[p2p-hackers] Pirate Pay

Vijay K. Gurbani vkg at bell-labs.com
Mon May 14 10:06:34 PDT 2012 

On 05/14/2012 10:44 AM, David Barrett wrote:
> Oh interesting, so it's attacking the DHT layer in addition to the
> Torrent layer?  Clever!
>
> In the torrent layer, any individual torrent client is able to
> gradually weed out bad actors by identifying slow transfer speeds
> and/or high rates of hash mismatches.  But I'm not familiar with the
> details of the public torrent DHT -- do individual nodes have any
> protections in place to identify and ignore bad nodes?

Bittorrent DHT is based on Kademlia, and I am not an expert on
Kademlia (I will let my colleagues whose paper [2] I mentioned
earlier speak out as experts).

But, it seems to me that once the sybils have made themselves
responsible for the resource, they can selectively include good peers
but in smaller numbers so as to keep the rate of successful downloads
low.  So the point is not to completely stop downloading but to impact
it enough that a majority of downloaders fail.  A snipped from a
follow-up interview of Pirate Pay's founders appear to support this [1]:

  "We used a number of servers to make a connection to each and
  every p2p client that distributed this film. Then Pirate Pay
  sent specific traffic to confuse these clients about the real
  I.P. addresses of other clients and to make them disconnect
  from each other,b Andrei Klimenko said. bNot all the goals were
  reached. But nearly 50,000 users did not complete their downloads."

> Though I imagine the cost to wage this attack is greater than the
> benefit obtained, so the most likely (and most effective) response is
> probably "do nothing".

The analysis by Varvello and Steiner [2] indicated that 3 or 8 sybils
are enough to command an info hash.  I suspect that the cost, then,
from Pirate Pay's point of view is low and the perceived payoff high.

[1]  
http://rbth.ru/articles/2012/05/10/russian_innovators_pursue_prototype_to_prevent_piracy_15605.html
[2] http://www.moritzsteiner.de/papers/dht_traffic_localization.pdf

Thanks,

- vijay
-- 
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA)
Email: vkg@{bell-labs.com,acm.org} / vijay.gurbani at alcatel-lucent.com
Web:   http://ect.bell-labs.com/who/vkg/
_______________________________________________
p2p-hackers mailing list
p2p-hackers at lists.zooko.com
http://lists.zooko.com/mailman/listinfo/p2p-hackers

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list