[p2p-hackers] Anti-censorship Proxy Networks (without the HTML this time - sorry!)
Paul Baranowski
paul at paulbaranowski.org
Mon Nov 8 07:20:53 PST 2004
First I want to thank everyone for posting such good papers on this
mailing list - it has given me lots of good reading material!
Now I have a chance to give back to the community...I've been
researching the problem of web censorship and how to design a system to
get around it. Initially I wanted to build a P2P mixnet so that the
users would also have anonymity. It turns out that due to various
attacks that it isnt possible to build a "totally decentralized" P2P
network - instead it looks more like a star where one server manages
many proxy nodes. This is one example where p2p just isnt possible (I
know, blasphemy on this mailing list!). Zooko encouraged me to write
down my findings, and this is what I came up with:
Not Too Few, Not Too Many: Enforcing Minimum Network Knowledge In
Distributed Systems
http://www.peek-a-booty.org/pbhtml/modules.php?name=Downloads&d_op=getit&lid=
12
Comments are welcome.
Abstract:
Some distributed systems require that each node know as few other nodes
as possible while still maintaining connectivity to the system. We
define this state as "minimum network knowledge". In particular, this is
a requirement for Internet censorship circumvention systems. We describe
the constraints on such systems: 1) the Sybil attack, 2) the
man-in-the-middle attack, and 3) the spidering attack. The resulting
design requirements are thus: 1) An address receiver must discover
addresses such that the network Node Arrival Rate <= Node Discovery Rate
<= Node Departure Rate, 2) There must be a single centralized trusted
address provider, 3) The address provider must uniquely identify address
receivers, and 4) The discovery mechanism must involve reverse Turing
tests (A.K.A. CAPTCHAs).
The "minimum network knowledge" requirement also puts limits on the type
of routing the network can perform. We describe a new attack, called the
Boomerang attack, where it is possible to discover all the nodes in a
network if the network uses mixnet routing. Two other well-known attacks
limit the types of routing mechanisms: the distributed denial-of-service
attack and the untraceable cracker attack. We describe three routing
mechanisms that fit within the constraints: single, double, and
triple-hop routing. Single-hop is a basic proxy setup, double-hop
routing protects the user's data from snooping proxies, and triple hop
hides proxy addresses from trusted exit nodes.
_______________________________________________
p2p-hackers mailing list
p2p-hackers at zgp.org
http://zgp.org/mailman/listinfo/p2p-hackers
_______________________________________________
Here is a web page listing P2P Conferences:
http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net
[demime 1.01d removed an attachment of type application/pgp-signature]
More information about the cypherpunks-legacy
mailing list