On 3/22/06, Oskar Sandberg <[EMAIL PROTECTED]> wrote: > > But you cannot discount churn from this equation - this is a distributed > P2P scenario, nobody is up 24/7. And, on the flipside, never changing > neighbors will means that once an attacker is in, he can do a lot of > damage without being replaced.
Churn rate will be specific to the application running on top of the DHT, but yes, if churn is high and *no one* stays on 24/7, my argument goes away to a large extent. > I don't think a trust system can do much at all. Because the graph in > the DHT (however you do it) prescribes at least a distribution regarding > who should be linking whom (based on ID), Nodes in kademlia do have some freedom of choice. They can certainly choose to reject adding blacklisted nodes to their own routing tables. Nodes are rejected if they are unreachable due to non-transitivity, for example. Adding other criteria for rejection is likewise okay, because the core algorithm's parallel query strategy is resilient to errors -- in the case of trust, if your closest neighbors don't trust you, then more distant neighbors certainly shouldn't either, so the fact that they don't route to you is beneficial. Of course, trust doesn't protect as well against nodes that behave kindly to all near neighbors, but maliciously to those more distant. To start to deal with that you'd need to extend from purely local trust to some sort of reputation system. Alen _______________________________________________ p2p-hackers mailing list p2p-hackers@zgp.org http://zgp.org/mailman/listinfo/p2p-hackers _______________________________________________ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences