Shulou(Shulou.com)06/01 Report--

Introduction of P2P and Anonymous Communication Technology

P2P and anonymous communication technology seem to be inseparable, but what is the relationship between the two, I believe many people are specious. This paper respectively describes and classifies P2P and anonymous communication technology, clarifies the relationship between them, and combs some P2P networks and anonymous communication products currently in use.

I. P2P technology

(1) P2P introduction

P2P is a distributed network, in which participants share some of their hardware resources (processing capacity, storage capacity, network connection capacity, printer, etc.). These shared resources need to be provided by the network to provide services and content, and can be directly accessed by other peer nodes (Peer) without going through intermediate entities. Participants in this network are both resource (service and content) providers (Server) and resource (service and content) acquirer (Client). P2P breaks the traditional Client/Server mode, and the status of every node in the network is equal. Each node not only acts as a server to provide services for other nodes, but also enjoys the services provided by other nodes. The comparison between P2P and CBG S mode is shown in the following figure:

Fig. 1 Cpact S mode

Figure 2 P2P model

(2) P2P network structure

P2P systems generally need to construct a decentralized topology, and in the process of construction, it is necessary to solve the problems of how to name, organize, determine the join / leave mode and error recovery of a large number of nodes in the system.

According to the relationship of topology, P2P research can be divided into four forms: centralized topology (Centralized Topology), fully distributed unstructured topology (Decentralized Unstructured Topology), fully distributed structured topology (Decentralized Structured Topology, also known as DHT network) and semi-distributed topology (Partially Decentralized Topology).

1. Centralized topology

The biggest advantage of centralized topology is the high efficiency of simple maintenance and discovery. Because the discovery of resources depends on the centralized directory system, the discovery algorithm is flexible and efficient and can realize complex queries. The biggest problem is similar to the traditional client / server structure, which is easy to cause single point of failure, access "hot spot" phenomenon, legal and other related problems, this is the structure model adopted by the first generation P2P network, and the classic case is the famous MP3 sharing software Napster.

Napster is one of the earliest P2P systems and grows up rapidly in a short period of time. Napster is not a pure P2P system in essence. It stores the index and location information of all music files uploaded by Napster users through a central server. When a user needs a music file, he first connects to the Napster server, searches it on the server, and returns the user information of the file by the server; then the requestor connects directly to the owner of the file to transfer the file.

two。 Fully distributed and unstructured

The fully distributed unstructured network adopts the organization mode of random graph in the overlay network (overlay), and the degree of the node obeys the law of "Power-law", so it can find the target node quickly, and it has better fault tolerance in the face of the dynamic change of the network, so it has better availability. At the same time, it can support complex queries, such as multi-keyword query with regular expressions, fuzzy query and so on. The most typical case is Gnutella. Gnutella is a P2P file sharing system. The biggest difference between Gnutella and Napster is that it is a pure P2P system without index server. It adopts Flooding discovery and random forwarding (Random Walker) mechanism based on completely random graph. In order to control the transmission of search messages, it is achieved through the impairment of TTL (Time To Live).

3. Fully distributed structured topology

In DHT technology, the network node allocates a unique node identifier (Node ID) in a certain way, and the resource object generates a unique resource identifier (Object ID) by hashing, and the resource will be stored on the node where the node ID is equal or similar. When you need to find the resource, the same method can be used to locate the node where the resource is stored. Therefore, the main contribution of Chord is to propose a distributed lookup protocol, which can map specified keywords (Key) to corresponding nodes (Node). From an algorithm point of view, Chord is a variant of the consistent hashing algorithm. MIT's GRID and RON projects propose a system framework for finding resources in distributed WANs.

The biggest problem of DHT class structure is that the maintenance mechanism of DHT is more complex, especially the network fluctuation (Churn) caused by frequent node joining and exiting will greatly increase the maintenance cost of DHT. Another problem faced by DHT is that DHT only supports precise keyword matching queries, but can not support complex queries such as content / semantics.

4. Semi-distributed structure

(referred to as Hybrid Structure in some literatures) absorbs the advantages of centralized structure and fully distributed unstructured topology, selects nodes with higher performance (processing, storage, bandwidth, etc.) as super points (called SuperNodes, Hubs in English literature), stores the information of other nodes in the system on each super point, and finds that the algorithm only forwards between super points. The super point then forwards the query request to the appropriate leaf node. The semi-distributed structure is also a hierarchical structure, in which a high-speed forwarding layer is formed between the super points, and several levels are formed between the super points and the responsible ordinary nodes. The most typical case is KaZaa.

(3) P2P and anonymity

The core idea of P2P is the direct sharing of resources among all participating users. The so-called P2P network usually has no server, which means that there are no resource servers (it can be said that all nodes are servers), but there are still servers for management. like the above-mentioned centralized topology and semi-distributed topology have typical management servers. In addition, P2P enables direct communication between two points, and the listeners on the link can know the identity of both sides of the communication, and the sender and receiver also know the identity of each other, so the P2P network itself does not have anonymity, such as Tox, RetroShare, Scayl and so on.

II. Anonymous communication technology

(1) introduction of anonymous communications

Anonymous communication technology refers to hiding the communication relationship in the data stream through certain methods, so that the eavesdropper can not directly know or infer the communication relationship and communication between the two parties. According to the different information to be hidden, the form of anonymity protection can be divided into three types: anonymity of the initiator to protect the identity information of the initiator, anonymity of the receiver to protect the identity information of the receiver in the communication; the unconnectivity of the initiator / receiver is to make the information in the communication reach each other indirectly through some technology, so that the sender and the receiver can not be associated. When the communication has the anonymity of the sender or the receiver, there must be discontinuity of the sender / receiver, but the unconnectedness of the sender / receiver does not necessarily have the sender anonymity or the receiver anonymity. For example, in some cases, the sender and receiver know each other's identity, but the communication relationship between them is not necessarily known by other members, that is, some sender / receiver cannot be connected.

(II) Anonymous communication based on broadcast / multicast

The core idea of anonymous communication based on broadcast / multicast is that each participant, including the sender, broadcasts a message to each member of the system in each cycle of the system. By performing operations on all received messages, each participating member can calculate the content of the message to be broadcast and cannot infer the identity of the sender. Through this broadcast, it is also easy to achieve sender anonymity. If the sender only wants to send the message to a specific member and shields the identity of the receiver to other members, that is, to achieve receiver anonymity, the message can be encrypted with the member's public key by means of asymmetric encryption.

However, the above methods have serious defects: first, the broadcast causes channel conflicts; second, the number of messages is too large. The participation of each member is required in each message transmission, which will lead to problems in terms of efficiency and robustness. Therefore, there are not many applications of anonymous communication based on broadcast / multicast, DC-Nets is its typical application, others such as K-AMT (K-ANoNymous Message TraNsmissionN) are optimized on the basis of DC-Net, and Herbivore combines DC-Nets with Mix technology.

(3) Anonymous communication based on single agent technology

Proxy server technology has a large number of applications in ordinary networks, and it can also be used to solve the practical problems of anonymity. For example, if an agent is added between the client and the server, and all the communication between the client and the server is forwarded by the agent, what the server can observe is the agent rather than the client. For the server, the client achieves sender anonymity. Anon.penet.fi (also known as Penet) is the first practical system to provide anonymous service, which is used to provide a sender service in e-mail transmission; ANoNymizer provides anonymous Web access service; and LPWA (LuceNt PersoNalized Web Assistant) is a personalized Web assistant launched by LuceNt, which provides sender anonymity.

Although the agent technology is simple and easy to use, trust and information are too concentrated. Once the agent is captured, all the information in the system will be exposed.

(4) Anonymous communication based on Mix

The basic idea of Chaum Mix is to transform and mix messages from multiple users by using intermediate nodes, so that eavesdroppers can not determine the corresponding relationship between input messages and output messages, so that they can not track the transmission path of a message and discover the fact that "who communicates with whom". A MIX node is a computer that stores and forwards messages, as shown in figure 1. It receives fixed-length messages from different sources, encrypts and transforms them, and then forwards them. If the message is transmitted through a MIX path consisting of multiple nodes in the network, sufficient anonymity protection can be provided as long as one of the MIX is trusted. Before sending a message, the user must determine a MIX path and obtain the RSA public keys of all MIX nodes on that path, and then construct the following message:

M0=K0 (R0 ~ M)

M1=K1 (R1Magic M0Magi A0)

M2=K2 (R2Magic M1Mague A1)

....

Mn=Kn (Rn,Mn-1,An-1)

The user finally constructs the message Mn,Mn and sends it to the first node NMagi N node to decrypt the Mn-1 with its own private key, and then sends it to the node Nmuri 1 to decrypt the data with its own private key to get the Mn-2, and so on, the last node M0 gets the message M sent by the user. As you can see, it is impossible to track the communication path without knowing the key of the MIX node. At the same time, in order to conceal the timing correspondence of input and output messages, the node also maintains a message buffer pool and outputs messages out of order only when the buffer pool is full.

In addition to the sender sending messages anonymously to the receiver, Chaum also proposes a scheme that enables the receiver to reply anonymously. The sender first selects a loop and then uses the previous method to construct an anonymous reply address message whose body part is empty. The message is then passed to the recipient in the message body of the other message. After decrypting the message, the receiver responds according to the loop information in the message body.

Anonymity based on Mix is vulnerable to the exit node vulnerability *, because the exit node will get the original message after decryption. In addition, to meet the anonymous needs of users, the network needs a large number of dedicated hosts to provide anonymous, and users can only get privacy protection if a large number of users join the anonymous system, which not only increases the configuration fee, but also is not practical. Therefore, since its release, almost every business privacy protection project, such as Freedom and SafeWeb, has ended in failure.

(5) Anonymous communication based on P2P

The introduction of P2P technology into anonymous communication can solve the problems of trust in single-agent system, excessive concentration of traffic, excessive investment and complex management in Mix system. The basic idea is that trust and resources are distributed rather than centralized, and audit can be better prevented because there is no centralized goal. Most of the anonymous communication based on P2P integrates the idea of Mix to achieve the purpose of anonymity, such as Crowds, Hordes, JAP, Tarzan, MorphMix and so on, while a few adopt broadcast / multicast technology, such as P5 (Peer-to-Peer Personal Privacy Protocal) through a tree structure to form an anonymous broadcast channel, each participant can determine the joining point according to anonymous and real-time communication needs.

III. Anonymous message service

At present, the common message services used for communication on the network are shown in Table 1. Among them, Bitmessage and TorChat both provide anonymity for both sender and receiver, and both adopt the idea of Mix. As to which anonymity is better, there is no final conclusion. In addition, Bitmessage requires proof of workload, which is relatively slow.

Table 1 comparison of common message services

Unreliable

P2P

Open source

Proof of workload

The sender is anonymous

Recipient anonymity

Mobile version

Application or Web

Attachment support

Distributed system

Offline message

Bitmessage

Yes

Yes

MIT

Yes

Yes

Yes

Beta, requires server

Application

220KB

Yes

Up to 28 days

Standard Email

No

No

Depends

No

No

No

Yes

Both

Yes

No

Yes

Email + GPG

Yes

No

Depends

No

No

No

Yes

Both

Yes

No

Yes

XMPP + OTR

Yes

No

GPL V2.1

No

No

No

Yes

Application

No OTR, not trustless

No

Yes

TorChat

Yes

Yes

GPL

No

Yes

Yes

No

Application

Yes

No

Queued

Skype

No

No

No

No

No

No

Yes

Application

Yes

No

Yes

Tox

Yes

Yes

GPL

No

No

No

Yes

Application

Yes

Yes

Queued

Scayl

No

Yes

No

No

No

No

Alpha

Application

Yes

I2P Bote

Yes

Yes

GPL V3

No

Yes

Yes

Yes

Application

Yes

Yes

Up to 100 days

CryptoCat

No

No

GPL

No

No

No

Yes

Both

No

No

No

IRC

No

No

Yes

No

No

No

Yes

Both

No

Yes

Depends

SMS

No

No

No

No

No

No

Yes

Application

Yes

No

Yes

RetroShare

No

Yes

No

No

No

Yes

Freenet + Frost

Yes

Yes

GPL

No

Yes

Yes

No

Application

Yes

Yes

Freenet + FMS

No

Yes

No

No

Yes

No

Application

No

Yes

Freenet + Freemail 0.2

No

Yes

GPL

No

No

No

No

Application

Yes

Yes

Freenet + FLIP

Yes

Yes

No

No

No

No

Application

No

Yes

EMP

Yes

Yes

BSD

No

Yes

No

Yes

Application

No

Yes

Up to 30 days

IV. Summary

P2P and anonymous communication technology have many application scenarios, among which P2P technology itself does not have the characteristic of anonymity, while anonymous communication technology requires P2P technology to decentralized trust and risk, and then improve anonymity. At present, Bitmessage and TorChat are the products of the integration of P2P and anonymous communication technology, which can realize the anonymity of sender and receiver.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.