On 11/07/10 18:36, Michael wrote: > "Private Information Retrieval schemes [9] provide much stronger > guarantees for information consumers, but only to the extent of hiding > which piece of information was retrieved from a particular server. In > most cases, the fact of contacting a particular server in itself reveals > much about the information retrieved." > > I think that this isn't really the case with freenet, because no one > knows what is on a person's server (it's encrypted); so, by contacting a > server there is no risk. Also, couldn't it be considered more secure > because no one knows what data is being requested when you use a Private > Information Retrieval (PIR) scheme. If this were the case, there > wouldn't be a need for routing data to anonymize origin requests.
Hi Michael, Interesting points about PIR. Although it's true that the data stored on each Freenet node is encrypted, it doesn't necessarily follow that a node's owner can't find out what she's storing - she could trawl through freesites, message boards, etc, collecting the keys of encrypted data. Then, by checking her datastore for those keys, she could see whether she was holding that data. Freenet doesn't aim to prevent that, but it aims to give the node's owner plausible deniability, which means she can reasonably claim that (a) she doesn't know anything about what her node's storing, because she didn't go to the extraordinary effort of finding out, and (b) even if she had gone to that effort, she couldn't know *everything* about what her node was storing - there'd always be some files she couldn't identify because their keys weren't published anywhere. Regarding your second point, about anonymising requests - if I understand correctly, you're saying there's no need to anonymise requests because a node doesn't know what data it's supplying to the requester? Unfortunately this is where we see the other side of the argument above: the node's owner can plausibly claim that she doesn't know what data she's serving, but the requesters can't be *sure* she doesn't know. The node's owner might have gone to the effort of compiling a list of keys. So Freenet aims to provide plausible deniability for requesters, too: any requester can reasonably claim that she's not requesting the data for herself, she's just forwarding a request for someone else. The same applies to publishers. Cheers, Michael
