FREENET

UDAYA S PISIPATI02/26/08

CONTENTS Introduction Design goals Architecture

Basic model Keys in searching Retrieving data Storing data Managing data Adding nodes

Protocol details Performance Analysis

Small world model Security Conclusion

INTRODUCTION Drawbacks of current networked systems:

Privacy

Availability Systems offering greater security and reliability are needed Freenet -distributed information storage and retrieval system designed to

address these concerns Preliminary implementation can be downloaded from

http://www.freenetproject.org/

DESIGN GOALS Anonymity for both producers and consumers of information Deniability for stores of information Resistance to attempts by third parties to deny access to

information Efficient dynamic storage and routing of information Decentralization of all network functions

ARCHITECTURE Data files are named by location independent keys Nodes in the network query one another to store and retrieve these

files Each node maintains its own local datastore, available to the network

for reading and writing Dynamic routing table contains addresses of other nodes and the keys

that they are thought to hold Users are provided hard drive extensions Requests for keys are passed from node to node Local decisions are made by each node Nodes only have knowledge of their immediate upstream and

downstream neighbors in the chain Hops-to-live limit and pseudo-unique random identifiers are assigned

to each node No node is privileged over any other node

KEY BASED SEARCHING

FILE

‘Desc’– key generation Pb + Pr ; SHA(Pb) Desc

+ Pr

KSKEncrypted FILE

Signature

E(FILE, Desc)

•Keyword signed key(KSK)

•Easy for retrieval – only need ‘Desc’

•Minimal protection against tampering- Dictionary attacks, same Descriptive string for two files

KEYS AND SEARCHING….. Problems with KSK – flat namespace (collisions), key squatting, dictionary

attacks Signed Subspace Key (SSK)

Randomly generated key pair namespace ID SSK = SHA( SHA(‘D’) XOR SHA(Pb) ) Pr used to sign the file, file encrypted by using D (-)Publish – subspace Pb + ‘D’ (+)Owner can construct hierarchical space of arbitrary depth - using

indirect files

KEYS AND SEARCHING… Content Hash Keys (CHK) = SHA (file contents)

Files encrypted by a random encryption key Publish CHK + decryption key CHK + SSK easily updateable files

2 step process – publish file, publish pointer Results in pointers to newer version Older versions accessed thru CHK

Can be used for splitting files

KEYS AND SEARCHING: INSERT, UPDATE AND SPLIT Insert a file under its CHK An indirect file (whose contents are the CHK) is inserted under the SSK Retrieval possible in two steps when SSK is known For updating the file, insert a new version under its CHK (different from the

CHK of the old version) Insert a new indirect file under the original SSK pointing to the updated

version Key collision occurs when the insert reaches the node which possesses the

old version Check the signature on the new version and replace the old version if the

signature is valid and most recent Split the file into a number of parts and insert each part under a CHK, also

create an indirect file to point to the individual parts

RETRIEVING DATA

STORING DATA User calculates the binary file key for the file and sends a message to the

his/her own node specifying the proposed key and a hops to live value The node checks to see if the key is already taken, if the key is found, the

node returns the file like the result of a search, the user now chooses a different key and repeats the procedure

If key is not found, the user node looks up the nearest key in its routing table and forwards the insert to the corresponding node

If the hops-to-live limit has been reached without a key collision being detected, an “all clear” result will be propagated to the original inserter

MANAGING DATA Node storage is managed as an LRU cache When a new file arrives which would cause the datastore to exceed the

designated size, LRU files are evicted in order until there is room Advantage: This method allows outdated documents to fade away

naturally

ADDING NODES

PROTOCOL DETAILS Packet oriented protocol Request.Handshake Reply.Handshake Request.Data Reply.Restart Send.Data Reply.NotFound Request.Insert

RING TOPOLOGY

•1000 nodes in ring topology

•Datastore = 50 items

•RT = 250 items

•Keys associated with links are hash of destn IPs

PERFORMANCE ANALYSIS: SMALL WORLD MODEL

Identification of a small-world network: Existence of a scale-free power-law distribution of links within the networkThe tail of the distribution provides the highly connected nodes needed to create short pathsResult: The distribution closely approximates a power law except for the anomalous point representing nodes with filled 250-entry routing tablesLoss of poorly connected nodes will not greatly affect routing in the network

SECURITY: ANONYMITY PROPERTIES OF FREENET

System Attacker Sender Anonymity

Key anonymity

Basic Freenet Local Eavesdropper

Exposed Exposed

Basic Freenet Collaborating nodes

Beyond suspicion

Exposed

Freenet +Pre-routing

Local Eavesdropper

Exposed Beyond suspicion

Collaborating nodes

Beyond suspicion

Exposed

CONCLUSION Freenet provides an effective means of anonymous information storage

and retrieval It keeps information anonymous and available while remaining highly

scalable WIP: Implementing of a simulation and visualization suite which will enable

more rigorous tests of the protocol and routing algorithm WIP: Implementation of a public-key infrastructure to authenticate nodes

and create a searching mechanism

REFERENCES

"Freenet: A Distributed Anonymous Information Storage and Retrieval System”http://www.doc.ic.ac.uk/~twh1/academic/papers/icsi-revised.pdf