[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [freehaven-dev] 2/25/2001 meeting notes
> Roger Dingledine wrote:
> > david molnar doesn't like client-picked paths.
> Why not?
* A client-picked path allows an evil client to set up a MIX.
That is, the adversary can pick a path with n-1 MIXes belonging to it
and 1 mix not. Then send something horrible through the path (e.g.
kiddie porn) and have the good MIX raided when it reaches that MIX.
The adversary is protected against retribution by the MIX because its
identity is unknown.
* Client-picked paths allow clients to selectively deny service - a client
can send many many messages through the same MIX via different paths to
load the MIX. The MIX has no idea this flooding is from the same client.
This has bad implications in a system where you CAN pick your own paths
but MOST people use a default of picking "least congested" paths.
* A client can conspire with a MIX to mark MIX packets travelling through
the network. Client-picked paths give the client complete control over
where these compromised MIXes appear in a route. Another way of putting
it is that client-picked paths give the clients the ability to purposely
fail in the protocol.
> > 5) Mixnet accountability paper. We didn't really get to this in the
> > meeting time; we'll cover it over email.
> Did you tape the meeting?
We taped part of it (the first 90 minutes). I have the tape; I don't think
I have the necessary cable. I can get that from Radio Shack sometime this
week. Unless Roger or Mike would prefer to do it.