[mnet-devel] Grid Of Trust -- pre-design

Jim Dixon jdd at dixons.org
Wed Dec 10 13:32:11 GMT 2003 

On Tue, 9 Dec 2003, [iso-8859-1] Some Guy wrote:

> > > By the way I think I know how to make it so that a good user can avoid
> > > redoing the hash cash every period, by storing an arbitrarily large
> > > file.  This could force the advesary to either redoo all that K hash
> > > cashes every iteration or store K*<the file size>.
> > >
> > > So maybe we let that size be 10GB.  It still takes about a day to get
> > > a working ID but then you just store a 10GB file.  Every period you
> > > just have to do a quick lookup on your drive.  Of coarse the adversary
> > > could also avoid doing the hash cashes, by buying K*10GB of space.
> >
> > The adversary doesn't need K drives.  He need one drive per cell, which
> > is 2^16, about 64,000.  10G drives in this quantity would cost perhaps
> > $20 each, so K 10G drives would cost about $1,640,000.  He would also
> > need a 2 Gbps connection to the Internet.  Guesstimated price somewhere
> > over $100,000 a month.
>
> Well jeez Jim, if the adversary is actually going to run all those
> nodes that's fine by me.  There's no way of stopping him.  If you've
> got the hardware and you run a node correctly (according to your
> neighbors), you can run it.  Go for it make my day.  How do you know
> how much bandwidth he needs?

Your suggestion is that you verify a 10G drive once a month.  Doing that
takes approximately 8*10^10 bit / 30 day * 86400 s/day = 30864 bps.

> > > How much is 10PB cost?
> > >
> > > Storage has the benifit that tieing it up doesn't annoy as much.
> >
> > Your end users have to buy a 10G drive each and then dedicate 32K to
> > your constant churning of those drives.  You are going to have to fork
> > out for a million 10G drives, one for each of your users, or perhaps
> > 100,000 100G drives, plus machines, plus rack space in a colo center.
> > However you slice it, this would not be cheap.  50,000 1U PCs?  More
> > than 1,000 racks?  It has to cost _you_ more than $25 million in up-front
> > costs.
> >
> > We haven't included the 32 Gbps network cost of driving this huge
> > verification program.  I haven't been in the game for a while, but I think
> > that that load would put a severe burden on the global Internet. But many
> > ISPs would be happy to bid on the contract.  I would guess that it
> > wouldn't cost more than something in the tens of millions of dollars a
> > year for the service.
> >
> > Where does the revenue come from?
>
> Cool, so as long as the adversary doesn't have this kind of revenue we're safe!!!!

It's YOU who have to buy the 100,000 100G drives and it's YOU who have to
pay the $25M plus in up front costs.  It's YOU who has to pay tens of
millions in bandwidth cost for this by now whacky system.

This is one of the points of the paper on the Sybil attack.  It is
entirely impractical to defend a network from Sybil attacks using this
approach.  It's even worse than hashcash.

> Sure a million guys sitting home swapping pron, music and movies will
> have 10GB each they can spare.  No problem.

If they use the 10 GB then your system will presumably detect this and
drop them from the network.

> What kills me is that turn around the argument and argue the users
> have to buy some expensive ass crap and at the same time argue that
> it's so cheap for the adversary.  All that matters is the ratio.  If
> we stand and fight the good fight and we outnumber any adversary a:b
> on resources we'll win, and there will be free press/speach on the
> net.

You don't seem to get the point.  Your system requires that SOMEONE build
this extraordinary verification service.  Each user 10 GB must be matched
by 10 GB at the service.  The cost of this is going to be on the order of
tens of millions of dollars.  But you make no provision for paying for it.

You can economize on bandwidth somewhat by reading only random blocks
from this 10G one-time pad.  But it still has to be initialized and you
still have to keep your copy of it.

> If you're argueing a:b = 10:1 so be it.  Bring it on!!!  The only way
> a rights, laws, or democracy work is because the vast majority aren't
> out tring to break them.  I bet I can find 10 times more resources
> from people that want to download stuff freely than you can find to
> try to take down a specific freesite.
>
> How pessimistic are you what do you think a:b will be?

Sorry, this is just gibberish to me.  I have no idea of what point you
are trying to make.

> The network that I want will ensure that the weakest voice will be as
> strong as strongest.

Who is paying for the network?  Who is buying the hundreds of thousands
of disk drives and gigabytes of bandwidth?  How do you pay for staff?

--
Jim Dixon  jdd at dixons.org   tel +44 117 982 0786  mobile +44 797 373 7881
http://jxcl.sourceforge.net                       Java unit test coverage
http://xlattice.sourceforge.net         p2p communications infrastructure



-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
mnet-devel mailing list
mnet-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mnet-devel

More information about the Mnet-devel mailing list