1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <michael@ndrix.org>) id 1RsFIv-0007jk-P8
for bitcoin-development@lists.sourceforge.net;
Tue, 31 Jan 2012 15:07:29 +0000
X-ACL-Warn:
Received: from out3-smtp.messagingengine.com ([66.111.4.27])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.76) id 1RsFIq-0008MO-CO
for bitcoin-development@lists.sourceforge.net;
Tue, 31 Jan 2012 15:07:29 +0000
Received: from compute6.internal (compute6.nyi.mail.srv.osa [10.202.2.46])
by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 1D21D221CD
for <bitcoin-development@lists.sourceforge.net>;
Tue, 31 Jan 2012 10:07:19 -0500 (EST)
Received: from frontend1.nyi.mail.srv.osa ([10.202.2.160])
by compute6.internal (MEProxy); Tue, 31 Jan 2012 10:07:19 -0500
X-Sasl-enc: N7cZTnimHtq0cTxVV/VnA35eeArGHxSEq+SmKimhxlzC 1328022438
Received: from mail-we0-f175.google.com (mail-we0-f175.google.com
[74.125.82.175])
by mail.messagingengine.com (Postfix) with ESMTPSA id C2F088E0082
for <bitcoin-development@lists.sourceforge.net>;
Tue, 31 Jan 2012 10:07:18 -0500 (EST)
Received: by werc1 with SMTP id c1so128281wer.34
for <bitcoin-development@lists.sourceforge.net>;
Tue, 31 Jan 2012 07:07:18 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.136.155 with SMTP id w27mr11407688wei.8.1328022438090;
Tue, 31 Jan 2012 07:07:18 -0800 (PST)
Received: by 10.216.180.140 with HTTP; Tue, 31 Jan 2012 07:07:16 -0800 (PST)
In-Reply-To: <CAAS2fgSAkCOg=E+JTuX5tSyrfCh7ZPLprNyqr6hRndK2YfMcug@mail.gmail.com>
References: <CAPg+sBjNTS3n8Q3XzZi5GpBL6k_-4AxRKr0BkWa=-AAVgqS=2Q@mail.gmail.com>
<CAFHuXub52Lu4T0mCWoPoCrHGhCXyLpmEpSWn32_PZPjaRGL2LQ@mail.gmail.com>
<CABsx9T0avsrL3134WaA3boG-cdx2NcgEH1mQG7Cef78ZV5UNkw@mail.gmail.com>
<CAFHuXuZ78y3nHfuKBgjO1j+bNsdnbngDee_Xii4xGhUshJqtZQ@mail.gmail.com>
<CAAS2fgSAkCOg=E+JTuX5tSyrfCh7ZPLprNyqr6hRndK2YfMcug@mail.gmail.com>
Date: Tue, 31 Jan 2012 08:07:16 -0700
Message-ID: <CAFHuXubnw1wvt8B4CaTE+ZWm3cDgD1MrHtOe=xyZ0KrHHHb2fQ@mail.gmail.com>
From: Michael Hendricks <michael@ndrix.org>
To: Gregory Maxwell <gmaxwell@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1RsFIq-0008MO-CO
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] CAddrMan: Stochastic IP address manager
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2012 15:07:29 -0000
On Tue, Jan 31, 2012 at 12:17 AM, Gregory Maxwell <gmaxwell@gmail.com> wrot=
e:
> On Mon, Jan 30, 2012 at 11:33 PM, Michael Hendricks <michael@ndrix.org> w=
rote:
>> address manager point to the attacker. =C2=A0If a client has 8 connectio=
ns
>> to the network, a Sybil attack would succeed 1.7% of the time.
>
> Meh, careful not to mixup addrman created issues with preexisting ones
> simply related to the number of connections vs the number of nodes.
> Even absent addressman someone who can spin up a large multiple of the
> current nodes as tcp forwarders to a system they control can capture
> all of a nodes outbound connections.
I think I've explained myself poorly. On my nodes, the old address
database routinely has 120k addresses. With the new address manager,
it will have 20k addresses. Filling the former with 60% evil nodes
requires 72,000 evil nodes; while the latter requires 12,000.
As I mentioned in my first post, I think the new address manager "is a
valuable improvement over what we have today". I think it should be
included in the next release.
I also think we should be aware that we're making it somewhat easier
to isolate outbound-only nodes. A single listening node can support
15 non-listening nodes (125/8). The network currently has 5
non-listening nodes for every listening node. That ratio has stayed
quite stable, so I think we have wiggle room if we wanted to allow
more outbound connections in some circumstances.
--=20
Michael
|