120 likes | 249 Views
The Anonymous File Transfer Network. (AFTN). https://sourceforge.net/projects/aftn/. What is AFTN?. A system for sending files anonymously Uses RSA & digital signatures for establishing a user’s “identity” Utilizes the Tor network SSL Encryption Onion Routing Hidden Services
E N D
The Anonymous File Transfer Network (AFTN) https://sourceforge.net/projects/aftn/ Jared Rose
What is AFTN? • A system forsending files anonymously • Uses RSA & digital signatures for establishing a user’s “identity” • Utilizes the Tor network • SSL Encryption • Onion Routing • Hidden Services • Cross platform compatible Jared Rose
Goals of AFTN • Users of the AFTN are anonymous • Clients can verify the “identities” of other clients and servers • File integrity/validity can be checked • MD5 hashing + file size • Synchronization of contact information between clients and servers Jared Rose
Goals of AFTN (Continued) • Files are protected by end-to-end encryption • Tor + Hidden Services • Secure updating and management of encryption/signing keys on the server • Allow clients to anonymously retrieve key and address information from servers Jared Rose
Why Create AFTN? • Digital privacy concerns • “Big Government” • Whistle blowers • Censorship • Humanitarian work • Its interesting Jared Rose
Ethical/Legal Concerns • Potential for illegal use • IP infringement • Crime • Malicious software/Spam • Encryption export laws • Open source Jared Rose
How does AFTN work? • Two types of hosts: • Clients • Directory Servers • Nodes connected to Tor network • Outbound connections through Vidalia • Inbound connections to server sockets listening at a Tor hidden services address • Provides anonymous exchanges between hosts • End to end encryption Jared Rose
Clients & Directory Servers • Clients register with a directory server • Directory servers supply contact info for clients • Clients send files to other clients (P2P) • Clients know servers contact info through white lists • Clients of non-whitelisted servers ignored • Permits organizations to be “off the grid” Jared Rose
Tor • Provides anonymity through onion routing • Hidden Services: • NAT/Firewall traversal • End to end encryption • Hides server locations • Bandwidth/Speed are issues • Onion routing is bandwidth intensive • Speed influence by the types of node you traverse Jared Rose
Anonymity and User Identity • Q. If anonymous, how do we know we are talking to the right person? • A. Public Key Cryptography! • Public/Private signing key Jared Rose
Anonymity and User Identity • When clients register with a server: • Create unique name/server pair answer (name#server) • Register public “master” key used for signing other keys • Any changes to keys/information on server must be signed w/ master key • Master key can be stored separate from the rest of the system for security Jared Rose
Where are we at Right Now? Jared Rose