summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorirungentoo <irungentoo@gmail.com>2013-07-13 10:01:19 -0400
committerirungentoo <irungentoo@gmail.com>2013-07-13 10:01:19 -0400
commit835ef0320d47372eac14bef31c979b8217d04498 (patch)
treeb04bc8974126f556faf1b16c136402e757b4d797
parent5f2fdf1b18e63f4e4c83f0fb527a76c8e93de4c8 (diff)
Added something to DHT_hardening.txt
-rw-r--r--docs/DHT_hardening.txt36
1 files changed, 36 insertions, 0 deletions
diff --git a/docs/DHT_hardening.txt b/docs/DHT_hardening.txt
index 59c6ae39..d6a6bcf2 100644
--- a/docs/DHT_hardening.txt
+++ b/docs/DHT_hardening.txt
@@ -32,3 +32,39 @@ power devices)
32Make each node test other nodes to see if they respond correctly before sending 32Make each node test other nodes to see if they respond correctly before sending
33them as part of their send nodes response. 33them as part of their send nodes response.
34... 34...
35
36
37
38=====
39
40
41
42
43<slvr> DHT_hardening.txt > create thousands of "real" nodes that do nothing but
44shit up our DHT with fake crap.
45<slvr> This can be trivially solved by only storing verifiable data in the DHT.
46<slvr> there is one attack you have not considered, which is based on the Sybil
47attack
48<slvr> I am assuming the DHT does say... a hash of a key in order to determine
49which node to store data in, similar to Kad?
50<slvr> If there happens to be a malicious node at that DHT address, they might
51actively deny storing that data.
52<slvr> This can be reduced by storing data at multiple places in the DHT
53(equidistant points in DHT address space)
54<slvr> Since DHT addresses are public keys, it is computationally infeasible for
55an attacker to actively deny all storage locations.
56<slvr> Recommended reading: S/Kademlia: A Practicable Approach Towards Secure
57Key-Based Routing -- http://doc.tm.uka.de/2007/SKademlia_2007.pdf
58<biribiri> Type: application/pdf; Size: 202KiB; Updated: 2033d 19h 32m 5s ago
59(Tue, 18 Dec 2007 13:28:18 GMT);
60<slvr> Tempering Kademlia with a Robust Identity Based System --
61http://www.di.unito.it/~ruffo/concorso/Papers/p2p08.pdf
62<biribiri> Type: application/pdf; Size: 145KiB; Updated: 1291d 23h 30m 12s ago
63(Tue, 29 Dec 2009 09:30:28 GMT);
64<slvr> Also of interest: "An Analysis of BitTorrent's Two Kademlia-Based DHTs"
65--
66http://www.tribler.org/trac/raw-attachment/wiki/AutoUpgradeToLastestVersion/
67Measurement_of_Bittorrent_DHT_performance_and_deployed_clients.pdf
68<biribiri> Type: application/pdf; charset=iso-8859-15; Size: 1.271MiB; Updated:
691669d 20h 25m 15s ago (Tue, 16 Dec 2008 12:44:08 GMT);
70