Home page logo
/

nanog logo nanog mailing list archives

RE: raging bulls
From: "Naslund, Steve" <SNaslund () medline com>
Date: Wed, 8 Aug 2012 10:16:01 -0500

Are there not mechanisms to handle replay attacks?  There is also the
minor matter of fraud and regulatory concerns.  You might get away with
it a few times but not often enough to avoid a potential death penalty
of being disconnected.

Steve

-----Original Message-----
From: Alexandre Snarskii [mailto:snar () snar spb ru] 
Sent: Wednesday, August 08, 2012 9:46 AM
To: Naslund, Steve
Cc: Alexandre Snarskii
Subject: Re: raging bulls

On Wed, Aug 08, 2012 at 09:08:18AM -0500, Naslund, Steve wrote:
Also, we are only talking about a delay long enough to satisfy the 
longest circuit so you could not push your timestamp very far back and

would have to get the fake one done pretty quickly in order for it to 
be worthwhile.  The real question is could you fake a cryptographic 
timestamp fast enough to actually gain time on the system.  Possibly 
but it would be a very tall order.

Looks like replay attack works here: "attacker" can easily record
encrypted timestamps and reuse them some milliseconds later, claiming "I
had no knowledge on how market changed during this time, it's my
provider had to re-route my traffic!!"


Steve

-----Original Message-----
From: Chu, Yi [NTK] [mailto:Yi.Chu () sprint com]
Sent: Wednesday, August 08, 2012 9:01 AM
To: Naslund, Steve; nanog () nanog org
Subject: RE: raging bulls

What prevents someone to fake an earlier timestamp?  Money can bend 
light, sure can a few msec.

yi

-----Original Message-----
From: Naslund, Steve [mailto:SNaslund () medline com]
Sent: Wednesday, August 08, 2012 9:53 AM
To: nanog () nanog org
Subject: RE: raging bulls

It seems to me that all the markets have been doing this the wrong
way.
Would it now be more fair to use some kind of signed timestamp and 
process all transactions in the order that they originated?  Perhaps 
each trade could have a signed GPS tag with the absolute time on it. 
It would keep everyone's trades in order no matter how latent their 
connection to the market was.  All you would have to do is introduce a

couple of seconds delay to account for the longest circuit and then 
take them in order.  They could certainly use less expensive 
connections and ensure that international traders get a fair shake.

Steven Naslund



--
In theory, there is no difference between theory and practice. 
But, in practice, there is. 



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]