Re: little RFC: Limiting who receives local requests
"Dr. Arne Babenhauserheide" writes: > - New nodes in the network will not receive any local requests, so they > will only route half as many HTL18 requests. A new node will therefore > have not only half the anonymity set against an attacker, but also > only half the cover traffic. Also the HTL18 requests that new nodes do receive will be more specific to their location, so they might be distinguishable from their local requests. Thoughts: - Initial random routing could solve that problem (see https://github.com/freenet/fred/pull/529 ), but initial random routing actually makes correlation attacks easier, because it removes the requirement to know the FOAFs to do the statistics. Knowing all the CHKs for a given file would be a more powerful attack. - Reducing the probability to decrement HTL18 could increase the cover traffic again — 75% to forward HTL18 unchanged would balance this change. To avoid increasing the average distance from senders, that might require reducing Node.canWriteDatastoreRequest to maxHTL - 1, and Node.canWriteDatastoreInsert to maxHTL - 2. - The impact is limited, because our peers route by our FOAFs, and since we’re most likely already close to their location. Best wishes, Arne -- Unpolitisch sein heißt politisch sein, ohne es zu merken. draketo.de signature.asc Description: PGP signature
little RFC: Limiting who receives local requests
Hi, I’d like to start a discussion on the local request protections by Trivuele: https://github.com/freenet/fred/pull/778 — please comment. I’ve been reviewing the patches by Trivuele, and I really like the idea of limiting who receives local requests. At the same time I’m worried, though. I see two dangers: - We have less peers we send those requests to, so high-speed nodes that actually respond to requests get better statistics. They will get a bit less than twice as many local requests than they would get otherwise. - New nodes in the network will not receive any local requests, so they will only route half as many HTL18 requests. A new node will therefore have not only half the anonymity set against an attacker, but also only half the cover traffic. Also this further centralizes routing on a core of very fast nodes. The advantage is that this change disarms the attack of regularly changing the opennet location to do superficial surveillance of many nodes. You then need to provide actual long-lived high bandwidth nodes to do any kind of surveillance against local requests. Please comment what you think. Do we need additional protections for new nodes? Best wishes, Arne -- Unpolitisch sein heißt politisch sein, ohne es zu merken. draketo.de signature.asc Description: PGP signature