Hello Baptiste, Thanks for this interesting question.
Ring and OpenDHT try to hide the publicly visible identities of participants. In OpenDHT, the node ID used for DHT routing and seen by other nodes is independent from the Ring ID which is a public key ID. When an encrypted message is stored on OpenDHT, it appears as a random blob with no way to know the signer or the recipient (except for the recipient himself). So one just listening on the DHT could only see random blobs at some key. However someone having a complete overview of the DHT network may indeed eventually be able to guess that an IP address contacts some other IP address. This is difficult to prevent: even with Tor, privacy can be compromised if someone controls or see some proportion of the network. But bigger the network is, more difficult it becomes to monitor. There is work in progress to make this kind of monitoring even harder with measures like listening key randomization etc. Suggestions and comments are welcome. Adrien Béraud De: "Baptiste Jonglez" <[email protected]> À: [email protected] Envoyé: Mercredi 11 Novembre 2015 09:56:02 Objet: [Ring] DHT in Ring: potential privacy issue? Hi, Ring uses a DHT to find peers, which is extremely interesting because it avoids single point of failures and dependency on a server provider. However, doesn't that bring up privacy issues? As far as I understood, every time a Ring client makes a call, an entry is written to the DHT. So, would an attacker be able to trace which ID calls which ID, by simply "listening" to the DHT? What if the attacker controls a majority of DHT nodes? Thanks, Baptiste _______________________________________________ Ring mailing list [email protected] https://lists.savoirfairelinux.net/mailman/listinfo/ring
_______________________________________________ Ring mailing list [email protected] https://lists.savoirfairelinux.net/mailman/listinfo/ring
