mirror of https://github.com/acid-info/vac.dev.git
edit(post): ambient peer discovery (#60)
* edit(post): ambient peer discovery * test MathJax support
This commit is contained in:
parent
674452ebea
commit
25750e36e3
|
@ -12,6 +12,25 @@ image: /assets/img/waku_v2_discv5_random_walk_estimation.svg
|
||||||
discuss: https://forum.vac.dev/t/discussion-waku-v2-ambient-peer-discovery/133
|
discuss: https://forum.vac.dev/t/discussion-waku-v2-ambient-peer-discovery/133
|
||||||
---
|
---
|
||||||
|
|
||||||
|
<script type="text/javascript"
|
||||||
|
src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js?config=TeX-AMS_CHTML">
|
||||||
|
</script>
|
||||||
|
<script type="text/x-mathjax-config">
|
||||||
|
MathJax.Hub.Config({
|
||||||
|
tex2jax: {
|
||||||
|
inlineMath: [['$','$'], ['\\(','\\)']],
|
||||||
|
processEscapes: true},
|
||||||
|
jax: ["input/TeX","input/MathML","input/AsciiMath","output/CommonHTML"],
|
||||||
|
extensions: ["tex2jax.js","mml2jax.js","asciimath2jax.js","MathMenu.js","MathZoom.js","AssistiveMML.js", "[Contrib]/a11y/accessibility-menu.js"],
|
||||||
|
TeX: {
|
||||||
|
extensions: ["AMSmath.js","AMSsymbols.js","noErrors.js","noUndefined.js"],
|
||||||
|
equationNumbers: {
|
||||||
|
autoNumber: "AMS"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
</script>
|
||||||
|
|
||||||
[Waku v2](https://rfc.vac.dev/spec/10/) comprises a set of modular protocols for secure, privacy preserving communication.
|
[Waku v2](https://rfc.vac.dev/spec/10/) comprises a set of modular protocols for secure, privacy preserving communication.
|
||||||
Avoiding centralization, these protocols exchange messages over a P2P network layer.
|
Avoiding centralization, these protocols exchange messages over a P2P network layer.
|
||||||
In order to build a P2P network, participating nodes first have to discover peers within this network.
|
In order to build a P2P network, participating nodes first have to discover peers within this network.
|
||||||
|
@ -99,7 +118,7 @@ Even if discv5 discovery should not work in advent of a DoS attack, Waku v2 can
|
||||||
|
|
||||||
Discovery methods that use separate P2P networks still depend on bootstrapping,
|
Discovery methods that use separate P2P networks still depend on bootstrapping,
|
||||||
which Waku v2 does via parameters on start-up or via DNS-based discovery.
|
which Waku v2 does via parameters on start-up or via DNS-based discovery.
|
||||||
This might raise the question of why such discovery methods are beneficial?
|
This might raise the question of why such discovery methods are beneficial.
|
||||||
The answer lies in the aforementioned global view of DHTs. Without discv5 and similar methods, the bootstrap nodes are used as part of the gossipsub mesh.
|
The answer lies in the aforementioned global view of DHTs. Without discv5 and similar methods, the bootstrap nodes are used as part of the gossipsub mesh.
|
||||||
This might put heavy load on these nodes and further, might open pathways to inference attacks.
|
This might put heavy load on these nodes and further, might open pathways to inference attacks.
|
||||||
Discv5, on the other hand, uses the bootstrap nodes merely as an entry to the discovery network and can provide random sets of nodes (sampled from a global view)
|
Discv5, on the other hand, uses the bootstrap nodes merely as an entry to the discovery network and can provide random sets of nodes (sampled from a global view)
|
||||||
|
@ -160,7 +179,7 @@ $$P(W^q) = 1 - (1-p/100)^{kq} \iff q = log_{(1-p/100)^k}(1-P(W^q))$$
|
||||||
Figure 1 shows a log-log plot for $P(W^q) = 90\%$.
|
Figure 1 shows a log-log plot for $P(W^q) = 90\%$.
|
||||||
|
|
||||||
<p align="center">
|
<p align="center">
|
||||||
<img src="../assets/img/waku_v2_discv5_random_walk_estimation.svg" width="50%" />
|
<img src="../assets/img/waku_v2_discv5_random_walk_estimation.svg" width="75%" />
|
||||||
<br />
|
<br />
|
||||||
Figure 1: log-log plot showing the number of queries necessary to retrieve a Waku v2 node with a probability of 90% in relation to the Waku v2 node concentration in the network.
|
Figure 1: log-log plot showing the number of queries necessary to retrieve a Waku v2 node with a probability of 90% in relation to the Waku v2 node concentration in the network.
|
||||||
</p>
|
</p>
|
||||||
|
@ -230,7 +249,7 @@ These attacks are mainly used for denial of service (DoS),
|
||||||
but can also used as parts of more sophisticated attacks, e.g. deanonymization attacks.
|
but can also used as parts of more sophisticated attacks, e.g. deanonymization attacks.
|
||||||
A future post on this research log will cover security aspects of ambient peer discovery with a focus on privacy and anonymity.
|
A future post on this research log will cover security aspects of ambient peer discovery with a focus on privacy and anonymity.
|
||||||
|
|
||||||
#### Sybil Attack
|
*Sybil Attack*
|
||||||
|
|
||||||
The power of an attacker in a DHT is proportional to the number of controlled nodes.
|
The power of an attacker in a DHT is proportional to the number of controlled nodes.
|
||||||
Controlling nodes comes at a high resource cost and/or requires controlling a botnet via a preliminary attack.
|
Controlling nodes comes at a high resource cost and/or requires controlling a botnet via a preliminary attack.
|
||||||
|
@ -250,9 +269,9 @@ which, however, comes with a set of shortcomings, e.g. relatively high costs on
|
||||||
describes both Sybil and eclipse attacks, as well as concrete mitigation techniques employed by discv5.
|
describes both Sybil and eclipse attacks, as well as concrete mitigation techniques employed by discv5.
|
||||||
|
|
||||||
|
|
||||||
#### Eclipse Attack
|
*Eclipse Attack*
|
||||||
|
|
||||||
In an eclipse attack, nodes controlled by the attacker poison the routing tables of other nodes in way that parts of the DHT become eclipsed, i.e. invisible.
|
In an eclipse attack, nodes controlled by the attacker poison the routing tables of other nodes in a way that parts of the DHT become eclipsed, i.e. invisible.
|
||||||
When a controlled node is asked for the next step in a path,
|
When a controlled node is asked for the next step in a path,
|
||||||
it provides another controlled node as the next step,
|
it provides another controlled node as the next step,
|
||||||
effectively navigating the querying node around or away from certain areas of the DHT.
|
effectively navigating the querying node around or away from certain areas of the DHT.
|
||||||
|
|
Loading…
Reference in New Issue