Version 3 (modified by zzz, 8 years ago) (diff)


Comments on thesis

Sec, 4.1: Long paths might be much harder than in ref. 22, our limit is 7 hops max and there are restrictions preventing a peer in the previous and next hop. More complex long paths may be possible.

Fig. 4.2: outbound tunnel labeled as inbound

Table 5.5: What about 3-hop, which is the default for eepsites?

Sec 7 Conclusion:

1) Timetable of 0.8.4 release:

Released March 2, installed in 25% of network by ~March 4, 50% by ~March 6, 75% by ~March 14 (source ) 2) Relevant changes in 0.8.4 release:

a) Prevent tunnel-building DOS by a single source b) penalize peers more due to tunnel rejections. This did not change the time constants of the capacity formulas, just changed (a + r) to (a + 2r) in the denominator of the forumla in section A.1.

3) More changes to detect and prevent DOS are upcoming in 0.8.5 (scheduled for release the week of April 18) but these are not a complete solution. A fully distributed tunnel-building DDOS is difficult to prevent completely.