Publication Authors: I. Clarke, S. G. Miller, T. W. Hong, O. Sandberg, and B. Wiley Presented in the class: Advanced Topics in Distributed Systems (CE7490) by Mr.Sivadon Chaisiri
Transcript of Present Paper: Protecting Free Expression Online on Freenet
1. Protecting Free Expression Online with Freenet I. Clarke, S.
G. Miller, T. W. Hong, O. Sandberg, and B. Wiley Presented by
Sivadon Chaisiri Related paper: Freenet: A Distributed Anonymous
Information Storage and Retrieval System
2. O utline
Overview of Freenet
Freenet Architecture
Performance Analysis
Summary
Review
Q&A
3.
" I worry about my child and the Internet all the time, even
though she's too young to have logged on yet . Here's what I worry
about . I worry that 10 or 15 years from now, she will come to me
and say 'Daddy, where were you when they took freedom of the press
away from the Internet? ' "
Mike Godwin, Electronic Frontier Foundation
4. O verview of F reenet
Freenet is an adaptive peer-to-peer system
P ermits the publication and retrieval of data without fear of
censorship
Freenets Goals
Censorship-resistance
Privacy for users (publishers, requestors, and holders) -
anonymity
High availability , reliability and scalability
5. F reenet A rchitecture
Overview
GUID Keys
Routing
Adding nodes
Inserting files
Managing data stores
6. G UID K eys 1/4
GUID ( file key / URI of files ) are assigned for files
obtained by a hash function (SHA-1 / SHA-256)
Types of GUID keys
Content-hash key (CHK)
Keyword-signed key (KSK)
Signed-subspace key (SSK)
Updateable Subspace Key (USK)
Each node maintains a data store table and a routing table
Ex. Data Store Ex. Routing Table F001 A50031 F004 F003 F002 FILE
E9005C 872350 A5D033 KEY 152.195.200.102 101.72.100.214 64.75.32.88
158.108.216.7 IP ADDR 6D8FB7 329004 A5D030 A50001 KEY
7. G UID K eys 2/4
C ontent- H ash K ey ( CHK )
Used for unchangeable files
To retrieve a file, a requestor needs CHK as the search
key
Not human-friendly (unreadable key)
File SHA CHK
8. G UID K eys 3/4
S igned- S ubspace K ey ( SSK )
Used for creating a personal namespace that anyone can read but
only its publisher can write to
Define a short description of a file (Human-friendly key)
Example, /politics/us/pentagon-papers
/politics/china/tiananmen-papers
A requestor needs (public key, desc) as a search key
Freenet uses a steepest-ascent hill-climbing search
Generate a query message (incl. the search key and TTL)
Forwards the message to the node that it thinks is closest to
the target file (called the target node )
When receiving a query, the node checks its data store
Found the file, return it back along the same path
File not found, Repeat 2.
10. R outing 2/3
Example, Node A is requesting a file
Requestor Holder
A B and E may cache the file (become the new holders)
A B C F E D 1 2 3 4 11 10 9 5 8 6 7 12 Data request Data reply
Request fail
11. I nserting F ile s 1/2
Follow the same path as same as retrieving a file
Create an insert message (incl. the file key+TTL)
Each node forwards the message to the target node
When receiving a query, the node checks its data store
TTL > 0, repeat 2
TTL = 0, the final node returns all clear message
The publisher submit the file along the chain
12. I nserting F ile s 2/2
Example, Node A is inserting a file
Publisher TTL=3 TTL=2 TTL=1 TTL=0
B C and D become the new holders
insert all clear copy A B C D
13. A dding N odes 1/2
A new node generates a key pair and a random number
The new node sends an announcement message (incl. TTL,
public-key, physical address, hash number) to an existing node
When receiving the message, the node randomly select a node,
then forward the message to it
Until TTL = 0,
Every node in the chain assigns the new node a GUID by using
some shared random numbers
14. H a = SHA(R a ) R a = rnd() R b = rnd() H b = SHA(H a + R b
) R c = rnd() H c = SHA(H b + R c ) C b = SHA(H b ) C c = SHA(H c )
H a H b TTL=3 TTL=2 TTL=1 TTL=0 GUID( A ) = SHA(R a + R b + R c + R
d ) A dding N odes 2/2 R d = rnd() H c H c , R d H b , R c , R d H
a , R b , R c , R d C a = SHA(H a ) A B C D
15. M anaging D ata S tores
Users cannot be allowed to control the data stores
When storing a file (as the holder), it may evict some files if
no more space
Data store is managed as an LRU algorithm
Holders should not reveal their data stores to others even
themselves
Before inserting a file, a publisher should encrypt the file by
a symmetric key
16. P erformance A nalysis 1/4
Simulations
Based on a small-word network model
Observe Freenets characteristics
Scalability
Fault-tolerance
17. P erformance A nalysis 2/4
18. P erformance A nalysis 3/4
19. P erformance A nalysis 4/4
20. P erformance A nalysis
21. S ummary
Freenet is an unstructured p2p storage system
Deal with privacy and censorship-resistance
Freenet is scale on a large network, and robust against large
failures
22. R eview
Closet key Closest Meaning
Disperse files of the similar topics
Prevent single point of failures
Freenet s Weakness
No file-lifetime guarantees
Due to its goal, no content censorship of illegal/corrupt/fake
files
DoS Attacks
23. R eference
Ian Clarke, Scott G. Miller, Theodore W. Hong, Oskar Sandberg,
and Brandon Wiley, Protecting Free Expression Online with Freenet ,
IEEE Internet Computing, JAN/FEB 2002
Ian Clarke, Scott G. Miller, Theodore W. Hong, Oskar Sandberg,
and Brandon Wiley, Freenet: A Distributed Anonymous Information
Storage and Retrieval System , In Proc. Of the ICSI Workshop on
Design Issues in Anonymity and Unobservability, Berkeley, CA,
2000