On Wednesday, July 13, 2011 at 8:02 PM, Brandon Wiley wrote:
>
> Cool stuff. I like how the system can be automated and self-funding.
>
> With regards to bootstrapping, giving out one node at a time is not a useful defense because requests can be parallelized. [1] Moving nodes is similarly useless because the attacker can continually map the network using free parallelized requests. Therefore, requesting a node address needs to cost something. [2] Since you already have tokens, you can just make it cost a token to request a node address.
I agree with most of your points, but if we make users redeem a token to in order to access bootstrapping, they have to already have tokens, which is another bootstrapping problem in itself. Also, a determined adversary could just purchase enough tokens to perform the same attacks. Admittedly, we might make a lot of money from the censors in the process, which would be cool.
You have hit upon the two main challenges of censorship-resistant bootstrapping. Most solutions add a layer which is itself vulnerable to the same attacks and is therefore not helpful. Through recursive analysis you eventually come to the initial introduction problem, which you must solve anyway because the users must obtain the software in the first place. You therefore need an out-of-band (from the perspective of the censor) introduction channel. As long as you have such a channel, you might as well use it to do the rest of the communication necessary for bootstrapping. See for example my
Dust paper on using out-of-band channels to establish secure communication over censored channels.
The second challenge is that, given a method of introduction, the attacker can map and block the entire network easily. Therefore introductions must have a non-parallelizable cost. However, if your attacker has enough resources to pay the cost then you're out of luck. So there is an ongoing search for a resource which is sufficiently plentiful for normal users to spend for the purpose of normal introduction, but which is difficult to obtain in large amounts. Alternatives to money have been suggested such as computing power, human labor or attention, storage space, etc.. Ultimately, though, all resources are convertible to and from money. I know of no ideal solutions to this problem, but the best I've seen limit the damage the attacker can do by requiring continual expenditure of resources in order to maintain an ongoing attack.