Philipp
2017-04-10 06:29:20 UTC
Hello everyone,
I am currently working on my master's thesis at the University of Ulm.
The thesis covers anonymity in P2P networks, especially in networks
that offer file storing and retrieval capabilities. I have spent lots
of time already to take a look at some of the existing approaches and
networks that promise anonymity properties. One of the systems is the
Freenet network. The thesis should provide some insights on how
existing approaches fit the requirements of a project at my university
where anonymity on the network layer is one of the building blocks. We
currently plan to do some experiments with P2P simulations. I consider
to do some of the tests with Freenet's network handling and routing
approach as it seems to fit some (although not all) of the
requirements we have. Although I have spent quite some time on reading
articles and papers about Freenet, there are open questions I couldn't
answer so far. I know these are many questions at once, so I don't
expect someone to answer all of them immediately. However, I hope some
of you are able to help me at some of these aspects.
Please note, I wanted to create a discussion on your support forum at
https://support.freenetproject.org/home with my questions, but it
didn't work as expected. I always encountered an error when pressing
the "create" button (something weird about wrong HTTP method). That is
the reason I send this email.
Routing Tables and Routing Table Maintenance
1) Nodes have routing tables of different size depending on their
available bandwidth.
- Does a node maintain a permanent connection to all nodes in its
routing table? I know Freenet uses UDP which is connectionless, but
are there some measures such as frequent keep-alive messages to
determine whether the corresponding node is still available?
- I am also interested in the way Freenet handles his session keys
for the link encryption in this context. Are these session keys
frequently updated or is it the same key for the whole lifetime of the
connection to this neighbor?
2) The things I believe to know about the way Freenet maintains the
Routing Tables are the following: There are three categories for
incoming connections: "Announcements", "Path Folding" and "Old Nodes
Reconnecting". Each of these categories has a number of connections
that can be maintained and which are kept in a list. There are rules
about the cases where existing connections are dropped to replace them
with new connections. The dropped connections are those that have not
served a request recently. The total amount of connections a node
maintains depends on the bandwidth it can and is willing to offer.
However, I am also aware that there is a fix on the link length
distribution which separates the routing table into two "buckets", one
for short links and the other for longer links.
- How are these two things work together, i.e. the bucket fix for the
link length distribution and the three categories for maintaining
connections?
- Some of the conditions for replacing a connection are specified in
https://github.com/freenet/wiki/wiki/Opennet
Are there any additional measures, e.g. to make it harder for Sybil
identities to take over large parts of the routing table?
3) Questions regarding the path folding approach:
- Is it required that the data source actually starts to send a "path
folding" offer back along the path or might any node on the path
simply decide to send its node reference back along the path, hoping
to get new connections?
- Does the data source always send the "path folding" offer back or
is it possible to omit this. If the latter is the case, does this
imply that there is no chance for creating new connections on this
particular path?
- If one node answers the "path folding" offer and a new connection
is created, is this "path folding" offer then passed back further
along the path or does it stop at that node?
4) The two-hop lookup scheme or friend-of-a-friend routing is
mentioned in some research paper on Freenet, e.g. in those from
Baumeister et al. http://www.ee.hawaii.edu/~dong/traceback/index.htm
However, I couldn't find detailed information on this on any existing
Freenet reasearch paper or wiki post.
- How exactly do I exchange this neighbor information with my actual
neighbors?
- Does this mean I route based on the distances to the neighbors of
my neighbors, but I still send the request to my actual neighbor
(whose neighbor seems the optimal choice) instead of directly to this
optimal looking peer?
5) I know Freenet's way to maintain the overlay network and the
routing has changed dramatically with version 0.7 and the introduction
of the Darknet mode.
However, I couldn't really figure out whether the reason for the
changes towards the circular keyspace were only caused by the
intention to add the Darknet mode, so I have a few questions here as
well.
- The current approach seems to rather enforce the clustering, i.e.
nodes are specialized in handling certain blocks belonging to a
certain part of the keyspace, while in the old Freenet approach this
specialization should develop over time based on request and response
handling. Does this mean the old approach didn't quite work as well as
expected and there were thus also performance reasons for the changes?
- Was one of the reasons for the changes the creation of a more
balanced network in terms of node degree instead of the power law
degree distribution the old Freenet network demonstrated in some of
the old simulations?
6) Nodes are placed in the keyspace [0,1) according to their
identifiers and requests are routed according to the keys. How exactly
are these keys or identifiers mapped into this [0,1) keyspace interval?
Inserts and Requests
1) As far as I know, the files (rather the blocks of files or
Freesites) are only replicated in the area of the keyspace where they
should be placed according to their keys. I came across the term that
a request becomes "cachable". Replication only happens if it is a
"cachable" request. How does this mechanism work exactly?
2) The blocks are transmitted back across the path established by the
search request. Is there a limit regarding how many requests a node
handles in parallel? In other words, are nodes able to refuse requests
due to their current loads (many open requests for which they expect
an answer to be transmitted back along the path)?
Opennet and Darknet
1) I know about the basics of the Opennet and Darknet nodes. However,
there seem to be a lot of "hybrid" nodes, i.e. nodes that have some
Darknet connections and fill the rest of the routing table with
Opennet peers.
- How does this work together?
- Do such "hybrid" nodes also swap their location (since normal
Opennet peers don't take part in the location swapping)?
Freenet's anonymity properties
1) Are there any detailed investigations on the degree of anonymity
that can be achieved with Freenet's approach?
As mentioned above, we think about performing simulations to get some
insights into the possibilities to run and maintain anonymous P2P
"file sharing" networks (in the end, what we aim for may be rather
described as a decentralized and privacy-preserving backup system
based on P2P and has not really a file sharing purpose). In this
context, we also consider Freenet's routing approach. We probably
don't require things such as subspaces and the corresponding key
handling, but rather a simple mechanism to place files and locate them
at a later point. The approach Freenet takes is quite interesting with
respect to the Kleinberg model and path folding and thus we consider
it for some simulator experiments. I have seen there is a simulator on
https://github.com/Thynix/routing-simulator. I would like to know:
1) How up-to-date is this simulator regarding overlay routing and
network maintenance?
2) Are there any tutorials on how to use this simulator?
Best regards,
Philipp
I am currently working on my master's thesis at the University of Ulm.
The thesis covers anonymity in P2P networks, especially in networks
that offer file storing and retrieval capabilities. I have spent lots
of time already to take a look at some of the existing approaches and
networks that promise anonymity properties. One of the systems is the
Freenet network. The thesis should provide some insights on how
existing approaches fit the requirements of a project at my university
where anonymity on the network layer is one of the building blocks. We
currently plan to do some experiments with P2P simulations. I consider
to do some of the tests with Freenet's network handling and routing
approach as it seems to fit some (although not all) of the
requirements we have. Although I have spent quite some time on reading
articles and papers about Freenet, there are open questions I couldn't
answer so far. I know these are many questions at once, so I don't
expect someone to answer all of them immediately. However, I hope some
of you are able to help me at some of these aspects.
Please note, I wanted to create a discussion on your support forum at
https://support.freenetproject.org/home with my questions, but it
didn't work as expected. I always encountered an error when pressing
the "create" button (something weird about wrong HTTP method). That is
the reason I send this email.
Routing Tables and Routing Table Maintenance
1) Nodes have routing tables of different size depending on their
available bandwidth.
- Does a node maintain a permanent connection to all nodes in its
routing table? I know Freenet uses UDP which is connectionless, but
are there some measures such as frequent keep-alive messages to
determine whether the corresponding node is still available?
- I am also interested in the way Freenet handles his session keys
for the link encryption in this context. Are these session keys
frequently updated or is it the same key for the whole lifetime of the
connection to this neighbor?
2) The things I believe to know about the way Freenet maintains the
Routing Tables are the following: There are three categories for
incoming connections: "Announcements", "Path Folding" and "Old Nodes
Reconnecting". Each of these categories has a number of connections
that can be maintained and which are kept in a list. There are rules
about the cases where existing connections are dropped to replace them
with new connections. The dropped connections are those that have not
served a request recently. The total amount of connections a node
maintains depends on the bandwidth it can and is willing to offer.
However, I am also aware that there is a fix on the link length
distribution which separates the routing table into two "buckets", one
for short links and the other for longer links.
- How are these two things work together, i.e. the bucket fix for the
link length distribution and the three categories for maintaining
connections?
- Some of the conditions for replacing a connection are specified in
https://github.com/freenet/wiki/wiki/Opennet
Are there any additional measures, e.g. to make it harder for Sybil
identities to take over large parts of the routing table?
3) Questions regarding the path folding approach:
- Is it required that the data source actually starts to send a "path
folding" offer back along the path or might any node on the path
simply decide to send its node reference back along the path, hoping
to get new connections?
- Does the data source always send the "path folding" offer back or
is it possible to omit this. If the latter is the case, does this
imply that there is no chance for creating new connections on this
particular path?
- If one node answers the "path folding" offer and a new connection
is created, is this "path folding" offer then passed back further
along the path or does it stop at that node?
4) The two-hop lookup scheme or friend-of-a-friend routing is
mentioned in some research paper on Freenet, e.g. in those from
Baumeister et al. http://www.ee.hawaii.edu/~dong/traceback/index.htm
However, I couldn't find detailed information on this on any existing
Freenet reasearch paper or wiki post.
- How exactly do I exchange this neighbor information with my actual
neighbors?
- Does this mean I route based on the distances to the neighbors of
my neighbors, but I still send the request to my actual neighbor
(whose neighbor seems the optimal choice) instead of directly to this
optimal looking peer?
5) I know Freenet's way to maintain the overlay network and the
routing has changed dramatically with version 0.7 and the introduction
of the Darknet mode.
However, I couldn't really figure out whether the reason for the
changes towards the circular keyspace were only caused by the
intention to add the Darknet mode, so I have a few questions here as
well.
- The current approach seems to rather enforce the clustering, i.e.
nodes are specialized in handling certain blocks belonging to a
certain part of the keyspace, while in the old Freenet approach this
specialization should develop over time based on request and response
handling. Does this mean the old approach didn't quite work as well as
expected and there were thus also performance reasons for the changes?
- Was one of the reasons for the changes the creation of a more
balanced network in terms of node degree instead of the power law
degree distribution the old Freenet network demonstrated in some of
the old simulations?
6) Nodes are placed in the keyspace [0,1) according to their
identifiers and requests are routed according to the keys. How exactly
are these keys or identifiers mapped into this [0,1) keyspace interval?
Inserts and Requests
1) As far as I know, the files (rather the blocks of files or
Freesites) are only replicated in the area of the keyspace where they
should be placed according to their keys. I came across the term that
a request becomes "cachable". Replication only happens if it is a
"cachable" request. How does this mechanism work exactly?
2) The blocks are transmitted back across the path established by the
search request. Is there a limit regarding how many requests a node
handles in parallel? In other words, are nodes able to refuse requests
due to their current loads (many open requests for which they expect
an answer to be transmitted back along the path)?
Opennet and Darknet
1) I know about the basics of the Opennet and Darknet nodes. However,
there seem to be a lot of "hybrid" nodes, i.e. nodes that have some
Darknet connections and fill the rest of the routing table with
Opennet peers.
- How does this work together?
- Do such "hybrid" nodes also swap their location (since normal
Opennet peers don't take part in the location swapping)?
Freenet's anonymity properties
1) Are there any detailed investigations on the degree of anonymity
that can be achieved with Freenet's approach?
As mentioned above, we think about performing simulations to get some
insights into the possibilities to run and maintain anonymous P2P
"file sharing" networks (in the end, what we aim for may be rather
described as a decentralized and privacy-preserving backup system
based on P2P and has not really a file sharing purpose). In this
context, we also consider Freenet's routing approach. We probably
don't require things such as subspaces and the corresponding key
handling, but rather a simple mechanism to place files and locate them
at a later point. The approach Freenet takes is quite interesting with
respect to the Kleinberg model and path folding and thus we consider
it for some simulator experiments. I have seen there is a simulator on
https://github.com/Thynix/routing-simulator. I would like to know:
1) How up-to-date is this simulator regarding overlay routing and
network maintenance?
2) Are there any tutorials on how to use this simulator?
Best regards,
Philipp