Pseudo


Pseudonymous infrastructures employ encryption and techniques like onion routing to achieve a new level of privacy. You can think of them as parallel dimensions of the Internet that cannot be monitored by men in the middle as the regular Internet. And you can call them Darknets.

Usually they form an anonymous cloud of peers in a P2P fashion, but some techniques focus on trusting only a specified social network of friends. You can call private darknets F2F.

In fact F2F technologies do not need to be P2P based in the sense that they depend on people to have their end-user machines running and come with instability and high latency due to DSL. It is also possible to deploy these technologies on servers in a federation style – You just have to ensure the main purpose will be communication between friends, not file sharing (which you can recommend by policy or ensure by applying web of trust or various guessing strategies to routing). Seen from this perspective a server-based F2F network is just the next step in privacy beyond current TLS and OTR practices.

Further on, an open social network can make F2F services small and private for you and your friends, yet everyone has her cloud of friends so in the end all of humanity can fit in.

Here are some technologies which more or less try to provide F2F services:

Contents

[edit]

GNUnet's Anonymity Protocol

GNUnet's GAP protocol has some interesting strengths over I2P, at least according to the claims in its whitepapers:

  1. Untraceability: The protocol makes various efforts to hide who is communicating with whom.
  2. In particular, GAP has the ability of letting the application decide how many hops to insert between sender and recipient, so you can make your own decisions on how important packets are, how paranoid you are, and still use it when you hardly need so much security at all. But, even when two people are exchanging data directly, you can't be sure one or both of them isn't actually proxying for somebody else. This mere unpredictability is a privacy enhancement.
  3. Unobservability: GAP has enhanced security by making all packets the same length, thus harder to guess what they might contain.

The bad news is, GAP does this for two message types which aren't very useful to the PSYC use cases:

  1. queries are broadcast to large parts of the gnunet containing a search string.. trying to find files that match something
  2. replies follow the path of the queries back to the initiator

Therefore, GAP is very interesting, but unfortunately very specific to a task that isn't ours. In order to have the functionality we would have to write our own service on top of the gnunet transports, or use other similar technology.

Paperwork:

Links:

[edit]

Filling the gap: PSYC on top of F2F

What happens if we inject PSYC packets into an F2F network? Interesting things can happen. Here's what PSYC brings to the table, that F2F technologies may or may not already have:

Mid term:

Things that matter in the long term:

Some aspects of PSYC can be replaced by F2F functionality:

One aspect that may be good or bad:

  • intelligent entities (you can't just put a user or a chatroom into a DHT)
    • So how do uniforms work in a darknet? -> public keys, DHT resolution instead of DNS. UNIs might not make sense but UNLs with locally mapped virtual IPs are probably still useful.

Trust metrics could become a very important factor for GNUnet's routing. In the GNUnet talks held at a 2010 GNU meeting they mention how they need some method of ranking nodes. What they need is the decentralized state that allows you to draw up a social map around you and calculate trust values for every node out there, thus enabling you to pick those nodes that are less likely to drop your packets because they don't know you. This totally enables routing nodes to be run on server infrastructure, thus providing a huge speed boost compared to traditional P2P applications.

[edit]

Pseudonymous Multicasting

The currently existing onion-based routing strategies implement one-to-one message delivery. To put one-to-many or many-to-many multicast routing layer on top would obviously have complete tunnels between each hop resulting in huge latencies. That probably doesn't make a difference when distributing large files by BitTorrent but this could be too slow and over the top for real-time oriented information that many are interested in, such as newscasting. It could be interesting to provide native multicast routing in these darknet technologies in order to improve efficiency of pseudonymous multicasting.

GNUnet folks are working on a mesh service which could lead to application-level multicasting.
[edit]

VPN

The term virtual private network seems to mean the same but in this architecture where we expect a virtual network to be a lot more private and a lot more social it actually just means that your friends are mapped to virtual IP addresses so you can use existing Internet applications on your computer and tunnel their traffic through an F2F infrastructure.

GNUnet has a tool for doing VPN over it. There are also some efforts to combine VPN with social network platforms such as XMPP ("SocialVPN") or even Facebook, but in that case you are no longer hiding who is talking to whom, so that's not as interesting. It sure looks like a pretty rebellious way to use Facebook at first, but thinking about it, it is really a very bad idea, because if you can get your friends to install some software, you should really give them something that lures them away from Facebook – not something that requires it even more.

[edit]

See also

Retrieved from "http://about.psyc.eu/Pseudo"