Are there not mechanisms to handle replay attacks? There is also the minor matter of fraud and regulatory concerns. You might get away with it a few times but not often enough to avoid a potential death penalty of being disconnected. Steve -----Original Message----- From: Alexandre Snarskii [mailto:snar@snar.spb.ru] Sent: Wednesday, August 08, 2012 9:46 AM To: Naslund, Steve Cc: Alexandre Snarskii Subject: Re: raging bulls On Wed, Aug 08, 2012 at 09:08:18AM -0500, Naslund, Steve wrote:
Also, we are only talking about a delay long enough to satisfy the longest circuit so you could not push your timestamp very far back and
would have to get the fake one done pretty quickly in order for it to be worthwhile. The real question is could you fake a cryptographic timestamp fast enough to actually gain time on the system. Possibly but it would be a very tall order.
Looks like replay attack works here: "attacker" can easily record encrypted timestamps and reuse them some milliseconds later, claiming "I had no knowledge on how market changed during this time, it's my provider had to re-route my traffic!!"
Steve
-----Original Message----- From: Chu, Yi [NTK] [mailto:Yi.Chu@sprint.com] Sent: Wednesday, August 08, 2012 9:01 AM To: Naslund, Steve; nanog@nanog.org Subject: RE: raging bulls
What prevents someone to fake an earlier timestamp? Money can bend light, sure can a few msec.
yi
-----Original Message----- From: Naslund, Steve [mailto:SNaslund@medline.com] Sent: Wednesday, August 08, 2012 9:53 AM To: nanog@nanog.org Subject: RE: raging bulls
It seems to me that all the markets have been doing this the wrong
way.
Would it now be more fair to use some kind of signed timestamp and process all transactions in the order that they originated? Perhaps each trade could have a signed GPS tag with the absolute time on it. It would keep everyone's trades in order no matter how latent their connection to the market was. All you would have to do is introduce a
couple of seconds delay to account for the longest circuit and then take them in order. They could certainly use less expensive connections and ensure that international traders get a fair shake.
Steven Naslund
-- In theory, there is no difference between theory and practice. But, in practice, there is.