-- BEGIN included message
- To: freenet-dev@seul.org
- Subject: Things to Write Up
- From: dmolnar <dmolnar@hcs.harvard.edu>
- Date: Sun, 13 Feb 2000 20:15:18 -0500 (EST)
This is a list of topics that we should be able to produce writeups for. By writeup, I mean some e-mail message or documentation which reflects what we've been talking about, and is at a "first draft" stage. After each topic is a short note which may include who has responsibility for each write-up. If there is no such indication, no one has responsibility as far as I know. Please feel free to take some. :-) * Mix-net API - Discussed last week but never written up. Mike and I will meet on Thursday morning (?) to thrash this out in detail and then post to the list. * "Cut the Internet Backbone" attacks - We discussed this a bit during today's meeting. - Includes discussion of proxies for "squawk"s - complaints by buddies that their buddy share has disappeared. - Specifies what we do attempt and do not attempt example : DO attempt - create uncertainty as to whether a squawk "really" came from a server by using proxies DO NOT attempt - to prevent a proxy from revealing the "real" origin of the squawk * Summary of other data havens ...and why we're different. ...and why we didn't do what they did. This will be especially important when we bring new people into the project. It will also make us rethink our design decisions. - Graduated Mirroring - Other ideas Roger and Prof Rivest had which didn't make it into the proposal - Adam Back's recent proposal : "Send shares to all nodes, and let each have a particular probability of catching a share." - Freenet - Napster (not really a data haven, but our motivating example) - Czech implementation - Adam Back USENET - Whatever Markus Kuhn is doing (if anything?) - Everything else relevant at http://www.cypherspace.org/links * XML and Markup - what they are, how Freehaven will use them * Database Requirements and Database Implementations - We need something to handle a backend for our freehaven. This isn't really a "write-up", it's more like a "find it and tell everyone about what you found." - Database which is easy to use, free, and widely available - Single file sizes must be < 2 GB b/c of file system limits - Exists on Windows, Mac, Unices, etc. - easy to program - free - open source a plus - common - handles synchronization ? Roger has suggested GNU dbm . We want to avoid MySQL if possible, since that is considered too complicated for most installs. A friend of mine works for Sleepycat Software. They license a version of Berkeley db which is available for Windows, Linux, and other unices. Open source, and price seems to be free for open source projects. http://www.sleepycat.com/ * Why Buddy Spawning is BAD * Trust System Questions Worth Asking - At the meeting, we agreed that there is no need to define an entire "logic of trust". At least not in the first release. - Instead, we have "frequently asked questions of trust." - What are these questions? * Why Unpublishing is Not Allowed * Why Trading is in our system * Information Dispersal - an API This should be as simple as "DISPERSE ()" and "RECONSTRUCT()" - a survey of algorithms for doing info dispersal - Rabin's IDA - Mitzenmacher's Tornado Codes - Madhu Sudan's chinese remainder codes - others? The Intermemory project has a very neat implementation report which specifies exactly how much overhead is induced by Rabin's IDA. We could, uh, replicate that analysis for IDA and whatever other algorithms come up. What we're interested in is at least the following : - speed - size increase - impact of missing shares (can you reconstruct partially with missing shares? we want you to!) - patent status of various algorithms I am interested in either doing or helping with this part of the project. - a clean way of supporting multiple info dispersal algorithms - could be as simple as marking each share with a "info dispersal ID." * Explicit definitions for data structures, all in one place - Shares - Trade requests - Receipts - etc. * Explicit specification of primitives or possible primitives - Hash := SHA1() - Asymmetric algorithm := ?? - Symmetric algorithm := ?? - Should we look at "combination" cryptosystems like Bellare, Rogaway, and Abdalla's DHAES? (probably!) * Explicit specification of crypto library - OpenSSL seems to be our consensus. - We should probably try documenting our use of it. * Terminology - Serious terms, all in one place. - example : "Share Scanning" for an adversary's practice of repeatedly sending messages aimed at finding a particular share. - but also "Autonomous Snorks Collective" "Cut the Internet Backbone" "Share Bears" * Document request protocol - Take Roger's proposal and add some notation :-) * Directory services model for servnet nodes - Why servnet nodes keep public keys of all other servnet nodes - What role the external directory services play - for servnet nodes : keeping reply blocks up to date - for users : keeping list of available files up to date * Why we need only two buddies, and not actually 3 or more. - Follows from discussion today. My notes run out here. Please add stuff I forgot. Thanks, -David
-- END included message