[freenet-dev] FCP changes for ULPRs
Michael Rogers
m.rogers at cs.ucl.ac.uk
Thu Feb 14 14:10:08 UTC 2008
Matthew Toseland wrote:
> The datastructure implementing this is limited to 10,000 keys
> on each node (this will take up some RAM).
Hmm, so how much bandwidth does an attacker need to spend sending ULPRs
for nonexistent keys before subscriptions for real keys start getting
pushed out of the data structure, breaking up the subscription trees for
those keys?
The attacker needs to make 10,000 requests per hour to overflow a peer's
data structure... less than 3 per second. Assuming ULPRs are 1000 bytes
including overhead, an attacker with a 10 Mbps connection could affect
450 opennet peers.
"Ultra-lightweight" could actually be a disadvantage here, because if
the peers can easily handle that number of requests they won't throttle
the attacker.
Cheers,
Michael
More information about the Devl
mailing list