Search Mailing List Archives
[liberationtech] CJDNS hype
Caleb James DeLisle
calebdelisle at lavabit.com
Sun Jul 14 20:28:19 PDT 2013
On 07/14/2013 10:00 PM, Mitar wrote:
> On Sun, Jul 14, 2013 at 10:25 AM, Caleb James DeLisle
> <calebdelisle at lavabit.com> wrote:
>> The most scary general attack on the idea is a node who drops 10% of the
>> packets sent through them. I don't know how to detect it statelessly and
>> they can do quite a bit of damage.
> Exactly. You don't have to black hole everything, just enough to make
> the network behave badly.
If you blackhole everything then the network routes around you.
The obvious example is when a node disconnects/reboots/etc.
>> Again though the physical reality of the network comes in to play.
> A "physical reality" in your case means the tunnels between nodes, not
> necessary the real-world physical distance?
> So you have tunnels between nodes and you assume that those tunnels
> are established based on some trust?
> And you route along the tunnels? I thought that you route along the
> Kademlia distance between keys of nodes. So if my key ID is closer to
> node B than to node C, I send packet to node B. And it does not matter
> how the tunnels are setup. It seems I misunderstood something then.
> This is then quite different than Kademlia. And from whitepaper:
> "The "address space distance" between any two given addresses is
> defined as the of the result of the two addresses XOR'd against one
> another, rotated 64 bits, then interpreted as a big endian integer."
> So where does this definition of distance take into the account that
> there is trust between two addresses but no trust between some other
> two addresses?
It's similar to Virtual Ring Routing
There is a physical network and a virtual DHT, it uses the DHT to find
paths through the physical network and because the physical network is
invite-only, most of the "I'll connect 10,000 fake nodes" type attacks
just don't make sense.
You'd need a botnet to attack the network because then you could have
nodes spread out over physical space but clustered in keyspace.
More information about the liberationtech