Presentation is loading. Please wait.

Presentation is loading. Please wait.

Freenet: Anonymous Storage and Retrieval of Information

Published byKatrina Warner Modified over 8 years ago

Similar presentations

Presentation on theme: "Freenet: Anonymous Storage and Retrieval of Information"— Presentation transcript:

1 Freenet: Anonymous Storage and Retrieval of Information
Olufemi Odegbile

2 Client-Server model of information storage and retrieval
Motivation Client-Server model of information storage and retrieval Consumers can anonymously accessed published information using anonymous techniques like crowd or onion routing. Storer (Server) Author (can also be a storer) Consumer

3 Motivation However, there are problems with providing anonymity for author and storer of information: Storer can be subpoena for clients Storer can be held liable for the content hosted. Users can easily be prevented from accessing data through DDOS or by forcing the storer to take the information down. I will discuss a distributed system of providing anonymity for consumer and deniability for producer/publisher.

4 Big Picture We can summarize five essential features of the anonymous system as: Decentralization of network functions (P2P) Anonymity of Author Anonymity of Consumers Deniability for Storers of Information Resilient against preventing legitimate user from accessing information Efficient information query and retrieval In the project, we will discuss a models/approaches that satisfies goals stated above: FREENET.

5 Overview of Freenet Freenet Architecture
Freenet was designed by Ian Clarke as a distributed Each node maintain shared datastore and routing table. Freenet Architecture Files are queried and stored using location independent keys Entries of routing table: <key, pointer> Routing table dynamically updated Author Consumer Node space for caching Node space for caching

6 Freenet: Keys Freenet is an unstructured P2P system. So files are identified by location independent keys. There are mainly two such keys in used: Content Hash Key (CHK): CHK is derived by directly hashing content of the corresponding file. An encryption key for the file is obtained using the randomly generated hash key Both CHK and decryption key are publish by user. To provide storer deniability, the file and the decryption key are stored separately Signed-Subspace Key (SSK): A user create a namespace (directory) by randomly generating private and public keys. Only the user can insert a file into this namespace using his private key. In addition, a descriptive string is generated for each file.

7 Freenet: Keys Signed-Subspace Key (SSK): SSK is generated by first independently hashing both the descriptive string and public namespace key. Then the two hashes are XOR’ed together. The hash of the result is SSK The file is then signed with private namespace key (integrity check) and encrypted with descriptive string. In practice, SSK is used to indirectly point to CHK of a file or fragments of a very large file. SSK combined with CHK can also be used to update a file. Updating a file does not delete/alter the old

8 Freenet: Information retrieval
First, keys, hop-to-live (HTL), and time is calculated and send to its own node. Check datastore first then forward request to a node with the hosting key closest to the requested keys. Nodes will keep forwarding the request until either hop-to-live value is reach or the file is found. If hop-to-live limit is reached, failed request message is propagated backward to the initiator If the file is found, each node along the forwarding route cached the file If a node receive a failed request message, it will chose the next node and so on.

9 Freenet: Information Storage
This is similar to information retrieval. The key for the new file is calculated and an insert message is sent to the user’s node with hops-to-live specifying number of node where data will be store. If the key is found, the pre existing file is returned and cached along the route to the requestor. Otherwise the insert request will be propagated similar to information retrieval until hop-to-live value is reached. Then the requestor send the data to be stored. The data is cached by each node along the route.

10 analysis: How are design goals met?
Anonymity of Consumer: Each node on the route cannot be sure if the preceding node initiate the request for key or not Not sure for local eavesdropper. Anonymity of Author/publisher Files are replicated on several nodes with copy of the file. Files with similar name or that belong to the same namespace are scattered over the network. Deniability for Storer Storer has no control of what is stored in its data store. All the files are encrypted and decryption keys are not stored with the file.

11 analysis: How are design goals met?
Resilient against preventing legitimate user from accessing information. Files cannot be deleted from the system. Difficult to know all the node that host a file. Denial of access may lead to new route created. Thus propagation the file to more nodes. We will now address how Freenet provides efficient information query and retrieval

12 analysis: Network convergence
Freenet may fail to satisfy request for some existing file in the network [4]. Unstructured P2P and non deterministic routing. Freenet hit ratio may be much less that 1. Hit ratio improves over time. Clustering of the keys arising from the fact that nodes become specialize in storing similar keys. Node becomes more experience and specialize in answering queries about keys similar to key in its routing table. Clustering has nothing to do with physical location.

13 analysis: Network convergence
Evidence of Clustering convergence of Freenet over time as demonstrated in [1].

14 analysis: Different attacks
Attackers are similar to Crowds: Local eavesdropper, Collaborating nodes and Compromised storer of information. Routing strategy and HTL provides more ways to exploit Freenet. Compromised Storer of Information: may want to pass junk – CHK prevents this or fails to answer query – not have significant effect because the file is probably cached on another node. Consumer and Author anonymity is beyond suspicion

15 analysis: Different attacks
Collaborating nodes: Nodes can collaborate to identify author or consumer or deny access to information If collaborating node decide we want to catch people accessing certain materials - CHK of those materials may not be similar which will scatter material all over the network One of the collaborating nodes and the others have similar keys to be routed in their direction. However, non deterministic routing of Freenet makes this difficult.

16 analysis: Different attacks
DOS Attack: Attempt to exhaust the storage space. Divide datastore to a “new files” section and to a “established files” section. Cost? HTL = 1 attack – Storer deniability make this ineffective (in general). Success of large requests of similar files can raise red flag Combing with onion routing may foil attacks that exploit HTL. Cost? Replacement attack End up propagating the legitimate file. This can have a limited success with small HTL.

17 analysis: ISSUES Most of the issues deals with usability:
Publishing and Searching for Keys Incentives for participants Not a permanent storage Increasing hit ratio Better caching replacement policy than LRU [5] Other anonymous storage systems: Eternity Free Haven

18 References larke, I. S. (2001). Freenet: A Distributed Anonymous Information Storage and Retrieval System. International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability (pp ). NYC: Springer-Verlag. Greene, T. C. (n.d.). I know what you downloaded from Freenet. Retrieved from The Register: Qian, H. D. (n.d.). Paper review: Freenet: A Distributed Anonymous Information Storage and Retrieval System. Retrieved from Skogh, H.-E. H. (2006). Fast Freenet: Improving Freenet Performance by Preferential Partition Routing and File Mesh Propagation. Sixth IEEE International Symposium on Cluster Computing and the Grid. Zhang, H. G. (n.d.). Using the Small-World Model to Improve Freenet Performance. ACM SIGCOMM Computer Communication Review. NYC

Download ppt "Freenet: Anonymous Storage and Retrieval of Information"

Similar presentations

Peer-to-peer and agent-based computing Freenet. peer-to-peer and agent-based computing 2 Plan of lecture Freenet Architecture –Goals and Properties Searching.

Peer-to-peer and agent-based computing Freenet. peer-to-peer and agent-based computing 2 Plan of lecture Freenet Architecture –Goals and Properties Searching.
A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan.

A P RESENTATION O N R ESOURCE D ISCOVERY I N T HE P EER- T O- P EER N ETWORK by Aravind Renganathan.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.

Denial-of-Service Resilience in Peer-to-Peer Systems D. Dumitriu, E. Knightly, A. Kuzmanovic, I. Stoica and W. Zwaenepoel Presenter: Yan Gao.
Freenet A Distributed Anonymous Information Storage and Retrieval System Ian Clarke Oskar Sandberg Brandon Wiley Theodore W.Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System Ian Clarke Oskar Sandberg Brandon Wiley Theodore W.Hong.
Storage Management and Caching in PAST, a large-scale, persistent peer- to-peer storage utility Authors: Antony Rowstorn (Microsoft Research) Peter Druschel.

Storage Management and Caching in PAST, a large-scale, persistent peer- to-peer storage utility Authors: Antony Rowstorn (Microsoft Research) Peter Druschel.
Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.

Vault: A Secure Binding Service Guor-Huar Lu, Changho Choi, Zhi-Li Zhang University of Minnesota.
FreeNet: A Distributed Anonymous Information Storage and Retrieval System Ian Clark, Oskar Sandberg, Brandon Wiley and Theodore Hong.

FreeNet: A Distributed Anonymous Information Storage and Retrieval System Ian Clark, Oskar Sandberg, Brandon Wiley and Theodore Hong.
P2P: Advanced Topics Filesystems over DHTs and P2P research Vyas Sekar.

P2P: Advanced Topics Filesystems over DHTs and P2P research Vyas Sekar.
Www.itu.dk 1 Unstructured Routing : Gnutella and Freenet Presented By Matthew, Nicolai, Paul.

1 Unstructured Routing : Gnutella and Freenet Presented By Matthew, Nicolai, Paul.
Exploiting Content Localities for Efficient Search in P2P Systems Lei Guo 1 Song Jiang 2 Li Xiao 3 and Xiaodong Zhang 1 1 College of William and Mary,

Exploiting Content Localities for Efficient Search in P2P Systems Lei Guo 1 Song Jiang 2 Li Xiao 3 and Xiaodong Zhang 1 1 College of William and Mary,
The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.

The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.
Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.

Protecting Free Expression Online with Freenet Presented by Ho Tsz Kin I. Clarke, T. W. Hong, S. G. Miller, O. Sandberg, and B. Wiley 14/08/2003.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
Gnutella, Freenet and Peer to Peer Networks By Norman Eng Steven Hnatko George Papadopoulos.

Gnutella, Freenet and Peer to Peer Networks By Norman Eng Steven Hnatko George Papadopoulos.
Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.
Secure Overlay Services Adam Hathcock Information Assurance Lab Auburn University.

Secure Overlay Services Adam Hathcock Information Assurance Lab Auburn University.
1 Seminar: Information Management in the Web Gnutella, Freenet and more: an overview of file sharing architectures Thomas Zahn.

1 Seminar: Information Management in the Web Gnutella, Freenet and more: an overview of file sharing architectures Thomas Zahn.
Wide-area cooperative storage with CFS

Wide-area cooperative storage with CFS
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

Similar presentations

Ads by Google