Most recent edit on 2007-11-14 00:25:27 by MatthewToseland [sometimes confused with intersection attacks]
Additions:
Sometimes confused with intersection attacks.
Edited on 2007-09-11 15:03:07 by MatthewToseland [put links in]
Additions:
If you are connected to a node, you can see what requests it is making. These may be forwarded for other peers, however, if you recognize the content that is being requested, and you can connect different content together logically as part of a larger whole, for example by being all part of the same splitfile, or frost posts from the same identity, you can work out how likely it is that the content is being requested by your peer rather than one of his peers. Since we know the local network topology you may even be able to do a similar analysis to work out which node (in topological terms, which can be translated to an IP address via harvesting on opennet), the requests come from, even if it is a few hops away - but this will require a lot of data e.g. a very large splitfile, or a bunch of related splitfiles.
Deletions:
If you are connected to a node, you can see what requests it is making. These may be forwarded for other peers, however, if you recognize the content that is being requested, and you can connect different content together logically as part of a larger whole, for example by being all part of the same splitfile, or frost posts from the same identity, you can work out how likely it is that the content is being requested by your peer rather than one of his peers. Since we know the local network topology you may even be able to do a similar analysis to work out which node (in topological terms, which can be translated to an IP address via harvesting on opennet), the requests come from, even if it is a few hops away - but this will require a lot of data e.g. a very large splitfile, or a bunch of related splitfiles.
Oldest known version of this page was edited on 2007-09-11 15:02:43 by MatthewToseland [finally make a page about correlation attacks!]
Page view:
Correlation Attacks
If you are connected to a node, you can see what requests it is making. These may be forwarded for other peers, however, if you recognize the content that is being requested, and you can connect different content together logically as part of a larger whole, for example by being all part of the same
splitfile, or frost posts from the same identity, you can work out how likely it is that the content is being requested by your peer rather than one of his peers. Since we know the local network topology you may even be able to do a similar analysis to work out which node (in topological terms, which can be translated to an IP address via harvesting on opennet), the requests come from, even if it is a few hops away - but this will require a lot of data e.g. a very large splitfile, or a bunch of related splitfiles.
Countermeasures:
-
PremixRouting is the long term countermeasure to this.