90 likes | 194 Vues
Learn about Freenet, presented by Xuan Zhao in 2008, a system ensuring anonymity for both data producers and consumers, decentralized operations, secure file identification through KSK, SSK, and CHK keys, and efficient dynamic storage and routing. Explore the system's goals, routing mechanisms, and the implementation of anonymous file storage methods.
E N D
Freenet: A Distributed Anonymous InformationStorage and Retrieval System Presented By Xuan Zhao 2008.12.25
Outline • Goals • Routing • HOWTO: Calculate a key to identify a file • Anonymous • Summary
Goals • Anonymity for both producers and consumers of information • Deniability for storers of information • Resistance to attempts by third parties to deny access to information • Efficient dynamic storage and routing of information • Decentralization of all network functions
Routing • Hops limited • Req. with Identifier • DFS • Back-propagate • !! The file is identified by a key [KSK, SSK or CHK] !!
HOWTO: KSK A File (F) is assigned a descriptive String ( T ) T PubKey + PriKey PubKey KSK (Keyword-Signed Key) Sign F with PrivKey Encrypt F with T Publish (T) NOTE: the sign part only provide minimum integrity check. The encryption only enable admin to deny the knowledge of the file content
HOWTO: SSK • Global namespace got polluted. Include sub-namespace to address the problem A File (F) is assigned a descriptive String T; Randomly Generate Keypair: RPubKeyRPriKey ; H( H(T) xor H(RPubKey) ) = SSK ; Sign F with RPriKey, Encrypt F with T Publish ( T, RPubKey ) Note: as the RPriKey is ‘private’, a SSK entry can be updated when signature verified
HOWTO: CHK • CHK (content-hash key) is used for updating and splitting H(F) = CHK; [or split into n pieces and generate CHK1~n] Random generate a key Ek to Encrypt F and get Ek(F); Use T to generate SSK; Consider SSK as a link file pointing to CHK, then it’s updatable. So get a file identified by CHK takes two iteratives.
Anonymous • Give node operator a chance to deny knowledge of local content • The node on requesting path can alter the HTL (hops to live) • The node on back path can alter the source of data info
Summary • Decentralized, Unstructured • DFS, with Back-Propagate • Put more on anonymity than routing