[155419] in North American Network Operators' Group
RE: raging bulls
daemon@ATHENA.MIT.EDU (Naslund, Steve)
Wed Aug 8 11:34:09 2012
Date: Wed, 8 Aug 2012 10:16:01 -0500
In-Reply-To: <20120808144544.GA93761@snar.spb.ru>
From: "Naslund, Steve" <SNaslund@medline.com>
To: <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Are there not mechanisms to handle replay attacks? There is also the
minor matter of fraud and regulatory concerns. You might get away with
it a few times but not often enough to avoid a potential death penalty
of being disconnected.
Steve
-----Original Message-----
From: Alexandre Snarskii [mailto:snar@snar.spb.ru]=20
Sent: Wednesday, August 08, 2012 9:46 AM
To: Naslund, Steve
Cc: Alexandre Snarskii
Subject: Re: raging bulls
On Wed, Aug 08, 2012 at 09:08:18AM -0500, Naslund, Steve wrote:
> Also, we are only talking about a delay long enough to satisfy the=20
> longest circuit so you could not push your timestamp very far back and
> would have to get the fake one done pretty quickly in order for it to=20
> be worthwhile. The real question is could you fake a cryptographic=20
> timestamp fast enough to actually gain time on the system. Possibly=20
> but it would be a very tall order.
Looks like replay attack works here: "attacker" can easily record
encrypted timestamps and reuse them some milliseconds later, claiming "I
had no knowledge on how market changed during this time, it's my
provider had to re-route my traffic!!"
>=20
> Steve
>=20
> -----Original Message-----
> From: Chu, Yi [NTK] [mailto:Yi.Chu@sprint.com]
> Sent: Wednesday, August 08, 2012 9:01 AM
> To: Naslund, Steve; nanog@nanog.org
> Subject: RE: raging bulls
>=20
> What prevents someone to fake an earlier timestamp? Money can bend=20
> light, sure can a few msec.
>=20
> yi
>=20
> -----Original Message-----
> From: Naslund, Steve [mailto:SNaslund@medline.com]
> Sent: Wednesday, August 08, 2012 9:53 AM
> To: nanog@nanog.org
> Subject: RE: raging bulls
>=20
> It seems to me that all the markets have been doing this the wrong
way.
> Would it now be more fair to use some kind of signed timestamp and=20
> process all transactions in the order that they originated? Perhaps=20
> each trade could have a signed GPS tag with the absolute time on it.=20
> It would keep everyone's trades in order no matter how latent their=20
> connection to the market was. All you would have to do is introduce a
> couple of seconds delay to account for the longest circuit and then=20
> take them in order. They could certainly use less expensive=20
> connections and ensure that international traders get a fair shake.
>=20
> Steven Naslund
>=20
>=20
--
In theory, there is no difference between theory and practice.=20
But, in practice, there is.=20
