public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: [Bitcoin-development] Fwd:  Outbound connections rotation
Date: Mon, 18 Aug 2014 11:13:14 -0700	[thread overview]
Message-ID: <CAAS2fgT5-s-uukP8uTRKJ+pzwG-f9knetH44qQ78HsctG9_cZA@mail.gmail.com> (raw)
In-Reply-To: <CAAS2fgRT8OQzUkneKwpjD15aLZDivT=hgBMTB63EjN8RBrp+RQ@mail.gmail.com>

On Mon, Aug 18, 2014 at 10:30 AM, Pieter Wuille <pieter.wuille@gmail.com> wrote:
> Yes, I believe peer rotation is useful, but not for privacy - just for
> improving the network's internal knowledge.
>
> I haven't looked at the implementation yet, but how I imagined it would be
> every X minutes you attempt a new outgoing connection, even if you're
> already at the outbound limit. Then, if a connection attempt succeeds,
> another connection (according to some scoring system) is replaced by it.
> Given such a mechanism, plus reasonable assurances that better connections
> survive for a longer time, I have no problem with rotating every few
> minutes.

Previously when you and I had discussed this I'd proposed that some
number (say) four of the most long lived connections which had proven
themselves useful (e.g. by relaying blocks) be pinned up and not be
eligible for dropping. By protecting some subset of peers you
guarantee that an attacker which simply introduces a lot of nodes
cannot partition the network which existed prior to when the attack
started.

On Mon, Aug 18, 2014 at 10:27 AM, Mike Hearn <mike@plan99.net> wrote:
> I think the attack Ivan is talking about does not require sybil attacks to work though, just listening to lots of peers

I may not be understanding you. Might be a definitions thing, I'm
using the definition: A sybil attack is when a party takes on many
identities (nodes) in the network.

What ivan highlights is a bit of a tradeoff between concealing
identities and linkages.  Relaying transactions through only a single
peer ever (until that one is no longer on the network) is the best
strategy for concealing your identity (ignoring tor and what not), as
only that peer learns anything about your identity.  But it may reveal
a lot about how different transactions are linked, since people
observing that peer will observe that your transactions are
correlated.

The optimal strategy for avoiding linkages (ignoring tor, again), is
to randomly pick a different peer for each transaction and relay the
transaction only to that peer.  This can (and probably should) be
distinct from your normal network connectivity.

Probably for anti-linkage I'd suggest that a facility for that kind of
announcement should be done. If used over tor it would also protect
your identity.   Then the regular topology of the network can be
optimized for learning and partition resistance.



  parent reply	other threads:[~2014-08-18 18:13 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-08-18 16:46 [Bitcoin-development] Outbound connections rotation Ivan Pustogarov
2014-08-18 17:19 ` Jeff Garzik
2014-08-18 17:21 ` Gregory Maxwell
2014-08-18 17:27   ` Mike Hearn
2014-08-18 17:35   ` Pieter Wuille
     [not found]   ` <CAPg+sBgzEMAQ03GTE2j82+K2B+Dia6T0z14ZYWsBQ8z8QSVoLg@mail.gmail.com>
     [not found]     ` <CAAS2fgRT8OQzUkneKwpjD15aLZDivT=hgBMTB63EjN8RBrp+RQ@mail.gmail.com>
2014-08-18 18:13       ` Gregory Maxwell [this message]
2014-08-18 18:38         ` [Bitcoin-development] Fwd: " Wladimir
2014-08-18 18:37   ` [Bitcoin-development] " Ivan Pustogarov
2014-08-18 19:37     ` Gregory Maxwell
2014-08-18 20:33       ` Ivan Pustogarov
2014-08-18 20:43         ` Gregory Maxwell
2014-08-18 21:02           ` Ivan Pustogarov
2014-08-18 23:20             ` Gregory Maxwell
2014-08-20 12:59 ` [Bitcoin-development] Proposal: PoW-based throttling of addresses (was: Outbound connections rotation) Isidor Zeuner
2014-08-20 14:41   ` Mike Hearn
2014-08-23 11:53   ` Isidor Zeuner
2014-08-23 13:03     ` Mike Hearn
2014-11-13 22:52     ` Isidor Zeuner
2014-11-18 12:06       ` Mike Hearn
2014-11-27  3:29   ` Isidor Zeuner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAAS2fgT5-s-uukP8uTRKJ+pzwG-f9knetH44qQ78HsctG9_cZA@mail.gmail.com \
    --to=gmaxwell@gmail.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox