Scribd Logo
Upload

Welcome to Scribd!

  • The Freenet Project

    Uploaded by

    Ilya Margolin
    319 views20 pages
    My university presentation on Freenet Project, to be held on 03.11.2010 at HAW Hamburg

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    My university presentation on Freenet Project, to be held on 03.11.2010 at HAW Hamburg

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    319 views20 pages

    The Freenet Project

    Uploaded by

    Ilya Margolin
    My university presentation on Freenet Project, to be held on 03.11.2010 at HAW Hamburg

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    Freenet Project

    Practical overlay network for


    security, anonymity and freedom
    of speech

    by Ilya Margolin,
    AI Seminar, HAW Hamburg, 2010
    Overview
    ● What is Freenet? ● Network stability in P2P
    ● Why Freenet? ● Location
    ● Goals ● Routing
    ● What is Freenet, really? ● Opennet mode
    ● Freenet as DHT ● Darknet mode
    ● CHK - Content Hash Key ● Data availability
    ● SSK - Signed Subspace Key ● Summary
    ● KSK - Keyword Signed Key ● Thank you!
    What is Freenet?
    Freenet is a distributed data storage in an overlay network of
    darknet nodes aiming to provide security and freedom of press for
    the publisher as well as the consumer of information.
    Freenet is...
    ● open source P2P program
    ● a platform for secure anonymous communication
    ● an overlay network
    ● a distributed hash table
    ● a network of caching proxies
    ● "best effort" storage and retrieval
    ● a darknet (?!)
    03.11.10 3
    Why Freenet?
    ● Universal Declaration of Human Rights, Article 19:
    Everyone has the right to freedom of opinion and expression; this
    right includes freedom to hold opinions without interference and to
    seek, receive and impart information and ideas through any media
    and regardless of frontiers.
    ● Democracy can only be established by informed people
    ● Censorship cannot be controlled by democratic means
    ● Anonymous publishing is efficient against censorship
    ● Internet is meant to be free
    I worry that ten or fifteen or twenty years from now, [my daugther]
    will come to me and say, "Daddy, where were you when they took
    freedom of the press away from the Internet?"
    -- Mike Godwin, Electronic Frontier Foundation [1]
    Image: Wikipedia, Reporters Without Borders 2009 Press Freedom Rankings, in Public Domain

    03.11.10 4
    Goals
    ● Private communication
    ● Censorship resistance
    ● DoS resistance
    ● Network stability
    ● Plausible deniability
    ● Performance is least concern

    03.11.10 5
    What is Freenet, really?
    ● The node - Java program, implements DHT
    ● The network, routing requests and inserts
    ● FProxy, local web interface to the node
    ● Plugins and applications connect to node
    ● Content: freesites, flogs, forum posts etc.
    ● Bugs :)

    03.11.10 6
    03.11.10 7
    Freenet as DHT

    ● Documents are retrieved from Freenet by their known


    keys
    ● Documents are stored encrypted (256-bit Rijndael)
    ● The (Freenet) key consists of DHT key, decryption key
    and some metadata
    ● Encryption keys only in client layer
    ● Permanent datastore and cache
    ● Datastore drops least recent used records when full

    03.11.10 8
    CHK - Content Hash Key
    ● basic type of key
    ● looks like:
    CHK@Ko3vs4QBd1JCxUudvIjjGxQY87LoaUHYZBnoBnKCPW0,7B3W6bAs
    RFkLnwFYuIJZ52uAjXQA8TEc-CzrPCrVNaQ,AAIA--8
    ● All non-human-readable parts are (modified) BASE64 encoded

    Ko3...PW0 is the hash of the encrypted document

    7B3...NaQ is the decryption key

    AAIA--8 are encryption/compression/other options
    ● generated from content, so not updatable

    03.11.10 9
    SSK - Signed Subspace Key
    ● Based on asymmetric cryptography
    ● Provides an updatable namespace, controlled by the
    private key owner
    ● Looks like:
    SSK@2X9k65z84Hz1TE4Wz8H60sySUpp~AR~zGfA4R-
    R8~nM,3KfZIhZaATR1pZS74GcNPiJQ1v3St-
    MlUexdHNqu87g,AQACAAE/xfilesepguide/
    ● 2X9k...8~nM is SHA256 hash of public key
    ● 3KfZ...u87g is symmetric descyption key
    ● xfilesepguide is document name relative to subspace

    03.11.10 10
    KSK - Keyword Signed Key
    ● Looks like: KSK@sample.txt
    ● Not secure against spamming or name
    hijacking
    ● Can redirect to other key
    ● There is (local) collision detection

    03.11.10 11
    Network stability in P2P

    1. Central server, knowing all peers or managing


    searches
    eMule, Napster, Soulseek, to some extent BitTorrent
    No server → no network
    2. Seednodes, peer exchange
    BitTorrent DHT tracker, Freenet in Opennet mode
    No seednodes → no new users
    3. Darknet (friend to friend) network, connections only to
    trusted friends
    W.A.S.T.E., Freenet in darknet mode
    No friends → no network :(
    Not harvestable :)
    03.11.10 12
    Location
    ● Location is randomly
    assigned to the node
    upon install
    ● Location is a float from 0
    to 1
    ● Keys also translate to
    locations
    ● Documents should be
    stored on nodes close to
    their key
    ● But it is not easy to
    achieve
    03.11.10 13
    Routing
    ● Hill climbing with
    backtracking
    ● Hops-To-Live=18
    ● Works quite good
    ● Measures against
    revealing request
    originators' identity

    03.11.10 14
    Opennet mode
    ● Node location is fixed
    ● Optimal number of connections dependent on
    donated bandwidth
    ● Connections are as stable as possible, IP
    change will still get you connected to the same
    nodes
    ● Node attempts to form connections to other
    nodes appropriate to its location
    ● Many short links, a few long links

    03.11.10 15
    Darknet mode
    ● Connections only to
    trusted nodes
    ● Fixed network
    topology
    ● Location swapping:
    attempt to select
    location matching the
    topology

    03.11.10 16
    Data availability
    ● Documents are split and padded, so all DHT
    entries are same size (for CHK keys — 32k)
    ● Documents are cached all the way back to
    request originator
    ● Forward error correction using Vandermonde
    matrices in galois field GF(2p)
    ● Linear operation
    ● Given m>k, encoding produces m pieces, of which
    only k are needed to decode.
    ● In case of Freenet, m/k = 2, 100% redundancy
    03.11.10 17
    Summary
    ● Freenet Project is politically important, actively
    developed, complex and fun
    ● You should try it!

    03.11.10 18
    Thank you!

    Questions?
    «I do not agree with what you have to say, but I'll
    defend to the death your right to say it.»
    -- Voltaire
    «I worry that ten or fifteen or twenty years from now,
    [my daugther] will come to me and say, "Daddy, where
    were you when they took freedom of the press away
    from the Internet?"»
    -- Mike Godwin, Electronic Frontier Foundation¹

    03.11.10 19
    Sources
    1. Universal Declaration of Human Rights
    2. «Cyber rights: defending free speech in the digital age» by
    Mike Godwin, p. 76
    3. «Private Communication Through a Network of Trusted
    Connections: The Dark Freenet» by Ian Clarke, Oskar
    Sandberg, Matthew Toseland, Vilhelm Verendel
    4. «Routing in the Dark: Pitch Black» by Nathan S. Evans, Chris
    GauthierDickey, Christian Grothoff
    5. Freenet Project Website: http://freenetproject.org
    6. Freenet wiki: http://wiki.freenetproject.org
    7. IRC channel #freenet on irc.freenode.net

    03.11.10 20

    You might also like