fundamental problem with many peer-to-peer systems is the tendency for
users to “free ride” to consume resources without contributing to the
system. The popular file distribution tool BitTorrent was explicitly
designed to address this problem, using a tit-for-tat reciprocity
strategy to provide positive incentives for nodes to contribute
resources to the swarm. While BitTorrent has been extremely successful,
we show that its incentive mechanism is not robust to strategic clients.
Through performance modeling parameterized by real world traces, we
demonstrate that all peers contribute resources that do not directly
improve their performance. We use these results to drive the design and
implementation of BitTyrant, a strategic BitTorrent client that provides
a median 70% performance gain for a 1 Mbit client on live Internet
swarms. We further show that when applied universally, strategic clients
can hurt average per-swarm performance compared to today’s BitTorrent
smartcards, capable of sophisticated cryptography, provide a high
assurance of tamper resistance and are thus commonly used in payment
Although extracting secrets out of smartcards requires resources beyond
the means of many would-be thieves, the manner in which they are used
can be exploited for fraud.
Cardholders authorize financial transactions by presenting the card and
disclosing a PIN to a terminal without any assurance as to the amount
being charged or who is to be paid, and have no means of discerning
whether the terminal is authentic or not.
Even the most advanced smartcards cannot protect customers from being
defrauded by the simple relaying of data from one location to another.
We describe the development of such an attack, and show results from
live experiments on the UK's EMV implementation, Chip & PIN.
We discuss previously proposed defences, and show that these cannot
provide the required security assurances.
A new defence based on a distance bounding protocol is described and
implemented, which requires only modest alterations to current hardware
As far as we are aware, this is the first complete design and
implementation of a secure distance bounding protocol.
Future smartcard generations could use this design to provide
cost-effective resistance to relay attacks, which are a genuine threat
to deployed applications.
We also discuss the security-economics impact to customers of enhanced
An important threat to reliable storage of data is silent data corruption. In order to develop suitable protection mechanisms against data corruption, it is essential to understand its characteristics. In this paper, we present the first large-scale study of data corruption. We analyze corruption instances recorded in production storage systems containing a total of million disk drives, over a period of months. We study three classes of corruption: checksum mismatches, identity discrepancies, and parity inconsistencies. We focus on checksum mismatches since they occur the most.
We find more than 400,000 instances of checksum mismatches over the 41-month period. We find many interesting trends among these instances including: (i) nearline disks (and their adapters) develop checksum mismatches an order of magnitude more often than enterprise class disk drives, (ii) checksum mismatches within the same disk are not independent events and they show high spatial and temporal locality, and (iii) checksum mismatches across different disks in the same storage system are not independent. We use our observations to derive lessons for corruption-proof system design.