[p2p-hackers] aMule/eMule's solution for Sybil Attack
netbsd8 at gmail.com
Tue Aug 26 11:57:23 EDT 2008
Thanks for the reply. I just wonder whether Eclipse Attack remains possible
for aMule/eMule, because Eclipse Attack also need to dominate correct node's
neighbor set, and aMule/eMule give a very strict rule for contact adding. it
means firstly the attacker has to master large resources (different IP etc.)
On Tue, Aug 26, 2008 at 3:09 AM, Thibault Cholez
<thibault.cholez at loria.fr>wrote:
> netbsd a écrit :
> > Does anyone notices that the current version of eMule/aMule Using
> > Kademlia may mitigate the Sybil Attack!
> > The rules for adding new contacts:
> > ------ From aMule 2.2.1/eMule0.49a
> > * Kad will now enforce certain limits when adding new contacts to
> > the routing table: No more than 1 KadNode per IP, 2 similar
> > KadNodes (same bin) from a /24 network and at a maximum 10
> > different KadNodes from a /24 network are allowed. This is
> > supposed to make routing attacks against Kad more difficult and
> > resource-intensive.
> - Looking at the code, eMule 0.49a also implements a packet
> tracking and a flood protection mechanism that help mitigate the Sybil
> > ------ From aMule 2.2.2/eMule0.49b
> > * Kad now ignores multiple IDs pointing to one IP in routing
> > request answer
> > * Kad contacts will only be able to update themself in others
> > routing tables if they provide the proper key (supported by
> > 0.49a+ nodes) in order to make it impossible to hijack them
> > * Kad uses now a three-way-handshake (or for older version a
> > similar check) for new contacts, making sure they do not use a
> > spoofed IP
> > * Unverified contacts are not used for routing table
> > Any ideas?
> In fact, I have many ideas on these mechanisms because I am currently
> studying them in my thesis.
> My first results show a great improvement of the Sybil Attack defence,
> even if eclipse attacks remain possible.
> I think that this kind of "common-sense" protection is the minimum that
> every P2P network should have, unless being totally unaware of the Sybil
> Attack problem... Before these very last versions, KAD was really
> unprotected and very easily and badly hurt with a Sybil Attack (see the
> very good paper from Steiner: Exploiting KAD: possible uses and misuses
> http://ccr.sigcomm.org/online/files/p65-steiner.pdf ).
> > -Yunzhao
> > ------------------------------------------------------------------------
> > _______________________________________________
> > p2p-hackers mailing list
> > p2p-hackers at lists.zooko.com
> > http://lists.zooko.com/mailman/listinfo/p2p-hackers
> p2p-hackers mailing list
> p2p-hackers at lists.zooko.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the p2p-hackers