Date of Award


Document Type


Degree Name



Computer Science

First Advisor

Christian Grothoff

Second Advisor

Richard Ball


dht, freenet, p2p, peer-to-peer, restricted route, security


In many networks, such as mobile ad-hoc networks and friend-to-friend

overlay networks, direct communication between nodes is

limited to specific neighbors. Friend-to-friend ``darknet'' networks

have been shown to commonly have a

small-world topology; while short paths exist between any pair of

nodes in small-world networks, it is non-trivial to determine such

paths with a distributed algorithm. Recently, Clarke and Sandberg

proposed the first decentralized routing algorithm that achieves

efficient routing in such small-world networks.

Herein this thesis we discuss the first independent security

analysis of Clarke and Sandberg's routing algorithm. We show that a

relatively weak participating adversary can render the overlay

ineffective without being detected, resulting in significant data

loss due to the resulting load imbalance. We have measured the

impact of the attack in a testbed of 800 and 400 total nodes using

minor modifications to Clarke and Sandberg's implementation of their

routing algorithm in Freenet. Our experiments show that the attack

is highly effective, allowing a small number of malicious nodes to

cause rapid loss of data on the entire network.

We also discuss various proposed countermeasures designed to detect,

thwart or limit the attack. We found that the ``darknet'' topology

limits the ability of effective countermeasures. The problem of

fixing the topology proved so intractable due to inherent network

characteristics that the idea of using a darknet for Freenet has

been all but abandoned following the public release of this work.

Our hope is that the presented analysis acts as a step towards

effective analysis and design of secure distributed routing

algorithms for restricted-route topologies.


Recieved from ProQuest

Rights holder

Nathan S. Evans

File size

84 p.

File format





Computer science