[chord] new auth type patch
Benjie Chen
benjie at amsterdam.lcs.mit.edu
Wed Jul 23 18:50:13 EDT 2003
> I guess you/we need to decide what kind of attacks exactly that
> we are willing to put up with, and what exactly the function of
> the signature is. I mean, if the version is not signed,
> then why bother including it at all?
for me, the version is there truely so merkle, or the keyhash manager
code, could work. that is it won't replace a new copy of the block
with an old one when it tries to maintain several replicas. if there is
an malicious node, i am not sure how you can use it to prevent attacks,
unless we start to use BFT style-download from multiple node mechanism.
in anycase, we will sign the version in the new keyhash interface. i
will include the version and nonce in the header of the signed payload.
then have the hash be the hash of the pk and nonce.
> What kind of higher level mechanism do you use? (Michael presumably
> has something for what he's doing as well...)
i use version vectors, so if you perform a stale attack, either all
of the servers must cooperate with the attacker, or else you can detect
the attack by comparing version vectors. in the former case, out-of-band
mechanism (e.g. email) is needed. this is very close to what sundr uses.
benjie
--
benjie chen
benjie at lcs.mit.edu
More information about the chord
mailing list