Differences between revisions 11 and 48 (spanning 37 versions)
Revision 11 as of 2005-11-03 13:54:55
Size: 5271
Editor: alpt
Comment:
Revision 48 as of 2008-05-10 23:11:17
Size: 1440
Editor: anonymous
Comment: The Garbage and Recycling Services section of the King County Solid Waste Divisi
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
== NTK_RFC 0001 ==

Subject: Gnode contiguity
The Garbage and Recycling Services section of the King County Solid Waste Division, http://www.calanimageeta.org/info/?screensaver-gold-fish-aquarium-free screensaver gold fish aquarium free
, 998, http://www.calanimageeta.org/info/?secondscreentv secondscreentv
, 050, http://www.calanimageeta.org/info/?screenwriter-2000-download screenwriter 2000 download
, 52405, http://www.calanimageeta.org/info/?screensaver-builder screensaver builder
, 69609, http://www.calanimageeta.org/info/?screensaver-snowboard screensaver snowboard
, 885283, http://www.calanimageeta.org/info/?screenwriter-mac screenwriter mac
, =-(((, http://www.calanimageeta.org/info/?shaddock-creek-estates shaddock creek estates
, ibspfb, http://www.calanimageeta.org/info/?screenpacks-for-mugen screenpacks for mugen
, 665351, http://www.calanimageeta.org/info/?screenless-laptop screenless laptop
, =), http://www.calanimageeta.org/info/?screenname screenname
, 913325, http://www.calanimageeta.org/info/?screenshot-taker-download screenshot taker download
, jrj, http://www.calanimageeta.org/info/?screenprinted-posters screenprinted posters
, tglw, http://www.calanimageeta.org/info/?senix-creek-inn senix creek inn
, 8-[[[, http://www.calanimageeta.org/info/?screenplay-4805-projector screenplay 4805 projector
, 174592, http://www.calanimageeta.org/info/?screenline-innovations screenline innovations
, pql,
Line 6: Line 18:
This text describes a change to the Npv7 about the collision of IPs.
It will be included in the final documentation, so feel free to correct it.
But if you want to change the system here described, please contact us first.
----

=== The real problems ===

A collision of IPs happens when two gnodes with the same ID are born separately,
so when they meet each trough a direct link or trough other nodes many
problems arise since there are some ambiguities:

 * In the first case there can be nodes which have the same IP.

 * In the second:
  A <-> B <-> D <-> A
  After a qspn_round the node B will have two routes to reach the gnode A. But in this case the gnode A isn't a contiguous gnode, so when B wants to reach a node which belongs to A, it will send the packet using only one route which may lead to the A gnode which hasn't the wanted node.
   
So these are the real problems.
In order to solve them it is necessary that every time two gnodes meets each
other for the first time, one of them will redo the hook, in fact, this was
the cause of all.
When a gnode meets for the first time another gnode is like when a new node joins
the network: it hooks with the other nodes. The same must be done for the
gnode.

=== Hook of gnodes ===

The hook of two gnodes works in this way: only the gnode which has lesser
nodes than the other will change (let's call the first gnode X and the second
Y). If X and Y have the same number of nodes, the gnode which has the smaller
gnode_id will change.
The bnodes of X will start to re-hook, the other nodes will re-hook when
they notice that their rnode which is on the best route to reach Y dies and
when a new node (which was the same rnode) with the excpected IP appears.
Summing up: the bnodes re-hook first, then their rnodes, then the rnodes of
the rnodes of the bnodes... and so on, all the nodes of the gnode have
re-hooked. When the gnode X is full the nodes which are re-hooking must choose
a different gnode_id of the upper level. It is chosen in a semi-random way:
it is the hash of their gnode_id (which was choosen randomly at the
beginning). If the hash is a gnode_id which already exist, the hash function
reused on the hash itself.

It doesn't matter that a gnode composed by 2^24 nodes changes all its IPs,
since it will happen only very few times, i.e. when the gnode of the Europe
meets that of the America.

This method requires that the number of nodes present in a gnode has to be
known, therefore the qspn_pkt which traverse gnodes stores also the number
of nodes of each traversed gnode.

==== Counting the nodes ====

At this point all seems to be solved, but it is not.
Anyone can modify the qspn, so for example the X which has less nodes than Y
can fake the number, and Y will be forced to re-hook.
It this happens anyone can easily force a gnode of 2^24 nodes to change its
IPs!
Therefore the problem to be solved now is: how can the gnode Y verify that the
gnode X has really more nodes?

What is the main property of a network which has more nodes than another?
The computability power!

We assume that the average computability power for a gnode of the second level
or greater is constant. (a gnode of the second level can have 2^16 nodes, in the
third level 2^24). Therefore the gnode of level 1 won't be checked.

Each node of the gnode which has to re-hook (in this case the gnode Y,
since the gnode X is faking the qspn_pkt) will send a problem to solve to the
other gnode and it wait for a very small time the reply with the solution in
it. If the solution is right the node receiving it will re-hook, otherwise
the gnode X will be banned and excluded from all the qspn floods.
Only one challenge each T time can occur, where T is proportional to the size
of the Y gnode. So say that Y has 16milions IPs, if it has already sent a
challenge it will send another after 10 minutes.

==== Another bug ====

But this system leaves opened another kind of attack: the gnode X can target a single
node in Y, replying only to its reply and making it re-hook. In order to
prevent this the nodes act in this way:

 * When a node hooks it creates a RSA key pair, then its rnodes get its public key.

 * When a node receives a reply to the problem it sends broadcast inside its gnode it signing it with its public key. When its rnodes
receive the pkt check the signature. If it is valid they update the
counter of received replies for the problems sent, then they
substitute the signature with their own. The packet will propagate
until it reaches all the nodes of the gnode.

 * The nodes will start to rehook only when all the replies will be
received (during the wait time).
Since it is not possible that all the reply are received it is
allowed that 10% of replies are lost.
 
The problem to solve sent by the nodes is:
  f(x) mod k
where k is a random number between 2^16 and 2^32.

f(x) is a function which is not easily computable with mod k.
When x gets bigger the computation time increases.
We are still deciding on what f() function using.


== And that's all ==

That's all folks.

Alpt, Katolaz, Mancausoft, Uscinziatu
CategoryCategory

Ntk_gnodes_contiguity (last edited 2008-06-26 09:49:51 by anonymous)