On 10/17/06, Tien Tuan Anh Dinh <[EMAIL PROTECTED]> wrote:
The fact that Google architecture is distributed, but still operating in client-server model from an user perspective gets me think of another security problem with P2P (actually this is suggested by my supervisor). Imagine you are communicating with some other peers in an arbitrary P2P network. How can you be sure that you are actually talking with independent peers, but not some of many computers that are mysteriously controlled by some big guys ? Imagine one rich guy named G (not for google :)) has load of machines and he lets them join a P2P network, but these machines would secretly talks with each other to store information of their incoming connection into some database and later correlate them.
There are defenses against sybil attacks, but it is well known that once one entity can control a certain proportion of peers, most p2p networks degrade rapidly. For the scenario you outline above, then, the network degrades into, worst case, something approximating google (but with an adversary necessarily less powerful than google until saturation reaches 100% -- at which point no one is using it but the adversary). Of course, if the p2p network is designed well, it can limit what even a very well-healed adversary can learn (for example, if it uses a good onion-routing layer for source-sink anonymity, or good encryption for data security). There are lots of open problems left to tackle for any of this, yes. But those problems don't simply disappear by centralizing services. Alen _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
