On 2013/07/21 (Jul), at 1:55 PM, Matthew Toseland wrote:

> Would you pay to join opennet? Bear in mind that a paid system could have an 
> interesting level of security - not quite up to that of a real darknet, but 
> most attacks would be *far* more expensive.

What an intriguing question!

<rambling type="incoherent-yet-related thoughts">

My first thought is to the theory itself... surly the primary interest is to 
dissuade an attack, as it seems a bit shady for a 3rd party to charge for 
communication between two persons; I suppose you're buying a token certificate: 
"<ID> has paid" signed freenet-central.

My second thought is the actual cost/benefit... if an attacker is going to drop 
a lot of cash on servers/bandwidth/hosting to monitor freenet, what is another 
$1k for a bunch of identities, or $10k? Can we make them so expensive that one 
cannot effectively perform a sybil attack, and yet so cheap that an average 
user would not really hesitate to buy one?

For that matter, a longterm eavesdropper might even have a budget ($1k/month 
for freenet identities), which if they don't expire would mean they might have 
little effect (without additional checks, such as IP address range, "bulk" 
purchases, etc).

I wonder if the "bottleneck" can really be money, as a powerful attacker is 
presumed to have plenty of money=power... is their money really more scarce 
than their ip addresses [that they can dedicate to freenet]? .... what do they 
not have much of? human time? "friends"? "people you have met"? I guess that's 
getting back to darknet :-/

...and I guess if the registrar tracked ip addresses (even to locate sybil 
networks) the same database could be a liability (list of freenet users).

Can we get the same effect by adding webcall that fetches a free opennet 
certificate? "You have no darknet peers, if you would like to connect to the 
opennet click here to make a non-anonymous web request." The bottleneck might 
then be the issuing server, but it's still a scarce resource: i.e. getting 
1000's of opennet certs, maybe with a hash-cash-CRAM :-).

When trying to imagine myself as a new Freenet user, I would expect that the 
purchase be [reasonably] anonymous [like in bitcoins].

The purchase mechanism is probably expected to be automated & low-latency, but 
is there something to be gained if we place a human in this 
opennet-cert-purchasing workflow? Mail a SASE & $1 to <physical address>, and 
and we'll send you back an opennet cert (on paper? a usb drive?).

But we need anonymous onboarding, right? Different level of opennet certs?

How does this relate to seednodes? Can we encourage running a seednode by 
making it gather bitcoin micro-payments? I guess an attacker would first, then, 
start running a seed node :-(

So does it have to be "centralized"? It would certainly be easier... If not 
seed nodes, what if all nodes that can reach <anchorNodeX> by a darknet-only 
request can generate opennet certs.

</rambling>

To answer your question... I have no idea, we really need a solid theoretical 
basis first (what are we trying to solve & how). :-(

Well I take that back... I *DO* have an idea, but it involves free-space-optics 
hardware and georouting; and I doubt that "making opennet secure" translates to 
"buy custom hardware", so I'll squelch that part of the ramblings. :)

--
Robert Hailey

Reply via email to