📅 Original date posted:2012-01-31
📝 Original message:On Mon, Jan 30, 2012 at 7:05 PM, Gavin Andresen <gavinandresen at gmail.com> wrote:
> Given the randomness in Pieter's design, that seems extremely unlikely
> / difficult to do. Is it possible to do a back-of-the-envelope
> calculation to figure out what percentage of nodes on the network an
> attacker would have to control to have a (say) 1% chance of a
> successful Sybil attack?
The randomness prevents finely crafted attacks since an attacker can't
predict which bucket his address ends up in. I don't think it helps
against brute force attacks though. If 60% of the network's nodes are
controlled by an evil botnet, 60% of the nodes we pull out of the
address manager point to the attacker. If a client has 8 connections
to the network, a Sybil attack would succeed 1.7% of the time. At
current network size, 60% of listening nodes is 2,800; only 2-5% of a
decent botnet.
Nodes that accept incoming connections are far less vulnerable, since
the probability of success decreases exponentially with the number of
connections. 95% botnet control with 125 connections has 10^-6 chance
of success.
Perhaps we could add a command-line option for increasing the maximum
number of outbound connections. That way, nodes unable to accept
incoming connections can easily decrease their susceptibility to Sybil
attack.
> I've also been wondering if it is time to remove the IRC bootstrapping
> mechanism; it would remove a fair bit of code and we'd stop getting
> reports that various ISPs tag bitcoin as malware. When testing the
> list of built-in bootstrapping IP addresses I always connect fairly
> quickly, and the DNS seeding hosts seems to be working nicely, too.
I think it should be disabled by default one release after the new
address manager is released. That way, we're not changing too many
parts of the bootstrapping process at once.
As an aside, I can't help but wonder whether ISPs blocking IRC traffic
filters some botnets out of the IRC bootstrapping channels; keeping
them more "pure".
--
Michael
Michael Hendricks [ARCHIVE] /
npub1xs…c4k9q
2023-06-07 03:00:49
in reply to nevent1q…lpuq
Author Public Key
npub1xs2ujdur5f653rjudvugjgtsaths04mpgl86rtcnrw24w7us8hmszc4k9qPublished at
2023-06-07 03:00:49Event JSON
{
"id": "6988735c5a4cdc05ec0ece3ba3c9ad446640854d6fcede41f0afb3f17ded9214",
"pubkey": "3415c93783a275488e5c6b38892170eaef07d76147cfa1af131b95577b903df7",
"created_at": 1686106849,
"kind": 1,
"tags": [
[
"e",
"c8cd18df3a4b91b5c814c19333fbefa9dd94a17bd1f2c1fb3e3d7e42339f0dfd",
"",
"root"
],
[
"e",
"c3107a9ed7be04c75a5fd3ecf7c0c934ee90323a87ed4d044ba1c9fd4d8766ae",
"",
"reply"
],
[
"p",
"6275ce44dd9b0e0a2d7e662dfc9611cc44a10ad8cd03408f46afa778a8cec48e"
]
],
"content": "📅 Original date posted:2012-01-31\n📝 Original message:On Mon, Jan 30, 2012 at 7:05 PM, Gavin Andresen \u003cgavinandresen at gmail.com\u003e wrote:\n\u003e Given the randomness in Pieter's design, that seems extremely unlikely\n\u003e / difficult to do. Is it possible to do a back-of-the-envelope\n\u003e calculation to figure out what percentage of nodes on the network an\n\u003e attacker would have to control to have a (say) 1% chance of a\n\u003e successful Sybil attack?\n\nThe randomness prevents finely crafted attacks since an attacker can't\npredict which bucket his address ends up in. I don't think it helps\nagainst brute force attacks though. If 60% of the network's nodes are\ncontrolled by an evil botnet, 60% of the nodes we pull out of the\naddress manager point to the attacker. If a client has 8 connections\nto the network, a Sybil attack would succeed 1.7% of the time. At\ncurrent network size, 60% of listening nodes is 2,800; only 2-5% of a\ndecent botnet.\n\nNodes that accept incoming connections are far less vulnerable, since\nthe probability of success decreases exponentially with the number of\nconnections. 95% botnet control with 125 connections has 10^-6 chance\nof success.\n\nPerhaps we could add a command-line option for increasing the maximum\nnumber of outbound connections. That way, nodes unable to accept\nincoming connections can easily decrease their susceptibility to Sybil\nattack.\n\n\u003e I've also been wondering if it is time to remove the IRC bootstrapping\n\u003e mechanism; it would remove a fair bit of code and we'd stop getting\n\u003e reports that various ISPs tag bitcoin as malware. When testing the\n\u003e list of built-in bootstrapping IP addresses I always connect fairly\n\u003e quickly, and the DNS seeding hosts seems to be working nicely, too.\n\nI think it should be disabled by default one release after the new\naddress manager is released. That way, we're not changing too many\nparts of the bootstrapping process at once.\n\nAs an aside, I can't help but wonder whether ISPs blocking IRC traffic\nfilters some botnets out of the IRC bootstrapping channels; keeping\nthem more \"pure\".\n\n-- \nMichael",
"sig": "21d8c47e89689b9b37166e46a8902130b227b0b5327fa4535b8c8c67a289b7292ad17cc4a29285cfa1602ebce2c5ba9d46d4f6ce012d14eb97315aefe13b4393"
}