On 07/01/14 20:33, Matthew Toseland wrote: > On 07/01/14 17:00, Ian Clarke wrote: >> It's not really clear what you are proposing here, what is the context? > We should allow, optionally, tunneling the first hop over Tor or I2P. Hence: > - We implement a simple binary protocol over TCP. > - Nodes can optionally expose this for "transient" clients. > - We provide some way to find nodes exposing this service within Tor to > connect to, possibly via a flag in the Tor router directory or some > other mechanism. > - We provide an option for a real node to route all locally originated > requests via tunneled nodes exposing this service. > > Right now Freenet provides a distributed, mostly censorship resistant > datastore (an important service that Tor doesn't provide, potentially > enabling services that are more robust than Tor hidden servers), but > only a limited degree of anonymity. IMHO for good security Freenet needs > to tunnel the first hop (before we start routing properly) over a > mixnet. Sorry, this is unclear. For good *anonymity*, Freenet needs a mixnet layer for the first hop. > The easy, plug and play, and still somewhat decentralised, > solution is to go via Tor. > > In the long run, I would like Freenet to construct its own tunnels, over > a darknet social network via the PISCES algorithm; this would be > substantially more secure than Tor is at present (as it is resistant to > Sybil attacks and can even use high latency for uploads) but it is a > long way off for various reasons (we'd need a darknet, but also it's a > lot of work and needs other stuff too; also there are tricky > invisibility/tunnel length tradeoffs). >> Ian. >> >> >> On Tue, Jan 7, 2014 at 5:36 AM, Matthew Toseland >> <t...@amphibian.dyndns.org>wrote: >> >>> The leaked files on Tor suggest it is significantly stronger than at >>> least I had assumed. >>> >>> It might be interesting to create a simple, but cryptographically >>> verified, TCP-based protocol for communicating with gateways through >>> tunnels, to protect the first hop. This would be a "transient" >>> request/response protocol handling binary blobs; clients would route the >>> first hop (at least on opennet) through these tunnels, verify returned >>> content, and possibly label requests to keep them on separate tunnels. >>> >>> On darknet we will eventually protect the first hop via PISCES tunnels, >>> however IMHO this is some way off and there are (probably) very few >>> darknet users at present. >>> >>> We could then ask Tor for a directory server flag, although they might >>> say no if Freenet is seen as "filesharing" and therefore obnoxious. >>> >>> DoS issues might result in some servers asking for payment, although >>> creating a business model is often a good way to fund your attackers >>> (especially if the gateways are anonymised); this is why a classic >>> mixnet doesn't work for bitcoin, for example (don't trust anything >>> without provable blinding). >>> >>> tgs3 and various people on Frost have been suggesting this for some time. >>> >>> IMHO Tor is preferable to I2P (assuming the NSA stuff isn't a false >>> trail, which it might be), but it could work with either. >>> >>> Arguably we should use a normal transport, we're some way away from >>> having TCP-based transport plugins though... and this could be a fairly >>> simple protocol, we can transfer a single block (key) at a time as a >>> single message. >>> >>> >>> http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document > > > _______________________________________________ > Devl mailing list > Devl@freenetproject.org > https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
