[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Freenet + Onioncat: Is the traffic welcome?



Hi, ex-Freenet developer here.

konstant@xxxxxxxxxxxx:
> Is the extra traffic desirable in Tor? Reading asn's comment, I was under
> the impression that you are interested in adding higher latency traffic
> such as Freenet or mixnets for better anonymity:
> https://blog.torproject.org/blog/crowdfunding-future-hidden-services
> 

Running Freenet-over-Tor would not improve Tor's anonymity; it's just running another application on top of Tor. (This and the below also apply for Freenet-over-I2P)

Tor might give Freenet some additional privacy, but I think it would only really be useful in darknet mode:

In opennet mode, this is inherently open to certain Sybil attacks, and it doesn't matter if you don't know your freenet-neighbours' actual IP addresses. These Sybil attacks work on the Freenet layer, against the structure of the Freenet overlay network, and it doesn't matter what you run below it (e.g. Tor). However, you might benefit from having your IP address being hidden from your neighbours, which in this mode Freenet picks unpredictably (to a human).

In darknet mode, you're supposed to connect to people you trust under some "social relationship" (the threat model assumes the connection graph is distributed like a social network). In this case, Tor might be able to partially hide your Freenet social graph, which would otherwise be obvious to anyone sniffing your traffic. But if your Freenet social graph becomes "too similar" to another public social graph (such as your facebook friends, or some other source) then one can do graph comparison attacks to identify your Freenet node as you, even if its physical location is unknown.

What is really needed is some actual careful mathematical modelling and analysis. The stuff I just wrote, are just *wild guesses* and I have no idea if they are *actually true* or not. If people want this field to advance, this is the sort of work that should be happening - research, understanding, and modelling of the theoretical topics involved.

I don't mean to diminish what you did, but simply running A on top of B doesn't mean you get the combined security benefit of both tools. Freenet today is also generally lacking in formal and precise analysis, and it's unclear what the security goals are exactly.

X

-- 
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev