Comprehending Kademlia Routing - A Theoretical Framework for the Hop Count Distribution

The family of Kademlia-type systems represents the most efficient and most widely deployed class of internet-scale distributed systems. Its success has caused plenty of large scale measurements and simulation studies, and several improvements have been introduced. Its character of parallel and non-deterministic lookups, however, so far has prevented any concise formal analysis. This paper introduces the first comprehensive formal model of the routing of the entire family of systems that is validated against previous measurements. It sheds light on the overall hop distribution and lookup delays of the different variations of the original protocol. It additionally shows that several of the recent improvements to the protocol in fact have been counter-productive and identifies preferable designs with regard to routing overhead and resilience.Comment: 12 pages, 6 figure

A Probabilistic Analysis of Kademlia Networks

Kademlia is currently the most widely used searching algorithm in P2P (peer-to-peer) networks. This work studies an essential question about Kademlia from a mathematical perspective: how long does it take to locate a node in the network? To answer it, we introduce a random graph K and study how many steps are needed to locate a given vertex in K using Kademlia's algorithm, which we call the routing time. Two slightly different versions of K are studied. In the first one, vertices of K are labelled with fixed IDs. In the second one, vertices are assumed to have randomly selected IDs. In both cases, we show that the routing time is about c*log(n), where n is the number of nodes in the network and c is an explicitly described constant.Comment: ISAAC 201

Low-resource eclipse attacks on Ethereum’s peer-to-peer network

We present eclipse attacks on Ethereum nodes that exploit the peer-to-peer network used for neighbor discovery. Our attacks can be launched using only two hosts, each with a single IP address. Our eclipse attacker monopolizes all of the victim’s incoming and outgoing connections, thus isolating the victim from the rest of its peers in the network. The attacker can then filter the victim’s view of the blockchain, or co-opt the victim’s computing power as part of more sophisticated attacks. We argue that these eclipse-attack vulnerabilities result from Ethereum’s adoption of the Kademlia peer-to-peer protocol, and present countermeasures that both harden the network against eclipse attacks and cause it to behave differently from the traditional Kademlia protocol. Several of our countermeasures have been incorporated in the Ethereum geth 1.8 client released on February 14, 2018.First author draf

Evaluating Connection Resilience for the Overlay Network Kademlia

Kademlia is a decentralized overlay network, up to now mainly used for highly scalable file sharing applications. Due to its distributed nature, it is free from single points of failure. Communication can happen over redundant network paths, which makes information distribution with Kademlia resilient against failing nodes and attacks. This makes it applicable to more scenarios than Internet file sharing. In this paper, we simulate Kademlia networks with varying parameters and analyze the number of node-disjoint paths in the network, and thereby the network connectivity. A high network connectivity is required for communication and system-wide adaptation even when some nodes or communication channels fail or get compromised by an attacker. With our results, we show the influence of these parameters on the connectivity and, therefore, the resilience against failing nodes and communication channels.Comment: 12 pages, 14 figures, accepted to ICDCS2017. arXiv admin note: substantial text overlap with arXiv:1605.0800

A Model to Quantify the Success of a Sybil Attack Targeting RELOAD/Chord Resources

The Sybil attack is one of the most harmful security threats for distributed hash tables (DHTs). This attack is not only a theoretical one, but it has been spotted "in the wild", and even performed by researchers themselves to demonstrate its feasibility. In this letter we analyse the Sybil attack whose objective is that the targeted resource cannot be accessed by any user of a Chord DHT, by replacing all the replica nodes that store it with sybils. In particular, we propose a simple, yet complete model that provides the number of random node-IDs that an attacker would need to generate in order to succeed with certain probability. Therefore, our model enables to quantify the cost of performing a Sybil resource attack on RELOAD/Chord DHTs more accurately than previous works, and thus establishes the basis to measure the effectiveness of different solutions proposed in the literature to prevent or mitigate Sybil attacks.This work has been partially supported by the EU FP7 TREND project (257740), the Spanish T2C2 project (TIN2008-06739-C04-01) and the Madrid MEDIANET project (S-2009/TIC-1468).European Community's Seventh Framework ProgramPublicad

A Lightweight Approach for Improving the Lookup Performance in Kademlia-type Systems

Discovery of nodes and content in large-scale distributed systems is generally based on Kademlia, today. Understanding Kademlia-type systems to improve their performance is essential for maintaining a high service quality for an increased number of participants, particularly when those systems are adopted by latency-sensitive applications. This paper contributes to the understanding of Kademlia by studying the impact of \emph{diversifying} neighbours' identifiers within each routing table bucket on the lookup performance. We propose a new, yet backward-compatible, neighbour selection scheme that attempts to maximize the aforementioned diversity. The scheme does not cause additional overhead except negligible computations for comparing the diversity of identifiers. We present a theoretical model for the actual impact of the new scheme on the lookup's hop count and validate it against simulations of three exemplary Kademlia-type systems. We also measure the performance gain enabled by a partial deployment for the scheme in the real KAD system. The results confirm the superiority of the systems that incorporate our scheme.Comment: 13 pages, 8 figures, conference version 'Diversity Entails Improvement: A new Neighbour Selection Scheme for Kademlia-type Systems' at IEEE P2P 201

地理位置情報に基づく分散ルーティングテーブルを用いた情報検索システム

In this thesis, we propose an information look up system using geographic location-based distributed routing (GDR) table that collects and manages information gathered by moving vehicles in urban areas. Throughout this thesis, weassume the underlay network of the GDR system can be modeled as a grid. This assumption makes a sense for an urban area where the roads are paved on a grid pattern. The system uses area nodes placed on several locations where each node manages location-oriented information on a designated non-overlapping area. The GDR system provides an information lookup based on the geographic latitude and longitude coordinates. A geographic coordinate is assigned for a node as its identifier (ID), and each node manages an overlay routing table. The routing table consists of pointers to other nodes in the network in order to forward messages to the geographically nearest overlay node toward its final destination. In a system with N nodes, each node has a routing table of size log N and a search is possiblein O(log N). We evaluate the mean and the variance of the path length and the relay length of GDR, CAN, Chord and Kademlia, under the assumptions that the ID is in cartesian format (x, y), all nodes are active, and the source node and the destination node are chosen independently with equal probability. We show that regardless of the ID format (i.e. even though the ID is in cartesian format or the ID is generated by using Space Filling Curve (SFC)), GDR, Chord and Kademlia have the same mean and the same variance of the path length,while the mean and the variance of the relay length of GDR are smaller than those of Chord and Kademlia. Furthermore, while GDR and CAN have the same mean and the same variance of the relay length, the mean and the variance of the pathlength of GDR are smaller than those of CAN.We show that the mean relay length of GDR is about half of that of Chord, and about 2/3 of that of Kademlia, and the mean path length is about (3/4) log N/√N of that of CAN. In addition, the GDR system has a routing redundancy to increase robustness. When a node fails, its neighbor node behaves as an agent for the failing node. To know the agent node of the failing node, each node has an agent list which is the records of the agent nodes of the nodes of its routing table. Since the number of the agent nodes is 2, the size of the agent list is 2 log N. If an underlay network can be modeled as a grid, it is easy to assign a physical address for a node. However, if a node fails, it is difficult to modify or change its physical address. In the GDR system, the nodes can avoid a failed node by using its agent list on the overlay network. We also present an application of the GDR system. In order to send a reply to a terminal after it moves to the neighboring area, we proposed Wall Pass (WP) algorithm. We consider a node as a wall player of wall pass in football. We evaluated the performance of the GDR system when the mobile mobile terminals are moving. The results show that WP algorithm can decrease the communication overhead.電気通信大学201