On Wed, Oct 15, 2003 at 06:45:03PM -0700, Martin Stone Davis wrote: > But since I'm so new to this, I really should shut my trap until Toad, > Ian, and others weigh in. Toad told me I was "probably" right about the > timing attack, and that "we never said it was perfect". Freenet is > still in development, so I understand that. > > But given Toad's reaction, I wouldn't feel comfortable letting "freenet > take care of itself" to achieve plausible deniability.
Absolutely, we need more anonymity. However we have better anonymity now, at least for single files, than any other practicable file transfer system anywhere. > > -Martin > > Martin Stone Davis wrote: > > >Pcaching only kicks in when the DS is 90% full, I thought. So it > >wouldn't apply to a node which kept a huge DS. > > > >Also, isn't it the case that when inserting a large splitfile, the > >various parts go through many different nodes? ...and so it would be > >rare for you to have every part if you hadn't requested it. > > > >-Martin > > > >Brandon Low wrote: > > > >>I believe that pcaching applies to local requests too... so why not just > >>let freenet take care of itself and stick to plausible deniability? You > >>could just have been the first person in line for the insertion of said > >>key or whatever... > >> > >>--B > >> > >>On Wed, 10/15/03 at 18:14:21 -0700, Martin Stone Davis wrote: > >> > >>>AFAIK, it is possible right now to discover whether a node has > >>>requested a particular large splitfile by measuring how much time it > >>>takes the node to search for each part of the splitfile. > >>> > >>>To prevent such "timing attacks on the datastore", I thought at first > >>>that a solution would be > >>> > >>>SOLUTION #1: that the the node itself would flag any keys that the > >>>operator has requested as "requested only by me". Then, if the node > >>>was asked later for a key that held such a flag, it would pretend > >>>that it didn't have it, search for the key on other nodes, and then > >>>reset the key's flag if it found it on another node. > >>> > >>>However, Iakin (I believe) pointed out that this is a bad idea > >>>because we don't want freenet itself to break it's own anonymity: we > >>>don't want someone to be able to inspect the operator's hard drive > >>>and say "ah ha! you requested this key!". > >>> > >>>He suggested instead (if I understood correctly) > >>> > >>>SOLUTION #2: that keys that we request would somehow be moved into a > >>>separate, encrypted store, and never placed in the main datastore. > >>> > >>>However, isn't there a problem with that as well? > >>> > >>>Say that over a long period of time, node A requests keys K1-K1000 > >>>from node B. K1-K100 were requested by the operator of node A, while > >>>K101-K1000 were requested by nodes connected to node A. Also, > >>>K1-K100 are all related to documents describing plans to overthrow > >>>the evil government of AAIR (it's a tropical country which depends > >>>mostly on tourism). Node B is run by (you guessed it) the AAIR. At > >>>the same time, the AAIR is running another node C, which mounts a > >>>timing attack on node A to see whether it has keys K1-K1000. Under > >>>either solution #1 or #2, node C would see that node A takes longer > >>>to find keys K101-1000 than it does to find keys K1-K100. But since > >>>the AAIR know that node A requested all of the keys, it also knows > >>>that the operator of node A requested keys K1-K100 and is trying to > >>>hide that fact. > >>> > >>>Note that in the above scenario, K1-K100 don't have to be part of the > >>>same splitfile. They just have to be of similar-enough subject > >>>matter that the operator of node A would appear to have requested it > >>>IF someone were to inspect his datastore. > >>> > >>> > >>>I'm having a lot of trouble coming up with a good solution. Thoughts? > >>> > >>>-Martin > >>> > >>> > >>>_______________________________________________ > >>>Devl mailing list > >>>[EMAIL PROTECTED] > >>>http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > _______________________________________________ > Devl mailing list > [EMAIL PROTECTED] > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
