Freenet: A Distributed Anonymous Information Storage and Retrieval SystemTopicsOverview (1/2)Overview (2/2)ArchitectureGUID KeysSSK Generation and Query ExampleRouting (1/2)Routing (2/2)Network EvolutionStoragePerformancePlanned ImprovementsRelated WorkConclusion (1/3)Conclusion (2/3)Conclusion (3/3)Freenet: A Distributed Anonymous Information Storage and Retrieval SystemPresentation by Theodore Mao <[email protected]>CS294-4: Peer-to-peer SystemsAugust 27, 2003TopicsOverviewArchitectureGUID KeysRoutingNetwork EvolutionStoragePerformancePlanned ImprovementsRelated WorkConclusion/QuestionsOverview (1/2)What is Freenet?Freenet is a P2P application designed to ensure true freedom of communication over the Internet. It allows anybody to publish and read information with complete anonymity.Who is behind Freenet?Originally, Ian Clarke while a student at the University of Edinburgh, Scotland.Still supervised by Ian Clarke, though many other people contribute to the project.How recent is Freenet?Original paper appeared in 1999.According to CiteSeer, it has been cited 195 times.Overview (2/2)Purpose:Prevent information censorshipMaintain personal privacyGoals:Privacy for information producers, consumers, and holdersResistance to information censorshipHigh availability and reliability through decentralizationEfficient, scalable, and adaptive storage and routingArchitecturePeer-to-peer networkParticipants share bandwidth and storage spaceEach file in network given a globally-unique identifier (GUID)Queries routed through steepest-ascent hill-climbing searchGUID KeysCalculated with an SHA-1 hash Two main types of keysContent-hash keysUsed primarily for data storageGenerated by hashing the contentSigned-subspace keys (SSK)Intended for higher-level human useGenerated with a public key and (usually) text description, signed with private keyCan be used as a sort of private namespaceDescription e.g. politics/us/pentagon-papersSSK Generation and Query ExampleGenerate SSK:Need: public/private keys, chosen text descriptionSign file with private keyQuery for SSK:Need: public key, text descriptionVerify file signature with public keyRouting (1/2)Every node maintains a routing table that lists the addresses of other nodes and the GUID keys it thinks they hold.Steepest-ascent hill-climbing searchTTL ensures that queries are not propagated infinitelyNodes will occasionally alter queries to hide originatorRouting (2/2)Requesting Files:Nodes forward requests to the neighbor node with the closest key to the one requestedCopies of the requested file may be cached along the request path for scalability and robustnessInserting Files:If the same GUID already exists, reject insert – also propagate previous file along request pathPrevious-file propagation prevents attempts to supplant file already in network.Network EvolutionAdding nodes:Announce public key and physical address (e.g. IP) to an existing nodeAnnouncement is recursively forwarded to random nodesNodes in the chain then collectively assign the new node a random GUIDRoute training:As more requests are processed, nodes should specialize in handling a few parts of the key spaceStorageLRU file elimination when out of disk spacePossibly encrypted data (by content publisher), so that data holders can claim to be ignorant of the content they store (plausible deniability)PerformanceSome real-world and simulated data available, but generally hard to testHard to tell the size of the networkNodes are all anonymousPlanned ImprovementsNext-Generation Routing (NGR)Make Freenet nodes much smarter about deciding where to route informationCollect statistical information for each node in its routing table, e.g. response times, successful responses, etc.Use this information to improve routing decisionsRelated WorkFile-sharing: Gnutella, FastTrack, OvernetConsumer Anonymity: Anonymizer, SafeWeb/Triangle BoyProducer Anonymity: Rewebber, TAZ, PubliusShared-storage: OceanStore, Cooperative File System, PASTConclusion (1/3)Primary PointsPrevention of censorship and protection of privacy is an important and active field of research.Freenet is a (successful?) implementation of a system that resists information censorshipFreenet is an ongoing project that still has plenty of flawsThere may be a tradeoff between network efficiency and anonymity, robustness.Conclusion (2/3)What’s wrong with Freenet?Not well tested in the wild – scalability, resilience. Insertion flooding is one way to take out the network.Anonymity guarantees not that strong – “Most non-trivial attacks would probably be successful in identifying someone making requests on Freenet.”No search mechanism – a standard search would allow attacks to take out specific content holdersSuffers from problems of establishing initial network connection.Conclusion (3/3)More information at http://freenetproject.org/Questions?
View Full Document
Unlocking...