Without a central authority to verify the identity of entities in P2P
systems, faulty entities may take over an P2P overlay by counterfeit
identities. The author claims that it is almost impossible to prevent
Sybil attack in distributed systems unless entities have identical
resource constraints and all identities can be validated simultaneously
because validations are resource-consuming puzzles and faulty entities
cannot solve these puzzles simultaneously for all of its counterfeit
identities in reasonable time.
I'd like to question the incentive to perform such a Sybil attack. In a
lucky draw, participants probably wants to have counterfeit identities
to enter because this increases the chance to get prizes. The incentive
to participate in P2P systems is to share the load so that each
participant contributes a small amount of resources for the good of the
entire system. Participation with multiple identities will cost more
resources than necessary but without obvious benefits. My other
observation from a lucky draw is that it prevents counterfeit identities
from entering the draw by dropping entries with matching postal address
or telephone numbers because these are ways the participants can claim
the prizes. Although there isn't any prize or obvious benefit to join
P2P systems with multiple identities, there must be some attributes that
are unique over entities but non-unique for counterfeit identities. An
intuitive example is the IP address of an entity (although this
particular example has issues with DHCP and NAT). P2P systems may look
for these attributes and use them to build the ring of trust.
Received on Thu Nov 17 2005 - 10:04:05 EST
This archive was generated by hypermail 2.2.0 : Thu Nov 17 2005 - 10:14:08 EST