Search Mailing List Archives
[liberationtech] CJDNS hype
mmitar at gmail.com
Sun Jul 14 12:20:21 PDT 2013
On Sun, Jul 14, 2013 at 8:56 AM, Ralph Holz <holz at net.in.tum.de> wrote:
> I wasn't talking about the routing - I was referring to just who that
> other person might be. If you want to avoid censorship, you also need to
> be sure who you're talking to. And there is no way to achieve that
> without prior setup of trust.
Not necessary. If you (in some abstract overly network) connect to
multiple other nodes and Sybil attacks (so fake identities) in the
network are impossible, then there is a low probability that all of
those nodes would be controlled by the adversary. If you send a
request to all of them, and they repeat the same thing ... This
example might be impractical, but it is here just to show that it
might not be necessary to know your peers.
So yes, while we currently don't know how to do such a network without
being sure to who you are talking, I am wondering if there is some
proof that we will never be able to know how to do that? So is there
some inherent property which would as a consequence show that we have
to trust somebody ultimately? (Maybe we have to trust them just
partially, or just for a short periods of time, or maybe with some
probability we can get "good enough" performance.")
> Only if the route is predictable and not in some way randomised. E.g. in
> Kad every step through the routing protocol gives you a choice of nodes
> to query next. The attacker would need to make sure he occupies all of
> those hot spots. Add some random walk during the initial routing phase,
> and costs for the attacker rise a lot more.
Here, you are talking about an attacker targeting a particular route.
I have more in mind an attacker who's goal is just to be disrupting
the network enough so that people give up using it altogether. And if
I understand correctly, I just have to spawn many man IDs and some of
the routes (because of the Kademlia distance) will hit those IDs
sooner or later. Anything that hits me, I drop.
What will CJDNS have to do is to discover that anything send over one
seemingly legitimate peer (a real ID) to any (or most, or many) of
nodes behind the peer (fake nodes) is being dropped and then act in
some way. How it will discover this, good question.
More information about the liberationtech