Latest posts of: phantomcircuit

Bitcoin Forum

May 10, 2024, 06:01:57 PM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Search

Login

Register

More

Show Posts
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 [24]

461

Bitcoin / Development & Technical Discussion / Re: Threat Analysis and Possible Mitigation of a Sybil Attack

on: March 10, 2011, 02:51:29 AM

Quote from: gavinandresen on March 09, 2011, 10:03:54 PM If I recall correctly (and I probably don't), the percentage of nodes currently on the network that are accepting incoming connections and the -maxconnections limit isn't great enough to support every node trying to make 25 outbound connections. The major merchants and exchanges should accept incoming connections, so they have many more than 8 connections. That will make them basically immune to Sybil attacks (e.g. the Faucet has 55 connections right now). I like the idea of major merchants and exchanges (also) communicating with each other over an invitation-only, trusted "backbone." That would be in addition to the mostly-randomly-connected p2p network we have now, not instead of it. I'm concerned about Sybil attacks as a denial-of-service technique (attacker "surrounds" an 8-connection node and then drops all of their transactions just because they can). Randomly disconnecting and re-connecting seems like a good approach. Detecting that you're being subjected to a Sybil attack seems like it might also be a good approach. You don't really care if you're seeing a bogus version of the block chain unless you're in the middle of confirming one or more transactions; perhaps if transaction confirmation is taking significantly longer than expected the client should find some fresh peers. I hadn't thought about the % of connectable peers, you seem to be right though, 25 * 4000 / 500 = 200, and as time goes on there will probably be fewer connectable nodes not more. All the more reason to use peer cycling instead of more connections. I agree with BlueMatt that avoiding a network that relies on large backbones to function is probably a good idea. And I dont know how you'd be able to detect that you were being attacked if an attacker simply controlled a large % of the connectible peers. (which reminds me you could actually control 75% of the current network with just 1500 ips because only about 500 peers are connectible)

462

Bitcoin / Development & Technical Discussion / Re: Threat Analysis and Possible Mitigation of a Sybil Attack

on: March 10, 2011, 02:43:18 AM

Quote from: BlueMatt on March 09, 2011, 09:22:17 PM A variation on this attack, suggested on #bitcoin-dev a couple of weeks ago, is to fill ALL nodes' incoming connection slots with your nodes so that new nodes cannot make any outbound connections (they will be rejected everywhere) unless they are to the attacker. I think this is too hard to do (quite a bit of bandwidth and you have to be very quick to fill new node's connection slots), but maybe someone could do some actual math and maybe even try it on the testnet? Heh, that was me. And actually the amount of bandwidth to pull of an attack like that is minimal (aka i could do it from my home DSL right now). A version message is 106 bytes, a verack 24 bytes, so 130 bytes for a full open connection. Set the tcp receive window to it's minimum (can be zero if you do this with raw sockets) which is 256 bytes on linux and well you can trivially hold open a practically infinite number of connections from any kind of connection.

463

Bitcoin / Development & Technical Discussion / Threat Analysis and Possible Mitigation of a Sybil Attack

on: March 09, 2011, 08:52:38 PM

There is potential for a well organized attacker to allocate a significantly number of ipv4 addresses and effectively isolate peers from the network. x = % of network by ip/port combinations attacker controls y = number of outbound connections made by the client z = % of peers attacker can isolate x^y=z An attacker who controls 75% of the network would currently be able to isolate approximately 10% of the network. Currently there are approximately 4000 nodes ( an over estimate ), currently this would require approximately 12000 unique ips. The client currently mitigates against this attack by requiring each outbound connection to be in a unique /16, however a well organized dedicated attack could potentially pull off an attack like this. To prevent a sybil attack against a (very) well organized and (very) well funded attacker with high confidence requires periodically cycling to new peers. Given that blocks are not confirmed by the client until there have been more than 6 blocks, and each block takes 10 minutes to generate, a fairly slow peer rotation could significantly mitigate against this form of attack with minimal overhead. Further the rate at which peers are cycled could be controlled by each client individually based on their confidence level requirements.

464

Bitcoin / Development & Technical Discussion / Patch For Minor issue

on: February 14, 2011, 10:53:15 PM

diff --git a/net.h b/net.h index f070816..205991f 100644 --- a/net.h +++ b/net.h @@ -16,7 +16,7 @@ inline unsigned short GetDefaultPort() { return fTestNet ? htons(18333) : htons( static const unsigned int PUBLISH_HOPS = 5; enum { - NODE_NETWORK = (1 << 0), + NODE_NETWORK = 1, };

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 [24]

Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines