90 likes | 190 Views
Freenet: A Distributed Anonymous Information Storage and Retrieval System. Presented By Xuan Zhao 2008.12.25. Outline. Goals Routing HOWTO: Calculate a key to identify a file Anonymous Summary. Goals. Anonymity for both producers and consumers of information
E N D
Freenet: A Distributed Anonymous InformationStorage and Retrieval System Presented By Xuan Zhao 2008.12.25
Outline • Goals • Routing • HOWTO: Calculate a key to identify a file • Anonymous • Summary
Goals • Anonymity for both producers and consumers of information • Deniability for storers of information • Resistance to attempts by third parties to deny access to information • Efficient dynamic storage and routing of information • Decentralization of all network functions
Routing • Hops limited • Req. with Identifier • DFS • Back-propagate • !! The file is identified by a key [KSK, SSK or CHK] !!
HOWTO: KSK A File (F) is assigned a descriptive String ( T ) T PubKey + PriKey PubKey KSK (Keyword-Signed Key) Sign F with PrivKey Encrypt F with T Publish (T) NOTE: the sign part only provide minimum integrity check. The encryption only enable admin to deny the knowledge of the file content
HOWTO: SSK • Global namespace got polluted. Include sub-namespace to address the problem A File (F) is assigned a descriptive String T; Randomly Generate Keypair: RPubKeyRPriKey ; H( H(T) xor H(RPubKey) ) = SSK ; Sign F with RPriKey, Encrypt F with T Publish ( T, RPubKey ) Note: as the RPriKey is ‘private’, a SSK entry can be updated when signature verified
HOWTO: CHK • CHK (content-hash key) is used for updating and splitting H(F) = CHK; [or split into n pieces and generate CHK1~n] Random generate a key Ek to Encrypt F and get Ek(F); Use T to generate SSK; Consider SSK as a link file pointing to CHK, then it’s updatable. So get a file identified by CHK takes two iteratives.
Anonymous • Give node operator a chance to deny knowledge of local content • The node on requesting path can alter the HTL (hops to live) • The node on back path can alter the source of data info
Summary • Decentralized, Unstructured • DFS, with Back-Propagate • Put more on anonymity than routing