Freenet

A Distributed Anonymous
Information Storage and Retrieval
System
G.Madhan Mohan
11Q91A0585

Introduction

Design goals

Producer and consumer anonymity

Deniability for storers of information
Resistance to hostile third parties
Efficient dynamic storage and routing
Decentralization of network functions

Features
Responds adaptively to usage patterns
Files are moved transparently, replicated and
deleted without centralized location indexes
It operates at application layer
Assumes the existence of a secure transport
layer

Security Issues

How to provide anonymity?

Consumers may use browser proxy services

However, producers may keep session logs
Contacting a particular server reveals the
information needed
Producers may ensure anonymity by using
encrypted URL services
No protection against the operator of the
service

Architecture
Peer to peer network of nodes that query
one another
Each node has its local data store and
dynamic routing table
Enables users to share unused disk space
and increases the storage capacity of the
network

Basic Model
Nodes know only their immediate upstream
and downstream neighbors
Queries are given a unique identifier and
hops-to-live count
Queries are forwarded to a node based on
previous information

Retrieving Data
User hashes a short descriptive string to
obtain file key
She then sends the Request message to
her own node
If present, returns with message saying it
was the source
If not, looks up nearest key in routing table
and forwards to the next node

Storing (Inserting) Data

Similar to requesting data
User picks a text string(title) and hashes it
to a file key and sends it to her node
If there is a collision, user is informed
If no collision, node sends to the closest key
in routing table

Effects
1. New files tend to end up near files with
similar keys enabling efficiency
2. New nodes can inform the network of their
existence
3. An attacker trying to insert a corrupted or
empty file under the same key will actually
spread the real file further

Managing Data
Node storage uses a LRU cache
When a new file arrives, by insert or
request, the least recently used file is
removed
Thus, if a file is needed, it will remain on
some node
Or it will fade away

Naming, Searching, Updating

Possible Name collisions are a problem
Solutions :

Introduce two level structure, wherein Real

files are stored under a unique key
An indirect file consists of a list of binary keys
corresponding to that name and a search is
made
Protects against malicious attacks of
replacement

Insertion
Author can insert a no. of indirect files with
pointers to real files
Collisions could be accepted in these files and
be a sort of library of similar text titles
Private key encryption and public key
decryption could be used to get info
Indirect file could also inserted under a
signature verifying key

Performance

Networks of 500 900 nodes

Each with a datastore size of 40 items
Routing table size of 50 addresses
10 unique items stored in each node

Security
Primary Goal To provide anonymity of
requestors and inserters of files
Receiver anonymity may be viewed as key
anonymity
In Freenet routing depends on the key, so it
is not possible
Hashes of keys may be used

Sender Anonymity
A node does not know whether its downstream
neighbor is the actual source or forwarding it
A statistical analysis of network traffic may
help the attacker in determining the source
Depth value may also help in determining the
source

To prevent an eavesdropper, user should use

the node on her own machine as the first
point of entry
Messages between nodes are encrypted
Pre routing can be added by encrypting with
a succession of public keys
This determines the route of the encrypted
message

Denial of Service Attacks

Insert a lot of garbage files
Use the Hash Cash scheme to prevent against
this
Divide storage into two sections one for new
inserts and one for established files
Protects against a person trying to spread
garbage files
Difficulty in introducing genuine new files

Conclusion
This scheme keeps information anonymous
and is highly scalable
Provides effective means of storage and
retrieval
More rigorous tests with many more nodes
and improvements to the basic protocol are
required