p2p DoS resistance and network stability (Re: Thanks, Lucky, for helping to kill gnutella)
Adam Back
adam at cypherspace.org
Fri Aug 9 21:37:30 PDT 2002
On Fri, Aug 09, 2002 at 08:25:40PM -0700, AARG!Anonymous wrote:
> Several people have objected to my point about the anti-TCPA efforts of
> Lucky and others causing harm to P2P applications like Gnutella.
The point that a number of people made is that what is said in the
article is not workable: clearly you can't ultimately exclude chosen
clients on open computers due to reverse-engineering.
(With TCPA/Palladium remote attestation you probably could so exclude
competing clients, but this wasn't what was being talked about).
The client exclusion plan is also particularly unworkable for gnutella
because some of the clients are open-source, and the protocol is (now
since original reverse engineering from nullsoft client) also open.
With closed-source implementations there is some obfuscation barrier
that can be made: Kazaa/Morpheus did succeed in frustrating competing
clients due to it's closed protocols and unpublished encryption
algorithm. At one point an open source group reverse-engineered the
encryption algorithm, and from there the contained kazaa protocols,
and built an interoperable open-source client giFT
http://gift.sourceforge.net, but then FastTrack promptly changed the
unpublished encryption algorithm to another one and then used remote
code upgrade ability to "upgrade" all of the clients.
Now the open-source group could counter-strike if they had
particularly felt motivated to. For example they could (1)
reverse-engineer the new unpublished encryption algorithm, and (2) the
remote code upgrade, and then (3) do their own forced upgrade to an
open encryption algorithm and (4) disable further forced upgrades.
(giFT instead after the "ugrade" attack from FastTrack decided to
implement their own open protocol "openFT" instead and compete. It
also includes a general bridge between different file-sharing
networks, in a somewhat gaim like way, if you are familiar with
gaim.)
> [Freenet and Mojo melt-downs/failures...] Both of these are object
> lessons in the difficulties of successful P2P networking in the face
> of arbitrary client attacks.
I grant you that making simultaneously DoS resistant, scalable and
anonymous peer-to-peer networks is a Hard Problem. Even removing the
anonymous part it's still a Hard Problem.
Note both Freenet and Mojo try to tackle the harder of those two
problems and have aspects of publisher and reader anonymity, so that
they are doing less well than Kazaa, gnutella and others is partly
because they are more ambitious and tackling a harder problem. Also
the anonymity aspect possibly makes abuse more likely -- ie the
attacker is provided as part of the system tools to obscure his own
identity in attacking the system. DoSers of Kazaa or gnutella would
likely be more easily identified which is some deterrence.
I also agree that the TCPA/Palladium attested closed world computing
model could likely more simply address some of these problems.
(Lucky slide critique in another post).
Adam
--
http://www.cypherspace.org/adam/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cypherpunks-legacy
mailing list