waku-org
/
specs
mirror of https://github.com/waku-org/specs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update adversarial-models.md

This commit is contained in:
Jimmy Debe 2024-06-24 20:59:42 -04:00 committed by GitHub
parent 68a3ac5330
commit 0e04d3a244
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
informational/adversarial-models.md
View File

@ -13,7 +13,7 @@ This document lists adversarial models and attack-based threats relevant in the
## Motivation and Background ## Motivation and Background
Future versions of this document will serve as a comprehensive list of adversarial models and attack based threats relevant for [Waku v2](https://rfc.vac.dev/spec/10/). Future versions of this document will serve as a comprehensive list of adversarial models and attack based threats relevant for [Waku v2](https://rfc.vac.dev/waku/standards/core/10/waku2).
The main purpose of this document is being a linkable resource for specifications that address protection as well as mitigation mechanisms within the listed models. The main purpose of this document is being a linkable resource for specifications that address protection as well as mitigation mechanisms within the listed models.
Discussing and introducing countermeasures to specific attacks in specific models is out of scope for this document. Discussing and introducing countermeasures to specific attacks in specific models is out of scope for this document.
@ -73,7 +73,7 @@ We subdivide anonymity into _receiver anonymity_ and _sender anonymity_.
#### Receiver Anonymity #### Receiver Anonymity
We define receiver anonymity as _unlinkability of users' identities and the data they receive and/or related actions_. We define receiver anonymity as _unlinkability of users' identities and the data they receive and/or related actions_.
Because each [Waku message](https://rfc.vac.dev/spec/14/) is associated with a content topic, and each receiver is interested in messages with specific content topics, Because each [Waku message](https://rfc.vac.dev/waku/standards/core/14/message) is associated with a content topic, and each receiver is interested in messages with specific content topics,
receiver anonymity in the context of Waku corresponds to _subscriber-topic unlinkability_. receiver anonymity in the context of Waku corresponds to _subscriber-topic unlinkability_.
An example for the "action" part of our receiver anonymity definition is subscribing to a specific topic. An example for the "action" part of our receiver anonymity definition is subscribing to a specific topic.
@ -175,8 +175,8 @@ An entity with this power would, in practice, also have the power of the interna
## Attack-based Threats ## Attack-based Threats
The following lists various attacks against [Waku v2](https://rfc.vac.dev/spec/10/) protocols. The following lists various attacks against [Waku v2](https://rfc.vac.dev/waku/standards/core/10/waku2) protocols.
If not specifically mentioned, the attacks refer to [Waku relay](https://rfc.vac.dev/spec/11/) and the underlying [libp2p GossipSub](https://github.com/libp2p/specs/blob/master/pubsub/gossipsub/README.md). If not specifically mentioned, the attacks refer to [Waku relay](https://rfc.vac.dev/waku/standards/core/11/relay) and the underlying [libp2p GossipSub](https://github.com/libp2p/specs/blob/master/pubsub/gossipsub/README.md).
We also list the weakest attacker model in which the attack can be successfully performed against. We also list the weakest attacker model in which the attack can be successfully performed against.
An attack is considered more powerful if it can be successfully performed in a weaker attacker model. An attack is considered more powerful if it can be successfully performed in a weaker attacker model.
@ -202,11 +202,11 @@ which in turn significantly increases the probability of attacker nodes ending u
This section lists attacks that aim at deanonymizing a message sender. This section lists attacks that aim at deanonymizing a message sender.
We assume that protocol messages are transmitted within a secure channel set up using the [Noise Protocol Framework](https://noiseprotocol.org/). We assume that protocol messages are transmitted within a secure channel set up using the [Noise Protocol Framework](https://noiseprotocol.org/).
For [Waku Relay](https://rfc.vac.dev/spec/11/) this means we only consider messages with version field `2`, For [Waku Relay](https://rfc.vac.dev/waku/standards/core/11/relay) this means we only consider messages with version field `2`,
which indicates that the payload has to be encoded using [Noise](../standards/application/noise.md). which indicates that the payload has to be encoded using [Noise](../standards/application/noise.md).
Note: The currently listed attacks are against libp2p in general. Note: The currently listed attacks are against libp2p in general.
The [data field of Waku v2 relay](https://rfc.vac.dev/spec/11/#message-fields) must be a [Waku v2 message](https://rfc.vac.dev/spec/14/). The [data field of Waku v2 relay](https://rfc.vac.dev/waku/standards/core/11/relay/#message-fields) must be a [Waku v2 message](https://rfc.vac.dev/waku/standards/core/14/message).
The attacks listed in the following do not leverage that fact. The attacks listed in the following do not leverage that fact.
#### Replay Attack #### Replay Attack
@ -217,7 +217,7 @@ Waku relay is inherently safe against replay attack,
because GossipSub nodes, and by extension Waku relay nodes, because GossipSub nodes, and by extension Waku relay nodes,
feature a `seen` cache, and only relay messages they have not seen before. feature a `seen` cache, and only relay messages they have not seen before.
Further, replay attacks will be punished by [RLN Relay](https://rfc.vac.dev/spec/17/). Further, replay attacks will be punished by [RLN Relay](https://rfc.vac.dev/waku/standards/core/17/rln-relay).
#### Observing Messages #### Observing Messages
@ -287,8 +287,8 @@ which can be learned via _graph learning_ attacks.
In a flooding attack, attackers flood the network with bogus messages. In a flooding attack, attackers flood the network with bogus messages.
Waku employs [RLN Relay](https://rfc.vac.dev/spec/17/) as the main countermeasure to flooding. Waku employs [RLN Relay](https://rfc.vac.dev/waku/standards/core/17/rln-relay) as the main countermeasure to flooding.
[SWAP](https://rfc.vac.dev/spec/18/) also helps mitigating DoS attacks. [SWAP](https://rfc.vac.dev/waku/deprecated/18/swap) also helps mitigating DoS attacks.
#### Black Hole (internal) #### Black Hole (internal)
@ -317,20 +317,20 @@ Copyright and related rights waived via [CC0](https://creativecommons.org/public
## References ## References
- [10/WAKU2](https://rfc.vac.dev/spec/10/) - [10/WAKU2](https://rfc.vac.dev/waku/standards/core/10/waku2)
- [11/WAKU2-RELAY](https://rfc.vac.dev/spec/11/) - [11/WAKU2-RELAY](https://rfc.vac.dev/waku/standards/core/11/relay)
- [libp2p GossipSub](https://github.com/libp2p/specs/blob/master/pubsub/gossipsub/README.md) - [libp2p GossipSub](https://github.com/libp2p/specs/blob/master/pubsub/gossipsub/README.md)
- [Security](https://en.wikipedia.org/wiki/Information_security) - [Security](https://en.wikipedia.org/wiki/Information_security)
- [Authentication](https://en.wikipedia.org/wiki/Authentication) - [Authentication](https://en.wikipedia.org/wiki/Authentication)
- [Anonymity Trilemma](https://freedom.cs.purdue.edu/projects/trilemma.html) - [Anonymity Trilemma](https://freedom.cs.purdue.edu/projects/trilemma.html)
- [Waku v2 message](https://rfc.vac.dev/spec/14/) - [Waku v2 message](https://rfc.vac.dev/waku/standards/core/14/message)
- [Pluggable Transports](https://www.pluggabletransports.info/about/) - [Pluggable Transports](https://www.pluggabletransports.info/about/)
- [Sybil attack](https://en.wikipedia.org/wiki/Sybil_attack) - [Sybil attack](https://en.wikipedia.org/wiki/Sybil_attack)
- [Dolev-Yao model](https://en.wikipedia.org/wiki/Dolev%E2%80%93Yao_model) - [Dolev-Yao model](https://en.wikipedia.org/wiki/Dolev%E2%80%93Yao_model)
- [Noise Protocol Framework](https://noiseprotocol.org/) - [Noise Protocol Framework](https://noiseprotocol.org/)
- [Noise](../standards/application/noise.md) - [Noise](../standards/application/noise.md)
- [17/WAKU-RLN-RELAY](https://rfc.vac.dev/spec/17/) - [17/WAKU-RLN-RELAY](https://rfc.vac.dev/waku/standards/core/17/rln-relay)
- [18/WAKU2-SWAP](https://rfc.vac.dev/spec/18/) - [18/WAKU2-SWAP](https://rfc.vac.dev/waku/deprecated/18/swap)
- [Dandelion++](https://arxiv.org/abs/1805.11060) - [Dandelion++](https://arxiv.org/abs/1805.11060)
- [On the Anonymity of Peer-To-Peer Network Anonymity Schemes Used by Cryptocurrencies](https://arxiv.org/pdf/2201.11860) - [On the Anonymity of Peer-To-Peer Network Anonymity Schemes Used by Cryptocurrencies](https://arxiv.org/pdf/2201.11860)
- [Waku Dandelion](../standards/application/dandelion.md)) - [Waku Dandelion](../standards/application/dandelion.md))