slides.org (5669B)
1 #+TITLE: Secure Share 2 #+AUTHOR: Daniel Reusche and Gabor Toth 3 #+LANGUAGE: en 4 #+OPTIONS: H:3 num:t toc:nil \n:nil @:t ::t |:t ^:t -:t f:t *:t <:t 5 #+OPTIONS: TeX:t LaTeX:t skip:nil d:nil todo:t pri:nil tags:not-in-toc 6 #+INFOJS_OPT: view:nil toc:nil ltoc:t mouse:underline buttons:0 path:http://orgmode.org/org-info.js 7 8 #+startup: oddeven 9 10 #+startup: beamer 11 #+LaTeX_CLASS: beamer 12 #+LaTeX_CLASS_OPTIONS: [bigger] 13 ##+LaTeX_HEADER: \usetheme{Darmstadt} 14 #+LaTeX_HEADER: \usetheme{Frankfurt} 15 ##+LaTeX_HEADER: \usetheme{Boadilla} 16 ##+LaTeX_HEADER: \usetheme{Pittsburgh} 17 ##+LaTeX_HEADER: \setbeamertemplate{navigation symbols}{} 18 #+BEAMER_FRAME_LEVEL: 3 19 20 * Introduction 21 22 ** Secure Share 23 24 *** Secure Share 25 A framework for secure and privacy-protecting social interaction based on 26 peer-to-peer technology 27 28 #** Federation - Unicast :noexport: 29 ##+ATTR_LaTeX: width=8cm 30 #[[./img/unicast.png]] 31 32 *** Goals 33 **** arbitrary messanging 34 ***** from one-to-one to many-to-many 35 ***** status updates and messages 36 **** file transfer 37 ***** sharing of pictures, music etc. 38 ***** collaborative document editing 39 ** Privacy 40 41 *** Privacy 42 #+BEGIN_CENTER 43 #+LaTeX: \textbf{\Huge{Privacy}} 44 #+END_CENTER 45 46 *** Ideal Case 47 [[../img/unicast.png]] 48 *** Centralized services 49 #+BEGIN_CENTER 50 #+ATTR_LaTeX: width=8cm 51 [[../img/cloud.png]] 52 #+END_CENTER 53 54 *** Privacy requirements 55 **** end-to-end encryption 56 **** forward secrecy 57 **** padding of packets 58 **** delayed forwarding 59 **** private contact list 60 **** free and open source software 61 *** Approach: federated systems 62 63 \textbf{\Large{And why not to use them}} 64 **** personal data on servers 65 **** personal data shared with even more server operators 66 **** only link-level encryption 67 **** PGP, OTR not enough 68 69 ** Scalability 70 71 *** Scalability 72 #+BEGIN_CENTER 73 #+LaTeX: \textbf{\Huge{Scalability}} 74 #+END_CENTER 75 76 *** Social interaction 77 **** one-to-many status updates 78 **** many-to-many group communication 79 80 *** Multicast 81 82 #+BEGIN_CENTER 83 #+ATTR_LaTeX: width=7cm 84 [[../img/multicast.png]] 85 #+END_CENTER 86 87 * Architecture 88 89 ** Architecture 90 91 *** Architecture 92 93 #+BEGIN_CENTER 94 #+LaTeX: \textbf{\Huge{Architecture}} 95 #+END_CENTER 96 97 ** Peer-to-Peer 98 99 *** Friend-to-friend architecture 100 **** connect to trusted nodes 101 **** prevents active attacks 102 103 *** Personal devices 104 **** Software runs on personal devices 105 **** Data is stored on personal devices 106 107 *** Personal devices 108 **** laptop, PC 109 **** plug computers, home routers, servers 110 **** smartphones 111 112 *** Peer-to-peer framework requirements 113 **** free/libre/open-source software 114 **** multi-platform, lightweight, written in a compiled language 115 **** provides API for essential P2P features 116 ***** bootstrapping, addressing, routing, encryption, NAT traversal 117 118 *** GNUnet 119 **** written in C 120 **** multi-platform 121 **** modular framework 122 **** advanced NAT traversal 123 124 *** GNUnet 125 **** multiple transport methods 126 ***** TCP, UDP 127 ***** HTTP, HTTPS 128 ***** SMTP 129 ***** ad-hoc WiFi 130 131 *** GNUnet 132 **** distributed hash table (DHT) 133 **** file sharing 134 ***** based on DHT and GAP 135 **** various routing schemes 136 ***** fish-eye bounded distance vector protocol 137 ****** gossiping in a limited neighborhood 138 ****** improves connectivity 139 ****** onion routing 140 ***** mesh service 141 ****** supports multicast 142 ****** uses DHT for routing 143 144 *** psycd 145 146 **** messaging protocol 147 **** manages connections, friendship between users 148 **** client interface 149 150 *** GNUnet - components and message flow 151 152 #+BEGIN_CENTER 153 #+ATTR_LaTeX: width=9.5cm 154 [[./gnunet-h.png]] 155 #+END_CENTER 156 157 ** Implementation 158 159 *** Implementation 160 161 #+BEGIN_CENTER 162 #+LaTeX: \textbf{\Huge{Implementation}} 163 #+END_CENTER 164 165 *** Components 166 167 **** libpsyc 168 169 **** psycd 170 171 **** GNUnet libraries 172 173 *** Identifiers 174 175 **** Federated PSYC 176 177 ***** based on DNS 178 179 : psyc://example.net/~alice#friends 180 181 **** P2P PSYC 182 183 ***** based on public key 184 185 : psyc://I0GC...L29G:g/#friends 186 187 *** Contacting peers 188 189 **** initial contact: hello message 190 191 ***** public key 192 193 ***** current addresses 194 195 **** next time contact to same address 196 197 **** or find new address through other peers 198 199 *** Circuits 200 201 **** GNUnet 202 203 **** TCP 204 205 **** UNIX domain sockets 206 207 **** TLS 208 209 *** Entities 210 211 **** person 212 ***** clients link to person entity 213 ***** can subscribe other entities 214 215 **** place 216 ***** group communication 217 ***** news feeds 218 219 *** Multicast contexts 220 221 [[./context.png]] 222 223 *** Distributed state 224 225 **** profile data, context membership 226 227 **** push changes once 228 229 **** synchronize after subscription 230 231 **** recover lost packets 232 233 **** syntax changes to support more complex data structures 234 235 *** Storage 236 237 **** incoming and outgoing packets 238 239 **** state variables 240 241 **** SQLite database 242 243 ***** multiplatform 244 245 ***** lightweight 246 247 ***** small memory footprint 248 249 * Clients 250 251 ** Clients 252 253 *** Clients 254 255 #+BEGIN_CENTER 256 #+LaTeX: \textbf{\Huge{Clients}} 257 #+END_CENTER 258 259 *** Desktop clients 260 261 **** secushare 262 ***** based on Qt/QML 263 ***** multiplatform 264 ***** touch UI 265 266 **** irssyc 267 ***** based on irssi 268 ***** intended for debugging and for advanced users 269 270 *** Web interface 271 272 **** JavaScript 273 274 **** WebSocket 275 276 *** Mobile clients 277 278 **** port GNUnet to mobile devices 279 280 **** or client only approach 281 282 *** Extensibility 283 284 **** channel API 285 ***** using a sandboxed QML or HTML view 286 ***** JavaScript API 287 ***** enables easy app development 288 ***** access only channel data 289 290 **** client API 291 ***** using libpsycclient 292 ***** allows for developing full-fledged clients 293 294 * Future work 295 296 ** Future work 297 298 *** Future work 299 300 #+BEGIN_CENTER 301 #+LaTeX: \textbf{\Huge{Future work}} 302 #+END_CENTER 303 304 *** Future work 305 306 **** routing layer - multicast 307 308 **** separate user and node identities 309 310 **** user interface 311 312 ***** improvements on desktop 313 314 ***** implement web UI 315 316 ***** implement mobile UI 317 318 **** file transfers