It would be good to solve the verification problem without having to have permanent connections from the seed server to the seed nodes. The problem is the below doesn't do this: it only verifies that the attacker is listening on the stipulated port, and that he runs one freenet node somewhere, it does *not* verify that there is a connectible node on the given node reference.
On Tuesday 15 January 2008 20:48, Michael T?nzer wrote: > Seedserver - our script/app/whever that runs on our servers > (freenetproject.org) and takes care of the harvesting > Seednode - well the seednode > Seedclient - a new Freenet-Node which wants to bootstrap into Freenet > Seedservice - a service which is run on the seednode to be addressed by > the Seedserver > > Stage1 > We deliver the public key of our Seedserver with Freenet (e.g. in the > installer or jar). > Once a node chooses to become a Seednode (Alice) it sends it's own > public key and port on which it runs the Seedservice encrypted with the > public key of the Server to our Seedserver. The Seedserver sends a > random number encrypted with the public key of Alice who has to return it. > > Now the Server and the Node know each others public key and can't be > MITMed, under the assumption that the installer was correct. The > following traffic can be encrypted. > > Stage2 > The Seedserver asks some already established Seednode (Bob) to insert a > file which holds a random number encrypted with the public key of Alice. > Bob reports the key under which this has been inserted to Alice who > fetches it and sends the random number to the Server. > If Alice can't fetch the key, we ask another two Seednodes for inserting > it, if it still fails Alice is considered not to be connected (obviously > we have to have a long timeout here). > > Now the Server knows Alice if is connected and can add her to his > Seednodes-list/DB > > A Seednode has to follow this routine every 24 hours and whenever > something changes (different IP, disable Seedserver, etc. (obviously if > a seednode goes offline it doesn't have to prove it's connected to > freenet)). > The Server only accepts changes from Seednodes wich prove they can read > a random number encrypted with the public key of the Seednode entry they > want to alter. > The Server removes (or marks them disabled) Seednode entries that > weren't updated 26 hours and of Seednodes that didn't react on > insertrequests more than 3 times in a row (maybe disable them and try > again 30 min. later) > > Possible Attacks: > - manipulated installer - Well this is a general problem, not only to > seednode harvesting. We have to come up with a suitable solution for > this (SSL with trusted certificate (expensive), signed installer (how > can our users know whether to trust the public key?) > > - DoS the Seedserver - well then you could probably also DoS our > webserver and prevent our users from downloading the installer and > seednodes.fref > > - An attacker could add his node as a Seednode - well that is an obvious > problem for all of the automatic methods and also partly applies to > Seednodes which are added manually and Opennet in general - if an > attacker succesfully added a Seednode, he could have a whole farm of > manipulated nodes to which a new node is connected to and the new node > can't tell. This is especially a problem if the ghost-net has some kind > of proxy which relays requests in his own name so the node can't get > other opennet-connections and doesn't know it's not on the real freenet > and if it gets or even worse inserts some content which in the most > countries is illegal, the attacker can tell because he could spider the > freenet and do a blacklist. > > Looking forward to your comments > Neo at NHNG > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20080116/c7936ae8/attachment.pgp>
