On 21/03/14 04:42, Steve Dougherty wrote: > On Tuesday - March 25th - I have a meeting scheduled with Professor J. > Alex Halderman [0] to talk about security and Freenet. He is one of the > people behind such research as Green Dam arbitrary code execution, [1] > cold boot attacks on disk encryption, [2] and insufficient entropy on > embedded systems leading to weak encryption keys. [3] Nice. > What should I say? I'm planning to mention: Bear in mind that nobody, no matter how brilliant, is an expert in everything. That is, some of what we are concerned with may be outside his area of expertise, and he probably won't understand all the project-internal jargon immediately. > 0) Overview of Freenet's functionality and that of plugins/applications. > 1) Do you have suggestions on where the Freenet project can find > security auditors or additional developers? We are a very long way from the point at which auditing would make sense. However, we do need more resources. > 2) Would it be possible to run a seed node on campus? > 3) Open research questions: [4][5] > * Pitch black - what mitigations have we come up with? We have a plausible solution, we gave it to thesnark, he said it seemed to work but never came up with any numbers or graphs, so we haven't done anything with it ... > * Can opennet be secured? No. Sybil always wins: IP addresses, bandwidth, CAPTCHAs, CPU time, everything is dramatically cheaper for an attacker than for an average legitimate user IMHO. (And note that to try to exploit e.g. IP address scarcity would be extremely complex and cost us some legitimate users)
The only solution other than darknet AFAICS is charging people real money (possibly BTC) to join opennet. This would require a much greater appeal to start with, and more reliable software. In BTC, the funds (or a large part of the funds) would be provably destroyed, possibly with the rest going to FPI or a charity chosen from a list (need to make sure it doesn't go straight back to the guy trying to exploit announcement!). But it's good to get some third party input on this, check our assumptions. > * Is the network topology stable - does it settle? My simulation > work in GSoC 2012 suggested it did not. As the simulation moved away > from Sandberg's model and toward more of what Freenet does it got less > stable. Does this have practical implications? Huh? You were simulating a hybrid network? My only recollection of a hybrid simulation was some quick hack Ian did some years ago to settle an argument. If a hybrid network isn't stable that's another good reason to focus on making darknet as easy and fast as possible. > * How can forums scale? PSKs? Fundamentally making forums work efficiently boils down to "scalable spam-proof distributed search". This is an unsolved problem, and may even be intractable, as I understand it ... Hence some of my proposals have been an attempt to reduce the need for scalability by breaking the problem up into different contexts, e.g. different set of identities to poll per board. Eventually you run into the same Sybil problems as on opennet - everything depends on CAPTCHAs. There may be darknet-based ways to limit introduction spam; if not you need blind money or something similar ... Or accept that the forums will end up being invite only too (you could bundle forum invites with your darknet invite, but ideally blinding somehow?) > [6] What about real-time chat? For small scale, without spam, we could implement this relatively quickly; there are several planned improvements that would cut latency significantly. > * Can load balancing be improved? I'm sure it can, but we need help on it. Some of my uni contacts might even be able to help with this eventually. He might ask about recently published attacks. - Traceback (using RejectedLoop/request UIDs to trace individual requests after the fact): The simplest solution to this is not to remember UIDs after the request has finished. This eliminates 99% of the threat. This is what we have implemented (there are various other approaches). There is a paper on another mitigation which I was going to have a look at ... - Routing table injection: This is a meta-attack which relies on opennet, abusing path folding and announcement. IMHO it is intractable, but there are a number of powerful attacks on opennet. (I've been invited to prepare a short presentation on attacks for the Cambridge security group, I will make the slides available for freenet devs when I eventually get to it). > - Steve > > [0] https://jhalderm.com/ > [1] https://jhalderm.com/pub/gd/ > [2] https://citp.princeton.edu/research/memory/ > [3] https://factorable.net/paper.html > [4] https://wiki.freenetproject.org/Research_challenges > [5] https://emu.freenetproject.org/pipermail/devl/2012-October/036569.html > [6] https://emu.freenetproject.org/pipermail/devl/2012-October/036564.html
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
