-------- Original Message -------- Subject: A possible attack scenario for P2PSIP ? Date: Mon, 01 Jun 2009 17:34:29 +0100 From: Tien Tuan Anh Dinh <t.t.d...@cs.bham.ac.uk> To: p2p...@ietf.org, h...@cs.columbia.edu, em...@sip-communicator.org
Hi all, I've just finished reading the draft http://www.ietf.org/internet-drafts/draft-irtf-p2prg-rtc-security-01.txt It occurs to me that the following attack scenario might be possible: 1. Client A registers its location, storing a tuple of the form <id_a, location_a, expiredtime> to a peer P in the DHT overlay (P also represents all replica nodes storing the key id_a) 2. Client B searches for A's location, as a result contacts P. 3. P decides to not give B the latest A's location. It either sends a out-of-date tuple regarding A's location or says that A is not in the network. A has no way to know or enforce P to behave properly. It is a variation of the Denial of Service attack, in which the client A could be made completely unreachable to the other clients. Assume the authenticity and integrity of all the tuples, would you say that this is a probable attack? My main concern is what incentives of P in doing this, especially in this P2P-SIP setting. I think this attack depends on the incentives model that encourages clients to act as peers in the DHT overlay. I would love to hear some reasonable explanation of why P would (and would not) engage in this attack. Looking forwards to hearing your comments. Anh. _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
