[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[freehaven-dev] DoS attacks?



One of the ways people can attack the system is to flood it with messages
of one sort or another.
Assuming the mixnet can handle it (which is really out of my control...),
attacks I see are:

Flooding requests for trades.
Flooding requests for retrieval.
Flooding notification of change-in-trust.
Flooding requests to be a new node.

I imagine there are some others.
In some cases we can simply put a cap on the number of messages we'll
deal with from a given person (eg requests for trades). On the other
hand, in many cases (eg requests for retrieval, or requests to be a
new node) each message could have a different reply block, and there's
no way to tell if it's a bunch of different people or just one really
obnoxious person.

Further, even if we limit the number of messages we'll respond to in
a given amount of time, they still keep coming in. Nodes with low
bandwidth are vulnerable to this. This is particularly nasty because
the nodes with low bandwidth are most likely to be the ones in countries
with limited net access, which happen to also sometimes be the ones with
more liberal attitudes -- exactly the sort of nodes we want to encourage.
This leads into another attack: flooding a servnet node and seeing if
it falls off the net. This might gain them more information than they're
supposed to have...

Perhaps the real solution to this is to redesign the mixnet from the
ground up, so it has flow control ability. But we don't want to do
this.

--Roger