Ludovic Courtès wrote: > Hello! > > Loic Dachary <l...@dachary.org> writes: > > [...] > > >> The key question, it seems, is : >> >> * given the most frequent use cases of the collaborative search software >> * given the known security issues that threaten any DHT + those >> specific to the application >> * given the existing counter measures (ECRS among others) >> => is it likely that users will be able to effectively use the software >> or will they be disrupted >> by security problems at a frequency that will be discouraging for >> most ? >> > > Then you have to choose an adversary model. I will reveal my ignorance: what is an "adversary model" ? http://en.wikipedia.org/wiki/Adversary_%28online_algorithm%29 ? > What do you expect > wrongdoers to be able to do to make the system unusable? > A user finds the answer to question Q by sending a request to the DHT node responsible for Q (the question Q is hashed into a DHT key). A malicious node may try to impersonate the node responsible for Q and return an answer that is irrelevant.
This is the first example that comes to mind. Emmanuel Benazera ( the lead of http://seeks-project.info/ ) may have others. Cheers
<<attachment: loic.vcf>>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
