pith. sign in

arxiv: 2505.01139 · v2 · submitted 2025-05-02 · 💻 cs.CR

Active Sybil attack and efficient defense strategy in IPFS DHT

V. H. de Moura Netto , T. Cholez , C.-L. Ignat This is my paper

Pith reviewed 2026-05-22 17:40 UTC · model grok-4.3

classification 💻 cs.CR
keywords IPFSSybil attackDHTKademliacontent eclipsepeer-to-peernetwork defense
0
0 comments X

The pith

An active Sybil attack returns false data to eclipse IPFS content and evades current defenses in roughly 80 percent of lookups.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper demonstrates that IPFS, built on a Kademlia DHT, faces a new active Sybil attack in which controlled nodes supply semantically plausible but incorrect routing information to hide content locations. This attack uses careful node placement to slip past statistical detection and takes advantage of early lookup termination in the main Kubo client, allowing it to fully block access on recent versions. Even when paired with the strongest existing defense of detection plus wider publication, the attack still prevents retrieval in about 80 percent of attempts. In response, the authors introduce SR-DHT-Store, a publication technique that issues region-based queries around a dynamically chosen XOR distance to the target identifier, resisting both active and passive Sybil interference without any need for attack detection and with lower overhead plus support for gradual rollout.

Core claim

The paper establishes that malicious nodes can perform an active Sybil attack by returning semantically correct yet intentionally false data, fully eclipsing content on recent Kubo IPFS versions through strategic placement that evades detection and by exploiting early termination of lookups. This attack succeeds in denying access to target content in approximately 80 percent of attempts even against the latest mitigation that combines statistical tests with wider publication. To counter it, the paper proposes SR-DHT-Store, which performs systematic region-based queries using a dynamically computed XOR distance to the target ID, thereby enabling efficient Sybil-resistant content publication,

What carries the argument

SR-DHT-Store, a content-publication method that issues systematic region-based queries based on a dynamically computed XOR distance to the target ID to achieve Sybil resistance without attack detection.

If this is right

  • The active attack fully eclipses content on recent versions of the Kubo IPFS client.
  • The attack denies access in approximately 80 percent of lookup attempts even when the latest statistical-detection-plus-wider-publication mitigation is active.
  • SR-DHT-Store mitigates both the new active attack and prior passive Sybil attacks without depending on attack detection.
  • The new method operates at lower overhead than detection-based approaches and supports incremental deployment.
  • SR-DHT-Store can be combined with other defenses for layered protection.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same region-query approach could be tested in other Kademlia-based systems to see whether it reduces eclipse success rates without IPFS-specific changes.
  • A simulation that varies Sybil density while measuring lookup success with SR-DHT-Store would quantify the exact overhead savings claimed.
  • Layering SR-DHT-Store with lightweight statistical checks might create a hybrid defense that catches novel attack variants the paper does not evaluate.

Load-bearing premise

The attack depends on being able to place Sybil nodes strategically enough to evade statistical detection while also relying on early termination of lookups inside the actual Kubo implementation.

What would settle it

Deploy the described active Sybil nodes against a target content item in a test network that uses the current mitigation and count how often a normal lookup succeeds; success rates consistently above 20 percent would contradict the reported denial rate.

Figures

Figures reproduced from arXiv: 2505.01139 by C.-L. Ignat, T. Cholez, V. H. de Moura Netto.

Figure 1
Figure 1. Figure 1: Content provide in IPFS DHT. This example assumes [PITH_FULL_IMAGE:figures/full_fig_p003_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Content retrieval in IPFS DHT. This example assumes [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Content eclipse attack in IPFS DHT. This example [PITH_FULL_IMAGE:figures/full_fig_p004_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Region-based query mitigation strategy. This example [PITH_FULL_IMAGE:figures/full_fig_p005_4.png] view at source ↗
Figure 6
Figure 6. Figure 6: DKL distribution over 100 random DHT requests. Optimizing Sybil Placement. To determine the optimal positioning of Sybil nodes while minimizing the risk of attack detection, we formulate the problem as a correlated combi￾natorial optimization, similar to the knapsack problem [33]. In this problem, adding a malicious node to the distribution increases the score or profit pj , while also increasing the distr… view at source ↗
Figure 5
Figure 5. Figure 5: Active attack against the proposed mitigation. This [PITH_FULL_IMAGE:figures/full_fig_p008_5.png] view at source ↗
Figure 7
Figure 7. Figure 7: Impact of network size estimation on the calculation [PITH_FULL_IMAGE:figures/full_fig_p009_7.png] view at source ↗
Figure 8
Figure 8. Figure 8: Optimized Sybil placement count across 100 random [PITH_FULL_IMAGE:figures/full_fig_p010_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: Active attack using optimized Sybil placement against [PITH_FULL_IMAGE:figures/full_fig_p011_9.png] view at source ↗
Figure 10
Figure 10. Figure 10: SR-DHT-Store opportunistic publication. This example [PITH_FULL_IMAGE:figures/full_fig_p011_10.png] view at source ↗
Figure 11
Figure 11. Figure 11: Qdk variation impact on the average distance of the k-th closest node. C. Churn-Aware Distance Estimation To account for network size fluctuations and improve the accuracy of the estimation, the average distance to the k-farthest peer (dk) must be updated over time. Typically, P2P networks are subject to hourly size variation which magnitude depends on the proportion of personal computers hosting peers us… view at source ↗
Figure 12
Figure 12. Figure 12: Average number of nodes receiving PRs when [PITH_FULL_IMAGE:figures/full_fig_p013_12.png] view at source ↗
Figure 13
Figure 13. Figure 13: Effectiveness of mitigations against the optimized [PITH_FULL_IMAGE:figures/full_fig_p015_13.png] view at source ↗
read the original abstract

The InterPlanetary File System (IPFS) is a decentralized peer-to-peer (P2P) storage built on Kademlia, a Distributed Hash Table (DHT) structure commonly used in P2P systems and known for its proved scalability. However, DHTs susceptible to Sybil attacks, where a single entity controls multiple malicious nodes. Recent studies have shown that IPFS is affected by a passive content eclipse attack, leveraging Sybils, in which adversarial nodes hide received indexed information from other peers, making the content appear unavailable. Fortunately, the latest mitigation strategy coupling an attack detection based on statistical tests and a wider publication strategy upon detection was able to circumvent it. In this work, we present a new active attack in which malicious nodes return semantically correct but intentionally false data. The attack leverages strategic Sybil placement to evade detection and exploits an early termination in the actual Kubo, the main IPFS implementation. It achieves to fully eclipse content on recent Kubo versions. When evaluated against the most recent known mitigation, it successfully denies access to the target content in approximately 80% of lookup attempts. To address this vulnerability, we propose a new mitigation called SR-DHT-Store, which enables efficient, Sybil-resistant content publication without relying on attack detection. Instead, it uses systematic and precise use of region-based queries based on a dynamically computed XOR distance to the target ID. SR-DHT-Store can be combined with other defense mechanisms, fully mitigating passive and active Sybil attacks at a lower overhead while supporting an incremental deployment.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper claims to introduce a new active Sybil attack on IPFS DHT in which malicious nodes return semantically correct but intentionally false data. The attack uses strategic Sybil placement to evade statistical detection from prior work and exploits an early termination in the actual Kubo implementation (distinct from the spec) to fully eclipse content on recent versions. When tested against the most recent known mitigation, it denies access in approximately 80% of lookup attempts. The authors propose SR-DHT-Store as a new defense that performs systematic region-based queries using a dynamically computed XOR distance to the target ID, enabling efficient Sybil-resistant publication without attack detection and supporting incremental deployment while mitigating both passive and active attacks at lower overhead.

Significance. If the central experimental claims are substantiated, the work would be significant for identifying a practical active attack vector that bypasses existing statistical defenses in a production DHT used by IPFS, and for proposing a detection-independent mitigation that is efficient, combinable with other mechanisms, and incrementally deployable. This could have direct implications for the security of decentralized storage and other Kademlia-based P2P systems.

major comments (2)
  1. [Attack description and evaluation] The central performance claims rest on an asserted early termination in Kubo's actual DHT lookup logic that accepts semantically correct but false responses before full verification or wider queries complete. No code citation, version hash, execution trace, or specific condition (e.g., in provider or value lookup paths) is supplied to demonstrate that this termination exists in the tested Kubo versions and enables the attack.
  2. [Evaluation against mitigation] The reported 80% denial rate against the prior mitigation is presented without any description of the experimental setup, number of trials, statistical significance, measurement methodology for lookup attempts, or controls for network conditions. This makes the quantitative result difficult to verify or reproduce from the manuscript.
minor comments (2)
  1. [Abstract] The abstract and introduction could more precisely define what constitutes 'semantically correct but intentionally false data' with a brief example of the crafted response format.
  2. [SR-DHT-Store description] Notation for the dynamically computed XOR distance in SR-DHT-Store should be introduced with an equation or pseudocode in the mitigation section for clarity.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their thorough review and valuable feedback on our manuscript. We appreciate the opportunity to clarify and strengthen our presentation of the active Sybil attack and the proposed SR-DHT-Store defense. Below, we provide point-by-point responses to the major comments.

read point-by-point responses

  1. Referee: [Attack description and evaluation] The central performance claims rest on an asserted early termination in Kubo's actual DHT lookup logic that accepts semantically correct but false responses before full verification or wider queries complete. No code citation, version hash, execution trace, or specific condition (e.g., in provider or value lookup paths) is supplied to demonstrate that this termination exists in the tested Kubo versions and enables the attack.

    Authors: We agree that the manuscript requires additional technical details to substantiate the early termination claim. In the revised version, we will add the specific Kubo version hashes tested, direct citations to the relevant source code paths (e.g., in the provider and value lookup functions), and a description or pseudocode of the termination condition that accepts semantically correct but false responses before full verification completes. revision: yes

  2. Referee: [Evaluation against mitigation] The reported 80% denial rate against the prior mitigation is presented without any description of the experimental setup, number of trials, statistical significance, measurement methodology for lookup attempts, or controls for network conditions. This makes the quantitative result difficult to verify or reproduce from the manuscript.

    Authors: We acknowledge that the evaluation section lacks sufficient methodological detail. In the revised manuscript, we will include a complete description of the experimental setup, the number of trials, statistical significance measures, the exact methodology for counting denied lookup attempts, and controls for network conditions to support reproducibility of the 80% denial rate. revision: yes

Circularity Check

0 steps flagged

No significant circularity; claims rest on external implementation details and empirical evaluation

full rationale

The paper describes an active Sybil attack that exploits an early termination in the Kubo DHT lookup implementation and evaluates its success rate against a previously published mitigation strategy, then proposes SR-DHT-Store as a new defense using region-based queries and dynamic XOR distances. No load-bearing step reduces by construction to a fitted parameter, self-citation chain, or renamed input; the attack success and mitigation overhead are presented as externally testable via code inspection and experiments rather than derived tautologically from the paper's own assumptions. This is the normal case of a self-contained empirical security paper.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The paper rests on standard domain assumptions about Kademlia DHT behavior and Sybil attack feasibility in open P2P networks; no free parameters or invented entities are introduced in the abstract.

axioms (1)
  • domain assumption IPFS DHT is based on Kademlia and susceptible to Sybil attacks
    Background fact stated in the opening of the abstract.

pith-pipeline@v0.9.0 · 5824 in / 1172 out tokens · 53139 ms · 2026-05-22T17:40:34.022588+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

39 extracted references · 39 canonical work pages · 1 internal anchor

  1. [1]

    The Sybil Attack,

    J. R. Douceur, “The Sybil Attack,” inRevised Papers from the First Inter- national Workshop on Peer-to-Peer Systems, ser. IPTPS ’01. Springer- Verlag, 2002, pp. 251–260

    work page 2002

  2. [2]

    Kademlia: A Peer-to-Peer Information System Based on the XOR Metric,

    P. Maymounkov and D. Mazi`eres, “Kademlia: A Peer-to-Peer Information System Based on the XOR Metric,” inRevised Papers from the First International Workshop on Peer-to-Peer Systems, ser. IPTPS ’01. Springer-Verlag, 2003, pp. 53–65

    work page 2003

  3. [3]

    Exploiting KAD: possible uses and misuses,

    M. Steiner, T. En-Najjary, and E. W. Biersack, “Exploiting KAD: possible uses and misuses,”ACM SIGCOMM Computer Communication Review, vol. 37, no. 5, pp. 65–70, 2007. [Online]. Available: https://dl.acm.org/doi/10.1145/1290168.1290176

    work page doi:10.1145/1290168.1290176 2007

  4. [4]

    Monitoring and Controlling Content Access in KAD,

    T. Cholez, I. Chrisment, and O. Festor, “Monitoring and Controlling Content Access in KAD,” in2010 IEEE International Conference on Communications, 2010, pp. 1–6. [Online]. Available: https: //ieeexplore.ieee.org/document/5502179

    work page arXiv 2010

  5. [5]

    Detection and mitigation of localized attacks in a widely deployed P2P network,

    T. Cholez, I. Chrisment, O. Festor, and G. Doyen, “Detection and mitigation of localized attacks in a widely deployed P2P network,” Peer-to-Peer Networking and Applications, vol. 6, no. 2, pp. 155–174,

    work page

  6. [6]

    Available: https://doi.org/10.1007/s12083-012-0137-7

    [Online]. Available: https://doi.org/10.1007/s12083-012-0137-7

    work page doi:10.1007/s12083-012-0137-7

  7. [7]

    Content Censorship in the InterPlanetary File System,

    S. Sridhar, O. Ascigil, N. Keizer, F. Genon, S. Pierre, Y . Psaras, E. Rivi `ere, and M. Kr ´ol, “Content Censorship in the InterPlanetary File System,” inProceedings 2024 Network and Distributed System Security Symposium, 2024. [Online]. Available: http://arxiv.org/abs/2307.12212

    work page arXiv 2024

  8. [8]

    IPFS - Content Addressed, Versioned, P2P File System,

    J. Benet, “IPFS - Content Addressed, Versioned, P2P File System,”

    work page

  9. [9]

    IPFS - Content Addressed, Versioned, P2P File System

    [Online]. Available: http://arxiv.org/abs/1407.3561

    work page internal anchor Pith review Pith/arXiv arXiv

  10. [10]

    ipfs/kubo,

    “ipfs/kubo,” IPFS Project, 2025. [Online]. Available: https://github.com/i pfs/kubo

    work page 2025

  11. [11]

    Berty · Berty Technologies,

    “Berty · Berty Technologies,” Berty Technologies, 2025, accessed: 2025-02-03. [Online]. Available: https://berty.tech

    work page 2025

  12. [12]

    [Online]

    “Dtube,” 2025, accessed: 2025-02-03. [Online]. Available: https://d.tube/

    work page 2025

  13. [13]

    A decentralized storage network for the world’s information,

    Filecoin, “A decentralized storage network for the world’s information,” Filecoin, 2025, accessed: 2025-04-15. [Online]. Available: https: //filecoin.io/

    work page 2025

  14. [14]

    libp2p - a modular network stack,

    “libp2p - a modular network stack,” libp2p, 2025, accessed: 2025-02-03. [Online]. Available: https://libp2p.io/

    work page 2025

  15. [15]

    Sybil Attack Strikes Again: Denying Content Access in IPFS with a Single Computer,

    T. Cholez and C.-L. Ignat, “Sybil Attack Strikes Again: Denying Content Access in IPFS with a Single Computer,” inARES ’24: Proceedings of the 19th International Conference on Availability, Reliability and Security. ACM, 2024, pp. 1–7. [Online]. Available: https://inria.hal.science/hal-04666290

    work page 2024

  16. [16]

    Blockchain-Based File Replication for Data Availability of IPFS Consumers,

    F. Yang, Z. Ding, L. Jia, Y . Sun, and Q. Zhu, “Blockchain-Based File Replication for Data Availability of IPFS Consumers,”IEEE Transactions on Consumer Electronics, vol. 70, no. 1, pp. 1191–1204,

    work page

  17. [17]

    Available: https://ieeexplore.ieee.org/document/10430473

    [Online]. Available: https://ieeexplore.ieee.org/document/10430473

    work page arXiv

  18. [18]

    Tackling Data Mining Risks: A Tripartite Covert Channel Merging Blockchain and IPFS,

    Z. Chen, L. Zhu, P. Jiang, J. He, and Z. Zhang, “Tackling Data Mining Risks: A Tripartite Covert Channel Merging Blockchain and IPFS,”IEEE Transactions on Network Science and Engineering, vol. 12, no. 3, pp. 1831–1848, 2025. [Online]. Available: https: //ieeexplore.ieee.org/abstract/document/10878429

    work page arXiv 2025

  19. [19]

    S/Kademlia: A practicable approach towards secure title-based routing,

    I. Baumgart and S. Mies, “S/Kademlia: A practicable approach towards secure title-based routing,” in2007 International Conference on Parallel and Distributed Systems, 2007, pp. 1–8. [Online]. Available: https://ieeexplore.ieee.org/document/4447808

    work page arXiv 2007

  20. [20]

    Pinata — crypto’s file storage,

    “Pinata — crypto’s file storage,” 2025, accessed: 2025-07-10. [Online]. Available: https://pinata.cloud/

    work page 2025

  21. [21]

    Filebase — the interplanetary development platform,

    “Filebase — the interplanetary development platform,” 2025, accessed: 2025-07-10. [Online]. Available: https://filebase.com/

    work page 2025

  22. [22]

    Merkle directed acyclic graphs (dag) — ipfs docs,

    “Merkle directed acyclic graphs (dag) — ipfs docs,” 2025, accessed: 2025- 01-08. [Online]. Available: https://docs.ipfs.tech/concepts/merkle-dag/ 16

    work page 2025

  23. [23]

    Multiformats,

    “Multiformats,” 2025, accessed: 2025-04-17. [Online]. Available: https://multiformats.io/

    work page 2025

  24. [24]

    Work with pinning services — IPFS Docs,

    “Work with pinning services — IPFS Docs,” 2025, accessed: 2025-01-24. [Online]. Available: https://docs.ipfs.tech/how-to/work-with-pinning-ser vices/

    work page 2025

  25. [25]

    Multiaddr — multiformats,

    “Multiaddr — multiformats,” 2025, accessed: 2025-01-08. [Online]. Available: https://multiformats.io/multiaddr

    work page 2025

  26. [26]

    go-libp2p-kad-dht/amino/defaults.go at master · libp2p/go-libp2p- kad-dht,

    “go-libp2p-kad-dht/amino/defaults.go at master · libp2p/go-libp2p- kad-dht,” 2025, accessed: 2025-07-29. [Online]. Available: https: //github.com/libp2p/go-libp2p-kad-dht/blob/31c361257e16379b6dee2f c2981f75ea0935a102/amino/defaults.go

    work page 2025

  27. [27]

    Distributed hash tables (dht) — ipfs docs,

    “Distributed hash tables (dht) — ipfs docs,” 2025, accessed: 2025-07-29. [Online]. Available: https://docs.ipfs.tech/concepts/dht/

    work page 2025

  28. [28]

    Bitswap — IPFS Docs,

    “Bitswap — IPFS Docs,” 2025, accessed: 2025-01-29. [Online]. Available: https://docs.ipfs.tech/concepts/bitswap/

    work page 2025

  29. [29]

    Eclipse Attacks on Overlay Networks: Threats and Defenses,

    A. Singh, T.-W. Ngan, P. Druschel, and D. S. Wallach, “Eclipse Attacks on Overlay Networks: Threats and Defenses,” inProceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications, 2006, pp. 1–12. [Online]. Available: https://ieeexplore.ieee.org/document/4146884

    work page arXiv 2006

  30. [30]

    Attacking the Kad network,

    P. Wang, J. Tyra, E. Chan-Tin, T. Malchow, D. F. Kune, N. Hopper, and Y . Kim, “Attacking the Kad network,” inProceedings of the 4th international conference on Security and privacy in communication netowrks, ser. SecureComm ’08. Association for Computing Machinery, 2008, pp. 1–10. [Online]. Available: https://dl.acm.org/doi/10.1145/1460877.1460907

    work page doi:10.1145/1460877.1460907 2008

  31. [31]

    Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer Network,

    M. Kohnen, M. Leske, and E. P. Rathgeb, “Conducting and Optimizing Eclipse Attacks in the Kad Peer-to-Peer Network,” inProceedings of the 8th International IFIP-TC 6 Networking Conference, ser. NETWORKING ’09. Springer-Verlag, 2009, pp. 104–116. [Online]. Available: https://doi.org/10.1007/978-3-642-01399-7 9

    work page doi:10.1007/978-3-642-01399-7 2009

  32. [32]

    Total Eclipse of the Heart – Disrupting the InterPlanetary File System,

    B. Pr ¨unster, A. Marsalek, and T. Zefferer, “Total Eclipse of the Heart – Disrupting the InterPlanetary File System,” in31st USENIX Security Symposium, USENIX Security 2022. USENIX Association, 2022, pp. 3735–3752. [Online]. Available: https: //www.usenix.org/conference/usenixsecurity22/presentation/prunster

    work page 2022

  33. [33]

    Hardening the ipfs public dht against eclipse attacks,

    “Hardening the ipfs public dht against eclipse attacks,” IPFS Blog & News, 2020, accessed: 2025-02-08. [Online]. Available: https://blog.ipfs.tech/2020-10-30-dht-hardening/

    work page 2020

  34. [34]

    Peer diversity for routing table and querying by aarshkshah1992 · pull request #88 · libp2p/go-libp2p-kbucket,

    “Peer diversity for routing table and querying by aarshkshah1992 · pull request #88 · libp2p/go-libp2p-kbucket,” GitHub, 2025, accessed: 2025-02-09. [Online]. Available: https://github.com/libp2p/go-libp2p-k bucket/pull/88

    work page 2025

  35. [35]

    Release v0.34.0 · libp2p/go-libp2p,

    “Release v0.34.0 · libp2p/go-libp2p,” GitHub, 2025, accessed: 2025-02-

    work page 2025

  36. [36]

    Available: https://github.com/libp2p/go-libp2p/releases/tag /v0.34.0

    [Online]. Available: https://github.com/libp2p/go-libp2p/releases/tag /v0.34.0

    work page

  37. [37]

    Where are the hard knapsack problems?

    D. Pisinger, “Where are the hard knapsack problems?”Computers & Operations Research, vol. 32, no. 9, pp. 2271–2284, 2005. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S030505480 400036X

    work page 2005

  38. [38]

    Edwards-Curve Digital Signature Algorithm (EdDSA),

    S. Josefsson and I. Liusvaara, “Edwards-Curve Digital Signature Algorithm (EdDSA),” 2017. [Online]. Available: https://datatracker.ietf.o rg/doc/rfc8032

    work page 2017

  39. [39]

    The Exponentially Weighted Moving Average,

    J. S. Hunter, “The Exponentially Weighted Moving Average,”Journal of Quality Technology, vol. 18, no. 4, pp. 203–210, 1986. [Online]. Available: https://doi.org/10.1080/00224065.1986.11979014 17

    work page doi:10.1080/00224065.1986.11979014 1986