[ANet-devel] Re: I'm *SO* impressed by FreeNet!
Status: Abandoned
Brought to you by:
benad
Menu
▾
▴
[ANet-devel] Re: I'm *SO* impressed by FreeNet!
|
From: Benoit N. <be...@ma...> - 2000-12-07 00:43:07
|
>Hi, Hi! ... ? We can skip the formalities now... >The point is the entry point of the data into the network. Oops! Completely forgot about that! When I first started to think about security in ANet, I thought about protecting the network, not making the entry of data in the network anonymous. The reason why I really wanted anonymity, in the sense that you can't trace back the origin of the data once it's in the network, it's because it allows the network to work (hehe!) without any static IP address. Hence the "philosophy" behind ANet, in the docs. Protecting the entry point is perfect for the paranoid, but is not the point why we should make the network "anonymous". I'm not making this for Warez anyways. So, if everyone's OK with it, anything related to encryption should be coded after version 1. >The orginator of >the message is hidden by the use of the public key encryption. When you >send something encrypted with the public key only the reciever can decrypt >it. It is not known who sent the message. Once the last node has recieved >the message it is then introduced into the network - so the originator is >not known. > >I'll illustrate what I mean with an example. > >There is a chain A -> B -> C -> D. > >A wishes to send data to D. A takes the data and encrypts it first with >D's public key, then C's then B's and sends it to B. > >B decrypts the data and sees that the encrypted messages is for C and >therefore forwards it. > >C decrypts the data and sees that the message is for D and forwards it. > >D decrypts the data and then broadcasts it to the whole network with no >way of telling the originator of the message. > >Unless B, C & D are malicious and all working in concert, no one can tell >where the message originates from. Dummy packets will have to be sent to >prevent traffic analysis. Uh... This idea is great to "plant" a query of some static data in the middle of the network (as a one way data flow), but can't be used in two way data flow. The other side of the proxy doesn't know the full path to the actual destination, so the proxy can't know which public keys to use. So, when you "plant" your query in the network, network sniffing may identify you as the origin, but no one can know what the data is, and once the data is in the network, everyone can see the data, but you can't be traced back anymore! Hmmmm... Your idea is great after all! >In your scheme how is A kept anonymous from B? You do not cover this in >your documentation. If someone is sniffing the network between A and B >they will see when a query originates from A and therefore know what A is >looking for. There's always a way to "sniff" that some node is producing some data, and encryption simply stops the third party to know what the data is. For what I think is obvious, it's more important to protect the network as a whole than individual nodes, as it's easier (and cheaper) to attack a protocol than to attack a specific node. That's why I view encryption as "optional". Anyways, between A and B, A sends the data to B the same way as if A received the data from someone else (IP to IP: the know the IPs of each other). So, you'll need to find what output of A in all connections is compared to its input to find what A is producing. BTW, Gnutella is pretty happy without encryption, and I haven't even heard rumors about individual nodes being attacked. At least non-warez nodes. >Without public key encryption how will this information be hidden? UDP is >blocked by most firewalls. If used it would drastically reduce the >usefulness of the application. So I assume that you would be using TCP >which means that adjacent nodes would have to know each others IP >addresses. With that information you can find out who owns that address >and then the ISP's logs can be used to find out who you are. And unless you're an ISP, knowing someone's IP address is pretty unusefull. Unless you want to try a DOS (Denial Of Service) attack... Even encryption will not protect you from the others to know your IP address as your position in the network. UDP? What's that? ... RFC 768, right? (http://www.freesoft.org/CIE/RFC/768/index.htm) .... (reading) There are ports in UDP. So it doesn't define the behavior of the data. :-( >You have know way of knowing which nodes are malicious and therefore you >cannot just simply switch to another node. I'm currently thinking about some way to "test" the nodes to see if they're malicious or not >I'd recommend that you get a copy of 'Applied Cryptography' by Bruce >Schneier (ISBN: 0471117099). It contains many different explanations of >security analysis and techniques. I don't know anyone that hasn't found it >useful. I see this book recommended by everyone. Is it that good? >PS The RSA patent expired on the 20th September this year. OpenSSL >contains an industrial strength, open source, implementation of the RSA >algorithym. WHAT? Great! >PPS Export restrictions have been drastically reduced. Have a look at: >http://www.mozilla.org/crypto-faq.html All legal issues can be >circumvented by using developers in countries without export restrictions. I'm still not impressed by just 56 bits. But for ANet, it should be enough... For keeping encryption for version 2, OK or not? (wow. that email was huge...) - Benad |
