1 files changed, 335 insertions, 0 deletions
diff --git a/doc/chapters/philosophy.texi b/doc/chapters/philosophy.texi
new file mode 100644
index 000000000..56c9bb552
--- /dev/null
+++ b/doc/chapters/philosophy.texi
@@ -0,0 +1,335 @@
+@c ***************************************************************************
+@node Philosophy
+@chapter Philosophy
+The foremost goal of the GNUnet project is to become a widely used,
+reliable, open, non-discriminating, egalitarian, unfettered and
+censorship-resistant system of free information exchange.
+We value free speech above state secrets, law-enforcement or
+intellectual property. GNUnet is supposed to be an anarchistic network,
+where the only limitation for peers is that they must contribute enough
+back to the network such that their resource consumption does not have
+a significant impact on other users. GNUnet should be more than just
+another file-sharing network. The plan is to offer many other services
+and in particular to serve as a development platform for the next
+generation of decentralized Internet protocols.
+@menu
+* Design Goals::
+* Security & Privacy::
+* Versatility::
+* Practicality::
+* Key Concepts::
+@end menu
+@c ***************************************************************************
+@node Design Goals
+@section Design Goals
+These are the core GNUnet design goals, in order of relative importance:
+@itemize
+@item GNUnet must be implemented as free software.
+@item The GNUnet must only disclose the minimal amount of information
+      necessary.
+@item The GNUnet must be decentralised and survive Byzantine failures
+      in any position in the network.
+@item The GNUnet must make it explicit to the user which entities must be
+      trustworthy when establishing secured communications.
+@item The GNUnet must use compartmentalization to protect sensitive
+      information.
+@item The GNUnet must be open and permit new peers to join.
+@item The GNUnet must be self-organizing and not depend on administrators.
+@item The GNUnet must support a diverse range of applications and devices.
+@item The GNUnet architecture must be cost effective.
+@item The GNUnet must provide incentives for peers to contribute more
+      resources than they consume.
+@end itemize
+@node Security & Privacy
+@section Security & Privacy
+GNUnet's primary design goals are to protect the privacy of its users and to
+guard itself against attacks or abuse. GNUnet does not have any mechanisms
+to control, track or censor users. Instead, the GNUnet protocols aim to make
+it as hard as possible to find out what is happening on the network or to
+disrupt operations. 
+@node Versatility
+@section Versatility
+We call GNUnet a peer-to-peer framework because we want to support many
+different forms of peer-to-peer applications. GNUnet uses a plugin
+architecture to make the system extensible and to encourage code reuse.
+While the first versions of the system only supported anonymous file-sharing,
+other applications are being worked on and more will hopefully follow in the
+future. A powerful synergy regarding anonymity services is created by a large
+community utilizing many diverse applications over the same software
+infrastructure. The reason is that link encryption hides the specifics
+of the traffic for non-participating observers. This way, anonymity can
+get stronger with additional (GNUnet) traffic, even if the additional
+traffic is not related to anonymous communication. Increasing anonymity is
+the primary reason why GNUnet is developed to become a peer-to-peer
+framework where many applications share the lower layers of an increasingly
+complex protocol stack. If merging traffic to hinder traffic analysis was
+not important, we could have just developed a dozen stand-alone applications
+and a few shared libraries. 
+@node Practicality
+@section Practicality
+GNUnet allows participants to trade various amounts of security in exchange
+for increased efficiency. However, it is not possible for any user's security
+and efficiency requirements to compromise the security and efficiency of
+any other user. 
+For GNUnet, efficiency is not paramount. If there is a more secure and still
+practical approach, we would choose to take the more secure alternative.
+@command{telnet} is more efficient than @command{ssh}, yet it is obsolete.
+Hardware gets faster, and code can be optimized. Fixing security issues as
+an afterthought is much harder. 
+While security is paramount, practicability is still a requirement. The most
+secure system is always the one that nobody can use. Similarly, any
+anonymous system that is extremely inefficient will only find few users.
+However, good anonymity requires a large and diverse user base. Since
+individual security requirements may vary, the only good solution here is to
+allow individuals to trade-off security and efficiency. The primary challenge
+in allowing this is to ensure that the economic incentives work properly.
+In particular, this means that it must be impossible for a user to gain
+security at the expense of other users. Many designs (e.g. anonymity via
+broadcast) fail to give users an incentive to choose a less secure but more
+efficient mode of operation. GNUnet should avoid where ever possible to
+rely on protocols that will only work if the participants are benevolent.
+While some designs have had widespread success while relying on parties
+to observe a protocol that may be sub-optimal for the individuals (e.g.
+TCP Nagle), a protocol that ensures that individual goals never conflict
+with the goals of the group is always preferable.
+@node Key Concepts
+@section Key Concepts
+In this section, the fundamental concepts of GNUnet are explained.  Most of
+them are also described in our research papers.  First, some of the concepts
+used in the GNUnet framework are detailed.  The second part describes concepts
+specific to anonymous file-sharing.
+@menu
+* Authentication::
+* Accounting to Encourage Resource Sharing::
+* Confidentiality::
+* Anonymity::
+* Deniability::                       
+* Peer Identities::
+* Zones in the GNU Name System (GNS Zones)::
+* Egos::
+@end menu
+@node Authentication
+@subsection Authentication
+Almost all peer-to-peer communications in GNUnet are between mutually
+authenticated peers. The authentication works by using ECDHE, that is a
+DH key exchange using ephemeral eliptic curve cryptography. The ephemeral
+ECC keys are signed using ECDSA. The shared secret from ECDHE is used to
+create a pair of session keys (using HKDF) which are then used to encrypt
+the communication between the two peers using both 256-bit AES and 256-bit
+Twofish (with independently derived secret keys). As only the two
+participating hosts know the shared secret, this authenticates each packet
+without requiring signatures each time. GNUnet uses SHA-512 hash codes to
+verify the integrity of messages. 
+In GNUnet, the identity of a host is its public key. For that reason,
+man-in-the-middle attacks will not break the authentication or accounting
+goals. Essentially, for GNUnet, the IP of the host has nothing to do with
+the identity of the host. As the public key is the only thing that truly
+matters, faking an IP, a port or any other property of the underlying
+transport protocol is irrelevant. In fact, GNUnet peers can use
+multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the
+IP protocol at all (by running directly on layer 2). 
+GNUnet uses a special type of message to communicate a binding between
+public (ECC) keys to their current network address. These messages are
+commonly called HELLOs or peer advertisements. They contain the public key
+of the peer and its current network addresses for various transport services.
+A transport service is a special kind of shared library that
+provides (possibly unreliable, out-of-order) message delivery between peers.
+For the UDP and TCP transport services, a network address is an IP and a port.
+GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use
+various other forms of addresses. Note that any node can have many different
+active transport services at the same time, and each of these can have a
+different addresses. Binding messages expire after at most a week (the
+timeout can be shorter if the user configures the node appropriately). This
+expiration ensures that the network will eventually get rid of outdated
+advertisements.@
+More details can be found in this paper.
+@node Accounting to Encourage Resource Sharing
+@subsection Accounting to Encourage Resource Sharing
+Most distributed P2P networks suffer from a lack of defenses or precautions
+against attacks in the form of freeloading. While the intentions of an
+attacker and a freeloader are different, their effect on the network is the
+same; they both render it useless. Most simple attacks on networks such as
+Gnutella involve flooding the network with traffic, particularly with
+queries that are, in the worst case, multiplied by the network. 
+In order to ensure that freeloaders or attackers have a minimal impact on the
+network, GNUnet's file-sharing implementation tries to distinguish
+good (contributing) nodes from malicious (freeloading) nodes. In GNUnet,
+every file-sharing node keeps track of the behavior of every other node it
+has been in contact with. Many requests (depending on the application) are
+transmitted with a priority (or importance) level. That priority is used to
+establish how important the sender believes this request is. If a peer
+responds to an important request, the recipient will increase its trust in the
+responder: the responder contributed resources. If a peer is too busy to
+answer all requests, it needs to prioritize. For that, peers to not take the
+priorities of the requests received at face value. First, they check how much
+they trust the sender, and depending on that amount of trust they assign the
+request a (possibly lower) effective priority. Then, they drop the requests
+with the lowest effective priority to satisfy their resource constraints. This
+way, GNUnet's economic model ensures that nodes that are not currently
+considered to have a surplus in contributions will not be served if the
+network load is high. More details can be found in this paper.
+@node Confidentiality
+@subsection Confidentiality
+Adversaries outside of GNUnet are not supposed to know what kind of actions a
+peer is involved in. Only the specific neighbor of a peer that is the
+corresponding sender or recipient of a message may know its contents, and even
+then application protocols may place further restrictions on that knowledge.
+In order to ensure confidentiality, GNUnet uses link encryption, that is each
+message exchanged between two peers is encrypted using a pair of keys only
+known to these two peers. Encrypting traffic like this makes any kind of
+traffic analysis much harder. Naturally, for some applications, it may still
+be desirable if even neighbors cannot determine the concrete contents of a
+message. In GNUnet, this problem is addressed by the specific
+application-level protocols (see for example, deniability and anonymity in
+anonymous file sharing).
+@node Anonymity
+@subsection Anonymity
+Providing anonymity for users is the central goal for the anonymous
+file-sharing application. Many other design decisions follow in the footsteps
+of this requirement. Anonymity is never absolute. While there are various
+scientific metrics that can help quantify the level of anonymity that a
+given mechanism provides, there is no such thing as complete anonymity.
+GNUnet's file-sharing implementation allows users to select for each
+operation (publish, search, download) the desired level of anonymity.
+The metric used is the amount of cover traffic available to hide the request.
+While this metric is not as good as, for example, the theoretical metric
+given in scientific metrics, it is probably the best metric available to
+a peer with a purely local view of the world that does not rely on unreliable
+external information. The default anonymity level is 1, which uses anonymous
+routing but imposes no minimal requirements on cover traffic. It is possible
+to forego anonymity when this is not required. The anonymity level of 0
+allows GNUnet to use more efficient, non-anonymous routing.
+@menu
+* How file-sharing achieves Anonymity:
+@end menu
+@node How file-sharing achieves Anonymity
+@subsubsection How file-sharing achieves Anonymity
+Contrary to other designs, we do not believe that users achieve strong
+anonymity just because their requests are obfuscated by a couple of
+indirections. This is not sufficient if the adversary uses traffic analysis.
+The threat model used for anonymous file sharing in GNUnet assumes that the
+adversary is quite powerful. In particular, we assume that the adversary can
+see all the traffic on the Internet. And while we assume that the adversary
+can not break our encryption, we assume that the adversary has many
+participating nodes in the network and that it can thus see many of the
+node-to-node interactions since it controls some of the nodes. 
+The system tries to achieve anonymity based on the idea that users can be
+anonymous if they can hide their actions in the traffic created by other users.
+Hiding actions in the traffic of other users requires participating in the
+traffic, bringing back the traditional technique of using indirection and
+source rewriting. Source rewriting is required to gain anonymity since
+otherwise an adversary could tell if a message originated from a host by
+looking at the source address. If all packets look like they originate from
+a node, the adversary can not tell which ones originate from that node and
+which ones were routed. Note that in this mindset, any node can decide to
+break the source-rewriting paradigm without violating the protocol, as this
+only reduces the amount of traffic that a node can hide its own traffic in. 
+If we want to hide our actions in the traffic of other nodes, we must make
+our traffic indistinguishable from the traffic that we route for others. As
+our queries must have us as the receiver of the reply (otherwise they would
+be useless), we must put ourselves as the receiver of replies that actually
+go to other hosts; in other words, we must indirect replies. Unlike other
+systems, in anonymous file-sharing as implemented on top of GNUnet we do not
+have to indirect the replies if we don't think we need more traffic to hide
+our own actions.@
+This increases the efficiency of the network as we can indirect less under
+higher load. More details can be found in this paper. 
+@node Deniability
+@subsection Deniability
+Even if the user that downloads data and the server that provides data are
+anonymous, the intermediaries may still be targets. In particular, if the
+intermediaries can find out which queries or which content they are
+processing, a strong adversary could try to force them to censor
+certain materials. 
+With the file-encoding used by GNUnet's anonymous file-sharing, this problem
+does not arise.  The reason is that queries and replies are transmitted in
+an encrypted format such that intermediaries cannot tell what the query
+is for or what the content is about.  Mind that this is not the same
+encryption as the link-encryption between the nodes.  GNUnet has
+encryption on the network layer (link encryption, confidentiality,
+authentication) and again on the application layer (provided
+by @command{gnunet-publish}, @command{gnunet-download}, @command{gnunet-search}
+and @command{gnunet-gtk}).  More details can be found here.
+@node Peer Identities
+@subsection Peer Identities
+Peer identities are used to identify peers in the network and are unique for
+each peer.  The identity for a peer is simply its public key, which is
+generated along with a private key the peer is started for the first time.
+While the identity is binary data, it is often expressed as ASCII string.
+For example, the following is a peer identity as you might see it in
+various places:@
+@code{@
+ UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0@
+}
+You can find your peer identity by running@
+@command{gnunet-peerinfo -s}
+@node Zones in the GNU Name System (GNS Zones)
+@subsection Zones in the GNU Name System (GNS Zones)
+GNS zones are similar to those of DNS zones, but instead of a hierarchy of
+authorities to governing their use, GNS zones are controlled by a private key.
+When you create a record in a DNS zone, that information stored in your
+nameserver.  Anyone trying to resolve your domain then gets pointed (hopefully)
+by the centralised authority to your nameserver.  Whereas GNS, being
+decentralised by design, stores that information in DHT.  The validity of the
+records is assured cryptographically, by signing them with the private key of
+the respective zone.
+Anyone trying to resolve records in a zone your domain can then verify the
+signature on the records they get from the DHT and be assured that they are
+indeed from the respective zone.  To make this work, there is a 1:1
+correspondence between zones and their public-private key pairs.  So when we
+talk about the owner of a GNS zone, that's really the owner of the private
+key.  And a user accessing a zone needs to somehow specify the corresponding
+public key first.
+@node Egos
+@subsection Egos
+Egos are your "identities" in GNUnet.  Any user can assume multiple
+identities, for example to separate his activities online.  Egos can
+correspond to pseudonyms or real-world identities.  Technically, an
+ego is first of all a public-private key pair.

diff --git a/doc/chapters/philosophy.texi b/doc/chapters/philosophy.texi new file mode 100644 index 000000000..56c9bb552 --- /dev/null +++ b/doc/chapters/philosophy.texi
@@ -0,0 +1,335 @@
	1	@c ***************************************************************************
	2	@node Philosophy
	3	@chapter Philosophy
	4
	5	The foremost goal of the GNUnet project is to become a widely used,
	6	reliable, open, non-discriminating, egalitarian, unfettered and
	7	censorship-resistant system of free information exchange.
	8	We value free speech above state secrets, law-enforcement or
	9	intellectual property. GNUnet is supposed to be an anarchistic network,
	10	where the only limitation for peers is that they must contribute enough
	11	back to the network such that their resource consumption does not have
	12	a significant impact on other users. GNUnet should be more than just
	13	another file-sharing network. The plan is to offer many other services
	14	and in particular to serve as a development platform for the next
	15	generation of decentralized Internet protocols.
	16
	17	@menu
	18	* Design Goals::
	19	* Security & Privacy::
	20	* Versatility::
	21	* Practicality::
	22	* Key Concepts::
	23	@end menu
	24
	25
	26	@c ***************************************************************************
	27	@node Design Goals
	28	@section Design Goals
	29
	30	These are the core GNUnet design goals, in order of relative importance:
	31
	32	@itemize
	33	@item GNUnet must be implemented as free software.
	34	@item The GNUnet must only disclose the minimal amount of information
	35	necessary.
	36	@item The GNUnet must be decentralised and survive Byzantine failures
	37	in any position in the network.
	38	@item The GNUnet must make it explicit to the user which entities must be
	39	trustworthy when establishing secured communications.
	40	@item The GNUnet must use compartmentalization to protect sensitive
	41	information.
	42	@item The GNUnet must be open and permit new peers to join.
	43	@item The GNUnet must be self-organizing and not depend on administrators.
	44	@item The GNUnet must support a diverse range of applications and devices.
	45	@item The GNUnet architecture must be cost effective.
	46	@item The GNUnet must provide incentives for peers to contribute more
	47	resources than they consume.
	48	@end itemize
	49
	50
	51	@node Security & Privacy
	52	@section Security & Privacy
	53
	54	GNUnet's primary design goals are to protect the privacy of its users and to
	55	guard itself against attacks or abuse. GNUnet does not have any mechanisms
	56	to control, track or censor users. Instead, the GNUnet protocols aim to make
	57	it as hard as possible to find out what is happening on the network or to
	58	disrupt operations.
	59
	60	@node Versatility
	61	@section Versatility
	62
	63	We call GNUnet a peer-to-peer framework because we want to support many
	64	different forms of peer-to-peer applications. GNUnet uses a plugin
	65	architecture to make the system extensible and to encourage code reuse.
	66	While the first versions of the system only supported anonymous file-sharing,
	67	other applications are being worked on and more will hopefully follow in the
	68	future. A powerful synergy regarding anonymity services is created by a large
	69	community utilizing many diverse applications over the same software
	70	infrastructure. The reason is that link encryption hides the specifics
	71	of the traffic for non-participating observers. This way, anonymity can
	72	get stronger with additional (GNUnet) traffic, even if the additional
	73	traffic is not related to anonymous communication. Increasing anonymity is
	74	the primary reason why GNUnet is developed to become a peer-to-peer
	75	framework where many applications share the lower layers of an increasingly
	76	complex protocol stack. If merging traffic to hinder traffic analysis was
	77	not important, we could have just developed a dozen stand-alone applications
	78	and a few shared libraries.
	79
	80	@node Practicality
	81	@section Practicality
	82
	83	GNUnet allows participants to trade various amounts of security in exchange
	84	for increased efficiency. However, it is not possible for any user's security
	85	and efficiency requirements to compromise the security and efficiency of
	86	any other user.
	87
	88	For GNUnet, efficiency is not paramount. If there is a more secure and still
	89	practical approach, we would choose to take the more secure alternative.
	90	@command{telnet} is more efficient than @command{ssh}, yet it is obsolete.
	91	Hardware gets faster, and code can be optimized. Fixing security issues as
	92	an afterthought is much harder.
	93
	94	While security is paramount, practicability is still a requirement. The most
	95	secure system is always the one that nobody can use. Similarly, any
	96	anonymous system that is extremely inefficient will only find few users.
	97	However, good anonymity requires a large and diverse user base. Since
	98	individual security requirements may vary, the only good solution here is to
	99	allow individuals to trade-off security and efficiency. The primary challenge
	100	in allowing this is to ensure that the economic incentives work properly.
	101	In particular, this means that it must be impossible for a user to gain
	102	security at the expense of other users. Many designs (e.g. anonymity via
	103	broadcast) fail to give users an incentive to choose a less secure but more
	104	efficient mode of operation. GNUnet should avoid where ever possible to
	105	rely on protocols that will only work if the participants are benevolent.
	106	While some designs have had widespread success while relying on parties
	107	to observe a protocol that may be sub-optimal for the individuals (e.g.
	108	TCP Nagle), a protocol that ensures that individual goals never conflict
	109	with the goals of the group is always preferable.
	110
	111	@node Key Concepts
	112	@section Key Concepts
	113
	114	In this section, the fundamental concepts of GNUnet are explained. Most of
	115	them are also described in our research papers. First, some of the concepts
	116	used in the GNUnet framework are detailed. The second part describes concepts
	117	specific to anonymous file-sharing.
	118
	119	@menu
	120	* Authentication::
	121	* Accounting to Encourage Resource Sharing::
	122	* Confidentiality::
	123	* Anonymity::
	124	* Deniability::
	125	* Peer Identities::
	126	* Zones in the GNU Name System (GNS Zones)::
	127	* Egos::
	128	@end menu
	129
	130	@node Authentication
	131	@subsection Authentication
	132
	133	Almost all peer-to-peer communications in GNUnet are between mutually
	134	authenticated peers. The authentication works by using ECDHE, that is a
	135	DH key exchange using ephemeral eliptic curve cryptography. The ephemeral
	136	ECC keys are signed using ECDSA. The shared secret from ECDHE is used to
	137	create a pair of session keys (using HKDF) which are then used to encrypt
	138	the communication between the two peers using both 256-bit AES and 256-bit
	139	Twofish (with independently derived secret keys). As only the two
	140	participating hosts know the shared secret, this authenticates each packet
	141	without requiring signatures each time. GNUnet uses SHA-512 hash codes to
	142	verify the integrity of messages.
	143
	144	In GNUnet, the identity of a host is its public key. For that reason,
	145	man-in-the-middle attacks will not break the authentication or accounting
	146	goals. Essentially, for GNUnet, the IP of the host has nothing to do with
	147	the identity of the host. As the public key is the only thing that truly
	148	matters, faking an IP, a port or any other property of the underlying
	149	transport protocol is irrelevant. In fact, GNUnet peers can use
	150	multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the
	151	IP protocol at all (by running directly on layer 2).
	152
	153	GNUnet uses a special type of message to communicate a binding between
	154	public (ECC) keys to their current network address. These messages are
	155	commonly called HELLOs or peer advertisements. They contain the public key
	156	of the peer and its current network addresses for various transport services.
	157	A transport service is a special kind of shared library that
	158	provides (possibly unreliable, out-of-order) message delivery between peers.
	159	For the UDP and TCP transport services, a network address is an IP and a port.
	160	GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use
	161	various other forms of addresses. Note that any node can have many different
	162	active transport services at the same time, and each of these can have a
	163	different addresses. Binding messages expire after at most a week (the
	164	timeout can be shorter if the user configures the node appropriately). This
	165	expiration ensures that the network will eventually get rid of outdated
	166	advertisements.@
	167	More details can be found in this paper.
	168
	169	@node Accounting to Encourage Resource Sharing
	170	@subsection Accounting to Encourage Resource Sharing
	171
	172	Most distributed P2P networks suffer from a lack of defenses or precautions
	173	against attacks in the form of freeloading. While the intentions of an
	174	attacker and a freeloader are different, their effect on the network is the
	175	same; they both render it useless. Most simple attacks on networks such as
	176	Gnutella involve flooding the network with traffic, particularly with
	177	queries that are, in the worst case, multiplied by the network.
	178
	179	In order to ensure that freeloaders or attackers have a minimal impact on the
	180	network, GNUnet's file-sharing implementation tries to distinguish
	181	good (contributing) nodes from malicious (freeloading) nodes. In GNUnet,
	182	every file-sharing node keeps track of the behavior of every other node it
	183	has been in contact with. Many requests (depending on the application) are
	184	transmitted with a priority (or importance) level. That priority is used to
	185	establish how important the sender believes this request is. If a peer
	186	responds to an important request, the recipient will increase its trust in the
	187	responder: the responder contributed resources. If a peer is too busy to
	188	answer all requests, it needs to prioritize. For that, peers to not take the
	189	priorities of the requests received at face value. First, they check how much
	190	they trust the sender, and depending on that amount of trust they assign the
	191	request a (possibly lower) effective priority. Then, they drop the requests
	192	with the lowest effective priority to satisfy their resource constraints. This
	193	way, GNUnet's economic model ensures that nodes that are not currently
	194	considered to have a surplus in contributions will not be served if the
	195	network load is high. More details can be found in this paper.
	196
	197	@node Confidentiality
	198	@subsection Confidentiality
	199
	200	Adversaries outside of GNUnet are not supposed to know what kind of actions a
	201	peer is involved in. Only the specific neighbor of a peer that is the
	202	corresponding sender or recipient of a message may know its contents, and even
	203	then application protocols may place further restrictions on that knowledge.
	204	In order to ensure confidentiality, GNUnet uses link encryption, that is each
	205	message exchanged between two peers is encrypted using a pair of keys only
	206	known to these two peers. Encrypting traffic like this makes any kind of
	207	traffic analysis much harder. Naturally, for some applications, it may still
	208	be desirable if even neighbors cannot determine the concrete contents of a
	209	message. In GNUnet, this problem is addressed by the specific
	210	application-level protocols (see for example, deniability and anonymity in
	211	anonymous file sharing).
	212
	213	@node Anonymity
	214	@subsection Anonymity
	215
	216	Providing anonymity for users is the central goal for the anonymous
	217	file-sharing application. Many other design decisions follow in the footsteps
	218	of this requirement. Anonymity is never absolute. While there are various
	219	scientific metrics that can help quantify the level of anonymity that a
	220	given mechanism provides, there is no such thing as complete anonymity.
	221	GNUnet's file-sharing implementation allows users to select for each
	222	operation (publish, search, download) the desired level of anonymity.
	223	The metric used is the amount of cover traffic available to hide the request.
	224	While this metric is not as good as, for example, the theoretical metric
	225	given in scientific metrics, it is probably the best metric available to
	226	a peer with a purely local view of the world that does not rely on unreliable
	227	external information. The default anonymity level is 1, which uses anonymous
	228	routing but imposes no minimal requirements on cover traffic. It is possible
	229	to forego anonymity when this is not required. The anonymity level of 0
	230	allows GNUnet to use more efficient, non-anonymous routing.
	231
	232	@menu
	233	* How file-sharing achieves Anonymity:
	234	@end menu
	235
	236	@node How file-sharing achieves Anonymity
	237	@subsubsection How file-sharing achieves Anonymity
	238
	239	Contrary to other designs, we do not believe that users achieve strong
	240	anonymity just because their requests are obfuscated by a couple of
	241	indirections. This is not sufficient if the adversary uses traffic analysis.
	242	The threat model used for anonymous file sharing in GNUnet assumes that the
	243	adversary is quite powerful. In particular, we assume that the adversary can
	244	see all the traffic on the Internet. And while we assume that the adversary
	245	can not break our encryption, we assume that the adversary has many
	246	participating nodes in the network and that it can thus see many of the
	247	node-to-node interactions since it controls some of the nodes.
	248
	249	The system tries to achieve anonymity based on the idea that users can be
	250	anonymous if they can hide their actions in the traffic created by other users.
	251	Hiding actions in the traffic of other users requires participating in the
	252	traffic, bringing back the traditional technique of using indirection and
	253	source rewriting. Source rewriting is required to gain anonymity since
	254	otherwise an adversary could tell if a message originated from a host by
	255	looking at the source address. If all packets look like they originate from
	256	a node, the adversary can not tell which ones originate from that node and
	257	which ones were routed. Note that in this mindset, any node can decide to
	258	break the source-rewriting paradigm without violating the protocol, as this
	259	only reduces the amount of traffic that a node can hide its own traffic in.
	260
	261	If we want to hide our actions in the traffic of other nodes, we must make
	262	our traffic indistinguishable from the traffic that we route for others. As
	263	our queries must have us as the receiver of the reply (otherwise they would
	264	be useless), we must put ourselves as the receiver of replies that actually
	265	go to other hosts; in other words, we must indirect replies. Unlike other
	266	systems, in anonymous file-sharing as implemented on top of GNUnet we do not
	267	have to indirect the replies if we don't think we need more traffic to hide
	268	our own actions.@
	269
	270	This increases the efficiency of the network as we can indirect less under
	271	higher load. More details can be found in this paper.
	272
	273	@node Deniability
	274	@subsection Deniability
	275
	276	Even if the user that downloads data and the server that provides data are
	277	anonymous, the intermediaries may still be targets. In particular, if the
	278	intermediaries can find out which queries or which content they are
	279	processing, a strong adversary could try to force them to censor
	280	certain materials.
	281
	282	With the file-encoding used by GNUnet's anonymous file-sharing, this problem
	283	does not arise. The reason is that queries and replies are transmitted in
	284	an encrypted format such that intermediaries cannot tell what the query
	285	is for or what the content is about. Mind that this is not the same
	286	encryption as the link-encryption between the nodes. GNUnet has
	287	encryption on the network layer (link encryption, confidentiality,
	288	authentication) and again on the application layer (provided
	289	by @command{gnunet-publish}, @command{gnunet-download}, @command{gnunet-search}
	290	and @command{gnunet-gtk}). More details can be found here.
	291
	292	@node Peer Identities
	293	@subsection Peer Identities
	294
	295	Peer identities are used to identify peers in the network and are unique for
	296	each peer. The identity for a peer is simply its public key, which is
	297	generated along with a private key the peer is started for the first time.
	298	While the identity is binary data, it is often expressed as ASCII string.
	299	For example, the following is a peer identity as you might see it in
	300	various places:@
	301	@code{@
	302	UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0@
	303	}
	304
	305	You can find your peer identity by running@
	306	@command{gnunet-peerinfo -s}
	307
	308	@node Zones in the GNU Name System (GNS Zones)
	309	@subsection Zones in the GNU Name System (GNS Zones)
	310
	311	GNS zones are similar to those of DNS zones, but instead of a hierarchy of
	312	authorities to governing their use, GNS zones are controlled by a private key.
	313	When you create a record in a DNS zone, that information stored in your
	314	nameserver. Anyone trying to resolve your domain then gets pointed (hopefully)
	315	by the centralised authority to your nameserver. Whereas GNS, being
	316	decentralised by design, stores that information in DHT. The validity of the
	317	records is assured cryptographically, by signing them with the private key of
	318	the respective zone.
	319
	320	Anyone trying to resolve records in a zone your domain can then verify the
	321	signature on the records they get from the DHT and be assured that they are
	322	indeed from the respective zone. To make this work, there is a 1:1
	323	correspondence between zones and their public-private key pairs. So when we
	324	talk about the owner of a GNS zone, that's really the owner of the private
	325	key. And a user accessing a zone needs to somehow specify the corresponding
	326	public key first.
	327
	328	@node Egos
	329	@subsection Egos
	330
	331	Egos are your "identities" in GNUnet. Any user can assume multiple
	332	identities, for example to separate his activities online. Egos can
	333	correspond to pseudonyms or real-world identities. Technically, an
	334	ego is first of all a public-private key pair.
	335