-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 31/01/14 04:51, grarpamp wrote: > I think the question is, can we do what we want to do within the > bandwidth that our target users have available to them... such as > say a 56k channel, 128k, 512k, etc. If we're using 32 of 56k for > maintenance, that may leave little left for the signal you want to > send through.
In all the large DHT deployments I'm aware of, there's a distinction between peers taking part in the DHT, i.e. holding key/value pairs, and peers using the DHT, i.e. putting and getting key/value pairs. Peers taking part in the DHT have to be reachable from the public internet, and need a certain amount of bandwidth for maintenance traffic. Peers using the DHT don't. I think it's totally plausible to imagine a DHT with 10 million peers taking part, some of them on high-bandwidth home connections, others run by organisations to ensure the reliability of their own messaging traffic; and 1 billion peers using the DHT, most of them on intermittent, low-bandwidth connections and stuck behind NAT. If there's one lesson to take from Gnutella, it's that not all peers have equal resources, and you should design your system accordingly. (If there are two lessons, the second one is not to build an auto-update mechanism into the dominant implementation... but anyway...) My concerns about using a DHT for secure messaging have nothing to do with scalability - they're all about attack resilience and privacy. When you look up a key in a DHT, you have no control over who sees your lookup, or who can potentially misdirect it. There's been some good research in this area in the last few years; I'm a bit behind with my reading, but these papers are worth checking out: http://citeseer.ist.psu.edu/viewdoc/summary?doi=10.1.1.300.6320 http://citeseer.ist.psu.edu/viewdoc/summary?doi=10.1.1.230.8639 http://citeseer.ist.psu.edu/viewdoc/summary?doi=10.1.1.308.5867 https://gnunet.org/r5n Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCAAGBQJS64fMAAoJEBEET9GfxSfM4fsIAKR8M9NyT++YAQcoxQium9Io DmMEgCYmYMG+C9RwvQscyb/3y/3z32XKNEQ2HslkpKCVFOxdl6o1J+VgnrKilm4I w3UrWF8tYEnHfxDxJMmhTUnJo710hZJPiy8DubGGGPufoUCurLZsWxUGeqJSn7Xt ntLtFrBFlfcH6LggNLRrXapoL3BeXQtHq5m7Z8RU8eIsclbtSRLWinxrJ7qdwv4e DutNjHRMcMLjrm+cDZrSseoutaX23ZogrVntr5vEYZ/vmgJi6Wup+59GrZiZcZqb dNOiudgCkyvdgvRDgBivgqxMNUQw+crFERxBT+2UgWBCD5fXNih5e6vSIG2uvPY= =LYA5 -----END PGP SIGNATURE----- _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
