Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for IP addresses to prevent Sybil attacks #7

Open
harnen opened this issue Mar 12, 2021 · 3 comments
Open

Add support for IP addresses to prevent Sybil attacks #7

harnen opened this issue Mar 12, 2021 · 3 comments
Assignees
@harnen

Comments

@harnen
Copy link

harnen commented Mar 12, 2021

In the current version of the protocol, we distinguish only Kademlia identities. There is no limit on the number of identities an attacker can create. Even with tickets and other Sybil prevention mechanisms, the attacker has a chance to overload the network.

The high level idea is to add IP addresses to the current implementation and given an attacker a limited poll of addresses to use (and unlimited number of identities).

We were thinking to take into account the IP of the registrant and assign a modifier to the accumulated ticket time based on that. The main idea is, if there are a lot of similar IPs (say /24) already in your topic table, you assign a negative modifier to the registrant accumulated waiting time (e.g., x0.5). The more similar addresses the stronger the modifier.

This should make it impossible for an attacker to overflow a single node (unless it has thousands of IPs to use). Furthermore, it actually promotes diversity in topic tables. You probably don't want to have your topic table filled with similar IPs even without an attack. If their ISP is down, your whole topic table becomes useless.
@harnen harnen self-assigned this Mar 12, 2021
@harnen
Copy link
Author

harnen commented Mar 15, 2021

We've added support from reading IP addresses from traces gathered by Ethereum. I.e., our simulated nodes have the same IPs and IDs as real members of Ethereum DHT. However, there are still several issues to be solved:

  1. We need to find a similarity metric between 2 IP addresses. We can either use a longest common prefix length (similar to what we do with IDs) or weighted Humming distance.
  2. We need to find a way to calculate a similarity metric for a set (not just a pair) of IP addresses. This is not trivial, as it should be efficient. We could get all the pairs from the set, calculate the distances and then take an average, but this is extremely inefficient. I've found zeta diversity metric which might be a solution, but need to double-check that.
  3. Finally, we need to determine how to handle an incoming IP address. We can calculate a similarity metric for the set with and without the new IP address.If the similarity increases, then we put a penalty on the waiting time. We should probably also normalize the result to determine the size of the penalty and make sure it works the same for cases where we have 1, 10, 1000 IPs in the topic table.

@harnen
Copy link
Author

harnen commented Mar 18, 2021

One solution suggested by Sergi to solve 2. was to use entropy. That could work if we use /24 or /16 prefix, will fail to capture more subtle relations between addresses (not sure if that's relevant here).

@harnen
Copy link
Author

harnen commented Mar 26, 2021

Ethereum nodes IPs distribution from github
ips

@harnen harnen mentioned this issue Apr 3, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@harnen harnen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@harnen