> On Sat, 16 Feb 2013 13:59:26 -0000, > dissiden...@tormail.org wrote: > > > On Sat, 16 Feb 2013 12:33:01 -0000, dissiden...@tormail.org wrote: > >> > On Sat, 16 Feb 2013 08:18:03 -0000, dissiden...@tormail.org > >> > wrote: > >> >> Hello, everyone > >> >> Thank you for your efforts > >> >> I have several questions about freenet's security > >> >> First of all i would like to notice that there is a lack of > >> >> documentation on the site regarding cryptographic algorithms > >> >> implemented in freenet. I wasn't able to find anything about it > >> >> in the official FAQ > >> >> > >> >> What algorithms are in use ? How my traffic is encrypted ? Or > >> >> it is not encrypted at all ? > >> >> There is an SSL option in Freenet, what it is for ? Is it > >> >> dangerous to use freenet without it? > >> >> > >> >> As far as i understood, freenet using keys to get access to some > >> >> information. Each key contains a hash of the file and the > >> >> decryption key. So when i'm using freenet i'm requesting some > >> >> file by its key. So what will prevent my ISP to spy my keys and > >> >> then grab an encrypted file from my traffic ? After that he can > >> >> use a key with a file and - viola - he can view my information. > >> >> Is it possible or i'm not understand the scheme ? > >> > > >> > You're not understanding the scheme. Do you have access to > >> > https://freenetproject.org/faq.html#hash > >> > or > >> > http://en.wikipedia.org/wiki/Freenet > >> > ? > >> > >> I have access to this information, but it wasn't helpful for me > >> The main thing i would like to know - is my traffic encrypted from > >> peer to peer (like in TOR) or it is not. What will see my ISP if he > >> decides to monitor my traffic ? > >> I wasn't able to find a clear answer in these articles. > > > > The wikipedia clearly answers this :p. And the faq clearly lists the > > possible attacks malicious people (statists, bad ISPs, etc) can > > perform. Basically, if you're running in opennet mode, you are in > > theory very vulnerable, especially if you are already a known > > target -- they can replace all of your direct peers with their own > > bad nodes and figure out our requests -- although all "requests" > > are for CHKs/SSKs, which are just encrypted slices of larger files > > -- so they will also have to know what those slices belong to, > > otherwise it's just an encrypted blob. This would be harder to do > > in darknet mode, since in order to replace your direct peers (real > > friends, hopefully), they will have to physically do bad things to > > them, or psychologically turn them against you. > > So, if there is no malicious servers (in the case of the darknet), the > participants are relatively save and the ISP will not be able to > decrypt their traffic ?
Yep. Traffic is encrypted between you and your peers: https://freenetproject.org/connect.html Otherwise, it would be trivial for your ISP to figure out what you're doing. _______________________________________________ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:support-requ...@freenetproject.org?subject=unsubscribe
