Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G....
-
date post
21-Dec-2015 -
Category
Documents
-
view
214 -
download
0
Transcript of Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G....
Protecting Free Expression Online with Freenet
Presented by Ho Tsz Kin
I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley
14/08/2003
AgendaWhat is Freenet?Freenet Architecture GUID key Routing Network Evolution Managing Storage
Performance AnalysisConclusion and Discussion
What is Freenet?Peer-to-peer file storage applicationAllow publication, and retrieval of information without censorshipEach node Contribute storage Cooperate in routing
Computer Node
Routing Traffic
Storing Files
What is Freenet?Five design goals: Anonymity for both readers and authors Deniability for storers Resistance to attempts by third parties to
deny access Efficient dynamic storage and routing Decentralization
Emphasize on privacy, availability, true freedom of speechRespond adaptively to usage patternsNo guarantee on permanent file storage
GUID KeysEach file is assigned with a location-independent globally unique identifier (GUID), i.e. file keyContent-hash keys (CHK) Analogous to inodes File key generated by
hashing the content Files are encrypted by
a randomly-generated key Required in retrieving
GUID KeysSigned-subspace keys (SSK) Analogous to filenames A public-private key pair is randomly-
generated A short descriptive string,
e.g.“mcl/research/paper” Sets up a personal namespace Sign the file to provide integrity check
Required in retrieving
RoutingMessages travel via node-to-node paths, NOT directly from sender to recipientEach node Knows only about its
immediate neighbors Maintains a routing table
that lists the addresses of other nodes and the GUID it think they hold
f
ba
e
c
d
b A F5EC1
f A BC1T2
d HY T32U
Node e’s routing table
Retrieval RoutingDepth-first Search with backtracking Forward requests according to routing
table
Request message contains File key Time-to-live (TTL) limit
When receive request Check itself Otherwise, forwards to
the node with the closest key
123450
Expand c first
f
ba
e
c
d
a A BCIJK
c 123456
e 123000
f 100000
Retrieval Routing If fail, try using next-closest key If reach a node that is already in the path,
bounced back Until TTL expires, or find the file
a A BCIJK
c 123456
e 123000
f 100000
Expand e then
Request 123450
Bouncedback
Find thefile
Retrieval RoutingIf success, file together with a note specifying the holder will be passed backTo conceal data holder Any node in the reply path can change holder
to itself or any arbitrary node Requests will still locate the data, as this node
retains the true holder’s identity
Update routing tableFile might be cached at all nodes along the reply path Improved availability,
fault-tolerance
ba
e d
Insertion RoutingInserting File Route similarly with requesting file Forward message according to the
closeness in key if no key collision Fail if key collision occurs Success if TTL expires without collision Insert file along the path Update routing table
Any Node along the path can change holder to itself or any arbitrary node
Anonymity in Routing
a b
... ...Requesting file
Don’t know who are requesting
Send the file,holder is x
Update routing table, but the true holder may or may not be x
a b
... ...
Inserting file, holder (inserter) is x
Store the file, update routing table, but the true holder may or may not be x
Retrieval:
Insertion:
Training routesNodes’ routing tables should specialize in handling clusters of similar keysNode should specialize in storing clusters of files with similar keysThe twin effects of clustering should improve the effectiveness of future queriesKey clustering GUID keys are derived from hashes Closeness of keys in storing is unrelated to
corresponding files’ content
Adding NodesNew node first generates a public-private key pair
Identify the node Use for future trust mechanism Sends an announcement message including the public key
and physical address to an existing node, located through some out-of-band means
4
3
2
1
4
3
2
1
New node
Chosenrandomly
Propagate until TTL expires
Assign random GUID in the key-space using shared random number generation
Managing StorageIn each node Storage is managed by LRU (Least
Recently Used) Cache Frequency of requests per file
Routing mechanism Creates more copies in an area of
network where a file is requested Files that go un-requested in another
part of the network will be deleted Number and location adjust to
demand
Degree Distribution Simulation of 10,000 nodes
Degree distribution among Freenet nodes Close fit to a power-law distribution
Max routing table size
Fault-tolerance 10,000 nodes trained network
Remove nodes randomly TTL = 500 10 trials
Median path length below 20 even 30%of nodes fail
Robust against quitelarge failures
Power-law gives highdegree of fault tolerance
Fault-tolerance 10,000 nodes trained network
Remove randomly nodes Remove well-connected nodes first
Transition to disconnected fragments
Scalability 20 nodes initially connected in ring
topology Insert & request files to random nodes (TTL =
20) Create a new node after
every 5 inserts and requests,announce randomly to a existing node
Measure after every 100inserts and requests
End till 200,000 nodes 10 trials
Median path length in network scales as N0.28
ConclusionFreenet is P2P application that designed from a different perspective – free flow of informationUsing Freenet Can’t identify who is requesting a
document Can’t identify who is inserting a
document Can’t identify where a document resides
DiscussionReplicated File is stored as a whole Fragmentation and erasure correction coding
No in-build searching function How to search content in Freenet
Cost is high, as message need to travel along the whole path How to provide anonymity efficiently
Pornographic/offensive content, terrorism humanity should not be deprived of their
freedom to communicate Use for good or bad
References
I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley, “Protecting Freedom of Information Online with Freenet,” IEEE Internet Computing, vol6(1), Jan-Feb, 2002, pp40-49.I. Clarke, T. W. Hong, O. Sandberg, and B. Wiley, “Freenet: A distributed anonymous information storage and retrieval system,” Proc. of the ICSI Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, 2000.http://www.freenetproject.org