the invisible internet project
play

The Invisible Internet Project Andrew Savchenko Moscow, Russia - PowerPoint PPT Presentation

Nov 26, 2023 •177 likes •621 views

The Invisible Internet Project Andrew Savchenko Moscow, Russia FOSDEM 2018 3 & 4 February . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The Arpanet

  1. The Invisible Internet Project Andrew Savchenko Moscow, Russia FOSDEM 2018 3 & 4 February . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  2. The Arpanet • Designed to withstand external infrastructure damage • No internal threats considered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  3. The Internet SPF SSL C E DKIM S N S A N L D V . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  4. The Internet SPF SSL C E DKIM S N S A N L D V . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  5. The T or SPF SSL DNSSEC DKIM VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  6. The T or Pros: • First world-wide overlay network • Hidden services • Scale Cons: • Entry/exit points • Asymmetric: ∼ 8 ‘ 000 nodes 1 [1] : ∼ 4 ‘ 500 ‘ 000 users [2] • Highly centralized: only 10 directory servers [3] 1 relays + bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  7. The T or Pros: • First world-wide overlay network • Hidden services • Scale Cons: • Entry/exit points • Asymmetric: ∼ 8 ‘ 000 nodes 1 [1] : ∼ 4 ‘ 500 ‘ 000 users [2] • Highly centralized: only 10 directory servers [3] 1 relays + bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  8. Global Surveillance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  9. The I2P . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  10. The I2P Design • No entry/exit nodes [4] • Full decentralization • Use minimal trust possible • Wide range of protocols supported: TCP, UDP, RAW… • ∼ 50 ‘ 000 ÷ 60 ‘ 000 nodes [5, 6] • In order just to monitor network special research is required [7] • Unidirectional tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  11. The Onion Routing [8] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  12. The Onion Routing Router A Key Router B Key Router C Key Message Router A Router B Router C Source Destination [9] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  13. The I2P T unnels [7] • Connect tunnel endpoints • Different inbound and outbound tunnels • Outbound endpoints are hidden • Configurable tunnel length (usually 2-3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  14. Three I2P Layers [10] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  15. The Garlic Routing Packet Packet's chunk Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  16. Ping-Pong: 2 chunks, 3 hops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  17. The Network Database • No DNS-like centralized services • Distributed (DHT-like) netDB is used: • RouterInfo (router contacts) • LeaseSets (destination endpoints) • Public key based identification and connections RouterInfo: • ID (encryption and signing pub keys) • contact (proto, IP, port) • aux data • all above is signed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  18. The Network Database • No DNS-like centralized services • Distributed (DHT-like) netDB is used: • RouterInfo (router contacts) • LeaseSets (destination endpoints) • Public key based identification and connections RouterInfo: • ID (encryption and signing pub keys) • contact (proto, IP, port) • aux data • all above is signed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  19. The Network database Each node generates: • encryption key • garlic end-to-end encryption key • signing key • everything is signed into 516+ byte cert Management: • distributed netDB • by floodfill routers • ∼ 20 ‘ 000 ÷ 30 ‘ 000 ( ∼ 600 ÷ 1000 at once) • each node may be floodfill (if allowed and has sufficient resources) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  20. The Network database Each node generates: • encryption key • garlic end-to-end encryption key • signing key • everything is signed into 516+ byte cert Management: • distributed netDB • by floodfill routers • ∼ 20 ‘ 000 ÷ 30 ‘ 000 ( ∼ 600 ÷ 1000 at once) • each node may be floodfill (if allowed and has sufficient resources) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  21. The Addressing Scheme b32: • SHA256 ( cert(pub keys) ) • equivalent of the IP in clearnet • each node may have many b32’s • base64-encoding: nrbnshsndzb6homcipymkkngngw4s6twediqottzqdfyvrvjw3pq.b32.i2p .i2p: • covenient name, e.g.: i2pwiki.i2p • addressbook based mapping • persistent storage • multiple sources: • inr.i2p • stats.i2p • address helpers available . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  22. The Addressing Scheme b32: • SHA256 ( cert(pub keys) ) • equivalent of the IP in clearnet • each node may have many b32’s • base64-encoding: nrbnshsndzb6homcipymkkngngw4s6twediqottzqdfyvrvjw3pq.b32.i2p .i2p: • covenient name, e.g.: i2pwiki.i2p • addressbook based mapping • persistent storage • multiple sources: • inr.i2p • stats.i2p • address helpers available . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  23. Bootstrapping b32: • one I2P node IP required • or fresh netDB part • usually src URI is hardcoded in package • can be fetched manually .i2p: • address book may be shipped with package • subscriptions often included with package • can be linked or fetched manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  24. Bootstrapping b32: • one I2P node IP required • or fresh netDB part • usually src URI is hardcoded in package • can be fetched manually .i2p: • address book may be shipped with package • subscriptions often included with package • can be linked or fetched manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  25. Cryptography Symmetric: • AES-256 Asymmetric encryption: • Elgamal-2048 Hash: • SHA-256 All the above possible to change, but problems with backward compatibility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  26. Cryptography: signatures 1 DSA-SHA1 [obsolete] 2 ECDSA-SHA256-P256 3 ECDSA-SHA384-P384 4 ECDSA-SHA512-P521 5 RSA-SHA256-2048 6 RSA-SHA384-3072 7 RSA-SHA512-4096 8 EdDSA-SHA512-Ed25519 [popular] 9 EdDSA-SHA512-Ed25519ph [popular] 10 GOSTR3410-GOSTR3411-256-CRYPTO-PRO-A } i2pd 11 GOSTR3410-GOSTR3411-512-TC26-A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  27. Implementations i2p [11]: • original implementation • in java • up to 2 – 5 GB RAM i2pd [12]: • full implementation in C++ (w/o https proxy) • 150 – 350 MB RAM • ∼ 20 − 50 % less CPU usage • works on Raspberry PI [13] other forks: kovri [14], etc… . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  28. Implementations i2p [11]: • original implementation • in java • up to 2 – 5 GB RAM i2pd [12]: • full implementation in C++ (w/o https proxy) • 150 – 350 MB RAM • ∼ 20 − 50 % less CPU usage • works on Raspberry PI [13] other forks: kovri [14], etc… . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  29. The I2P Protocols [10] • SOCKS and http(s) proxies for the I2P layer are provided • Control protocols allow fine tunnel control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Invisible Internet Project (I2P) Tim de Boer and Vincent Breider Research question(s) Is it

Invisible Internet Project (I2P) Tim de Boer and Vincent Breider Research question(s) Is it

Invisible Internet Project (I2P) Tim de Boer and Vincent Breider Research question(s) Is it possible for an entity that intercepts network traffic to fingerprint and positively identify hosts that are participating in the I2P network?

1.51k views • 17 slides
Fresh for tomorrow? Peter Martin, The Age Invisible? Invisible? Invisible? When searching for

Fresh for tomorrow? Peter Martin, The Age Invisible? Invisible? Invisible? When searching for

Fresh for tomorrow? Peter Martin, The Age Invisible? Invisible? Invisible? When searching for an analogy to describe the government, the first thing that comes to a government ministers mind is a company. Invisible? When searching for

638 views • 37 slides
An On-Site Presentation of Invisible Prehistoric Landscapes Article in Internet Archaeology

An On-Site Presentation of Invisible Prehistoric Landscapes Article in Internet Archaeology

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/312480749 An On-Site Presentation of Invisible Prehistoric Landscapes Article in Internet Archaeology March 2017 DOI:

1.08k views • 13 slides
Infocognitive OCR Product Walkthrough Invisible Documents A Hidden Problem Invisible? In your

Infocognitive OCR Product Walkthrough Invisible Documents A Hidden Problem Invisible? In your

Infocognitive OCR Product Walkthrough Invisible Documents A Hidden Problem Invisible? In your EMS/DMS, one t thir ird d of Searchable Unsearchable your documents and attachments may be invisible to search. Where do these invisible

135 views • 12 slides
Exploring the Academic Invisible Web Das wissenschaftliche Invisible Web erkunden Dr. Dirk

Exploring the Academic Invisible Web Das wissenschaftliche Invisible Web erkunden Dr. Dirk

Exploring the Academic Invisible Web Das wissenschaftliche Invisible Web erkunden Dr. Dirk Lewandowski Heinrich-Heine-Universitt Dsseldorf, Information Science Research done in collaboration with Philipp Mayr, Bonn Agenda 1. Introduction

340 views • 23 slides
Invisible Logic 1 9/20/10 2 9/20/10 3 9/20/10 4 9/20/10

Invisible Logic 1 9/20/10 2 9/20/10 3 9/20/10 4 9/20/10

9/20/10 Invisible Logic Embedded Systems & Kinetic Art Fall 2009 CS5968 / FA3800 Invisible Logic 1 9/20/10 2 9/20/10 3 9/20/10 4 9/20/10 5 9/20/10 6 9/20/10

284 views • 13 slides
on the Internet of Things Software Project What is the Internet of Things? A system in which

on the Internet of Things Software Project What is the Internet of Things? A system in which

on the Internet of Things Software Project What is the Internet of Things? A system in which objects in the physical world can be connected to the Internet by sensors and actuators (coined 1999 by Kevin Ashton) Key aspects: E2E

343 views • 10 slides
are. I can create invisible ink. I can experiment using invisible ink. What are chemical

are. I can create invisible ink. I can experiment using invisible ink. What are chemical

Week 5 Science L.O. To investigate chemical reactions. I can explain what chemical reactions are. I can create invisible ink. I can experiment using invisible ink. What are chemical reactions? A chemical reaction is what happens when a

292 views • 5 slides
to your home church! Its All About Jesus Colossians 1:15-23 He is the image of the invisible

to your home church! Its All About Jesus Colossians 1:15-23 He is the image of the invisible

Welcome to your home church! Its All About Jesus Colossians 1:15-23 He is the image of the invisible God, the firstborn of all creation. For by him all things were created, in heaven and on earth, visible and invisible, whether thrones or

518 views • 15 slides
Jesus Is First! Colossians 1:15-20 The Son is the image of the invisible God, the firstborn over

Jesus Is First! Colossians 1:15-20 The Son is the image of the invisible God, the firstborn over

6/18/2018 Jesus Is First! Colossians 1:15-20 The Son is the image of the invisible God, the firstborn over all creation. For in him all things were created; things in heaven and on earth, visible and invisible, whether thrones or powers or

371 views • 4 slides
THE IAEAS INTERNET REACTOR THE IAEAS INTERNET REACTOR LABORATORY PROJECT (IRL) LABORATORY

THE IAEAS INTERNET REACTOR THE IAEAS INTERNET REACTOR LABORATORY PROJECT (IRL) LABORATORY

THE IAEAS INTERNET REACTOR THE IAEAS INTERNET REACTOR LABORATORY PROJECT (IRL) LABORATORY PROJECT (IRL) F. FOULON 1 , A. BORIO-DI-TIGLIOLE 2 , J. VYSHNIAUSKAS-GOMEZ 3 , D. RIDIKAS 4 , P. CANTERO 5 1 National Institute for Nuclear science

991 views • 22 slides
Security through Distrusting Joanna Rutkowska Invisible Things Lab &

Security through Distrusting Joanna Rutkowska Invisible Things Lab &

427F11FD 0FAA4B08 0123F01C DDFA1A3E 36879494 Security through Distrusting Joanna Rutkowska Invisible Things Lab & Qubes OS Project Black Hat EU, London, UK, December 7, 2017 427F11FD

1.39k views • 65 slides
on the Invisible Hand Daniel Schoch Nottingham University Malaysia December 11 2019 Can we shed

on the Invisible Hand Daniel Schoch Nottingham University Malaysia December 11 2019 Can we shed

From Adam to Vernon Smith: Shedding Light on the Invisible Hand Daniel Schoch Nottingham University Malaysia December 11 2019 Can we shed some light on the Invisible Hand? I am not the first person to declare this notion of the invisible

558 views • 17 slides
Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org

14 September, 2020 African Internet Summit Measuring the Internet Project Introduction Mat Ford / David Belson measuring@isoc.org Presentation title Client name Measuring the Internet Why? The Internet Societys efforts focus on

336 views • 9 slides
How did the Internet come to be? It started as a research project to experiment with

How did the Internet come to be? It started as a research project to experiment with

How did the Internet come to be? It started as a research project to experiment with connecting computers 2: Internet History together with packet switched networks. It was developed with funding and leadership of the Defense

422 views • 4 slides
Search for Invisible Higgs Decays at the ILC Akimasa Ishikawa (Tohoku University) 20141019 New

Search for Invisible Higgs Decays at the ILC Akimasa Ishikawa (Tohoku University) 20141019 New

Search for Invisible Higgs Decays at the ILC Akimasa Ishikawa (Tohoku University) 20141019 New Higgs Working Group @ Toyama University Invisible Higgs Decays In the SM, an invisible Higgs decay is H ZZ* 4 process and its BF is

573 views • 20 slides
Causation When C causes E, C helps to make E happen. Learning about causes allows us

Causation When C causes E, C helps to make E happen. Learning about causes allows us

9/26/2016 Causation When C causes E, C helps to make E happen. Learning about causes allows us Reasoning about to predict what effects will occur Causation to bring about desirable outcomes to prevent undesirable outcomes

318 views • 4 slides
Introduction to Linear Programming Linear Programming is the study of optimization problems in

Introduction to Linear Programming Linear Programming is the study of optimization problems in

Introduction to Linear Programming Linear Programming is the study of optimization problems in which the objective function and all constraints are linear. Linear Programming is the study of optimization problems in which the objective function

848 views • 58 slides
Program Guided Agent ICLR 2020 (Spotlight) Shao-Hua Sun Te-Lin Wu Joseph J. Lim Follow an

Program Guided Agent ICLR 2020 (Spotlight) Shao-Hua Sun Te-Lin Wu Joseph J. Lim Follow an

Program Guided Agent ICLR 2020 (Spotlight) Shao-Hua Sun Te-Lin Wu Joseph J. Lim Follow an Instruction to Solve a Complex Task Recipe: cooking fried rice Stir-fry the onions until tender, and repeat this for garlic and carrots, if you have

625 views • 27 slides
Neural LMs Image: (Bengio et al, 03) One Hot Vectors Neural LMs (Bengio et al, 03)

Neural LMs Image: (Bengio et al, 03) One Hot Vectors Neural LMs (Bengio et al, 03)

Neural LMs Image: (Bengio et al, 03) One Hot Vectors Neural LMs (Bengio et al, 03) Low-dimensional Representations Learning representations by back-propagating errors Rumelhart, Hinton & Williams, 1986 A neural

1.64k views • 114 slides
How the hell does Monero work? @pwrcycle > cafecode.com/shellcon2018-monero.pdf whois

How the hell does Monero work? @pwrcycle > cafecode.com/shellcon2018-monero.pdf whois

How the hell does Monero work? @pwrcycle > cafecode.com/shellcon2018-monero.pdf whois pwrcycle Prolexic SOC Verisign VIDN Apple SIRT F5 Silverline Salesforce NetSec Gmail Reddit pwrcycle on Twitter Freenode LinkedIn Signal

177 views • 15 slides
How to give a talk Frank Coolen Term 2, 2013 1 Outline 1. timing 2. content 3. structure 4.

How to give a talk Frank Coolen Term 2, 2013 1 Outline 1. timing 2. content 3. structure 4.

How to give a talk Frank Coolen Term 2, 2013 1 Outline 1. timing 2. content 3. structure 4. delivery 5. visual aids 6. mastery 2 1. Timing stick to time pick out best bit(s) share fairly between sections 12mins/slide =

454 views • 28 slides
VIP: Visual International Politics Professor William A. Callahan Professor of International

VIP: Visual International Politics Professor William A. Callahan Professor of International

Department of International Relations Inaugural Lecture VIP: Visual International Politics Professor William A. Callahan Professor of International Relations, LSE Professor Chris Brown Chair, LSE Suggested hashtag for Twitter users: #LSEVIP

286 views • 16 slides
Nizhonigo Iina STAR School Wellness Program Created by Louva Montour and Loretta Jones Wellness

Nizhonigo Iina STAR School Wellness Program Created by Louva Montour and Loretta Jones Wellness

Nizhonigo Iina STAR School Wellness Program Created by Louva Montour and Loretta Jones Wellness th through Path th of f th the Sun Thinking- who will be involved, Evaluation farmers, wellness Reflections program Planning; Irrigating

392 views • 20 slides

More recommend