Re: [briar-devel] Discovering Nodes etc.
Brought to you by:
akwizgran
Menu
▾
▴
Re: [briar-devel] Discovering Nodes etc.
|
From: Michael R. <mi...@br...> - 2014-01-29 11:31:46
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi g3ntleman, The short answer to your question is Tor hidden services. Each device publishes a Tor hidden service whenever it's online, which its contacts can connect to regardless of the device's current IP address, NAT, etc. Connecting through Tor conceals the social graph from internet surveillance. It's also possible for devices to connect directly to each other via TCP, across the LAN or the internet. But connections across the internet are unlikely to succeed for several reasons. First, as you mentioned, contacts may not be online at the same time. Second, they may not know each other's current IP addresses. Third, they may be behind NATs or firewalls (very likely for mobile devices). We have some measures to get around these problems: UPnP for automatic port forwarding, and exchanging up-to-date IP addresses whenever contacts can reach each other via any transport. But it's still unlikely that two mobile devices will be able to reach each other reliably via TCP. Worst of all, direct TCP connections reveal the social graph to internet surveillance - and a peer discovery mechanism such as a DHT would do the same. Because of all these issues, I've disabled the internet TCP plugin in recent builds. The LAN TCP plugin is still enabled. In the long term we're planning two features that could help to mitigate these issues. The first feature is called a repeater: a device connected to wifi or Tor that acts as a dead drop for encrypted data. Alice connects to the repeater and uploads a blob of encrypted data for Bob, and later Bob connects to the repeater and downloads it. Alice and Bob don't have to be in wifi range of each other, or online at the same time, to communicate. The repeater can't read the data, and if Alice and Bob connect to the repeater via Tor then it doesn't even need to know who they are. The second feature is similar, but it uses Alice and Bob's mutual contacts as repeaters. If Alice, Bob and Carol are all contacts, and if they all /know/ that they're contacts (for example, because Alice introduced Bob to Carol), then Alice can connect to Carol and upload a blob of encrypted data for Bob, and later Bob can connect to Carol and download it. Again, Carol can't read the data. Hope this answers your question. Cheers, Michael On 29/01/14 02:20, d.t...@gm... wrote: > Hi, Michael et al! > > With interest, I read the information available about briar on the > briar web site. However, after doing so, it’s still nor clear to me > how peers find each other (e.g. in a TCP network). > > When I do the routing myself by sending e.g. USB-Sticks, it’s ok, > but how to connect to my friend to deliver a message to him in a > TCP network where he might be offline most of the time and my > sending node is offline at times. > > Would my sending node just send the messages to any node(s) > available and hope the flooding does the rest? > > How do nodes discover each other? > > Greetings, g3ntleman > ------------------------------------------------------------------------------ > > WatchGuard Dimension instantly turns raw network data into actionable > security intelligence. It gives you real-time visual feedback on > key security issues and trends. Skip the complicated setup - > simply import a virtual appliance and go from zero to informed in > seconds. > http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk > > _______________________________________________ > briar-devel mailing list bri...@li... > https://lists.sourceforge.net/lists/listinfo/briar-devel > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCAAGBQJS6OZvAAoJEBEET9GfxSfMwzYH/0VwTCCm2TcTKjVQgFvB4W2L AE6tfiSS7R/x2LJVhHHTXqMl4ctqMwW70+RNsnxYIuBs4bT2Q9fTQmHS3YbnOCBm t1Q8aDhvCYA0oe9iI6Bm5Dgm60a5pKLsECWvDjiCCWqDfZWAEX6gk9AGrLFC42UY jL2igF7ZzhxWSdnaFxr3gUp1R701FsoI+N3TJV3UVCUfH3NUIYBg55bz9bzHRvmR kP+wQWWxZBSAywWg4V3cZqh8CGZXBKgobGOvNYbCs2iMzXuhbD7A+ceJx0/PjxKg l9Gw4gTowgH/JTp1iJwxlRj/LOSfMJ0jTJzkFGfgrBkezWGyTkzqRnNI9yB3cSk= =Fo4Q -----END PGP SIGNATURE----- |
