On 05/14/2012 10:44 AM, David Barrett wrote:
Oh interesting, so it's attacking the DHT layer in addition to the Torrent layer? Clever!
In the torrent layer, any individual torrent client is able to gradually weed out bad actors by identifying slow transfer speeds and/or high rates of hash mismatches. But I'm not familiar with the details of the public torrent DHT -- do individual nodes have any protections in place to identify and ignore bad nodes?
Bittorrent DHT is based on Kademlia, and I am not an expert on Kademlia (I will let my colleagues whose paper [2] I mentioned earlier speak out as experts). But, it seems to me that once the sybils have made themselves responsible for the resource, they can selectively include good peers but in smaller numbers so as to keep the rate of successful downloads low. So the point is not to completely stop downloading but to impact it enough that a majority of downloaders fail. A snipped from a follow-up interview of Pirate Pay's founders appear to support this [1]: "We used a number of servers to make a connection to each and every p2p client that distributed this film. Then Pirate Pay sent specific traffic to confuse these clients about the real I.P. addresses of other clients and to make them disconnect from each other,b Andrei Klimenko said. b Not all the goals were reached. But nearly 50,000 users did not complete their downloads."
Though I imagine the cost to wage this attack is greater than the benefit obtained, so the most likely (and most effective) response is probably "do nothing".
The analysis by Varvello and Steiner [2] indicated that 3 or 8 sybils are enough to command an info hash. I suspect that the cost, then, from Pirate Pay's point of view is low and the perceived payoff high. [1] http://rbth.ru/articles/2012/05/10/russian_innovators_pursue_prototype_to_pr... [2] http://www.moritzsteiner.de/papers/dht_traffic_localization.pdf Thanks, - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA) Email: vkg@{bell-labs.com,acm.org} / vijay.gurbani@alcatel-lucent.com Web: http://ect.bell-labs.com/who/vkg/ _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE