[tahoe-lafs-trac-stream] [Tahoe-LAFS] #3878: Potential denial of service attack by rogue servers
Tahoe-LAFS
trac at tahoe-lafs.org
Tue Mar 8 15:16:48 UTC 2022
#3878: Potential denial of service attack by rogue servers
----------------------+---------------------------
Reporter: itamarst | Owner:
Type: defect | Status: new
Priority: normal | Milestone: undecided
Component: unknown | Version: n/a
Keywords: | Launchpad Bug:
----------------------+---------------------------
* Malicious server SN joins grid G
* Client C begins to upload shares R[1..N] to storage servers S[1..N]
* SN sees upload of share RN to storage index I
* SN immediately calls allocate_buckets on S[1..N-1] for shares R[1..N]
(but doesn't bother to upload anything)
* For any server/share combination where SN gets there first, C is denied
the ability to perform an upload. Also, to C, it looks like the share has
already been uploaded so no further work is required on its part.
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3878>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list