[freenet-dev] Why getting rid of HTL is bad was Re: Vulnerability in inserting the manifest before finishing
Michael Rogers
m.rogers at cs.ucl.ac.uk
Fri Jan 4 00:42:01 UTC 2008
Matthew Toseland wrote:
>> We're using a reliable transport between nodes, so the only things that
>> should cause a timeout are overloaded, crashed or faulty nodes.
>
> Not true. Very long paths can also cause this.
Ah, good point.
>> The closest-location-so-far tells an attacker something about the path a
>> request has followed - among other things, it allows the attacker to
>> rule out certain nodes the request definitely hasn't passed through. But
>> how would we quantify that in terms of the size of the initiator's
>> anonymity set or the probability that a given node is the initiator, for
>> example?
>
> Well, how does the attacker rule out previous nodes?
Any node that's closer to the target than the closest-location-so-far
has never seen the request, otherwise the closest-location-so-far
wouldn't have its current value.
> How many can he rule out?
That's kind of the point: I can't work out how to quantify how much the
attacker can learn, which means it's possible that a clever attacker can
learn a lot. Whereas with a weighted coin (despite its other
disadvantages) at least we know how much the attacker can learn.
Cheers,
Michael
More information about the Devl
mailing list