Paulo S Silva Jr
2005-02-08 03:15:22 UTC
Greetings Programs,
I was reading about the Merkle Hash Tree implementation as it was
discussed here on the list, and I'd like to throw in my two bits of
thought too.
The greatest concern about using Merkle Trees is to make small
chunks of data more readily available to the swarm with a reasonably
secure verification as well making the torrent file smaller. As I
could gather is that the three nodes must be known in order to
verify the data, right?
I've thought an implementation that could work.
Ok, let's think about a brand new seed. In a scenary like this
there's no other downloaded file. Only one seeder and a bunch of
leechers. As the clients connects to the seeder and downloads a
chunk of data, the seeder sends a message with the 20B SHA1 hash of
the data just downloaded.
"But hey, where the heck is the Mekle Tree?" you may ask. Well, I
have thought somethink like this...
ROOT
/ \
/ \
/ \
H1 \
/ \ \
/ \ \
H2 H3 H4
/ \ / \ / \
C1 C2 C3 C4 C5 C6
Now, imagine this is a whole piece made of 6 chunks of data. A
leecher downloads the chunk C3 and receives the hash H3. By the way
I thought the downloaded saves the hash and do not make the chunk
available until it have downloaded the chunk C4, thus checking with
the known hash and making both chunks available at once. And as the
downloaded receives more chunks and hashes it checks against the
built hash tree.
"WTF? Where is the security in this?" Well, we're as safe as the
SHA1 hash function.
As I said it's only my two bits of thought (so, please, easy on the
attacks right :)...
Best Regards...
Paulo
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/BitTorrent/
<*> To unsubscribe from this group, send an email to:
BitTorrent-***@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
I was reading about the Merkle Hash Tree implementation as it was
discussed here on the list, and I'd like to throw in my two bits of
thought too.
The greatest concern about using Merkle Trees is to make small
chunks of data more readily available to the swarm with a reasonably
secure verification as well making the torrent file smaller. As I
could gather is that the three nodes must be known in order to
verify the data, right?
I've thought an implementation that could work.
Ok, let's think about a brand new seed. In a scenary like this
there's no other downloaded file. Only one seeder and a bunch of
leechers. As the clients connects to the seeder and downloads a
chunk of data, the seeder sends a message with the 20B SHA1 hash of
the data just downloaded.
"But hey, where the heck is the Mekle Tree?" you may ask. Well, I
have thought somethink like this...
ROOT
/ \
/ \
/ \
H1 \
/ \ \
/ \ \
H2 H3 H4
/ \ / \ / \
C1 C2 C3 C4 C5 C6
Now, imagine this is a whole piece made of 6 chunks of data. A
leecher downloads the chunk C3 and receives the hash H3. By the way
I thought the downloaded saves the hash and do not make the chunk
available until it have downloaded the chunk C4, thus checking with
the known hash and making both chunks available at once. And as the
downloaded receives more chunks and hashes it checks against the
built hash tree.
"WTF? Where is the security in this?" Well, we're as safe as the
SHA1 hash function.
As I said it's only my two bits of thought (so, please, easy on the
attacks right :)...
Best Regards...
Paulo
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/BitTorrent/
<*> To unsubscribe from this group, send an email to:
BitTorrent-***@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/