Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s ...
-
Upload
alan-harmon -
Category
Documents
-
view
222 -
download
0
description
Transcript of Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s ...
![Page 1: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/1.jpg)
Company
LOGO
Freenet
By Yogesh Kalyani
![Page 2: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/2.jpg)
OUTLINE
Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength and Weakness Conclusion
![Page 3: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/3.jpg)
What is Peer-to-Peer (P2P)?
“…an entity with capabilities similar to other entities in the system.”
Every end host known as peers, has equal roles and capabilities
They can act as both client and server, and provide for direct communication between them
![Page 4: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/4.jpg)
Client Server Model Vs P2P Model
Client Server Model: Contact a server and download a web page Server has all the resources and capabilities
P2P Model: Direct communication between the peers Peer acts as both client and server
![Page 5: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/5.jpg)
Freenet
What is Freenet ? A decentralized distributed file storage
system How does it work?
Files stored and replicated across a distributed network environment, with a peer-to-peer query and data access system.
No centralized system management
![Page 6: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/6.jpg)
Motivation
What does it provide ? Anonymity for both producers and consumers of
information Deniability for storers of information Efficient dynamic storage and routing of
information Decentralization of all network functions
![Page 7: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/7.jpg)
Key’s
Files in Freenet are identified by binary file keys, which are obtained by applying a hash function
Freenet use SHA-1 function for hashing Freenet Uses three types of file keys 1) Keyword-signed key (KSK) 2) Signed-subspace key (SSK) 3) Content Hash Key (CHK)
![Page 8: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/8.jpg)
Structure of Keys
Each Freenet key has the following structure “freenet:” is the standard prefix First three chars state key type: KSK, SSK, CHK “@” symbol separates the key type from the rest of the
message Then a long set of characters used to identify the file
Example:freenet:KSK@papers/p2p/freenet/keys
![Page 9: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/9.jpg)
Keyword-signed key (KSK)
Easiest to use of all the key types KSK is derived from a short descriptive text string
Ex: text/philosophy/sun-tzu/art-of-war This string is then used as input to generate a
public/private key pair
Public key is then hashed to yield the file key
Private key is used to sign the file
![Page 10: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/10.jpg)
Keyword-signed key
Advantages
1) Only the file description needs to be published
2) Easy to remember Disadvantages
1) Global Namespace
2) Nothing prevents two users from independently
choosing the same descriptive string for different
files
![Page 11: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/11.jpg)
Keyword-signed key
Disadvantages(2) 3) Users can abuse the names of popular files by inserting
their file with the same name
4) Users can abuse the names of popular files by inserting
their file with the same name Possible because the file description is published
5) Attacker can use dictionary attack against this sign by
compiling the list of descriptive string
![Page 12: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/12.jpg)
Signed-subspace key (SSK)
Addresses the problems suffered by KSK by allowing user to make personal name space
User creates a namespace by randomly generating a public/private key pair,
Which will used to identify his namespace Private Key
Only the person who posses the private key can insert files to the
namespace in the network Allows others to ensure a file was posted by a certain person
Public Key Allows users to retrieve the file from the network (with Descriptive
String)
![Page 13: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/13.jpg)
Signed-subspace key
To get the key for the subspace: First he chooses a short descriptive text string like
text/philosophy/art-of-war.
1) Public key is hashed
2) The descriptive string is hashed
3) (1) XOR (2)
4) (3) is hashed
5) (4) is encrypted using the file description
![Page 14: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/14.jpg)
Content Hash Key (CHK)
A content-hash key is derived by directly hashing the contents of the corresponding file.
It gives every file a pseudo-unique file key Files are also encrypted by a randomly-generated
encryption key. Content-hash keys are most useful in conjunction
with signed-subspace keys using an indirection mechanism
For Retrieval user has to publishes the content-hash key with the decryption key
![Page 15: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/15.jpg)
Clustering of Keys
When a node successfully receives a file from another node. It associates that node in its routing table with the hash key of the file
All future requests from this node will send the request to the node listed in the routing table associated with the key closest to the key of the file being requested
![Page 16: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/16.jpg)
Freenet: Routing
Request Hash key for data (160-bit SHA-1) Find node with closest match Forward query to this node by specifying
key and #HTL Return data, replicating along the way
![Page 17: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/17.jpg)
Freenet: Routing, Request
![Page 18: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/18.jpg)
Freenet: Routing
Insert: Hash key for data (160-bit SHA-1) Initiate a query with key, #HTL Node will check into its data store whether
they have the data If then will response with the preexisting file
assuming request has been made Else will forward the query to next node
![Page 19: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/19.jpg)
Freenet: Routing, Insert
Process goes on till #HTL Expire If no collision i.e. or request is successful return “AllClear” Message Push data onto all the nodes (#HTL)
![Page 20: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/20.jpg)
Freenet: Routing, Insert
Quality of routing improves over time Each time a requestor successfully receives a
file from another node It adds that node to it’s routing table Associates the file key with that node in the
routing table All future requests for files with similar keys
will be sent to nodes associated with these keys
![Page 21: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/21.jpg)
Freenet: Routing, Insert
Eventually a node will become specialize in serving the request for a families of keys which are close together and will store more files
Reasons: Other node will send request for files that have similar keys If it does not have the file it forwards the request to another
node based on it’s routing table When the file is located, the response gets passed back Each node on the responses path gets a copy of the file stored This includes the node the request was initially sent to Over time this node will start to store more and more files with
this key type
![Page 22: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/22.jpg)
Freenet: Routing
Managing Data Node storage is managed as an LRU (Least
Recently Used) cache in which data items are kept sorted in decreasing order by time of most recent request or time of insert, if an item has never been requested
![Page 23: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/23.jpg)
Freenet: Routing, Managing Data
Each node has limited storage capacity The user has no knowledge of what files their
node stores As well No user knows the identity of a node
that provides a file they have requested Or knows the identity of a node that has
requested a file from them
![Page 24: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/24.jpg)
Freenet: Routing, Managing Data
NO file lifetime guarantees Popular files will spread to many nodes Each requested file located, will be copied to every node
it passes through on the path from the source node to the requestor node
Rarely accessed files will slowly be removed from the network as room is required for new files i.e. removing least-recently used (LRU) files
As a node runs out of space, files will be deleted in order of least recently requested to make room
Rarely requested files will ONLY be removed if space becomes limited
![Page 25: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/25.jpg)
Protocol: Protocol Descriptors
Request.Handshake Reply.Handshake
Initial Contact Request.Data Send.data
Querying for data
![Page 26: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/26.jpg)
Protocol: Protocol Descriptors
Reply.NotFound Reply.Restart
Failure Message Request.Continue Request.Insert
Request Management Reply.Insert Send.Insert
Inserting Data
![Page 27: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/27.jpg)
Security Analysis
Eavesdropping No protection against eavesdropping between the
user and the first node contacted in basic Freenet Users are recommended to first connect to a node
running on their own machine in basic Freenet Pre-Routing to protect from eavesdropping in new
version of freenet
![Page 28: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/28.jpg)
Security Analysis: Eavesdropping
As routing depends on knowledge of the search key Key anonymity is not possible.
Use of hashes as keys provides some obscurity against casual eavesdropping But still vulnerable to dictionary attacks
Can be easily done by setting up a node and "eavesdropping" any messages that are routed through her
![Page 29: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/29.jpg)
Denial of Service Attacks
An attacker can insert a large number of junk files into the network
Counter attack: By dividing the datastore into two sections, one for
new inserts and one for established files New inserts would only replace new inserts;
therefore a flood of them could not displace existing files
![Page 30: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/30.jpg)
Denial of Service Attacks
Problem with dividing Datastore: Difficult for genuine new inserts to survive
long enough to be requested by others and become established
An attacker may be able to legitimize his bogus files, by requesting them from strategic locations where it will be cached on as many nodes as possible
![Page 31: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/31.jpg)
Traffic Analysis
Traffic analysis is possible by setting up nodes in strategic locations and by monitoring encrypted traffic between nodes Achieved by observing Search Key Closeness,
Hope-to-live, Depth. Simplest case, if a node receives a request for
a search key that it has never served anything close to, he can guess that the request originated from a directly connected node or that he is very early in the chain.
![Page 32: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/32.jpg)
Improvement
Original Algorithm in Freenet: The assessment of whether a peer X has
common interests with a peer Y is based on historical data, i.e., on whether peer X was able to respond to previous queries sent by peer Y
![Page 33: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/33.jpg)
Improvement
*New algorithm[3] Principle: The "current" content stored at a peer
reflects its current interest. Thus, common interest between two peers is assessed directly from the current content locally stored at both peers and is periodically re-evaluated
In this way each peer maintains a community of peers, which share similar interests i.e. number of files
study shows : It reduces the average Freenet request and response path lengths by up to 39%
![Page 34: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/34.jpg)
Freenet: Design strength
Anonymity for both producers and consumers of information
Completely Decentralized: No single point of failure
Scales well Dynamic routing adapts well to changing
network topology High resilience to attacks
![Page 35: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/35.jpg)
Freenet: Design weakness
No file lifetime guarantees Not an efficient keyword search Currently, no defense against DoS attacks
![Page 36: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/36.jpg)
Conclusion
Freenet is a loosely unstructured decentralized network, in which every node has equal roles and do the same task thereby increasing the fault tolerance
Freenet uses depth first search with backtracking which makes it scalable when the size of network is increased or network is overloaded
Overall, Freenet is good P2P network for file sharing system; deploying efficient routing for the location and the storage of the data
![Page 37: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/37.jpg)
References
Freenet, http://freenet.sourceforge.net. Freenet documentation, http://freenet.sourceforge.net/doc/book.html. Marcelo Werneck Barbosa, “Using locality of reference to improve
performance of peer-to-peer applications” Proceedings of the fourth international workshop on Software and performance, ACM Press, Year of Publication: 2004, Pages: 216 - 227
Clarke, O. Sandberg, B. Wiley, and T. W.Hong, “Freenet: A distributed anonymous information storage and retrieval system”, in ICSI Workshop of Design Issues in Anonymity and Unobservability, July 2000.
SM Lui, SH Kwok, “Interoperability of Peer-To-Peer File Sharing Protocols” ACM SIGecom Exchanges, Volume 3, Issue 3 Summer, 2002, ACM Press, Year of Publication: 2002 Pages: 25 - 33
![Page 38: Company LOGO Freenet By Yogesh Kalyani. OUTLINE Introducing P2P Overview of Freenet Key’s Protocol Security Analysis Improvement Strength.](https://reader036.fdocuments.net/reader036/viewer/2022062413/5a4d1b347f8b9ab05999c48f/html5/thumbnails/38.jpg)
Thank you for your patience