PyBitmessage-2021-04-27/src
Peter Surda 8f5d305242 Mitigate active internal intersection attack
There was a report that by quickly asking a large number of nodes if
they have an ACK object (which the attacker knows but it is injected
into the network by the recipient of the message), it can estimate how
an object propagates through the network, and eventually pinpoint an
originating IP address of the injection, i.e. the IP address of the
message recipient.

This patch mitigates against it by stalling when asked for a nonexisting
object (so that the attacker can't spam requests), and also upon
connection before sending its own inventory list (so that reconnecting
won't help the attacker). It estimates how long a short message takes to
propagate through the network based on how many nodes are in a stream
and bases the stalling time on that. Currently that is about 15 seconds.
Initial connection delay takes into account the time that already passed
since the connection was established.

This basically gives the attacker one shot per a combination of his own
nodes and the nodes he can connect to, and thus makes the attack much
more difficult to succeed.
2016-05-02 15:00:24 +02:00
..
bitmessagecurses forgot a question mark character in a sql query 2015-03-09 02:42:28 -04:00
bitmessageqt blacklist rendering edit fix 2016-05-02 15:00:23 +02:00
bitmsghash OpenCL kernel change 2016-05-02 15:00:21 +02:00
images removed images/can-icon-24px_2.png 2013-11-01 19:28:44 -04:00
pyelliptic Typo 2016-05-02 15:00:23 +02:00
socks DNS bootstrap over Tor 2016-05-02 15:00:21 +02:00
sslkeys Opportunistic encryption with TLS (2 of 2) 2016-05-02 15:00:20 +02:00
translations fixed some spelling errors 2016-05-02 15:00:23 +02:00
addresses.py Improved logging 2016-05-02 15:00:21 +02:00
api_client.py more v4 address work. Should be done. 2013-09-18 00:04:01 -04:00
api.py TreeWidget and Addressbook editing propagation 2016-05-02 15:00:23 +02:00
bitmessagecli.py Minor changes in cli, PoW, and a couple of new api calls. 2016-05-02 15:00:17 +02:00
bitmessagemain.py Unused variable 2016-05-02 15:00:23 +02:00
build_osx.py Typo (missing) 2016-05-02 15:00:23 +02:00
class_addressGenerator.py Joining chans interface freeze 2016-05-02 15:00:22 +02:00
class_objectHashHolder.py Mitigate active internal intersection attack 2016-05-02 15:00:24 +02:00
class_objectProcessor.py Don't send ACK on subscribed chans 2016-05-02 15:00:23 +02:00
class_objectProcessorQueue.py objectProcessorQueue fixes 2016-05-02 15:00:23 +02:00
class_outgoingSynSender.py Thread names for IPv6 2016-05-02 15:00:23 +02:00
class_receiveDataThread.py Mitigate active internal intersection attack 2016-05-02 15:00:24 +02:00
class_sendDataThread.py Thread names for IPv6 2016-05-02 15:00:23 +02:00
class_singleCleaner.py Cleaner shutdown 2016-05-02 15:00:21 +02:00
class_singleListener.py Cleaner shutdown 2016-05-02 15:00:21 +02:00
class_singleWorker.py singleWorker shutdown fix 2016-05-02 15:00:23 +02:00
class_sqlThread.py Sensible default maximum difficulty 2016-05-02 15:00:22 +02:00
debug.py Improved logging 2016-05-02 15:00:21 +02:00
defaultKnownNodes.py update list of defaultKnownNodes 2015-03-09 22:33:46 -04:00
depends.py DLL path fix in frozen mode 2016-05-02 15:00:23 +02:00
helper_bitcoin.py Fixed missing arithmetic import in helper_bitcoin file 2013-06-21 12:58:36 +01:00
helper_bootstrap.py Allow bootstrap from a Tor hidden service 2016-05-02 15:00:22 +02:00
helper_generic.py private IP range checks 2016-05-02 15:00:23 +02:00
helper_inbox.py Update unread count more efficiently 2016-05-02 15:00:19 +02:00
helper_sent.py finished work on specifyTTL 2015-03-09 02:35:32 -04:00
helper_sql.py Allow SQL arguments as a list or tuple 2016-05-02 15:00:21 +02:00
helper_startup.py Typos 2016-05-02 15:00:22 +02:00
helper_threading.py Threads close better 2016-05-02 15:00:21 +02:00
highlevelcrypto.py support SHA256 signatures 2015-03-27 15:25:32 -04:00
l10n.py #708 : Use default locale encoding 2014-08-28 13:39:40 +02:00
message_data_reader.py finished work on specifyTTL 2015-03-09 02:35:32 -04:00
namecoin.py fix #474 2013-09-04 12:53:18 -04:00
openclpow.py PoW support code cleanup 2016-05-02 15:00:21 +02:00
proofofwork.py Fix cdecl/stdcall DLL detection 2016-05-02 15:00:22 +02:00
protocol.py Addresses can be configured not to send acks 2016-05-02 15:00:22 +02:00
qidenticon.py nonfunctional identicon settings-GUI 2013-09-18 17:39:45 +02:00
shared.py Cleanup lockfile on exit 2016-05-02 15:00:23 +02:00
singleton.py Cleanup lockfile on exit 2016-05-02 15:00:23 +02:00
tr.py fixed #486 2013-09-06 13:41:24 -04:00
upnp.py UPnP status bar update fix 2016-05-02 15:00:23 +02:00