1) Freenet is a peer-to-peer network that allows for anonymous storage and retrieval of information through a distributed hash table routing algorithm.
2) Each node stores files locally and has a dynamic routing table to forward requests to nearby nodes to find content anonymously.
3) Security measures like hashing keys, encrypting communications between nodes, and using intermediate nodes help protect anonymity of producers and consumers of content on the network.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online from Scribd
1) Freenet is a peer-to-peer network that allows for anonymous storage and retrieval of information through a distributed hash table routing algorithm.
2) Each node stores files locally and has a dynamic routing table to forward requests to nearby nodes to find content anonymously.
3) Security measures like hashing keys, encrypting communications between nodes, and using intermediate nodes help protect anonymity of producers and consumers of content on the network.
1) Freenet is a peer-to-peer network that allows for anonymous storage and retrieval of information through a distributed hash table routing algorithm.
2) Each node stores files locally and has a dynamic routing table to forward requests to nearby nodes to find content anonymously.
3) Security measures like hashing keys, encrypting communications between nodes, and using intermediate nodes help protect anonymity of producers and consumers of content on the network.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online from Scribd
1) Freenet is a peer-to-peer network that allows for anonymous storage and retrieval of information through a distributed hash table routing algorithm.
2) Each node stores files locally and has a dynamic routing table to forward requests to nearby nodes to find content anonymously.
3) Security measures like hashing keys, encrypting communications between nodes, and using intermediate nodes help protect anonymity of producers and consumers of content on the network.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online from Scribd
Download as ppt, pdf, or txt
You are on page 1/ 25
orissa
engineering college 1
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke B Wiley O Sandberg T W Hong 2
Introduction
Design goals Producer and consumer anonymity Deniability for storers of information Resistance to hostile third parties Efficient dynamic storage and routing Decentralization of network functions
Features Responds adaptively to usage patterns Files are moved transparently, replicated and deleted without centralized location indexes It operates at application layer Assumes the existence of a secure transport layer
Security Issues
How to provide anonymity?
Consumers may use browser proxy services However, producers may keep session logs Contacting a particular server reveals the information needed Producers may ensure anonymity by using encrypted URL services No protection against the operator of the service 5
Architecture Peer to peer network of nodes that query one another Each node has its local data store and dynamic routing table Enables users to share unused disk space and increases the storage capacity of the network
Basic Model Nodes know only their immediate upstream and downstream neighbors Queries are given a unique identifier and hops-to-live count Queries are forwarded to a node based on previous information
If a previous message is seen, forwarded to another node Process continues until file is obtained or hops-to-live counter is exceeded Success or Failure is passed back up the chain
Retrieving Data User hashes a short descriptive string to obtain file key She then sends the Request message to her own node If present, returns with message saying it was the source If not, looks up nearest key in routing table and forwards to the next node
If request is ultimately successful, node passes it back up the upstream requestor It also makes a local cache of the very same file Future requests will be serviced faster Similar keys will also be forwarded to the same node For security, any node along the path can claim to be the author of the file
10
If a node cannot forward to its preferred downstream node, it sends to its secondnearest key If that doesnt match, then third nearest key and so on If none of them match, it sends a failure message to its upstream node which follows the same procedure
11
Storing (Inserting) Data
Similar to requesting data User picks a text string(title) and hashes it to a file key and sends it to her node If there is a collision, user is informed If no collision, node sends to the closest key in routing table
12
This goes on until hops-to-live is reached If a collision occurs anywhere, the node sends back the file along with a notice and is treated as a request If not, the file is sent and copied at each node
13
Effects 1. New files tend to end up near files with similar keys enabling efficiency 2. New nodes can inform the network of their existence 3. An attacker trying to insert a corrupted or empty file under the same key will actually spread the real file further
14
Managing Data Node storage uses a LRU cache When a new file arrives, by insert or request, the least recently used file is removed Thus, if a file is needed, it will remain on some node Or it will fade away
15
Naming, Searching, Updating
Possible Name collisions are a problem Solutions :
Introduce two level structure, wherein Real files are stored under a unique key An indirect file consists of a list of binary keys corresponding to that name and a search is made Protects against malicious attacks of replacement 16
Insertion Author can insert a no. of indirect files with pointers to real files Collisions could be accepted in these files and be a sort of library of similar text titles Private key encryption and public key decryption could be used to get info Indirect file could also inserted under a signature verifying key 17
Performance
Networks of 500 900 nodes Each with a datastore size of 40 items Routing table size of 50 addresses 10 unique items stored in each node
18
Security Primary Goal To provide anonymity of requestors and inserters of files Receiver anonymity may be viewed as key anonymity In Freenet routing depends on the key, so it is not possible Hashes of keys may be used
19
Sender Anonymity A node does not know whether its downstream neighbor is the actual source or forwarding it A statistical analysis of network traffic may help the attacker in determining the source Depth value may also help in determining the source
20
To prevent an eavesdropper, user should use the node on her own machine as the first point of entry Messages between nodes are encrypted Pre routing can be added by encrypting with a succession of public keys This determines the route of the encrypted message
21
Denial of Service Attacks
Insert a lot of garbage files Use the Hash Cash scheme to prevent against this Divide storage into two sections one for new inserts and one for established files Protects against a person trying to spread garbage files Difficulty in introducing genuine new files 22
Conclusion This scheme keeps information anonymous and is highly scalable Provides effective means of storage and retrieval More rigorous tests with many more nodes and improvements to the basic protocol are required
23
Gnutella Many similarities exist between Freenet and Gnutella Everyone is visible to everyone else as long as you are online Users are split up into groups Gnutella employs a broadcast search for files which grows exponentially
24
Napster Napster has a centralized server, which does not store any data It coordinates searches of users Security risk
If centralized server is shut down, no way of distributing files The law!
Human Proxies in Cryptographic Networks: Establishing a new direction to end-to-end encryption with the introduction of the inner envelope in the echo protocol
Human Proxies in Cryptographic Networks: Establishing a new direction to end-to-end encryption with the introduction of the inner envelope in the echo protocol
