diff options
author | ng0 <ng0@n0.is> | 2017-12-30 12:39:38 +0000 |
---|---|---|
committer | ng0 <ng0@n0.is> | 2017-12-30 12:39:38 +0000 |
commit | bfa1ef1a1c8311dfa9c03de055d155a3402eb191 (patch) | |
tree | 3103c47a6e9ce9f081c72cfb8da0167aca4a4eb9 /doc | |
parent | f3752accc1b45b227ad4ccf475b940258e7a849c (diff) | |
download | gnunet-bfa1ef1a1c8311dfa9c03de055d155a3402eb191.tar.gz gnunet-bfa1ef1a1c8311dfa9c03de055d155a3402eb191.zip |
doc: philosophy: 2 spaces -> 1 space between sentences. Some grammar fixes.
Using fully distributed and fully decentralized instead of 'decentralized',
intended to be explained later on.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/documentation/chapters/philosophy.texi | 80 |
1 files changed, 40 insertions, 40 deletions
diff --git a/doc/documentation/chapters/philosophy.texi b/doc/documentation/chapters/philosophy.texi index 6a2eedcd3..c20387c48 100644 --- a/doc/documentation/chapters/philosophy.texi +++ b/doc/documentation/chapters/philosophy.texi | |||
@@ -45,8 +45,9 @@ to redistribute exact copies, and to distribute modified versions. | |||
45 | Refer to @uref{https://www.gnu.org/philosophy/free-sw.html, https://www.gnu.org/philosophy/free-sw.html}} | 45 | Refer to @uref{https://www.gnu.org/philosophy/free-sw.html, https://www.gnu.org/philosophy/free-sw.html}} |
46 | @item GNUnet must only disclose the minimal amount of information | 46 | @item GNUnet must only disclose the minimal amount of information |
47 | necessary. | 47 | necessary. |
48 | @item GNUnet must be distributed and survive Byzantine failures at any | 48 | @c TODO: Explain 'fully' in the terminology section. |
49 | position in the network. | 49 | @item GNUnet must be fully distributed and survive Byzantine failures |
50 | at any position in the network. | ||
50 | @item GNUnet must make it explicit to the user which entities are | 51 | @item GNUnet must make it explicit to the user which entities are |
51 | considered to be trustworthy when establishing secured communications. | 52 | considered to be trustworthy when establishing secured communications. |
52 | @item GNUnet must use compartmentalization to protect sensitive | 53 | @item GNUnet must use compartmentalization to protect sensitive |
@@ -75,17 +76,17 @@ find out what is happening on the network or to disrupt operations. | |||
75 | @section Versatility | 76 | @section Versatility |
76 | 77 | ||
77 | We call GNUnet a peer-to-peer framework because we want to support many | 78 | We call GNUnet a peer-to-peer framework because we want to support many |
78 | different forms of peer-to-peer applications. GNUnet uses a plugin | 79 | different forms of peer-to-peer applications. GNUnet uses a plugin |
79 | architecture to make the system extensible and to encourage code reuse. | 80 | architecture to make the system extensible and to encourage code reuse. |
80 | While the first versions of the system only supported anonymous | 81 | While the first versions of the system only supported anonymous |
81 | file-sharing, other applications are being worked on and more will | 82 | file-sharing, other applications are being worked on and more will |
82 | hopefully follow in the future. | 83 | hopefully follow in the future. |
83 | A powerful synergy regarding anonymity services is created by a large | 84 | A powerful synergy regarding anonymity services is created by a large |
84 | community utilizing many diverse applications over the same software | 85 | community utilizing many diverse applications over the same software |
85 | infrastructure. The reason is that link encryption hides the specifics | 86 | infrastructure. The reason is that link encryption hides the specifics |
86 | of the traffic for non-participating observers. This way, anonymity can | 87 | of the traffic for non-participating observers. This way, anonymity can |
87 | get stronger with additional (GNUnet) traffic, even if the additional | 88 | get stronger with additional (GNUnet) traffic, even if the additional |
88 | traffic is not related to anonymous communication. Increasing anonymity | 89 | traffic is not related to anonymous communication. Increasing anonymity |
89 | is the primary reason why GNUnet is developed to become a peer-to-peer | 90 | is the primary reason why GNUnet is developed to become a peer-to-peer |
90 | framework where many applications share the lower layers of an | 91 | framework where many applications share the lower layers of an |
91 | increasingly complex protocol stack. | 92 | increasingly complex protocol stack. |
@@ -98,22 +99,22 @@ and a few shared libraries. | |||
98 | @section Practicality | 99 | @section Practicality |
99 | 100 | ||
100 | GNUnet allows participants to trade various amounts of security in | 101 | GNUnet allows participants to trade various amounts of security in |
101 | exchange for increased efficiency. However, it is not possible for any | 102 | exchange for increased efficiency. However, it is not possible for any |
102 | user's security and efficiency requirements to compromise the security | 103 | user's security and efficiency requirements to compromise the security |
103 | and efficiency of any other user. | 104 | and efficiency of any other user. |
104 | 105 | ||
105 | For GNUnet, efficiency is not paramount. If there were a more secure and | 106 | For GNUnet, efficiency is not paramount. If there were a more secure and |
106 | still practical approach, we would choose to take the more secure | 107 | still practical approach, we would choose to take the more secure |
107 | alternative. @command{telnet} is more efficient than @command{ssh}, yet | 108 | alternative. @command{telnet} is more efficient than @command{ssh}, yet |
108 | it is obsolete. | 109 | it is obsolete. |
109 | Hardware gets faster, and code can be optimized. Fixing security issues | 110 | Hardware gets faster, and code can be optimized. Fixing security issues |
110 | as an afterthought is much harder. | 111 | as an afterthought is much harder. |
111 | 112 | ||
112 | While security is paramount, practicability is still a requirement. | 113 | While security is paramount, practicability is still a requirement. |
113 | The most secure system is always the one that nobody can use. | 114 | The most secure system is always the one that nobody can use. |
114 | Similarly, any anonymous system that is extremely inefficient will only | 115 | Similarly, any anonymous system that is extremely inefficient will only |
115 | find few users. | 116 | find few users. |
116 | However, good anonymity requires a large and diverse user base. Since | 117 | However, good anonymity requires a large and diverse user base. Since |
117 | individual security requirements may vary, the only good solution here is | 118 | individual security requirements may vary, the only good solution here is |
118 | to allow individuals to trade-off security and efficiency. | 119 | to allow individuals to trade-off security and efficiency. |
119 | The primary challenge in allowing this is to ensure that the economic | 120 | The primary challenge in allowing this is to ensure that the economic |
@@ -156,9 +157,9 @@ The second part describes concepts specific to anonymous file-sharing. | |||
156 | @subsection Authentication | 157 | @subsection Authentication |
157 | 158 | ||
158 | Almost all peer-to-peer communications in GNUnet are between mutually | 159 | Almost all peer-to-peer communications in GNUnet are between mutually |
159 | authenticated peers. The authentication works by using ECDHE, that is a | 160 | authenticated peers. The authentication works by using ECDHE, that is a |
160 | DH (Diffie---Hellman) key exchange using ephemeral eliptic curve | 161 | DH (Diffie---Hellman) key exchange using ephemeral eliptic curve |
161 | cryptography. The ephemeral ECC (Eliptic Curve Cryptography) keys are | 162 | cryptography. The ephemeral ECC (Eliptic Curve Cryptography) keys are |
162 | signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}). | 163 | signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}). |
163 | The shared secret from ECDHE is used to create a pair of session keys | 164 | The shared secret from ECDHE is used to create a pair of session keys |
164 | @c FIXME: LOng word for HKDF | 165 | @c FIXME: LOng word for HKDF |
@@ -167,23 +168,23 @@ two peers using both 256-bit AES (Advanced Encryption Standard) | |||
167 | and 256-bit Twofish (with independently derived secret keys). | 168 | and 256-bit Twofish (with independently derived secret keys). |
168 | As only the two participating hosts know the shared secret, this | 169 | As only the two participating hosts know the shared secret, this |
169 | authenticates each packet | 170 | authenticates each packet |
170 | without requiring signatures each time. GNUnet uses SHA-512 | 171 | without requiring signatures each time. GNUnet uses SHA-512 |
171 | (Secure Hash Algorithm) hash codes to verify the integrity of messages. | 172 | (Secure Hash Algorithm) hash codes to verify the integrity of messages. |
172 | 173 | ||
173 | In GNUnet, the identity of a host is its public key. For that reason, | 174 | In GNUnet, the identity of a host is its public key. For that reason, |
174 | @c FIXME: is it clear to the average reader what a man-in-the-middle | 175 | @c FIXME: is it clear to the average reader what a man-in-the-middle |
175 | @c attack is? | 176 | @c attack is? |
176 | man-in-the-middle attacks will not break the authentication or accounting | 177 | man-in-the-middle attacks will not break the authentication or accounting |
177 | goals. Essentially, for GNUnet, the IP of the host has nothing to do with | 178 | goals. Essentially, for GNUnet, the IP of the host has nothing to do with |
178 | the identity of the host. As the public key is the only thing that truly | 179 | the identity of the host. As the public key is the only thing that truly |
179 | matters, faking an IP, a port or any other property of the underlying | 180 | matters, faking an IP, a port or any other property of the underlying |
180 | transport protocol is irrelevant. In fact, GNUnet peers can use | 181 | transport protocol is irrelevant. In fact, GNUnet peers can use |
181 | multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the | 182 | multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the |
182 | IP protocol at all (by running directly on layer 2). | 183 | IP protocol at all (by running directly on layer 2). |
183 | 184 | ||
184 | @c NOTE: For consistency we will use @code{HELLO}s throughout this Manual. | 185 | @c NOTE: For consistency we will use @code{HELLO}s throughout this Manual. |
185 | GNUnet uses a special type of message to communicate a binding between | 186 | GNUnet uses a special type of message to communicate a binding between |
186 | public (ECC) keys to their current network address. These messages are | 187 | public (ECC) keys to their current network address. These messages are |
187 | commonly called @code{HELLO}s or peer advertisements. | 188 | commonly called @code{HELLO}s or peer advertisements. |
188 | They contain the public key of the peer and its current network | 189 | They contain the public key of the peer and its current network |
189 | addresses for various transport services. | 190 | addresses for various transport services. |
@@ -193,7 +194,7 @@ peers. | |||
193 | For the UDP and TCP transport services, a network address is an IP and a | 194 | For the UDP and TCP transport services, a network address is an IP and a |
194 | port. | 195 | port. |
195 | GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use | 196 | GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use |
196 | various other forms of addresses. Note that any node can have many | 197 | various other forms of addresses. Note that any node can have many |
197 | different active transport services at the same time, | 198 | different active transport services at the same time, |
198 | and each of these can have a different addresses. | 199 | and each of these can have a different addresses. |
199 | Binding messages expire after at most a week (the timeout can be | 200 | Binding messages expire after at most a week (the timeout can be |
@@ -220,22 +221,21 @@ with queries that are, in the worst case, multiplied by the network. | |||
220 | 221 | ||
221 | In order to ensure that freeloaders or attackers have a minimal impact on | 222 | In order to ensure that freeloaders or attackers have a minimal impact on |
222 | the network, GNUnet's file-sharing implementation tries to distinguish | 223 | the network, GNUnet's file-sharing implementation tries to distinguish |
223 | good (contributing) nodes from malicious (freeloading) nodes. In GNUnet, | 224 | good (contributing) nodes from malicious (freeloading) nodes. In GNUnet, |
224 | every file-sharing node keeps track of the behavior of every other node it | 225 | every file-sharing node keeps track of the behavior of every other node it |
225 | has been in contact with. Many requests (depending on the application) | 226 | has been in contact with. Many requests (depending on the application) |
226 | are transmitted with a priority (or importance) level. | 227 | are transmitted with a priority (or importance) level. |
227 | That priority is used to establish how important the sender believes | 228 | That priority is used to establish how important the sender believes |
228 | this request is. If a peer responds to an important request, the | 229 | this request is. If a peer responds to an important request, the |
229 | recipient will increase its trust in the responder: | 230 | recipient will increase its trust in the responder: |
230 | the responder contributed resources. | 231 | the responder contributed resources. |
231 | If a peer is too busy to answer all requests, it needs to prioritize. | 232 | If a peer is too busy to answer all requests, it needs to prioritize. |
232 | @c FIXME: 'peers to not take' -> 'peers do not take' would make more sense | 233 | For that, peers do not take the priorities of the requests received at |
233 | For that, peers to not take the priorities of the requests received at | ||
234 | face value. | 234 | face value. |
235 | First, they check how much they trust the sender, and depending on that | 235 | First, they check how much they trust the sender, and depending on that |
236 | amount of trust they assign the request a (possibly lower) effective | 236 | amount of trust they assign the request a (possibly lower) effective |
237 | priority. Then, they drop the requests with the lowest effective priority | 237 | priority. Then, they drop the requests with the lowest effective priority |
238 | to satisfy their resource constraints. This way, GNUnet's economic model | 238 | to satisfy their resource constraints. This way, GNUnet's economic model |
239 | ensures that nodes that are not currently considered to have a surplus in | 239 | ensures that nodes that are not currently considered to have a surplus in |
240 | contributions will not be served if the network load is high. | 240 | contributions will not be served if the network load is high. |
241 | @footnote{Christian Grothoff. An Excess-Based Economic Model for Resource | 241 | @footnote{Christian Grothoff. An Excess-Based Economic Model for Resource |
@@ -248,7 +248,7 @@ Allocation in Peer-to-Peer Networks. Wirtschaftsinformatik, June 2003. | |||
248 | @subsection Confidentiality | 248 | @subsection Confidentiality |
249 | 249 | ||
250 | Adversaries outside of GNUnet are not supposed to know what kind of | 250 | Adversaries outside of GNUnet are not supposed to know what kind of |
251 | actions a peer is involved in. Only the specific neighbor of a peer that | 251 | actions a peer is involved in. Only the specific neighbor of a peer that |
252 | is the corresponding sender or recipient of a message may know its | 252 | is the corresponding sender or recipient of a message may know its |
253 | contents, and even then application protocols may place further | 253 | contents, and even then application protocols may place further |
254 | restrictions on that knowledge. | 254 | restrictions on that knowledge. |
@@ -256,7 +256,7 @@ In order to ensure confidentiality, GNUnet uses link encryption, that is | |||
256 | each message exchanged between two peers is encrypted using a pair of | 256 | each message exchanged between two peers is encrypted using a pair of |
257 | keys only known to these two peers. | 257 | keys only known to these two peers. |
258 | Encrypting traffic like this makes any kind of traffic analysis much | 258 | Encrypting traffic like this makes any kind of traffic analysis much |
259 | harder. Naturally, for some applications, it may still be desirable if | 259 | harder. Naturally, for some applications, it may still be desirable if |
260 | even neighbors cannot determine the concrete contents of a message. | 260 | even neighbors cannot determine the concrete contents of a message. |
261 | In GNUnet, this problem is addressed by the specific application-level | 261 | In GNUnet, this problem is addressed by the specific application-level |
262 | protocols (see for example, deniability and anonymity in anonymous file | 262 | protocols (see for example, deniability and anonymity in anonymous file |
@@ -271,9 +271,9 @@ sharing). | |||
271 | @end menu | 271 | @end menu |
272 | 272 | ||
273 | Providing anonymity for users is the central goal for the anonymous | 273 | Providing anonymity for users is the central goal for the anonymous |
274 | file-sharing application. Many other design decisions follow in the | 274 | file-sharing application. Many other design decisions follow in the |
275 | footsteps of this requirement. | 275 | footsteps of this requirement. |
276 | Anonymity is never absolute. While there are various | 276 | Anonymity is never absolute. While there are various |
277 | scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens, | 277 | scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens, |
278 | and Bart Preneel. Towards measuring anonymity. | 278 | and Bart Preneel. Towards measuring anonymity. |
279 | 2002. | 279 | 2002. |
@@ -289,7 +289,7 @@ given in scientific metrics@footnote{likewise}, | |||
289 | it is probably the best metric available to a peer with a purely local | 289 | it is probably the best metric available to a peer with a purely local |
290 | view of the world that does not rely on unreliable external information. | 290 | view of the world that does not rely on unreliable external information. |
291 | The default anonymity level is 1, which uses anonymous routing but | 291 | The default anonymity level is 1, which uses anonymous routing but |
292 | imposes no minimal requirements on cover traffic. It is possible | 292 | imposes no minimal requirements on cover traffic. It is possible |
293 | to forego anonymity when this is not required. The anonymity level of 0 | 293 | to forego anonymity when this is not required. The anonymity level of 0 |
294 | allows GNUnet to use more efficient, non-anonymous routing. | 294 | allows GNUnet to use more efficient, non-anonymous routing. |
295 | 295 | ||
@@ -299,12 +299,12 @@ allows GNUnet to use more efficient, non-anonymous routing. | |||
299 | 299 | ||
300 | Contrary to other designs, we do not believe that users achieve strong | 300 | Contrary to other designs, we do not believe that users achieve strong |
301 | anonymity just because their requests are obfuscated by a couple of | 301 | anonymity just because their requests are obfuscated by a couple of |
302 | indirections. This is not sufficient if the adversary uses traffic | 302 | indirections. This is not sufficient if the adversary uses traffic |
303 | analysis. | 303 | analysis. |
304 | The threat model used for anonymous file sharing in GNUnet assumes that | 304 | The threat model used for anonymous file sharing in GNUnet assumes that |
305 | the adversary is quite powerful. | 305 | the adversary is quite powerful. |
306 | In particular, we assume that the adversary can see all the traffic on | 306 | In particular, we assume that the adversary can see all the traffic on |
307 | the Internet. And while we assume that the adversary | 307 | the Internet. And while we assume that the adversary |
308 | can not break our encryption, we assume that the adversary has many | 308 | can not break our encryption, we assume that the adversary has many |
309 | participating nodes in the network and that it can thus see many of the | 309 | participating nodes in the network and that it can thus see many of the |
310 | node-to-node interactions since it controls some of the nodes. | 310 | node-to-node interactions since it controls some of the nodes. |
@@ -314,9 +314,9 @@ anonymous if they can hide their actions in the traffic created by other | |||
314 | users. | 314 | users. |
315 | Hiding actions in the traffic of other users requires participating in the | 315 | Hiding actions in the traffic of other users requires participating in the |
316 | traffic, bringing back the traditional technique of using indirection and | 316 | traffic, bringing back the traditional technique of using indirection and |
317 | source rewriting. Source rewriting is required to gain anonymity since | 317 | source rewriting. Source rewriting is required to gain anonymity since |
318 | otherwise an adversary could tell if a message originated from a host by | 318 | otherwise an adversary could tell if a message originated from a host by |
319 | looking at the source address. If all packets look like they originate | 319 | looking at the source address. If all packets look like they originate |
320 | from one node, the adversary can not tell which ones originate from that | 320 | from one node, the adversary can not tell which ones originate from that |
321 | node and which ones were routed. | 321 | node and which ones were routed. |
322 | Note that in this mindset, any node can decide to break the | 322 | Note that in this mindset, any node can decide to break the |
@@ -345,7 +345,7 @@ Designing Privacy Enhancing Technologies, 2003. | |||
345 | @subsection Deniability | 345 | @subsection Deniability |
346 | 346 | ||
347 | Even if the user that downloads data and the server that provides data are | 347 | Even if the user that downloads data and the server that provides data are |
348 | anonymous, the intermediaries may still be targets. In particular, if the | 348 | anonymous, the intermediaries may still be targets. In particular, if the |
349 | intermediaries can find out which queries or which content they are | 349 | intermediaries can find out which queries or which content they are |
350 | processing, a strong adversary could try to force them to censor | 350 | processing, a strong adversary could try to force them to censor |
351 | certain materials. | 351 | certain materials. |
@@ -371,7 +371,7 @@ An Encoding for Censorship-Resistant Sharing. | |||
371 | @subsection Peer Identities | 371 | @subsection Peer Identities |
372 | 372 | ||
373 | Peer identities are used to identify peers in the network and are unique | 373 | Peer identities are used to identify peers in the network and are unique |
374 | for each peer. The identity for a peer is simply its public key, which is | 374 | for each peer. The identity for a peer is simply its public key, which is |
375 | generated along with a private key the peer is started for the first time. | 375 | generated along with a private key the peer is started for the first time. |
376 | While the identity is binary data, it is often expressed as ASCII string. | 376 | While the identity is binary data, it is often expressed as ASCII string. |
377 | For example, the following is a peer identity as you might see it in | 377 | For example, the following is a peer identity as you might see it in |
@@ -399,10 +399,10 @@ zones are similar to those of DNS zones, but instead of a hierarchy of | |||
399 | authorities to governing their use, GNS zones are controlled by a private | 399 | authorities to governing their use, GNS zones are controlled by a private |
400 | key. | 400 | key. |
401 | When you create a record in a DNS zone, that information stored in your | 401 | When you create a record in a DNS zone, that information stored in your |
402 | nameserver. Anyone trying to resolve your domain then gets pointed | 402 | nameserver. Anyone trying to resolve your domain then gets pointed |
403 | (hopefully) by the centralised authority to your nameserver. | 403 | (hopefully) by the centralised authority to your nameserver. |
404 | Whereas GNS, being decentralised by design, stores that information in | 404 | Whereas GNS, being fully decentralized by design, stores that information |
405 | DHT. The validity of the records is assured cryptographically, by | 405 | in DHT. The validity of the records is assured cryptographically, by |
406 | signing them with the private key of the respective zone. | 406 | signing them with the private key of the respective zone. |
407 | 407 | ||
408 | Anyone trying to resolve records in a zone of your domain can then verify | 408 | Anyone trying to resolve records in a zone of your domain can then verify |