Search Mailing List Archives
[liberationtech] CJDNS hype
Caleb James DeLisle
calebdelisle at lavabit.com
Sun Jul 14 10:25:18 PDT 2013
Thanks Eugen and Greg for mailing me about this.
The answer to ID clustering attacks is that cjdns is just really lazy,
it routes to the physically nearest node whose ip address is numerically
closer to the destination than your own (based on KAD).
Since the physical topology is friend-to-friend, the attacker is forced
to have a relatively tight cluster of nodes in physical space, they can
pollute their own neighborhood but not the whole network. Pollution of
one physical neighborhood would likely lead to them being de-peered by
their "friend" who gave them the link.
Re the recursive routing, it has two options. You can send direct to the
destination at the switch level or you can forward to any node in the
network and ask them to forward to the destination. The nodes between you
and the one you asked to forward will have no access to the IPv6 dest
address and if the one you are forwarding to us unfriendly, you use
someone else. We've considered changing this to improve scalability
but I can't figure out how to preserve this guarantee.
The most scary general attack on the idea is a node who drops 10% of the
packets sent through them. I don't know how to detect it statelessly and
they can do quite a bit of damage.
Again though the physical reality of the network comes in to play.
The nodes which carry the majority of the traffic are heavily peered core
nodes and the operators of such are unlikely to intentionally attack the
network, this is the same logic which holds BGP together despite it's
Hope that helps
On 07/14/2013 04:50 PM, Eugen Leitl wrote:
> ----- Forwarded message from Mitar <mmitar at gmail.com> -----
> Date: Sun, 14 Jul 2013 05:55:37 -0700
> From: Mitar <mmitar at gmail.com>
> To: liberationtech <liberationtech at lists.stanford.edu>
> Subject: Re: [liberationtech] CJDNS hype
> Reply-To: liberationtech <liberationtech at lists.stanford.edu>
> On Sun, Jul 14, 2013 at 5:01 AM, Ralph Holz <holz at net.in.tum.de> wrote:
>> I don't see how "no need to make a decision" should be possible. If you
>> don't know any contacts in the network, how are you supposed to trust them?
> Ideally, you shouldn't have to trust anybody. :-)
> You should be able to turn on your overlay network node, it should
> connect to the network, and you should be able to communicate with
> anybody, despite somebody trying to censor you.
> Sadly, it seems we are not yet there. Or maybe we will never be.
>> First of all, they use recursive routing instead of iterative lookups
>> (that's important to deal with the attacker on the IP level). Then they
>> use a random walk to get around a tactically acting attacker trying to
>> occupy important spots in the network, before they switch to the normal
> It seems CJDNS is using the recursive routing approach? But isn't so
> that it is enough that in the whole routing path you get only one
> adversary node and this node can black hole your packets?
More information about the liberationtech