[mnet-devel] What does EGTP do that a PGP message doesn't

Zooko O'Whielacronx zooko at zooko.com
Sat Oct 4 20:52:09 BST 2003 

 I, Zooko, wrote:
>
> >     Anything that I could learn from hacking into your ISP
> >     and sniffing your TCP connections I could learn more easily by 
> > running an Mnet node and peering with your Mnet node.
> 
> Like what?  Can you learn who my peers are?  Can you learn what I am 
> sending to those peers?  Can you learn which message sends I am 
> initiating and which I am just passing along?

You're right -- there are lots of things that you can learn by net 
surveillance that you can't learn by peering.  I shouldn't have made that 
generalization.

However:

a) The important thing that most users would want to keep private, and that 
most attackers would want to detect, is which files you upload and download.  
It is just as easy to gain this information via the "peer with you to spy on 
you" attack than the "sniff network traffic" attack.  Actual attackers (RIAA) 
are currently using this attack on other networks, and it would work just as 
well against Mnet v0.6 as it does against those other networks, except for the 
fact that we have data-level encryption.

Encryption of the data blocks (in ZNFF and in Mojo Nation and Mnet v0.6) 
protects against this somewhat.

b) The things that you listed above can all be easily detected by an 
eavesdropper even if we use comms encryption!  Who your peers are is obvious 
from IP addresses.  What you are sending to them is fairly easy to determine 
from message-size and timing information.  (I send you a 200 byte message, you 
send back a 64 KB message.  I obviously just requested a block from you.)  
Similarly, timing analysis can easily tell which messages a node is relaying 
for someone else and which messages the node is initiating.  There may 
occasionally be coincidences where a relayer sends out a relayed message at 
the same instant as it initiates its own message, but those are rare and the 
overall pattern of behavior should be easily discernable with simple statistics.


I'm sure that there will be good uses for link encryption in Mnet.  As soon as 
we add a feature in which messages gets routed by someone who needn't see 
their contents, for example Instant Messaging or communicating with a content 
tracker via the ent net.  Also, if we had a constraints on who got to peer 
with whom (such as Achord, Freenet and the new design for Peekabooty).  
Similarly a friend-net based on real-life friendships or a "bilateral 
reputation" mechanism where you peer with people who have given you good 
service.

Any of those would make encryption of the links more useful.

Note that stream-based encryption i.e. TLS would do nicely for the "peer 
constraints" situation but not so nicely for the "private messages routed over 
ent" situation.

So I guess I should plan on either keeping link-level encryption in at all 
times, or else putting it *back* in (i.e., making it into a twisted transport 
layer) within a release or two.


Thanks for calling me on the over-generalization I made earlier.

Regards,

Zooko



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
mnet-devel mailing list
mnet-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mnet-devel

More information about the Mnet-devel mailing list