Having played with a ridiculously simplistic simulator, I conclude that Freenet's security sucks rather less than I had thought. That is, the "moving around the circular keyspace in an arc" metaphor is completely wrong, and it looks like there is very little information *easily* available about the request originator's location. Checking the obvious: - Count of requests that reach each randomly placed eavesdropper. This does not seem to reliably indicate how far away the target is. It might be possible to use the actual topology, but I suspect it would need more requests, and we don't have the topology on opennet; we do have it on darknet, but it's harder to get connections... - Direction from which a request comes to an eavesdropper node: This does not appear to correlate at all with the direction between the eavesdropper and the originator. - Extremes, i.e. the range of request target locations that an eavesdropper node receives: This depends on the topology etc but doesn't seem to tell us very much.
The attack we have been concerned about for some years is MAST, Mobile Attacker Source Tracing. The idea is if you can get some hint of where the originator is, you can move towards that guess (e.g. by using announcement), and hopefully get more traffic, thus getting an exponential speedup. It appears that the fundamental building block for this doesn't exist - or at least, it needs a lot more work, and very possibly a large number of requests and access to the topology. I conclude that there is no immediate need for tunnels on darknet. On opennet, there are bigger problems, e.g. connecting to all nodes, or a large subset at a time. Tunnels would help on opennet, provided the level of Sybil can be bounded (e.g. ShadowWalker works up to 20% Sybil, but IMHO assigning shadow nodes securely would be a serious problem for us and might jeopardise SW's protection in practice); but bounding Sybil on opennet is a fundamentally intractable problem in practice IMHO. I don't think there are any deployed scalable opennet-style tunnel networks. E.g. Tor isn't scalable. I2P is intended to be scalable but I haven't looked at its security in some time after hearing some bad things years ago; are there any publications? A very, very simple simulator for trying out MAST: https://github.com/toad/freenet-attacks I believe this represents the important aspects of Freenet, i.e. routing, and the real world's complexity will *mostly* make this kind of attack harder rather than easier (though other attacks are easier e.g. connecting to everyone). Some example data for "count the requests that reach us": Obviously this is just a random sample of a very large space, but if there was an easily weaponised attack like MAST we'd expect which sector Alice is in to be fairly obvious. It isn't here, apart from Mallory being lucky on 241 (i.e. you need as many locations as possible!!) Mallory at 55 (0.05500000000000004) received 640187 Mallory at 80 (0.08000000000000006) received 462572 Mallory at 84 (0.08400000000000006) received 357406 Mallory at 241 (0.2410000000000002) received 924346 Alice at 251 (0.25100000000000017) sent 71145305 Mallory at 375 (0.3750000000000003) received 391034 Mallory at 389 (0.3890000000000003) received 674910 Mallory at 501 (0.5010000000000003) received 319549 Mallory at 517 (0.5170000000000003) received 498594 Mallory at 802 (0.8020000000000006) received 426960 Mallory at 828 (0.8280000000000006) received 715258
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
