconnects/reboots/etc. > >> Again though the physical reality of the network comes in to play. > > A "physical reality" in your case means the tunnels between nodes, not > necessary the real-world physical distance? > > So you have tunnels between nodes and you assume that those tunnels > are established based on some trust? > > And you route along the tunnels? I thought that you route along the > Kademlia distance between keys of nodes. So if my key ID is closer to > node B than to node C, I send packet to node B. And it does not matter > how the tunnels are setup. It seems I misunderstood something then. > This is then quite different than Kademlia. And from whitepaper: > > "The "address space distance" between any two given addresses is > defined as the of the result of the two addresses XOR'd against one > another, rotated 64 bits, then interpreted as a big endian integer." > > So where does this definition of distance take into the account that > there is trust between two addresses but no trust between some other > two addresses? > It's similar to Virtual Ring Routing research.microsoft.com/pubs/75325/virtualring.pdf There is a physical network and a virtual DHT, it uses the DHT to find paths through the physical network and because the physical network is invite-only, most of the "I'll connect 10,000 fake nodes" type attacks just don't make sense. You'd need a botnet to attack the network because then you could have nodes spread out over physical space but clustered in keyspace. Thanks, Caleb > > Mitar > -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech