[freenet-dev] Tunnels vs premix routing was Re: Vulnerability in inserting the manifest before finishing

[Michael Rogers]

Matthew Toseland wrote:
> - The tunnel length is likely to be shorter than the routing length. So 
> P(predecessor = originator) drops from 1/routing length to 1/tunnel length - 
> say 1 in 15 down to 1 in 5.

True, the tunnels would have to be quite long. On the other hand we
don't know how much information the hop counter and
closest-location-so-far are currently revealing, so it's possible an
attacker has a better than 1 in 15 chance of identifying the initiator
during the routing phase. (For example, if the hop counter isn't MAX or
MAX-1 then the previous hop can't be the initiator, right?)

> Yes, but a clever attacker can reconstruct the topology for a few hops without 
> too much difficulty. It's messy, I haven't come up with a good algorithm yet, 
> but I haven't really tried: there should be one.

Good point, we should be pessimistic.

Cheers,
Michael