On 02/05/16 13:34, Arne Babenhauserheide wrote: > Matthew Toseland writes: > >> You can still do a classic correlation attack: Connect to the node for >> the whole duration of the request and count the proportion of the file >> they've fetched from you… > This might not work as well as simply theory says, due to FOAF > routing. The first step is essentially random routing, since it routes > to your peers, not only to you, and one third of these are long > distance. And if you’re the best target for the content, then the > requests could still come from far off. And the second step still uses > FOAF routing, so it might radically change direction (probability arount > 10% for 10 long distance peers).
For the benefit of others reading this thread, there is a pull request to use true random routing for the first 2-3 hops. This should improve anonymity somewhat, and may improve performance in some cases (inserts), but likely reduce it for others (requests). https://github.com/freenet/fred/pull/529 With pure random routing on the first hop, or pure non-FOAF routing (at least if we know the node's peers), a correlation attack is straightforward (maintaining connections long term to a large part of the network being the hard part). FOAF introduces some uncertainty, but IMHO the difference between the number of requests seen at 1 hop from the originator and the number seen at 2 hops away is large enough that you could still implement the attack. This is viable even on darknet - but getting a connection to lots of nodes on darknet is hard. > However we know that it is possible to devise attacks against > Opennet. It won’t be trivial, but it is possible in theory and I am sure > that it can be implemented. Yes. There are other attacks. The one we can't fix is "connect to everyone all the time and do a correlation attack". Granted that takes some resources to implement - but not a lot of resources. > > So what’s bothering here is not that they have an attack against > Opennet, but that they lie to court about the capabilities of their > attack (regardless whether its intentional or by misunderstanding > Freenet). Absolutely. > > An attack against Opennet is also not a problem for the goals of > Freenet. An extremely cheap attack, however, is a problem, because that > would allow for surveillance of all users. If all actions in Freenet can > be tracked with a rack of 10-20 Computers (0.1% of the active Freenet > users), that’s a problem, because it allows recording what people > do. Connecting long-term to every node on opennet is cheap, in that sort of ballpark. It requires some hardware and some bandwidth and some geeks. But it's well within the reach of a government contractor. You can run large numbers of (possibly virtual) nodes on modest hardware. But as you say, what they are doing is little more than a fishing expedition, if it's as they describe. They will quickly discover that very few people who send 3 requests from an illegal file at HTL 18 actually have any illegal material on their computers ... So they'll probably implement some sort of filtering eventually, e.g. a higher threshold. But the reasoning given is clearly bogus. > Insert the Kafkaeske response to the strong nothing to hide argument > here: > > Solove, Daniel J., 'I've Got Nothing to Hide' and Other > Misunderstandings of Privastrong . San Diego Law Review, Vol. 44, > p. 745, 2007; GWU Law School Public Law Research Paper > No. 289. Available at SSRN: http://ssrn.com/abstract=998565 Must have a look at that, thanks! > > Best wishes, > Arne
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
