Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XJQpm-0000bz-Nz for bitcoin-development@lists.sourceforge.net; Mon, 18 Aug 2014 17:35:06 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.213.181 as permitted sender) client-ip=209.85.213.181; envelope-from=pieter.wuille@gmail.com; helo=mail-ig0-f181.google.com; Received: from mail-ig0-f181.google.com ([209.85.213.181]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XJQpl-0007hc-Oi for bitcoin-development@lists.sourceforge.net; Mon, 18 Aug 2014 17:35:06 +0000 Received: by mail-ig0-f181.google.com with SMTP id h3so8345731igd.14 for ; Mon, 18 Aug 2014 10:35:00 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.50.234.193 with SMTP id ug1mr482997igc.20.1408383300385; Mon, 18 Aug 2014 10:35:00 -0700 (PDT) Received: by 10.50.156.135 with HTTP; Mon, 18 Aug 2014 10:35:00 -0700 (PDT) Received: by 10.50.156.135 with HTTP; Mon, 18 Aug 2014 10:35:00 -0700 (PDT) In-Reply-To: References: <20140818164543.GB31175@localhost.localdomain> Date: Mon, 18 Aug 2014 19:35:00 +0200 Message-ID: From: Pieter Wuille To: Gregory Maxwell Content-Type: multipart/alternative; boundary=001a113489e053e1940500eaca7d X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (pieter.wuille[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XJQpl-0007hc-Oi Cc: Ivan Pustogarov , Bitcoin Dev Subject: Re: [Bitcoin-development] Outbound connections rotation X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 17:35:07 -0000 --001a113489e053e1940500eaca7d Content-Type: text/plain; charset=ISO-8859-1 Yes, I believe peer rotation is useful, but not for privacy - just for improving the network's internal knowledge. I haven't looked at the implementation yet, but how I imagined it would be every X minutes you attempt a new outgoing connection, even if you're already at the outbound limit. Then, if a connection attempt succeeds, another connection (according to some scoring system) is replaced by it. Given such a mechanism, plus reasonable assurances that better connections survive for a longer time, I have no problem with rotating every few minutes. On Aug 18, 2014 7:23 PM, "Gregory Maxwell" wrote: > On Mon, Aug 18, 2014 at 9:46 AM, Ivan Pustogarov > wrote: > > Hi there, > > I'd like to start a discussion on periodic rotation of outbound > connections. > > E.g. every 2-10 minutes an outbound connections is dropped and replaced > > by a new one. > > Connection rotation would be fine for improving a node's knoweldge > about available peers and making the network stronger against > partitioning. > > I haven't implemented this because I think your motivation is > _precisely_ opposite the behavior. If you keep a constant set of > outbound peers only those peers learn the origin of your transactions, > and so it is unlikely that any particular attacker will gain strong > evidence. If you rotate where you send out your transactions then with > very high probability a sybil pretending to be many nodes will observe > you transmitting directly. > > Ultimately, since the traffic is clear text, if you expect to have any > privacy at all in your broadcasts you should be broadcasting over tor > or i2p. > > > ------------------------------------------------------------------------------ > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --001a113489e053e1940500eaca7d Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

Yes, I believe peer rotation is useful, but not for privacy = - just for improving the network's internal knowledge.

I haven't looked at the implementation yet, but how I im= agined it would be every X minutes you attempt a new outgoing connection, e= ven if you're already at the outbound limit. Then, if a connection atte= mpt succeeds, another connection (according to some scoring system) is repl= aced by it. Given such a mechanism, plus reasonable assurances that better = connections survive for a longer time, I have no problem with rotating ever= y few minutes.

On Aug 18, 2014 7:23 PM, "Gregory Maxwell&q= uot; <gmaxwell@gmail.com> w= rote:
On Mon, Aug 18, 2014 at 9:46 AM, Ivan Pustogarov <ivan.pustogarov@uni.lu> wrote:
> Hi there,
> I'd like to start a discussion on periodic rotation of outbound co= nnections.
> E.g. every 2-10 minutes an outbound connections is dropped and replace= d
> by a new one.

Connection rotation would be fine for improving a node's knoweldge
about available peers and making the network stronger against
partitioning.

I haven't implemented this because I think your motivation is
_precisely_ opposite the behavior. If you keep a constant set of
outbound peers only those peers learn the origin of your transactions,
and so it is unlikely that any particular attacker will gain strong
evidence. If you rotate where you send out your transactions then with
very high probability a sybil pretending to be many nodes will observe
you transmitting directly.

Ultimately, since the traffic is clear text, if you expect to have any
privacy at all in your broadcasts you should be broadcasting over tor
or i2p.

---------------------------------------------------------------------------= ---
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment
--001a113489e053e1940500eaca7d--