[liberationtech] CJDNS hype
Ralph Holz
holz at net.in.tum.de
Sun Jul 14 05:01:57 PDT 2013
Hi,
> https://github.com/cjdelisle/cjdns/blob/master/rfcs/Whitepaper.md
>
> I would assume there would be a section on this and an analysis and
> conclusions? So that we could understand why they assume it is secure.
> Maybe I am missing something.
First of all, I am highly skeptical of anything that promises to be a
complete solution. Academic literature is full of such "proposals": new
routing, new identity, new crypto, all mixed together, all better. None
has ever seen continued development. 2-3 years ago, there were a large
number of grants given out by the NSF and EU for anything that called
itself Future Internet. That's the thing about the Future - it's not
here yet. ;)
>> — and CJDNS is at least
>> intended to be resistant to sibyl attacks under some assumptions (I
>> believe the main assumption is that you choose honest peers for your
>> transport links (and that your honest peers also do so), because it
>> isn't simply a topology blind DHT).
>
> From what I understand, it is a topology blind DHT. (Which makes me
> wonder why I see suggestions to use it for wireless mesh networks.) It
> takes Kademlia distance and then it routes to this next hop. So if I
> manage to populate the network with so many fake IDs which are so
> similar to anything people want to route over, I can black-hole all
> those packets going over me?
Advertised as ground-breaking in 2001 (Chord), the DHT topic has been
researched to death. The only DHT that ever saw wide deployment was Kad,
a variant of Kademlia. It's used for file sharing (amule). Attacks on
the DHT are numerous - see the work by Steiner, Leske, Kohen etc.
The attack you are referring to is called Eclipse, and it's distinct
from the Sybil attack, where you simply insert IDs in the network. Kad
is very vulnerable to Eclipse against data items (see Steiner, Leske).
It is much less vulnerable to Eclipse against pure routing entries, due
to the fact that entries about other nodes are so strongly distributed
across the network that some node is almost always found that still has
the information. You'd need a huge amount of fake IDs (we've done some
work on that).
Which brings us to the Sybil attack. The point here is that your network
does not conduct any access control, and anyone can register any ID,
without tangible cost. This fact already makes it impossible to prevent
the Sybil attack - any network is vulnerable, some more, some less. So
you need to route around it.
> So, web of trust is their security model for DHT? And isn't this a bit
> contrary to their idea that security should be easy and out of the
> box? So that users should just run CJDNS and should not have to make
> any security decision? Hm hm hm.
I don't see how "no need to make a decision" should be possible. If you
don't know any contacts in the network, how are you supposed to trust them?
The whole weakness of PKI revolves around this. GPG uses the Web of
Trust, which works in small "neighbourhoods", i.e. communities. X.509
introduces trusted mediators, CAs, which have turned out not to be very
trustworthy.
> And using Kademlia-based routing to prevent censorship seems a bit silly to me.
It does have some properties which can work out to your advantage, and
you can tweak it. Here's a paper about a DHT designed to work against
malicious participants:
https://gnunet.org/r5n
First of all, they use recursive routing instead of iterative lookups
(that's important to deal with the attacker on the IP level). Then they
use a random walk to get around a tactically acting attacker trying to
occupy important spots in the network, before they switch to the normal
routing.
Ralph
--
Ralph Holz
I8 - Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
Phone +49.89.289.18043
PGP: A805 D19C E23E 6BBB E0C4 86DC 520E 0C83 69B0 03EF
More information about the liberationtech
mailing list