[p2p-hackers] BitTorrent measurements / fully decentralized
systems
Jesus Cea
jcea at argo.es
Wed Dec 15 14:39:00 UTC 2004
coderman wrote:
> "One of the big advantages of BitTorrent/Suprnova is the high level of
> integrity of both the content and the meta-data due to the working of
> its global components. We have shown that only 20 moderators
> combined with numerous other volunteers solve the fake-file problem
> on BitTorrent/Suprnova. However, this comes at a price: system
> availability is hampered by the global nature of these components.
The solution is obvious: use cryptographic signatures.
I could download a torrent file from anywhere, check the signature
against the suprnova public key and be sure that:
a) The torrent was validated by suprnova.
b) The torrent was not altered in any way.
In fact, torrents could be signed by anyone. You simply check signatures
from people you trust.
No, signatures doesn't need to be integral part of the torrent file. You
can generate "detached" signatures. So no coordination neccesary between
torrent creators and signers.
So suprnova could simply publish signatures using, for example, RSS or
usenet. Or a daily signature ZIP via emule or something like that.
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea at argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
More information about the P2p-hackers
mailing list