"Piglet" Search Protection Mechanism

                   

The basic idea here is to place some of the load of attacking the network onto the shoulders of the attacker instead of on those of the normal user, this can be done using two methods which I shall describe below.


                   
The attacker operates as a "man in the middle" selecting all network traffic that passes across themselves and either poisoning or otherwise modifying those packets to cause DDOS attacks, false Search results or even to replay the initial searches at a later time, this method of attacking is possible as there is no hashed time and date encoded into the TCP network header.

Whilst the network header modification is much needed and will be included at some time in the future in OurMx it is still felt necessary to add further annoyances for any attacker and the mechanism outlined below is proposed for just this reason.

 
Below you can see a diagram of the basic idea for dropping all fake search results, its not much different to a ping, however the swapping of keys and tokens ensures its a genuine two way security method that enures the search results presented are either genuine or the guy delivering them is the attacker as contacts are made directly user to user instead of via third parties.  

The second phase of the anti attacker method is the two part style of the message packet, the basic results are left in a simple to decrypt format so those receiving the initiators request are able to check locally for matches to the search term with little lost time, if they find a match and whish to reply however they will need to do some heavier decrypting and for a normal user this will mean some extra computing work, for the attacker however who wants to see all of the networks data its a computing load thats going to get larger and larger the more data they harvest, by fine tuning this method it will be possible to overload the attacker in many respects and reduce their overall efficiency, with the double handshake added it will ensure all the attackers effort is wasted as they will not be able to pass themselves off as the actual result responder, the token or random number swaps could be further enhanced with a hashed [minute, hour, day, date,year] field to ensure the window of attack opportunity is minimised as much as possible, obviously "out of time" packets will be dumped.

General network replay attacks also will be not possible outside a minimised "time window" if the aditional TCP network header fields I have outlined are also added, for the sake of this concept I am for now not suggesting this method for the rest of the network packets but for the Search poisoning problem I feel this is the way ahead, what do you think ?