Re: [Din] I-D: The R5N Distributed Hash Table
Leandro Navarro Moldes <leandro.navarro@upc.edu> Sat, 17 September 2022 12:22 UTC
Return-Path: <leandro.navarro@upc.edu>
X-Original-To: din@ietfa.amsl.com
Delivered-To: din@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B3EAC14F72B for <din@ietfa.amsl.com>; Sat, 17 Sep 2022 05:22:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BO5onGHtQoKI for <din@ietfa.amsl.com>; Sat, 17 Sep 2022 05:22:49 -0700 (PDT)
Received: from dash.upc.es (dash.upc.es [147.83.2.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54B06C14F736 for <din@irtf.org>; Sat, 17 Sep 2022 05:22:48 -0700 (PDT)
Received: from ackerman3.upc.es (ackerman3.upc.es [147.83.2.253]) by dash.upc.es (8.14.4/8.14.4/Debian-4.1ubuntu1.1) with ESMTP id 28HCMhWt015293 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-GCM-SHA256 bits=128 verify=OK); Sat, 17 Sep 2022 14:22:43 +0200
Received: from smtpclient.apple (gw-8-vpn-i.ac.upc.es [147.83.35.85]) (authenticated bits=0) by ackerman3.upc.es (8.15.2/8.15.2/Debian-10) with ESMTPSA id 28HCMgTu063215 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Sat, 17 Sep 2022 14:22:42 +0200
From: Leandro Navarro Moldes <leandro.navarro@upc.edu>
Content-Type: multipart/alternative; boundary="Apple-Mail=_5DD13E9B-E888-4064-9476-B0A73A350EF1"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Date: Sat, 17 Sep 2022 14:22:41 +0200
References: <FEA8D5F6-AB8F-47F8-B511-7587CCD5F0EB@posteo.de> <25a166db-b191-f73e-9e3d-3bf67f8346ee@huitema.net> <B9D1D493-64A5-4249-B64E-0AE988A33204@posteo.de> <d63ab5c3-9812-a4ac-2bc2-d379cc99301d@huitema.net>
To: din@irtf.org, "Schanzenbach, Martin" <mschanzenbach@posteo.de>
In-Reply-To: <d63ab5c3-9812-a4ac-2bc2-d379cc99301d@huitema.net>
Message-Id: <9FE83819-681B-409E-8706-7B780EB1BD5D@upc.edu>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
X-Greylist: ACL matched, not delayed by milter-greylist-4.3.9 (dash.upc.es [147.83.2.50]); Sat, 17 Sep 2022 14:22:44 +0200 (CEST)
X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.5.11 (ackerman3.upc.es [147.83.2.253]); Sat, 17 Sep 2022 14:22:43 +0200 (CEST)
X-Scanned-By: MIMEDefang 2.83 on 147.83.2.253
X-Virus-Scanned: clamav-milter 0.103.6 at dash
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/din/BYvJaIjSgNwW7Uq9fxG2FGjCghU>
Subject: Re: [Din] I-D: The R5N Distributed Hash Table
X-BeenThere: din@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of distributed Internet Infrastructure approaches, aspects such as Service Federation, and underlying technologies" <din.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/din>, <mailto:din-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/din/>
List-Post: <mailto:din@irtf.org>
List-Help: <mailto:din-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/din>, <mailto:din-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Sep 2022 12:22:54 -0000
Hi, Regarding locality in DHTs, there is “CoralCDN" (regions/clusters grouped by latency if I remember well). You can find several papers here: https://www.cs.princeton.edu/~mfreed/publications/ It was implemented and tested in PlanetLab years ago. Best, Leandro. > On 16 Sep 2022, at 23:39, Christian Huitema <huitema@huitema.net> wrote: > > On 8/31/2022 4:00 AM, Schanzenbach, Martin wrote: > >> Hi Christian, >> >> thanks for checking the draft out. > > And thanks for the replies. Sorry for this late answer, I was very busy with other projects. > >>> On 29. Aug 2022, at 19:18, Christian Huitema <huitema@huitema.net> wrote: >>> >>> >>> On 8/29/2022 5:18 AM, Schanzenbach, Martin wrote: >>>> Hi dinrg! >>>> >>>> I hope this email finds you all in good health. >>>> >>>> Wwe wanted to touch ground with you if any of you would be interested in our specification >>>> on R5N, a protocol for randomised recursive routing for restricted-route networks. [1] >>>> It is a distributed hash table protocol and we currently have two independent implementations. >>>> The document is not finished but in a parseable state and feedback is very welcome either way. >>>> >>>> This DHT can serve as a basis for GNS, for which there is a draft already quite far into the ISE process [2]. >>>> In fact, it is what our GNS implementations are using at the moment. >>>> >>>> Thank you and have a nice day >>>> Martin >>>> >>>> [1] https://datatracker.ietf.org/doc/draft-schanzen-r5n/ >>>> [2] https://datatracker.ietf.org/doc/draft-schanzen-gns/ >>> The R5N protocol is built on the classic DHT, kamdelia. Starting with a well known algorithm makes a lot of sense, but I wonder whether some more work is needed regarding locality and security. >>> >>> The connectedness of the DHT relies on each node learning about its closest neighbors, where closest means lowest distance between the peer ID, not lowest distance across the network. As the reach of the DHT increases, the network distance between the closest neighbors increases -- the "closest" neighbors will be at random locations across the Internet. Each node will generate network traffic required to maintain the closest list, and the aggregate may end up quite noticeable. >>> >> Do you know of any actual data on that? I know this seems to be true intuitively, but the actual impact would be of interest for a discussion. > > The Windows team did computations of that nature as part of the PNRP development. The key input is the number of nodes and the frequency of the "keep-connected" traffic for the "closest neighbor" set. You have to assume that the closest neighbors are all over the Internet, model the keep-connected traffic, and multiply by the number of nodes. It can become large quickly. > >> >>> The dependency on closest neighbors may also be a security issue. Each node depends on the good behavior of its closest neighbors. Attackers may single out a set of target peer ID, and spend some time generating peer IDs that have a close distance to this target. Once the attackers have secured a position in the list of closest neighbors of their target, they can mount a set of attacks, such as monitoring traffic to the target or denying service to the target. >> Yes that is true. But it is partially addressed by the random routing. And the monitoring issue is extremely difficult if not impossible to address at all if you want global routing over public networks. >> >>> The monitoring problem goes beyond just the list of closest neighbors. If attackers create a sufficient number of nodes, they will be able to monitor and possibly disturb a fraction of the traffic. The random routing steps in R5S ensure that resolution starts from random points in the network, which has both good and bad effects. On the good side, it means that repeated queries will follow different paths, which is more robust than always following a fixed path. On the other hand, the randomness almost ensures that a fraction of the queries will hit the attackers' nodes. >> Yes, that is correct. We should discuss that in the document. The attacker model needs to be defined and discussed properly anyway. > > Suppose an attacker wants to be among the closest neighbors of a target. It can do that by picking keys at random until it finds one that is sufficiently close. The number of trials necessary will scale linearly with the number of nodes in the network -- 2^32 would likely be more than enough in practice. That's not a very large number of trials, many attackers can afford that. > > The attacker will be inserted in the closest neighbors set. At a minimum, it will receive the "keep-connected" messages, and be able to track the target as it becomes active and moves to different IP addresses. Opportunistically, the attacker will be asked to relay queries to the target, and accumulate data about the target's "social graph". > > Of course, powerful adversaries can repeat this process many times and track multiple targets. > >>> Such issues are inherent with the classic DHT technology, but they may be solved in alternative technologies, as demonstrated by Freenet. Of course, this is your project, your choices. But it would be very nice to have some higher emphasis on locality, so that for example resolution of local names does not generate traffic outside the local network -- that would be better for privacy, and also more robust. >> I do not understand how either that would work or why you think this is not the case for r5n. >> Local nodes (direct neighbours) cache messages (and possibly even store if the replication level is high enough). So ideally this data is available at close nodes, not only on nodes close to the key. >> I am not really sure what you are proposing as an alternative. Keys cannot at the same time be stored locally and at the same time be efficiently available to peers outside of it. IMO we can have efficient global routing with O(log n) complexity or local-first routing with significantly more overhead for global routing. >> If you have any concrete ideas or papers that we could read in this regard that would be very helpful. > > Yes, there are ways to implement some amount of locality with DHT. The DHT requires a hierarchy of caches, with the number of "levels" scaling with the size N of the network as O(logN). The first hop of a query is typically from the first level of that hierarchy, and it is generally possible to populate that level with neighboring nodes. But as the query progresses, there are fewer local candidates. Indeed, the "closest neighbors" level is spread all over the Internet. > > But it is not just about network proximity, it is also about trust. Suppose that you have a way to express some amount of trust between nodes -- maybe the nodes that have been given a local pet name. You could tweak the DHT routing, or the cache selection, to preferably route queries through these trusted nodes. You would route those queries over the "graph of trust" instead of over the whole Internet. > > I don't have a specific reference in mind, but you should probably look at the white papers and specifications of the Freenet project, which did develop this separation between trusted and open graphs. > > -- Christian Huitema > > > > _______________________________________________ > Din mailing list > Din@irtf.org <mailto:Din@irtf.org> > https://www.irtf.org/mailman/listinfo/din <https://www.irtf.org/mailman/listinfo/din> -- Leandro Navarro http://people.ac.upc.edu/leandro http://dsg.ac.upc.edu
- [Din] I-D: The R5N Distributed Hash Table Schanzenbach, Martin
- Re: [Din] I-D: The R5N Distributed Hash Table Christian Huitema
- Re: [Din] I-D: The R5N Distributed Hash Table Schanzenbach, Martin
- Re: [Din] I-D: The R5N Distributed Hash Table Christian Huitema
- Re: [Din] I-D: The R5N Distributed Hash Table Leandro Navarro Moldes
- Re: [Din] I-D: The R5N Distributed Hash Table Jens Finkhaeuser