-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> - Open and dark freenet, and open I2P, are vulnerable to intersection
> attacks, once the network is known.
Right.
> - Both dark and open (maybe) freenet can be insulated from this via CBR
> links because nodes are of low order and links change slowly. - IF there
> is no fundamental problem with CBR links. I2P probably can't be.
I'd posit that "IF" is appropriately questionable ;)
Also see the other responses regarding the necessity and
appropriateness of CBR for I2P tunnel creation messages.
> - Open I2P is vulnerable to connection setup attacks. Freenet isn't, if
> it tunnels 1:1 tunnels inside its existing links. This will obviously
> be slower than I2P's fixed length open tunnels, so cannot have the
> same use cases.
Ah, I see! You're mixing tunnels with connections again. I2P is
entirely message based - it has only one transport layer connection
to a peer, and all tunnel (and non-tunnel) traffic is multiplexed
over it.
So, no, I disagree with your assessment.
> - Open freenet and open I2P are harvestable.
Aye, and both hybrid freenet and restricted routes I2P offer the
same harvesting protections (as long as the fragments at the edges
are small)
> - To identify nodes on darknet freenet or I2P requires that a) Nodes be
> probabilistically identifiable by their local traffic patterns (which
> is likely, at least for the time being), and b) The attacker has the
> ability to surveil a smallish number of chosen individual IPs in
> detail at once, in order to pull off this attack.
Agreed. (a) is cheap, while (b) is more expensive.
> - If open Freenet uses open I2P as a basis, it *loses* anonymity (and
> gains speed) relative to implementing its own mixnet and 1:1 streams.
> A powerful passive attacker who permits the running of nodes can break
> the mixnet. It is possible to use both internal and external streams,
> for different use cases, however we would lose the ability to do CBR
> at link level.
I'm not sure this conclusion follows. Given the subsequent posts, do
you still think it holds?
> - If dark Freenet uses dark I2P as a basis, it loses nothing, provided
> that dark I2P provides the ability to do link level CBR.
That we can, but CBR is a bright neon light when you view it in
terms of a darknet. 10 different CBR transmissions going 24x7 is
pretty easy to spot.
> - An attacker powerful enough to pull off the attacks mentioned could
> probably identify nodes on an internet-hosted darknet, unless there is
> some breakthrough in steganography e.g. parasitic traffic.
> Nonetheless, open freenet would be less secure over I2P than
> implementing its own internal mechanisms (which could be the same as
> used on the darknet), and dark freenet would gain little from I2P.
Agreed with the former ("could probably identify nodes"), but the
later parts don't seem to follow.
=jr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDYNs1WYfZ3rPnHH0RAu9KAJ9rTri2XWW3Ebf5+W3B1g6jTmScJgCeJxxl
bOwTj6/HUp3WCftts8Jdd/U=
=Eu4L
-----END PGP SIGNATURE-----
_______________________________________________
chat mailing list
chat@freenetproject.org
Archived: http://news.gmane.org/gmane.network.freenet.general
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat
Or mailto:[EMAIL PROTECTED]
