From: Ivan Pustogarov <ivan.pustogarov@uni•lu>
To: Gregory Maxwell <gmaxwell@gmail•com>
Cc: Bitcoin Development <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Outbound connections rotation
Date: Mon, 18 Aug 2014 23:02:57 +0200 [thread overview]
Message-ID: <20140818210257.GB639@localhost.localdomain> (raw)
In-Reply-To: <CAAS2fgR5EEtevfKB2xKwExhtokb8naBH_PsLkJz3ZeJfeW6YFw@mail.gmail.com>
For each neighbour, a Bitcoin peer keeps the history of addresses that
it forwarded to the neighbour. If an address was already forwarded
to a neighbour it is not retransmitted again.
An attacker can make a list of potential IP addresses of clients (say
an IP range of an ISP, or listen for addresses in the Bitcoin network
before the attack). Then she periodically "spams" the network with this list and
updates the address-forward history at each Bitcoin peer.
After each "spam" round, the attacker reconnects her connections to Bitcoin peers
and thus clears the retransmission history for her connections only.
As the result, when a NAT client connects to the network and advertises its
address, the addresses will propagate to the attacker's connections only.
On Mon, Aug 18, 2014 at 01:43:44PM -0700, Gregory Maxwell wrote:
> On Mon, Aug 18, 2014 at 1:33 PM, Ivan Pustogarov <ivan.pustogarov@uni•lu> wrote:
> > The attack I'm trying to address is described here: https://www.cryptolux.org/index.php/Bitcoin
> > It was discussed here: https://bitcointalk.org/index.php?topic=632124.0
> >
> > It uses the following observation. Each NATed client connects to the Bitcoin network
> > through 8 entry peers; he also advertises his public IP address to these peers which
> > allows an attacker to make the mapping <8-entry-peers, client-IP-address>.
>
> I'm afraid I'm losing you here. The node advertises himself to
> everyone he is connected to and in/or out, those nodes pass along
> those advertisements. When I receive an advertisement from a node I
> do not know how far away the advertised peers is, presumably I can
> accurately exclude it from being 0-hops— itself—) 1 or more should be
> indistinguishable. Is there a reason that they're distinguishable that
> I'm missing?
>
> Can you explain to me how you propose to produce this mapping?
--
Ivan
next prev parent reply other threads:[~2014-08-18 21:09 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-18 16:46 Ivan Pustogarov
2014-08-18 17:19 ` Jeff Garzik
2014-08-18 17:21 ` Gregory Maxwell
2014-08-18 17:27 ` Mike Hearn
2014-08-18 17:35 ` Pieter Wuille
[not found] ` <CAPg+sBgzEMAQ03GTE2j82+K2B+Dia6T0z14ZYWsBQ8z8QSVoLg@mail.gmail.com>
[not found] ` <CAAS2fgRT8OQzUkneKwpjD15aLZDivT=hgBMTB63EjN8RBrp+RQ@mail.gmail.com>
2014-08-18 18:13 ` [Bitcoin-development] Fwd: " Gregory Maxwell
2014-08-18 18:38 ` Wladimir
2014-08-18 18:37 ` [Bitcoin-development] " Ivan Pustogarov
2014-08-18 19:37 ` Gregory Maxwell
2014-08-18 20:33 ` Ivan Pustogarov
2014-08-18 20:43 ` Gregory Maxwell
2014-08-18 21:02 ` Ivan Pustogarov [this message]
2014-08-18 23:20 ` Gregory Maxwell
2014-08-20 12:59 ` [Bitcoin-development] Proposal: PoW-based throttling of addresses (was: Outbound connections rotation) Isidor Zeuner
2014-08-20 14:41 ` Mike Hearn
2014-08-23 11:53 ` Isidor Zeuner
2014-08-23 13:03 ` Mike Hearn
2014-11-13 22:52 ` Isidor Zeuner
2014-11-18 12:06 ` Mike Hearn
2014-11-27 3:29 ` Isidor Zeuner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140818210257.GB639@localhost.localdomain \
--to=ivan.pustogarov@uni$(echo .)lu \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=gmaxwell@gmail$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox