Loic Dachary a écrit : > Raphael Manfredi wrote: > >> For reference purposes, the article I cited before: >> >> "Efficient DHT attack mitigation through peers' ID distribution" >> Thibault Cholez et al. >> INRIA, Jun 2010, 8th. >> >> is available at: >> >> http://hal.inria.fr/docs/00/49/05/09/PDF/HotP2P10-KAD_DHT_attack_mitigation-cholez.pdf >> >> > Hi, > > Thanks for sharing this document. Is there a reference implementation > matching the paper ? > > Cheers > > > _______________________________________________ > p2p-hackers mailing list > p2p-hackers@lists.zooko.com > http://lists.zooko.com/mailman/listinfo/p2p-hackers >
Hello Ludovic, We have done an implementation for KAD which still needs to be reviewed before being diffused (I hope it will in few weeks :)). However, the implementation done by Raphael in gtk-gnutella really sticks to the paper and can also be considered as a reference implementation. Raphael made a great summary of the paper in his previous post, I don't have much to add. The good points are that the protection does not introduce any overhead in the P2P network (at least for kademlia-based DHTs) and keeps the compatibility between clients which was an important design requirement in order to "fix" actually deployed DHTs rather than building new "secure" ones from scratch. Even then, as Raphael said, the state of the art regarding solutions against Sybil attacks is a bit disappointing when you don't want to introduce strong constraints or complex mechanisms (central / distributed certification, social networks, trust management...) to mitigate SA. Regards, Thibault _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
