Freenet 0.7: Difference between revisions
Line 97: | Line 97: | ||
* a symmetric encryption key |
* a symmetric encryption key |
||
First the file is encrypted using the symmetric encryption key. Next the encrypted file is signed using the private part of the generated keypair. |
First the file is encrypted using the symmetric encryption key. Next the encrypted file is signed using the private part of the generated keypair. Then both the public part of the keypair and the descriptive string are hashed, the hashvalues are concatenated, and that string is then hashed again to yield the actual SSK under which the file will be inserted into the network along with the public part of the keypair (so that nodes can verify the file). If a person wants to retrieve the file, they need to know the descriptive string, the public part of the keyair and the encryption key. |
||
As explained above, the signing of the files prevents evil nodes from manipulating their contents. |
As explained above, the signing of the files prevents evil nodes from manipulating their contents. |
Revision as of 14:20, 3 October 2007
Freenet is a Peer-to-Peer network with main focus on security and anonymity (for both authours and consumers of information). It is based on a paper(pdf) by Ian Clarke. In 2005 Freenet was completely rewritten because of a new design concept that was to be implemented - the Darknet. This new version of Freenet, namely version 0.7, is not compatible to any older versions. This article deals with Freenet 0.7 exclusively.
What is Freenet ?
The freenet is a network with the goal to provide as much anonymity as possible while still scaling well to large networks. In order to do that, it uses certain concepts of network/graph theory. These are:
- The Darknet Concept
and
- The Small World Concept
. It is vitally important to understand these concepts before trying to understand how the freenet works. So let us first discuss these Concepts...
The Darknet Concept
A Darknet is a Network of Nodes (People, Computer, Cells, ...) in which certain statements hold. These are:
- each node has a list of other nodes it trusts (friends)
- the friends relation is symmetric (at least as far as we know)
- traffic only flows between friends
- nodes have no specific knowledge of non-friend-nodes
These Statements are solely concerned with the privacy of users and pose strong restrictions on communication. They usually result in either isolated networks (meaning, that there is NO way for non-friends to exchange data) or very bad scalability (requests are breadth-first-searches which scale very badly).
Freenet tries to avoid these problems by using theories of another concept. Which is the small world
The Small World Concept
The small world concept is a property in graphs (it holds especially in social networks). It was first introduced with the Milgram-Experiment. The small world property states that the number of edges of a certain length (in some arbitrary distance-measure, in our case distance in the key-space) is inversely proportional to the length. This basically means, that the number of long edges is small while the number of short edges is high.
//TODO: INSERT GRAPH HERE
Given a small world it is possible to track a certain node in few steps by using the long edges to traverse long distances and the short nodes to exactly localize the node in the keyspace.
Philosophy
Freenet has the freedom of informationexchange as it's primary goal. Legal and moral concerns that are connected with free and untraceable exchange of data, like sharing of illegal music- or videofiles, or even contents contemptuous of the human rights, are secondary to that goal. Ian Clarke argues, that they are in fact mutually exclusive :
"You cannot guarantee freedom of speech and enforce copyright law. It is for this reason that Freenet, a system designed to protect Freedom of Speech, must prevent enforcement of copyright."
- Ian Clarke, Freenet Philosphy
Matthew Toseland, the main developer of Freenet, also states that :
"Legality is irrelevant, the whole point of a darknet is that it is hidden and has a reasonable chance of survival despite running a node being illegal."
- Matthew Toseland Discussion on the possibility of censorship in Freenet, Freenet mailing list archives
Freenet is designed to be used in countries where free exchange of information is illegal. If there was any way of censoring Freenet, it would mean that it has failed to fulfill it's goals.
Another important point is, that Freenet regards itself as a research project. It is not known if Freenet ever fulfills its initial goals and might yet take some time to find out.
Anonymized Peer-to-Peer
Freenet is a Peer-to-Peer (p2p) network, meaning that it has no central component at all. Participating computers (nodes) either communicate directly with each other or the messages are relayed by other nodes in between. All nodes equal. A p2p network can be characterized by how it implements the following five aspects :
- Input: How is information submited
- Transmission: How is the information handled by the network
- Storage: How is information stored on an individual node
- Database: How can information be found again
- Output: How is information retrieved
Each of these aspects can give away information about the users of the network. Freenet tries to provide all this functionality while maintaing anonymity for the user in every aspect. This means :
- Author anonymity - The author of any information cannot be traced after submiting his content to the network.
- Data robustness - Once information has been submitted to the network, it cannot be changed or removed on porpose, not even by the true author himself. Also access to that information cannot be restricted, transmissions cannot be filtered.
- Deniability - Information is stored on different nodes. A node has no control, wich information will be stored in it's storage. The owner of a node cannot be held responsible for the contents on his computer.
- Reader anonymity - Requests for information cannot be traced back to their origin. A user may search for information without fear of surveilance.
Freenet does not (yet) anonymize the fact of participation itself. However it regards itself as an experimental Stegonet. A stegonet is a network, wich cannot be detected. It cannot be know who participates and where and when messages are sent. The word is a composition of the words Steganography, meaning the hiding of messages, rather than encrypting them, and Network. There is an ongoing discussion in the Freenet mailing lists on whether that is even possible. Another approach being discussed is the Sneakernet. This is an approach where information is not transmitted over the internet or some fixed network, but rather by mobile devices such as cellphones or even portable harddrives. This would abviously lead to very high latency, but might be virtually undetectable. This idea is, however, far from being implemented yet.
Goals
The main goal of Freenet (0.7) is to provide a way to safely exchange information in a "hostile environment", such as an oppressive dictatorship. Most important in that respect is as much anonymity as possible. This includes:
- Author-anonymity: It is impossible to trace the originator of any document
- Sender/Distributer-anonymity: It is impossible to trace the one that is sharing/spreading/distributing a document
- Viewer-anonymity: It is impossible to find out who read/downloaded a document
.
Technical Implementation
Filekeys
To store a file in Freenet it needs to be associated with some kind of key. This key is the URI of that file within the network. There are two more main requirements to Freenet filekeys. First they need to allow for file authentication. Specifically, any node needs to be able to verify, that a certain file actually belongs to the key it claims. This has to work without knowing the contents of the file. During the retrieval of data files may be transmitted through an arbitrary number of intermediate nodes, each of which may choose to cache the file for faster satisfaction of future requests. Therefore, it is desirable, that each node may verify the authenticity of any file that runs through it.
The second requirement is encrypted requests. If anyone requests a certain key (and thus the data associated with that key), no one else should be able to tell, what the contents of that file are.
There are five types of filekeys. Keyword-signed keys (KSK), Signed Subspace Keys (SSK) and Content Hash Keys (CHK) are the three main keytypes. Updatetable Subspace Keys (USK) and Revocable Subspace Keys (RSK) are just mechanisms wrapped around SSKs for convenience. It follows a detailed description of some of the keytypes. All files are encrypted symmetrically. Anyone requesting a file needs to know this symmetric encryption key. This holds for all keytypes. This is so that any node that transmits or stores the file can plausibly deny all knowledge of its contents.
Signed-Subspace Keys
A Singed-Subspace Key is made up of three parts :
- a public/private keypair
- a descriptive string
- a symmetric encryption key
First the file is encrypted using the symmetric encryption key. Next the encrypted file is signed using the private part of the generated keypair. Then both the public part of the keypair and the descriptive string are hashed, the hashvalues are concatenated, and that string is then hashed again to yield the actual SSK under which the file will be inserted into the network along with the public part of the keypair (so that nodes can verify the file). If a person wants to retrieve the file, they need to know the descriptive string, the public part of the keyair and the encryption key.
As explained above, the signing of the files prevents evil nodes from manipulating their contents.
Content Hash Keys
A Content Hash Key (CHK) is really only the hashvalue of the file it belongs to. These are of course not human readable. The idea is, that large file get split into many small parts, each of which is inserted under its CHK. Then another file, containing a list of all these CHKs is inserted under a Signed-Subspace Key. Provided a collisionfree hashfunction, CHKs are very robust to fake files.
Storing
Retrieval
Caching
References
- I. Clarke, O. Sandberg, B. Wiley and T.W. Hong, "Freenet: A Distributed Anonymous Information Storage and Retrieval System", Workshop on Design Issues in Anonymity and Unobservability, 2000 [1](pdf)