Abstract
There're (several?) BitTorrent-specific DHT's, and the P2P
anonymity protocols (such as GNUnet) seem to (effectively)
implement their own DHT's. But is there any kind of a
“universal” (i. e., transport protocol-independent) DHT? And if
not, why?
Searching by content-derived identifiers
There're currently a number of P2P-friendly content-derived
resource identifiers, such as the BitTorrent “infohash” values
(which can be embedded within magnet: schema URI's, like [1]),
as well as the URI's used in GNUnet and Freenet frameworks (like
[2]), both non-standard (and the GNUnet ones are, as it seems,
interpreting the base URI specification in somewhat an odd way.)
What seems to be missing, however, is a “generic” DHT network
that could be used to search both the relevant metadata (such as
.torrent or Metalink files), and the peers participating in a
particular data exchange (and the respective protocols they
support), using one or more of an extensible set of identifiers
(including BitTorrent infohashes, GNUnet URI's, and the plain
SHA-1, SHA-2, or SHA-3 values.)
How's it useful?
With such a DHT, Alice, having only a bandwidth-limited Internet
connection, could compute a SHA-256 of a large file on her host,
and send the former to Bob, which, in turn, would use any
downloading software (implementing the support for the
aforementioned “generic” DHT) to discover the possible sources
for the file in question and retrieve it.
Security issues
As for the security, the “records” in such a table could be
digitally signed, with the set of the “trusted” public keys
being comprised of those keys explicitly approved by the user,
the public keys of the peers with which a successful data
exchange has occurred before, and the public keys trusted by the
peers already trusted, up to a certain depth. (There could then
be different levels of trust, just like, e. g., in GnuPG, and
perhaps other OpenPGP software.)
The purpose of such a facility is exactly to allow for the use
of (non-piecewise) digest to metadata records, which otherwise
could easily be spoofed, and used to force the downloader to
spend its resources to download an otherwise irrelevant data.
The question
The question is: are there any designs, either implemented, or
described in detail, allowing for operation as described above,
or are there specific reasons for which the outline above is not
feasible to implement?
TIA.
[1] magnet:?xt=urn:btih:fb5c0d7946469ba48121607458e360cb31336e55
[2]
gnunet://ecrs/chk/9E4MDN4VULE8KJG6U1C8FKH5HA8C5CHSJTILRTTPGK8MJ6VHORERHE68JU8Q0FDTOH1DGLUJ3NLE99N0ML0N9PIBAGKG7MNPBTT6UKG.1I823C58O3LKS24LLI9KB384LH82LGF9GUQRJHACCUINSCQH36SI4NF88CMAET3T3BHI93D4S0M5CC6MVDL1K8GFKVBN69Q6T307U6O.17992
--
FSF associate member #7257
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
