Hi all, I am new to the list and also have no background with P2P. However, I'd like to realize a P2P related project and have therefore read a bit on the topic during the past year.
Basically, what I have in mind is a peer-to-peer, wide-area persistant file storage system for a backup use-case. That may not sound very exciting because several other software promising the same already exists. However, when taking a closer look it seems to me all existing solutions have serious shortcomings in one or the other area. That's also the main topic of my post here. I'd appreciate your feedback on whether my analysis about related software in the following is correct or if I'm rather missing something important. I envision a storage network that is open to everyone, so is comprised of untrusted nodes that are deployed on a global scale. Like with any external backup service, I think the most important design goal is to ensure "trust". So such a system must be robust and secure to a very high degree - after all, users are supposed to entrust the system their irreplacable data. Therefore, I think robustness and security here cannot mean only the promise for data integrity by some system operator or software vendor. Data availability, privacy and also censorship resistance must be verifiable. In addition, a secure storage system must withstand adversarial attacks. A direct consequence of this is that the peer software and protocol must be open-source. A storage system built around a secret protocol and proprietary software cannot be trusted. And with these requirements in mind, what is currently available seems somewhat disappointing (but maybe it's also just my inability to conduct proper research - so if you know more please give me some input): Allmydata/Tahoe: The only true open-source contender I know of. Unfortunately, not really targeted towards a global-scale network of untrusted nodes. Also, no particular measures to withstand adversarial attacks (but is also not needed when deployed in a trusted environment). Cleversafe: Apparently not open-source anymore. Also not P2P in the sense of a wide-area network of untrusted nodes. Crashplan: Proprietary. P2P only to set up a "friends network", so no untrusted nodes. Freenet: Open-source. Is not really a persistent file store and has other design goals that don't quite fit a backup storage system. Maidsafe/PerpetualData: Some support libraries open-sourced but not the actual protocol and client software. Software not yet publically available. From what is known about the protocol, it looks complex. Not sure about how it will scale or the robustness it can provide. Powerfolder: Some source code seems available. However based on manual peer selection, so also a "friends network". Wuala: Proprietary software. Not much is known about how it internally works, in particular the relation between Wuala's central servers and the storage provided by peers (So: What is dominating? Is Wuala actually a normal cloud storage service with some P2P buzz or is the storage really P2P organized mainly?). Nothing is known about how Wuala can withstand adversarial attacks (Security by secrecy because of secret protocol?). Seems to be the only global-scale P2P storage system in "production use" today according to my knowledge. So it seems one is a bit at a loss when looking for an open-source P2P storage system that is build on a network of untrusted nodes. There are some more open-source programs derived from research like e.g. OceanStore. But these seem unmaintained and not actually deployed. I haven't found a P2P backup solution that has: - Deployability on a global scale with untrusted nodes - Secure, private and persistent data storage - Open-source protocol and software - Censorship-resistance - Resiliency to adversarial attacks - Reasonably simple and manageable design This however would be the kind of project I'd like to explore further if not already available. If anyone is interested I could briefly describe the design I have in mind in a later post. I'd like to connect to people who have practical experience with P2P networking (other than me) to discuss and further refine design ideas... Thanks for any input you can provide! Best regards, Michael _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
