On Thu, Oct 16, 2003 at 12:30:30PM +0200, Some Guy wrote: > --- Martin Stone Davis <[EMAIL PROTECTED]> wrote: > <big snip> > > I'm having a lot of trouble coming up with a good solution. Thoughts? > > Here are some: > > 1) For your own personal requests your node could cache at 100% in a special cache > which isn't > used to handle other people's requests, but pcache your own requests in the public > one just like > normal. > > This opens you up to securtiy issues, if your drive is compromised, but these could > be dealt with > "loopback crypto" or an extension of fred which would ensure the stores contents > would be lost if > the machine looses power (or maybe require a passphrase to restart).
Right, so we encrypt it with a one-time key for each file, which we never write to disk - we lose the cache on shutdown. One more reason for people to keep their nodes running... With good local security, They would never manage to get into your store without at some point doing a power cycle and losing the cache. Of course, good local security is bloody hard, but beyond the scope of freenet. > > 2) There's an ongoing arguement about maybe caching with a higher probablity things > in your spec. > This may protect against some timing attacks since: > a) I'll have reason to request and cache such data anyway, if it's in my spec. > b) I'll have an excuse to throw away such data quickly if it's outside my spec. Hrrm. > > 3) Don't run such "SLUTY" nodes that do it with everyone. If you connect only to > people you have > real trust in and they do the same, you'll be pretty safe. Of coarse doing this is > some work, and > one mole could compromise his neighbors. This is "hostile environment trusted-routes-only" routing. It has been debated before. The consensus is that the old routing algo has no chance in such an environment, but NGRouting MIGHT be able to do something with it - we will have to try it. Also as with all such systems, the mainstream network must be up and running first to have something to bootstrap from, and establishing trust is a MAJOR pain in the ass - only the 0.1% of people who REALLY need it would go to that much effort. > > Freenet's topology must be like a random graph or small world; this is thought to be > true of > social networks which should give rise to such trust based nets. However, that's > all theory and > no practice as far as I know. > > 4) Inserter/requestor anonymity can be improved with another layer of onion style > routing. For > example I pick n nodes, I build a chain up only talking to the first one. Each node > gets a > symetric key and the last node acts as my proxy for insertion an deletion. In order > for them to > link it to me all n nodes have to be compromised. This is planned, see my other mails. It makes the security of local requests considerably more solid and solves several related issues. However it is postponed until after 0.6 for obvious reasons. > > You can improve this buy making a few of these chains and using each one for a > particular peice of > hashspace and connecting them to nodes which might be specailized in the area (or > let them become > so). > > I believe Toad mentioned doing this for maybe just two hops or so. > > > > Yes Brandon is right; we need to focus on getting the system working well first. > But this is good > stuff to think about. Absolutely my thoughts. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
