On Sun, Jan 26, 2003 at 04:25:55PM -0800, Todd Walton wrote: > > >> The content of the communication session between the nodes is > >encrypted. All > >> that you can tell is that node X is talking to node Y. You don't know > >what it > >> is asking for, > > > >if you don't know, how can you satisfy the query if it comes that you're > >the node with the content requested? > >if you're looking for /text/cooking/all-about-chicken do the nodes that > >forwards your request know what the query is about? > > Yes, of course. Every node that gets the request has to know what the > request is for, so that it may check its own datastore to see if it has > it. I think what the above-above person meant is that, if node X is > talking to node Y, all that *third-party Z* can find out is that they are, > in fact, talking to each other. Third-party Z doesn't know what node X is > asking for, due to the encryption, but node Y does, due to node Y being > able to decrypt it. > > Now, if third-party Z puts up his or her own node, then they can intercept > requests for keys. They can decode the request, and they can request the > key so that they can see what file is associated with it, and thus tell > what content a particular node is looking for. It has to work that way for > freenet to work at all. But none of that matters. Even if a malicious > party knows what a particular node is requesting, they don't know if it was > that particular node that *originated* the request. So, the information > the malicious third-party has gained does them no good.
Furthermore, even when you have got the file, a node cannot tell what the actual content is, unless it knows the freenet key (URI) that the client used to request it (perhaps by spidering)... it includes a decryption key that is never sent over the network except in links to that file on other freenet pages. > > I'd like to contribute my own question on this matter. Why is it like > this? Why is communication between nodes encrypted? I mean, as I see it, > it's like I said above. It doesn't matter if it gets intercepted, and it's It does matter. If you can see all the requests going in, and all the requests going out, you can determine which requests originated locally by elimination. > a trivial matter to do so, in effect, by setting up a freenet node. Why > bother with the overhead of encrypting node to node communication? It > seems analogous to having a communication line extend from New York to > London, but install hardware that encrypts the traffic on it for only a > three mile stretch in the middle of the Atlantic. What's the point of > encrypting that three mile stretch, when it comes out unencrypted outside > of that? > > What advantage does encrypting node to node communication offer? See above. > > -Todd -- Matthew Toseland [EMAIL PROTECTED][EMAIL PROTECTED] Full time freenet hacker. http://freenetproject.org/ Freenet Distribution Node (temporary) at http://amphibian.dyndns.org:8889/TvHuHURgj4w/ ICTHUS.
msg01084/pgp00000.pgp
Description: PGP signature
