Freenet. Goals & Properties

Similar documents
FreeNet. A Distributed Anonymous Information Storage and Retrieval System. Presented By Xiao Wei-Cheng

Overlay and P2P Networks. Unstructured networks: Freenet. Dr. Samu Varjonen

Scalable overlay Networks

Content Overlays. Nick Feamster CS 7260 March 12, 2007

Department of Computer Science Institute for System Architecture, Chair for Computer Networks. File Sharing

A Survey of Peer-to-Peer Content Distribution Technologies

Announcements. me your survey: See the Announcements page. Today. Reading. Take a break around 10:15am. Ack: Some figures are from Coulouris

Security and Anonymity

A Routing Table Insertion (RTI) Attack on Freenet

Accountability and Resource Management

DISTRIBUTED COMPUTER SYSTEMS ARCHITECTURES

Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonym, Communications of the ACM, 24:2, Feb. 1981

Introduction to P2P Systems

Accountability and Resource Management

Kademlia: A peer-to peer information system based on XOR. based on XOR Metric,by P. Maymounkov and D. Mazieres

How Alice and Bob meet if they don t like onions

Addressed Issue. P2P What are we looking at? What is Peer-to-Peer? What can databases do for P2P? What can databases do for P2P?

CS555: Distributed Systems [Fall 2017] Dept. Of Computer Science, Colorado State University

2 Ian Clarke, Oskar Sandberg, Brandon Wiley, and Theodore W. Hong operates as a location-independent distributed le system across many individual comp

Early Measurements of a Cluster-based Architecture for P2P Systems

Simulations of Chord and Freenet Peer-to-Peer Networking Protocols Mid-Term Report

The Design and Implementation of a Next Generation Name Service for the Internet (CoDoNS) Presented By: Kamalakar Kambhatla

Deploying a New Hash Algorithm. Presented By Archana Viswanath

Squirrel case-study. Decentralized peer-to-peer web cache. Traditional centralized web cache. Based on the Pastry peer-to-peer middleware system

A Fault-Tolerant P2P-based Protocol for Logical Networks Interconnection

Peer-to-Peer Protocols and Systems. TA: David Murray Spring /19/2006

Distributed Systems. Characteristics of Distributed Systems. Lecture Notes 1 Basic Concepts. Operating Systems. Anand Tripathi

Distributed Systems. Characteristics of Distributed Systems. Characteristics of Distributed Systems. Goals in Distributed System Designs

0x1A Great Papers in Computer Security

Onion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring

Replica Placement. Replica Placement

CS 347 Parallel and Distributed Data Processing

CS 347 Parallel and Distributed Data Processing

Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System

Slides for Chapter 10: Peer-to-Peer Systems

Introduction on Peer to Peer systems

Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing

Peer-to-peer systems and overlay networks

Distributed Systems. 21. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2018

CS November 2018

P2P. 1 Introduction. 2 Napster. Alex S. 2.1 Client/Server. 2.2 Problems

Scalable overlay Networks

A SIMPLE INTRODUCTION TO TOR

Distributed Systems Final Exam

Information Retrieval in Peer to Peer Systems. Sharif University of Technology. Fall Dr Hassan Abolhassani. Author: Seyyed Mohsen Jamali

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. EJ Jung

Some Lessons Learned from Designing the Resource PKI

Distributed Information Processing

Peer-to-Peer Networks 14 Security. Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg

Chapter 10: Peer-to-Peer Systems

LECTURE 8. Mobile IP

Distributed Filesystem

Lecture 2: January 24

Hierarchical Peer-to-Peer Networks

Message Authentication and Hash function

Ahoy: A Proximity-Based Discovery Protocol

LessLog: A Logless File Replication Algorithm for Peer-to-Peer Distributed Systems

A Traceback Attack on Freenet

Redundancy-Aware Peer-to-Peer Protocol (RAPP)

Feasibility, Effectiveness, Performance and Potential Solutions on Distributed Content Sharing System

NETWORKING. 8. ITDNW08 Congestion Control for Web Real-Time Communication

CS November 2017

The Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science

Chapter 12 Network Protocols

Identity Firewall. About the Identity Firewall

Mobile Ad-hoc and Sensor Networks Lesson 04 Mobile Ad-hoc Network (MANET) Routing Algorithms Part 1

Fixed Internetworking Protocols and Networks. IP mobility. Rune Hylsberg Jacobsen Aarhus School of Engineering

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Introduction to Information Science and Technology 2017 Networking II. Sören Schwertfeger 师泽仁

Anonymity and Privacy

Privacy defense on the Internet. Csaba Kiraly

Chapter 09 Network Protocols

Closed book. Closed notes. No electronic device.

Anonymity. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel

= Data Request. = Data Reply. = Request Failed. start 12. data. This request failed because a node will refuse a Data Request that it has already seen

Routing protocols in WSN

Configuring STP. Understanding Spanning-Tree Features CHAPTER

On the Internet, nobody knows you re a dog.

VISHVESHWARAIAH TECHNOLOGICAL UNIVERSITY S.D.M COLLEGE OF ENGINEERING AND TECHNOLOGY

Slides for Chapter 10: Peer-to-Peer Systems. From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design

CS519: Computer Networks. Lecture 6: Apr 5, 2004 Naming and DNS

Thwarting Traceback Attack on Freenet

Overlay and P2P Networks. Unstructured networks. Prof. Sasu Tarkoma

Final Exam April 28, 2010.

Scaling Problem Millions of clients! server and network meltdown. Peer-to-Peer. P2P System Why p2p?

A Glance at Peer to Peer Systems

Peer-to-Peer Networks

Configuring IP Multicast Routing

Strongly Anonymous Communications in Mobile Ad Hoc Networks

WSN Routing Protocols

Module 28 Mobile IP: Discovery, Registration and Tunneling

For example, if a message is both a virus and spam, the message is categorized as a virus as virus is higher in precedence than spam.

Mobile IP Overview. Based on IP so any media that can support IP can also support Mobile IP

The multiple spanning-tree (MST) implementation is based on the IEEE 802.1s standard.

Current Topics in OS Research. So, what s hot?

Distributed Systems. 17. Distributed Lookup. Paul Krzyzanowski. Rutgers University. Fall 2016

CIS 6930/4930 Computer and Network Security. Topic 7. Trusted Intermediaries

Untraceable Nym Creation on the Freedom 2.0 Network

Outline. CS5984 Mobile Computing. Dr. Ayman Abdel-Hamid, CS5984. Wireless Sensor Networks 1/2. Wireless Sensor Networks 2/2

Protocols for Anonymous Communication

Transcription:

Freenet an adaptive peer-to-peer network application that permits the publication, replication, and retrieval of data while protecting the anonymity of both authors and readers. Clarke, et.al. Goals & Properties Goals Anonymity for producers and consumers Deniability for storers Resistance to denial of service attacks Efficient storage and routing Decentralization Properties Whole file is the unit of storage No guarantee of permanent storage Operates at application layer Files named by location-independent keys Transparent lazy replication 1

Assigning a Key keyword-signed key : key is derived from a short descriptive string chosen by the user when the file is inserted into the system signed-subspace key : key is derived from the public key generated by the user; creates a personal namespace content-hash key : key is derived from hashing the file s contents Note: content-hash key and signed-subspace key canbeusedwithan indirection mechanism to handle updatable files. Keyword-signed key string key generation public key private key hash file key file stored file signature encrypt Note: retrieval requires only string Problems resulting from flat name space: Collisions (different users selecting same string for different files) Key-squatting (junk files in popularly named positions) 2

Signed-subspace key public key string hash hash xor hash file key private key stored file file encrypt signature Notes: retrieval requires (string, public key) directory simulation through a file containing descriptive strings for other files Content-hash key hash file file key stored file encrypt random key Note: retrieval requires (file key, random key) 3

Updateable Files indirect file (file key, random key) (1) insert using CHK (2) insert using SSK file (3) publish (public key, string) Notes: A combination of content-hash keys and signed-subspace keys To update: 1. Insert new file using CHK method using new (file key, random key) 2. Insert new indirect file using original (public key, string) Key collisions on indirect file causes older version to be discarded Old version of file still available using its (file key, random key) index Technique can also be used to split large files into parts Message Structure 64 bit randomly generated Used to prevent routing cycles request/reply transaction ID hops-to-live depth payload Incremented at each hop Used to set hops-to-live in response Initialized to small random value When =1, not automatically incremented with probability p Set by sender to limit propogation Decremented on each hop When = 1, forwarded again with probability p 4

Retrieval (key, hops-to-live) (1) request (7) deliver file local node (2) check local store (6) Update route table (3) send request using routing table (4) file & source (5) cache local store Notes: Request contains (key, hops-to-live) Any node on reply path can change source to be itself or any other node File cached at all nodes along return path 1. Improved subsequent access 2. Redundancy improve fault tolerance Routing key 1 key 2 node 1 node 2 Notes: Each node maintains routing table Route request to node which has the closest lexicographic matching key Use depth-first-search with backtracing Table entries added as new files acquired by the node routing table 5

file key Insertion (1) insert local node (2) check local store (3) send insert using routing table (5a) if file, update route table (4) file or OK (5a) if file, cache (5b) If OK, send file local store Notes: Inserted file stored at all nodes along search path Any node on path can change the source to itself or any other node Inserts announce the existence of the node Attempts to insert junk files are rejected and the real file is further propagated Scalability 6

Fault Tolerance Free Haven the Free Haven Project aims to design, implement, and deploy a functioning distributed anonymous storage service. Dingledine et.al. 7

Forms of Anonymity Anonymity of agents (authors, publishers, readers, and servers) no link between the agent and a given document Document anonymity servers do not know what documents they store Query anonymity servers do not know the identity of documents which satisfies a users request Structure Documents (file) Each document is divided into shares Each document is assigned an expiration date Servers Community of servers servnet Each server has a persistent identification pseudonym Each server exposes a public key and a (set of) remailer reply blocks Each server has a database of the public keys and the remailer reply blocks of all other servers Servers form contracts to store shares for a specified interval of time Fulfilling a contract increases that server s reputation 8

Insertion A file F is broken into shares f 1,,f n where k (<n) shares are needed to reconstruct the file A key pair (PK doc,sk doc ) is generated for F Each share is signed All shares of a given file are indexed by Hash(PK doc ) Possible share representation: <share> <PKdoc> ce41f889d7569704e89edbdddf243662d8c784</pkdoc> <sharenum> 1 </sharenum> <totalshares> 100 </totalshares> <sufficientshares> 60 </sufficientshares> <expiration> 2000-06-11-22:25:24</expiration> <data> </data> <signature> digital signature of above </signature> </share> Retrieval Reader Generates (PK client,sk client ) key pair for the transaction Generates a one-time remailer reply block (rrb) Broadcast request (H(PK doc ), PK client, rrb) to all servers Server Checks for availability of any shares with index of H(PK doc ) Encrypts each found share with PK client Sends each encrypted share using rrb 9

Remailer Reply Blocks Goal: a sender is provided by a receiver (nym) with the means to transmit a message to that receiver such that the sender has no knowledge of the actual receiver usr@a rem@b rem@isp server Constructing a reply block Anon-To: usr@a Encrypt-Key: key1 Encrypt with public key of rem@b Anon-To: rem@b Encrypt-Key: key2 replyblock-1 Encrypt with public key of rem@isp Anon-To: rem@isp Encrypt-Key: key3 replyblock-2 10

Encryptions in transit message cyphertext-a cyphertext-b sign; encrypt with nym public key encrypt with key3 encrypt with key2 encrypt with key1 cyphertext-a cyphertext-b cyphertext-c Flow of data server rem@isp rem@b usr@a replyblock-2 cyphertext-a replyblock-1 cyphertext-b cyphertext-c 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback