[p2p-hackers] BitTorrent measurements / fully decentralizedsystems

Adam Lydick list-p2phack at ruffledpenguin.org
Wed Dec 15 11:15:06 UTC 2004


On Wed, 2004-12-15 at 18:03 +0800, Enzo Michelangeli wrote:
<snip>

> Why not use pseudonymous digital signatures on both file content's
hash
> and metadata? The signing "moderators", self-appointed and identified
only
> by the fingerprint of their public key, could be rated by reputation,
with
> a subjective score that each user would adjust every time a
endorsement is
> found to be truthful or misleading.
> 
> Enzo

That could also be a reasonable approach. By making the trusted
authority pseudoanonymous, they become better hardened against DoS
(which is the primary difficulty with centralized systems).

However, only positive ratings tend to be useful, in such as system, as
pseudoanonymous identities are "throwaway" by design. If I'm an evil
attacker trying to raise the rating of my fake/hostile content, I'll
just discard my current identity as soon as users identify it as
hostile.

Making identities somewhat expensive to create might be an interesting
solution to this problem (eg: identity is public key + a
public-key-bound proof of work), although I worry that attackers with a
moderate amount of resources could still abuse the process. (a normal
user isn't going to leave a small network of machines running 24/7 to
generate new identities).

In the end, I think that the best solution is to default to
"untrusted/semi-trusted" and manually add authorities as you discover
them to be helpful/truthful. I find "word of mouth" to be much more
effective than any automated system when making trust decisions. (eg:
the recommendation of a knowledgable co-worker vs. Google's PageRank,
Amazon reviews, or epinions)

- Adam






More information about the P2p-hackers mailing list