[mnet-devel] Grid Of Trust -- pre-design

Some Guy amichrisde at yahoo.de
Fri Dec 5 14:10:56 GMT 2003 

 --- Jim Dixon <jdd at dixons.org> wrote: 
> On 29 Nov 2003, Zooko O'Whielacronx wrote:
> 
> > Are you part of the GOT project, jdd?
> 
> No.  

But, you did do a damn good job in understanding what I wrote thanks Jim :-).

> The key Grid of Trust premise is that hash cash will provide a
> reasonable defense against a variety of attacks.  However, any real
> network will necessarily grow from a small number of nodes.  During that
> phase virtually anyone will have sufficient computing power to scatter
> nodes throughout the network.  If the network were ever to grow to a large
> scale, say on the order of 2^20 nodes, it would still be possible for an
> adversary with large resources to put a dummy node into each cell.  You
> don't need to be a government to do this; many universities, for example,
> have sufficient idle capacity.

Actually Jim, for a large network it becomes nearly impossible to get a dummy node in "every
cell".  Think of it this way if you've got on in 99% of the cells, only 1% of the new nodes you
boot strap will get you into a new cell.  It gets really hard after a while.  If you want I can do
some math to back this up better.

The big problem is that being a neihbor of a target cell may be enough.  Which brings the bar down
two orders of magnitude or so.

> On the other hand, it is difficult to believe that a large number of
> people could be persuaded to invest a day of computer time just to get
> into the network.  I think that most end users would not put more than
> say tens of minutes into setting up a connection.  This means that the
> primary effect of imposing this 1 CPU-day up front cost would be to keep
> the network very small, perhaps to tens of users.
> 
> In other words, imposing a high hash cash cost of joining the network
> would not keep out bad guys, but it would certainly keep out the casual
> user.  Hypothesis: the higher the hash cash cost of joining, the higher
> the percentage of bad guys in the network.
> 
> Hash cash might be useful as a defense against individuals with limited
> resources.  It is not a practical defense against serious adversaries.
> Of course, a large network might use hash cash to limit nuisance attacks.

Yes Jim I understand you adversion to hash cash.  Perhaps the remixing idea, will make it less
nessesary.  

The hash cash is there to make you pay something to the system to start with.  To pay your first
few neighbors to waste their time and test to you.  Once a relationship cost something,
excomunication hurts.  

For example if an insert hits a node and it signs for the data and then later a request hits it
and it signs that it doesn't have the data, you could "bust" that node, by telling all its
neighbors and they could then drop it from the network.  You would only have to show this proof to
a small number of nodes.  The cost of getting busted has to exceed that damage that can be done by
one bad node.

__________________________________________________________________

Gesendet von Yahoo! Mail - http://mail.yahoo.de
Logos und Klingeltöne fürs Handy bei http://sms.yahoo.de


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
mnet-devel mailing list
mnet-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mnet-devel

More information about the Mnet-devel mailing list