Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1RsABv-0001Xc-UK for bitcoin-development@lists.sourceforge.net; Tue, 31 Jan 2012 09:39:55 +0000 X-ACL-Warn: Received: from adsl-99-50-120-252.dsl.pltn13.sbcglobal.net ([99.50.120.252] helo=covertinferno.org) by sog-mx-3.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1RsABn-0004Vf-V3 for bitcoin-development@lists.sourceforge.net; Tue, 31 Jan 2012 09:39:55 +0000 Received: from localhost (localhost [127.0.0.1]) by covertinferno.org (Postfix) with ESMTP id 79DEF4BC for ; Tue, 31 Jan 2012 01:21:17 -0800 (PST) X-Virus-Scanned: amavisd-new at covertinferno.org Received: from covertinferno.org ([127.0.0.1]) by localhost (covertinferno.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3oVrfFp1Cwht for ; Tue, 31 Jan 2012 01:21:14 -0800 (PST) Received: from [192.168.1.99] (ool-457edf61.dyn.optonline.net [69.126.223.97]) by covertinferno.org (Postfix) with ESMTPSA id C8837BC for ; Tue, 31 Jan 2012 01:21:13 -0800 (PST) Message-ID: <4F27B285.6060105@covertinferno.org> Date: Tue, 31 Jan 2012 04:21:09 -0500 From: Phantomcircuit User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20120116 Thunderbird/9.0 MIME-Version: 1.0 To: bitcoin-development@lists.sourceforge.net References: In-Reply-To: X-Enigmail-Version: 1.3.4 Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms050108010206070309030003" X-Spam-Score: 1.7 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS 0.7 KHOP_DYNAMIC Relay looks like a dynamic address 0.0 TO_NO_BRKTS_PCNT To: misformatted + percentage X-Headers-End: 1RsABn-0004Vf-V3 Subject: Re: [Bitcoin-development] CAddrMan: Stochastic IP address manager X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Jan 2012 09:39:56 -0000 This is a cryptographically signed message in MIME format. --------------ms050108010206070309030003 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 01/30/2012 11:33 PM, Michael Hendricks wrote: > On Mon, Jan 30, 2012 at 7:05 PM, Gavin Andresen wrote: >> Given the randomness in Pieter's design, that seems extremely unlikely= >> / difficult to do. Is it possible to do a back-of-the-envelope >> calculation to figure out what percentage of nodes on the network an >> attacker would have to control to have a (say) 1% chance of a >> successful Sybil attack? > The randomness prevents finely crafted attacks since an attacker can't > predict which bucket his address ends up in. I don't think it helps > against brute force attacks though. If 60% of the network's nodes are > controlled by an evil botnet, 60% of the nodes we pull out of the > address manager point to the attacker. If a client has 8 connections > to the network, a Sybil attack would succeed 1.7% of the time. At > current network size, 60% of listening nodes is 2,800; only 2-5% of a > decent botnet. > > Nodes that accept incoming connections are far less vulnerable, since > the probability of success decreases exponentially with the number of > connections. 95% botnet control with 125 connections has 10^-6 chance > of success. > > Perhaps we could add a command-line option for increasing the maximum > number of outbound connections. That way, nodes unable to accept > incoming connections can easily decrease their susceptibility to Sybil > attack. > >> I've also been wondering if it is time to remove the IRC bootstrapping= >> mechanism; it would remove a fair bit of code and we'd stop getting >> reports that various ISPs tag bitcoin as malware. When testing the >> list of built-in bootstrapping IP addresses I always connect fairly >> quickly, and the DNS seeding hosts seems to be working nicely, too. > I think it should be disabled by default one release after the new > address manager is released. That way, we're not changing too many > parts of the bootstrapping process at once. > > As an aside, I can't help but wonder whether ISPs blocking IRC traffic > filters some botnets out of the IRC bootstrapping channels; keeping > them more "pure". > If the number of outbound connections is increased the delay of transaction broadcast code needs to be improved to avoid a broadcast stor= m. --------------ms050108010206070309030003 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINmDCC BjQwggQcoAMCAQICASAwDQYJKoZIhvcNAQEFBQAwfTELMAkGA1UEBhMCSUwxFjAUBgNVBAoT DVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNp Z25pbmcxKTAnBgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3 MTAyNDIxMDI1NVoXDTE3MTAyNDIxMDI1NVowgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1T dGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWdu aW5nMTgwNgYDVQQDEy9TdGFydENvbSBDbGFzcyAyIFByaW1hcnkgSW50ZXJtZWRpYXRlIENs aWVudCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMsohUWcASz7GfKrpTOM KqANy9BV7V0igWdGxA8IU77L3aTxErQ+fcxtDYZ36Z6GH0YFn7fq5RADteP0AYzrCA+EQTfi 8q1+kA3m0nwtwXG94M5sIqsvs7lRP1aycBke/s5g9hJHryZ2acScnzczjBCAo7X1v5G3yw8M DP2m2RCye0KfgZ4nODerZJVzhAlOD9YejvAXZqHksw56HzElVIoYSZ3q4+RJuPXXfIoyby+Y 2m1E+YzX5iCZXBx05gk6MKAW1vaw4/v2OOLy6FZH3XHHtOkzUreG//CsFnB9+uaYSlR65cdG zTsmoIK8WH1ygoXhRBm98SD7Hf/r3FELNvUCAwEAAaOCAa0wggGpMA8GA1UdEwEB/wQFMAMB Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSuVYNv7DHKufcd+q9rMfPIHeOsuzAfBgNV HSMEGDAWgBROC+8apEBbpRdphzDKNGhD0EGu8jBmBggrBgEFBQcBAQRaMFgwJwYIKwYBBQUH MAGGG2h0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9jYTAtBggrBgEFBQcwAoYhaHR0cDovL3d3 dy5zdGFydHNzbC5jb20vc2ZzY2EuY3J0MFsGA1UdHwRUMFIwJ6AloCOGIWh0dHA6Ly93d3cu c3RhcnRzc2wuY29tL3Nmc2NhLmNybDAnoCWgI4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20v c2ZzY2EuY3JsMIGABgNVHSAEeTB3MHUGCysGAQQBgbU3AQIBMGYwLgYIKwYBBQUHAgEWImh0 dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwDQYJKoZIhvcNAQEFBQADggIBADqp Jw3I07QWke9plNBpxUxcffc7nUrIQpJHDci91DFG7fVhHRkMZ1J+BKg5UNUxIFJ2Z9B90Mic c/NXcs7kPBRdn6XGO/vPc87Y6R+cWS9Nc9+fp3Enmsm94OxOwI9wn8qnr/6o3mD4noP9Jphw UPTXwHovjavRnhUQHLfo/i2NG0XXgTHXS2Xm0kVUozXqpYpAdumMiB/vezj1QHQJDmUdPYMc p+reg9901zkyT3fDW/ivJVv6pWtkh6Pw2ytZT7mvg7YhX3V50Nv860cV11mocUVcqBLv0gcT +HBDYtbuvexNftwNQKD5193A7zN4vG7CTYkXxytSjKuXrpEatEiFPxWgb84nVj25SU5q/r1X hwby6mLhkbaXslkVtwEWT3Van49rKjlK4XrUKYYWtnfzq6aSak5u0Vpxd1rY79tWhD3EdCvO hNz/QplNa+VkIsrcp7+8ZhP1l1b2U6MaxIVteuVMD3X0vziIwr7jxYae9FZjbxlpUemqXjcC 0QaFfN7qI0JsQMALL7iGRBg7K0CoOBzECdD3fuZil5kU/LP9cr1BK31U0Uy651bFnAMMMkqh AChIbn0ei72VnbpSsrrSdF0BAGYQ8vyHae5aCg+H75dVCV33K6FuxZrf09yTz+Vx/PkdRUYk XmZz/OTfyJXsUOUXrym6KvI2rYpccSk5MIIHXDCCBkSgAwIBAgICGU4wDQYJKoZIhvcNAQEF BQAwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJT ZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENvbSBD bGFzcyAyIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTAeFw0xMTExMjUwNDQxMDFa Fw0xMzExMjUwMDMwNThaMIGfMSAwHgYDVQQNExc1NzQ1NTgtWXp6TjJUaHhXR1hXQjJ0djEL MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lz Y28xGjAYBgNVBAMTEVBhdHJpY2sgU3RyYXRlbWFuMSUwIwYJKoZIhvcNAQkBFhZwYXRyaWNr QGludGVyc2FuZ28uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WmWJIRh 1y11T5k64m9TJ+LtkBAiBVgYcSGWQT0cDVe7HBQZa/xc+4jjzmgxNg4+LmW6/5hIMit8cfed VPU4frpEQueWD3sWqNCnQyeDpMZcjNbPc75GzrLXw97evfHueRXP73rQNJ26RITK9iD7Z3KH tr3v6o5qplJvYDk6vyLxW1HKZrsNaDA6eTA1CdBpZIsFEUCOSdj0wExAVhLzMLwuU2H9zU1O poygphh5X++j9xMU0xY2YkmzhFNseBsuxBMqvoWmB0JZEY/ADv7mzWcB5m+Y0fOMjDQUloMa ApnyzNTKaoCv+VHdqPQuXC9rTHTS7VALHTdBEXUwy0lG+QIDAQABo4IDsTCCA60wCQYDVR0T BAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1Ud DgQWBBRoLB7oyPXdoBBWgH2nXZWonazDQDAfBgNVHSMEGDAWgBSuVYNv7DHKufcd+q9rMfPI HeOsuzAhBgNVHREEGjAYgRZwYXRyaWNrQGludGVyc2FuZ28uY29tMIICIQYDVR0gBIICGDCC AhQwggIQBgsrBgEEAYG1NwECAjCCAf8wLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRz c2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t L2ludGVybWVkaWF0ZS5wZGYwgfcGCCsGAQUFBwICMIHqMCcWIFN0YXJ0Q29tIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5MAMCAQEagb5UaGlzIGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNj b3JkaW5nIHRvIHRoZSBDbGFzcyAyIFZhbGlkYXRpb24gcmVxdWlyZW1lbnRzIG9mIHRoZSBT dGFydENvbSBDQSBwb2xpY3ksIHJlbGlhbmNlIG9ubHkgZm9yIHRoZSBpbnRlbmRlZCBwdXJw b3NlIGluIGNvbXBsaWFuY2Ugb2YgdGhlIHJlbHlpbmcgcGFydHkgb2JsaWdhdGlvbnMuMIGc BggrBgEFBQcCAjCBjzAnFiBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTADAgEC GmRMaWFiaWxpdHkgYW5kIHdhcnJhbnRpZXMgYXJlIGxpbWl0ZWQhIFNlZSBzZWN0aW9uICJM ZWdhbCBhbmQgTGltaXRhdGlvbnMiIG9mIHRoZSBTdGFydENvbSBDQSBwb2xpY3kuMDYGA1Ud HwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUyLWNybC5jcmwwgY4G CCsGAQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbS9z dWIvY2xhc3MyL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5zdGFydHNzbC5j b20vY2VydHMvc3ViLmNsYXNzMi5jbGllbnQuY2EuY3J0MCMGA1UdEgQcMBqGGGh0dHA6Ly93 d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQUFAAOCAQEAiEvwQnhltUzcHfcjmGhGeQ2T DO4nnyMmBGvlNcjWIjo57snQiQOqNFyfPBEM7C7oTW8W1tu5VRArL1mPRJCCIUFA06xlHyK1 2JfwuyVGnDuF9sgmGL9svANVHw7EayyANc79OO2hwm4r1TaKclSEV4O+BxHvri1YzneCo1+0 mWVqtpQM5OxuWDNIRCC0Q8f9Qi1EVMwqMuZ9iDRqpmHIxyF4DVz75qniCyOHY9SfK5GXjYlg nqgqjRPqMD3CXuC7BWE6361+JaZm56wXJwiVwHCBSYLOQoN8X+msOQYPE+pwiTn0dMNNYc+5 xj0zV0Zlv6wnR+VGikqhEslIh+SldjGCA80wggPJAgEBMIGTMIGMMQswCQYDVQQGEwJJTDEW MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlm aWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMiBQcmltYXJ5IEludGVy bWVkaWF0ZSBDbGllbnQgQ0ECAhlOMAkGBSsOAwIaBQCgggIOMBgGCSqGSIb3DQEJAzELBgkq hkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTEyMDEzMTA5MjEwOVowIwYJKoZIhvcNAQkEMRYE FJOie68Uh/4hU22owYLBPRdLXo3RMF8GCSqGSIb3DQEJDzFSMFAwCwYJYIZIAWUDBAECMAoG CCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggq hkiG9w0DAgIBKDCBpAYJKwYBBAGCNxAEMYGWMIGTMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UE ChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUg U2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMiBQcmltYXJ5IEludGVybWVkaWF0 ZSBDbGllbnQgQ0ECAhlOMIGmBgsqhkiG9w0BCRACCzGBlqCBkzCBjDELMAkGA1UEBhMCSUwx FjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRp ZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENsYXNzIDIgUHJpbWFyeSBJbnRl cm1lZGlhdGUgQ2xpZW50IENBAgIZTjANBgkqhkiG9w0BAQEFAASCAQB4kmcVcPI4gJANKKQq sQq0d8lKFu21HZLzQ/khSfwZj7BFzloTVOZD03KsogdE2V/j3neliNC8iLlqttCY6oWTpYpj hYHXtptKHLjT8NuhlUiVLGL2Z8nSsqpX2i5JOIeR9mW4tKxMLYWxYbUDqur419C25eFK4Giv lIy7NY+SZReQ9224N201Pp6m7+Wwxn17o7/XShct4ldWNVl+csjX+l8Hd14X0c1WAHs42SOi X4OlfTppSdSsRj7Dmt+gojd+3ZkXKo2iB5/Gjb2UeH3sb5Fdwld3oVzY1XE+EHPgvwNKvtQQ CcBFOw1u9f2LYv2ykzcqQvJAlku3DOoxmXoxAAAAAAAA --------------ms050108010206070309030003--