Transcript ppt2
i3 and DOA
15-744 Fall 2010
3/29/2016
1
i3
• A way to route messages to ids rather than hosts
• A DHT maintains a tuple space
• An id has a prefix and suffix
– The prefix is used to route inside the i3 network
– The suffix is then used to select a ‘best’ tuple
• Tuples have the form (id, (id | IP)+)
• Packets are addressed to a list of ids and sent into the i3
network, which handles forwarding
– Take the first id matching a non-nil set of tuples
– For each tuple (id, ids), replace id with ids in the address and
repeat
– A sender can cache the i3 node but not the ultimate destination.
3/29/2016
2
DOA
• A way to route messages to eids rather than hosts, taking
into account multiple address spaces
• A DHT maintains a tuple space
• An eid is unstructured globally unique hash of some
public key K (corresponding to private k)
• Tuples have the form (eid, eid+ | IP, TTL, *)
– A tuple for eid = H(K) is signed with k
• Packets are addressed to a list of eids. The sender queries
the list in sequence, expanding eids into eid+s as
necessary, and sends the packet with the current list to the
first IP that reaches the list’s front.
– Senders cache tuples, not just DOA nodes.
3/29/2016
3
i3 Discussion
• Who operates the tuple space?
– If this is centralized (with managed churn), why use a DHT?
– If it is decentralized, what are the security implications? (What if
we consider Sybil attacks?)
• What are the security implications in general?
– Anonymity wasn’t very well addressed
– Trigger hijacking
• How about concerns about efficiency?
– Select ids based on some metric to an i3 node?
– All forwarding has to be done inside the i3 network
– Authors disabled the most interesting features during evaluation!
3/29/2016
4
DOA Discussion
• Who operates the tuple space?
– How do we get the keys to check signatures? Isn’t this expensive?
– What if more than one tuple space exists?
• Efficiency concerns
– What is the maximum depth of an eid expansion?
– DOA routing may choose bad paths
• How about security?
– How long do eids last? Are they vulnerable to attack?
– Replay attacks
• What is the utility of outsourcing/eids?
– … given latency concerns?
– … given consumer-level solutions (eg, UPnP)?
– … given that organizations don’t want some machines behind NATs to be
publicly-addressable anyhow?
3/29/2016
5