On 2013/07/21 (Jul), at 1:55 PM, Matthew Toseland wrote: > Would you pay to join opennet? Bear in mind that a paid system could have an > interesting level of security - not quite up to that of a real darknet, but > most attacks would be *far* more expensive.
What an intriguing question! <rambling type="incoherent-yet-related thoughts"> My first thought is to the theory itself... surly the primary interest is to dissuade an attack, as it seems a bit shady for a 3rd party to charge for communication between two persons; I suppose you're buying a token certificate: "<ID> has paid" signed freenet-central. My second thought is the actual cost/benefit... if an attacker is going to drop a lot of cash on servers/bandwidth/hosting to monitor freenet, what is another $1k for a bunch of identities, or $10k? Can we make them so expensive that one cannot effectively perform a sybil attack, and yet so cheap that an average user would not really hesitate to buy one? For that matter, a longterm eavesdropper might even have a budget ($1k/month for freenet identities), which if they don't expire would mean they might have little effect (without additional checks, such as IP address range, "bulk" purchases, etc). I wonder if the "bottleneck" can really be money, as a powerful attacker is presumed to have plenty of money=power... is their money really more scarce than their ip addresses [that they can dedicate to freenet]? .... what do they not have much of? human time? "friends"? "people you have met"? I guess that's getting back to darknet :-/ ...and I guess if the registrar tracked ip addresses (even to locate sybil networks) the same database could be a liability (list of freenet users). Can we get the same effect by adding webcall that fetches a free opennet certificate? "You have no darknet peers, if you would like to connect to the opennet click here to make a non-anonymous web request." The bottleneck might then be the issuing server, but it's still a scarce resource: i.e. getting 1000's of opennet certs, maybe with a hash-cash-CRAM :-). When trying to imagine myself as a new Freenet user, I would expect that the purchase be [reasonably] anonymous [like in bitcoins]. The purchase mechanism is probably expected to be automated & low-latency, but is there something to be gained if we place a human in this opennet-cert-purchasing workflow? Mail a SASE & $1 to <physical address>, and and we'll send you back an opennet cert (on paper? a usb drive?). But we need anonymous onboarding, right? Different level of opennet certs? How does this relate to seednodes? Can we encourage running a seednode by making it gather bitcoin micro-payments? I guess an attacker would first, then, start running a seed node :-( So does it have to be "centralized"? It would certainly be easier... If not seed nodes, what if all nodes that can reach <anchorNodeX> by a darknet-only request can generate opennet certs. </rambling> To answer your question... I have no idea, we really need a solid theoretical basis first (what are we trying to solve & how). :-( Well I take that back... I *DO* have an idea, but it involves free-space-optics hardware and georouting; and I doubt that "making opennet secure" translates to "buy custom hardware", so I'll squelch that part of the ramblings. :) -- Robert Hailey
