[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] Adding a mix network layer?

From: Bart Polot
Subject: Re: [GNUnet-developers] Adding a mix network layer?
Date: Fri, 25 Jul 2014 15:35:39 +0200

Just to expand Christian's answer little bit.

Our decision is deliberate. We have decided to keep onion routing out of CADET for various reasons:
- CADET is a connectivity service. We try to keep different functions in separate services, thus CADET only takes care of connectivity. Encryption comes in because we put security first and we try to do everything in GNUnet is as secure (encrypted) as possible.
- Anonimity doesn't come for free. Anonimity requires a minimum of three intermediate nodes, which increases the traffic in the network and the latency in the connection. If CADET can connect two peers directly (zero hops, in a non-restriced scenario), it tries does so.
- Anonimity is hard to get perfect. The three intermediate hops is just a bare minimum. You also have to select those peers "correctly", worry about timing correlation, and many other details.
- Conflicting requirements: Peer selection is directly oppsed to CADET's goals. For CADET you want to have the least possible hops, on the "directest" path between you and your target. For anonimity you need to have them as spread as possible (ideally the global network) and with a high minimum number of them.
- If you need anonimity, you can always put it on top of other layers, we are not rejecting it. If you replace IP by GNUnet, you can still run a Tor-like system (or maybe just Tor) pretty much unmodified. We do plan and have in our TO-DO list to build an anonimity layer, so the applications that need it can have it, it's just that we don't have the manpower to do it right now. We do accept code contributions, tho ;)


Bart Polot

On 25 July 2014 14:08, M. Klehr <address@hidden> wrote:
Hash: SHA512


I think GNUnet is a very valuable effort in "fixing" the internet and
I would like to thank everyone involved with it.

I really enjoyed reading the CADET paper and I'm not sure if GNUnet is
a direct implementation of CADET, but here are some thoughts about
CADET that I would like to throw in for discussion. Please do tell me
if I'm wrong.
I understand that there's link encryption between participants to
maintain message integrity and anonymity on the basic layer. Then
there's end-to-end encryption and connection redundancy (leaving aside
the multiplexing layer for now).
However, it seems to me a relaying node can still intercept a fair
amount of meta data through path information that's being sent along
with messages. I understand that this is intentional since the
protocol is designed for restricted route scenarios and nodes are able
to learn the network topology very quickly this way, but I believe
that using these connectivity paths for direct (albeit encrypted)
communication is a privacy flaw and invites censorship, because any
relaying node can learn who you're communicating with.
What I've been thinking about is the role a mix network layer
reminiscent of Tor could play in GNUnet.

What do you think?



GNUnet-developers mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]