• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
Download
 
Ian Clarkeand Scott G.Miller
Uprizer 
Theodore W.Hong
Imperial College of Science,Technology,and Medicine
Oskar Sandbergand Brandon Wiley
Freenet Project Inc.
Protecting FreeExpression Onlinewith Freenet
 Freenet uses a decentralized P2P architecture to create anuncensorable and secure global information storage system.
T
he growth of censorship and ero-sion of privacy on the Internetincreasingly threatens freedom of expression in the digital age. Personalinformation flows are becomingsubjectto pervasivemonitoring and surveillance,and various state and corporate actors aretrying to block access to controversialinformation and even destroy certainmaterials altogether. Recent incidentssuch as the publication of Monica Lewin-sky’s deleted personal e-mails in a U.S.congressional report further point to anunprecedented level of intrusion into pri- vate life.
1
These trends cause concern notonly to whistleblowers and political dis-sidents, but to anyone disturbed by thethought of others reading their e-mail or following their Web activities.Fortunately, concurrent advances inthe power of personal computers havemade it possible to develop peer-to-peer technologies to respond to these chal-lenges. Our project, Freenet, is a distrib-uted information storage systemdesigned to address information priva-cy and survivability concerns.
2
 A beta version of the software is currentlyavailable under open source at http://www.freenetproject.org/.In simulations of up to 200,000 nodes,Freenet has proved scalable and fault tol-erant. It operates as a self-organizing P2Pnetwork that pools unused disk spaceacross potentially hundreds of thousandsof desktop computers to create a collab-orative virtual file system. To increasenetwork robustness and eliminate singlepoints of failure, Freenet employsa com-pletely decentralized architecture. Giventhat the P2P environment is inherentlyuntrustworthy and unreliable, we mustassume that participants could operatemaliciously or fail without warning atany time. Therefore, Freenet implementsstrategies to protect data integrity andprevent privacy leaks in the former instance, and provide for graceful degra-dation and redundant data availability inthe latter. The system is also designed toadapt to usage patterns, automaticallyreplicating and deleting files to make themost effective use of available storage inresponse to demand.
40
 JANUARY • FEBRUARY 2002
http://computer.org/internet/
1089-7801/02/$17.00©2002 IEEEIEEEINTERNETCOMPUTING
   P  e  e  r  -   t  o  -   P  e  e  r   N  e   t  w  o  r   k   i  n  g
 
Design Motivation
 As documented by Human Rights Watch(http://www.hrw.org/advocacy/internet/) and theGlobal Internet Liberty Campaign (http://www.gilc.org/), governments around the world haveundertaken efforts to force Internet serviceproviders to block access to content deemedunsuitable or subversive, or to make them liablefor such material hosted on their servers. The Elec-tronic Privacy Information Center (http://www.epic.org/) has also raised privacy and civil liber-ties questions about developments like the Feder-al Bureau of Investigation’s Carnivore electronicmonitoring system and the European Union’s new“Convention on Cybercrime,” which gives author-ities broad powers to intercept and record digitalcommunications.Though seemingly separate, the prevention of censorship and the maintenance of privacy are bothfundamental to free expression in a potentially hos-tile world. Preserving the availability of controver-sial information is only half the problem; individu-als can often be subject to adverse personalconsequences for writing or reading such informa-tion and might need to conceal their activity in order to protect themselves. Indeed, the U.S. SupremeCourt, among others, has long recognized the impor-tant role of anonymous speech in political dissent. A common objection to mechanisms for securecommunication is that criminals might use themto evade law enforcement. Freenet is not particu-larly attractive for such purposes, as it is designedto broadcast content to the world — not so usefulfor secret criminal plots. In any case, however,anonymous electronic communication is simply atool, like payphones or postal mail, to be used for good or bad. A terrorist might use it to plan anattack, or an informant could use it to turn the ter-rorist in to the authorities. Most importantly, thefreedom to communicate is a fundamental valuein a democratic society. There is no way to deny itto the “bad guys” without also denying freedom tothe “good guys” — civil rights activists, minorityreligious groups, or ordinary citizens who simplywish to keep their affairs private.In designing Freenet, we focused on
I
privacy for information producers, consumers,and holders;
I
resistance to information censorship;
I
high availability and reliability through decen-tralization; and
I
efficient, scalable, and adaptive storage androuting.Maintaining privacy for creating and retrievingfiles means little without also protecting the filesthemselves — in particular, keeping their holdershidden from attack. We have thus made it hard todiscover exactly which computers store whichfiles. Together with redundant replication of data,holder privacy makes it extremely difficult for censors to block or destroy files on the network.Freenet does not, however, explicitly try toguarantee permanent data storage. Because diskspace is finite, a tradeoff exists between publish-ing new documents and preserving old ones. Manysystems solve this problem by requiring payment(in disk space or money, for example), but wewould rather encourage publishing than keep outauthors who can’t run peer nodes themselves or are too poor to pay for storage. To keep junk doc-uments from filling all available space or overwriting existing data, weimplement a proba-bilistic storage policy. We hope, however, thatFreenet will attract suf-ficient resources fromparticipants to preservemost files indefinitely.
FreenetArchitecture
Freenet participants each run a node that providesthe network some storage space. To add a new file,a user sends the network an insert message con-taining the file and its assigned location-indepen-dent globally unique identifier (GUID), whichcauses the file to be stored on some set of nodes.During a file’s lifetime, it might migrate to or bereplicated on other nodes. To retrieve a file, a user sends out a request message containing the GUIDkey. When the request reaches one of the nodeswhere the file is stored, that node passes the databack to the request’s originator.
GUID Keys
Freenet GUID keys are calculated using SHA-1secure hashes. The network employs two maintypes of keys:
content-hash keys
, used for prima-ry data storage, and
signed-subspace keys
, intend-ed for higher-level human use. The two are anal-ogous to inodes and filenames in a conventionalfile system.
Content-hash keys.
The content-hash key (CHK) isthe low-level data-storage key and is generated byhashing the contents of the file to be stored. This
IEEEINTERNETCOMPUTING
http://computer.org/internet/
 JANUARY • FEBRUARY 2002
41
Freenet
 We must assume thatparticipants couldoperate maliciouslyor fail without warning.
 
process gives every file a unique absolute identi-fier (SHA-1 collisions are considered nearly impos-sible) that can be verified quickly. Unlike withURLs, you can be certain that a CHK reference willpoint to the exact file intended. CHKs also permitidentical copies of a file inserted by different peo-ple to be automatically coalesced because everyuser will calculate the same key for the file.
Signed-subspace keys
.
The signed-subspace key(SSK) sets up a personal namespace that anyonecan read but only its owner can write to. You couldcreate a subspace for an archive on the Vietnam War, for example, by firstgenerating a randompublic-private key pair to identify it. To add a file you first choose a short text description, such as
politics/us/pentagon-papers
. You would thencalculate the file’s SSK by hashing the public half of the subspace key and the descriptive stringindependently before concatenating them andhashing again. Signing the file with the privatehalf of the key provides an integrity check as everynode that handles a signed-subspace file verifiesits signature before accepting it.To retrieve a file from a subspace, you need onlythe subspace’s public key (perhaps stored on your “keyring”) and the descriptive string, from which you can recreate the SSK. Adding or updating afile, on the other hand, requires the private key inorder to generate a valid signature. SSKs thusfacilitate trust by guaranteeing that the same pseu-donymous person created all files in the subspace,even though the subspace is not tied to a real-world identity. For example, you can use SSKs tosend out a newsletter, to publish a Web site, or (operated in reverse) to receive e-mail.Typically, SSKs are used to store indirect filescontaining pointers to CHKs rather than to storedata files directly. Indirect files combine the humanreadability and publisher authentication of SSKswith the fast verification of CHKs. They also allowdata to be updated while preserving referentialintegrity. To perform an update, the data’s owner first inserts a new version of the data, which willget a new CHK because the file contents are dif-ferent. The owner then updates the SSK to point tothe new version. The new version will be availableby the original SSK, and the old version willremain accessible by the old CHK. Indirect files canalso be used to split large files into multiple
pieces
by inserting each part under a separate CHK andcreating an indirect file that points to all the parts.
42
 JANUARY • FEBRUARY 2002
http://computer.org/internet/
IEEEINTERNETCOMPUTING
Peer-to-Peer Networking 
Related Work in P2P
The best-known systems similar to Freenetare Napster (http://www.napster.com/) andGnutella (http://gnutella.wego.com/),whichboth implement large-scale pooling of disk space among individual users.The majordifference is that whereas Freenet providesa file-storage service,these systemspro-vide a file-sharing service.That is,partici-pants make files available to others but donot push files to other nodes for storage.This architecture means that data is notpersistent in the network;rather,files areavailable only when their originators (orsubsequent requesters) are online.Anoth-er difference is that neither systemattempts to provide anonymity.Gnutella isalso extremely inefficient,broadcastingthousands of messages per request.Freenet more closely resembles the Eter-nity service,which was described in a pro-posal for a highly survivable network for per-manently and anonymously archivinginformation.
1
However,the proposal lackedspecifics on how to efficiently implementsuch a service.Free Haven is an Eternity-likeanonymous P2P publication system that usestrust mechanisms and file trading to enforceserver accountability and user anonymity.
2
Unfortunately,it can take a very long time — even days to retrieve files from it.
Security Issues
Several recently developed P2P file-storagesystems focus on efficient data locationrather than privacy and security againstmalicious participants.Systems such asOceanStore,
3
CooperativeFile System(CFS),
4
and PAST
5
are all based on routingmodels in which each node is assigned afixed identity and maintains some knowl-edge of nodes whose identities vary inspecified ways from its own.These systemsdeterministically place data on nodes thatmost closely match the data’s globallyunique identifier (GUID).A user can thuslocate data by progressively visiting nodeswhose identities match more and morebits of the desired GUID.The main advan-tage to these systems is that they can pro-vide strong guarantees that data will belocated within certain time bounds (gener-ally logarithmic) if it exists.Thus,they canprovide better handling of issues like stor-age management.The main disadvantage of these systemsrelative to Freenet is that they are more dif-ficult to secure against attack.It is easier fora malicious node to manipulate its identityto gain responsibility for a particular pieceof data and suppress it.Links and routingare also more visible and deterministicallystructured,making it easier to trace mes-sages and harder to route around maliciousnodes that sabotage requests
(
for example,by pretending data could not be found
)
.PAST,as currently constituted,also requiresusers to trust external smart cards.
Privacy Issues
Systems focusing on privacy for informa-tion consumers include browser proxy ser-
continued on p.43
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...