GNUnet in wireless community networks Talk at BattleMeshV8 2015-08-04
<daniel AT makrotopia DOT org>
- what is gnunet? Wikipedia: GNUnet is a free software framework for decentralized, peer-to-peer networking and an official GNU package. The framework offers link encryption, peer discovery, resource allocation, communication over many transports (such as tcp, udp, http, https, wlan and bluetooth) and various basic peer-to-peer algorithms for routing, multicast and network size restimation. Main USE-cases: + anonymous public P2P filesharing (-> similar to FreenetProject) + filesharing in closed user groups (-> can replace dropbox) Key concepts: + Authentication + Peer Identities + Accounting to Encourage Resource Sharing + Confidentiality + Anonymity + Deniability For developers, GNUnet is: Free software under the GNU General Public License, with a community that believes in the GNU philosophy A set of standards, including coding conventions and architectural rules A set of layered protocols, both specifying the communication between peers as well as the communication between components of a single peer. A set of libraries with well-defined APIs suitable for writing extensions by-catch: * a distributed PKI * a variety of transports: TCP, UDP, HTTP/HTTPS client/server, Bluetooth, (very slow) WiFi * peer discovery (multicast) and peer exchange * a DHT based routing scheme (R5N)
- project history * a GNU project * developed mainly at TUM and INRIA * written in C, GTK+ GUI * vast amounts White Paper * aims to be portable and modular * started in 2001 * rewrite in 2009 * simulated @TUM in virtual testbed with up to a few thousand nodes (!) * malicious behaviour and attack scenaria are publicly implemented and regularly evaluated experimental components being under development: + Onion-Routing (BRAHMS/RPS) + Multicast + Social Media (PSYC) + Distance-Vector based routing + REST interfaces
- gnunet's architecture roughly: a bunch of small services communicating with each other using well defined protocols on UNIX domain (or TCP) sockets services share a common configuration backend GNUnet got it's own init-/inetd-like "automatic-restart-manager" GTK+ UI as well as a bunch of command-line tools
- focus: GNUnet Name system (GNS) - Friends on your Roster <=> Entries in your local master zone - Delegation: (public) Friends of Friends <=> Sub-domains of entries on yout local zones - can store "classic" DNS records as well as GNUnet-specific ones - accessible for non-GNUnet applications either through NSS or by offering a DNS-to-GNS gateway
- focus: Tunneling through GNUnet (VPN/EXIT/PT) - exits to the ARPA Internet (v4,v6) and offer InterNIC name resolution - (not very) hidden services - automatic protocol translation between v4/v6 clients/services