secure P2P

Found this article, After the previous discussions, i thought that being out numbered
5 billion to 1, i would post it to provide some info for the many people involved in P2P.

Quote:

---

With the copyright police increasing its monitoring of popular file-sharing networks like KaZaA and eDonkey, savvy users are turning to WASTE, a new program that relies on file encryption and ad hoc networks of trusted members to escape prying eyes.What makes WASTE different from other file-swapping systems is that it has no central server. Instead it operates as a mesh in which each user connects to a few other users to form a loosely-structured P2P network. However, this group is virtually impenetrable to anyone who hasn't been specifically authorised to join the group using PKE(public/private key encryption) technology. PKE encryption in general works like this;each user has two keys---a private key and a public key. The public key can be given out to anyone, because it only allows them to encrypt a message to you. The same public key cannot be used to decrypt that message. Once you've received the message, you decrypt it with your private key, which you never disclose. WASTE uses public keys to ensure that each user is known on the network, and bona-fide. As each public key is unique, and linked to the private key stored in your copy of WASTE, there's no chance that someone can pretend to be you in order to gain access to the network. The initial setup of WASTE guides you through creating a unique username and private key, as well as automatically generating a matching public key. To be accepted onto a network of WASTE users, a member of that group has to email you their public key, which is simply a block of what looks like random letters and numbers. This is entered into your WASTE client software through the Preferences panel's Public Keys section---the same location to which you export your own public key so it can be shared with someone else. If you're not too concerned with security and are just curious, there's a database of public keys at www.s4s.ip3.com/wasteb. You'll also need to submit your public key there and wait for at least one other user to manually add your key to their system. Alternatively, you can chat to other WASTE users on IRC. Join the WASTE channel on the http;//irc2.p2pchat.net server and swap your public key with anyone who's online at the time. To connect to a network of WASTE users, enter the IP address of one user with whom you've swapped public keys into the WASTE connect box. You'll also need to open port 1337 on your firewall, which is the port used by WASTE( this is a joke on the part of WASTE creator Justin Frankel, as 1337 is hacker-speek for "leet"---shorthand for "elite") Once you've both swapped keys, you'll be accepted as a trusted member of the network and permitted to make connections to other people on the same network, because your key is automatically broadcast to the rest of the group and added into their copy of WASTE. You can brows other users' directories, search for specific files,and also chat using the WASTE chat client. Chat sessions and file swapping goes directly between the active computers rather than via the central server. When you start a file transfer it's encrypted using the fast but secure, open source "Blowfish" model to protect you from monitoring. Even 128- bit encryption is vertually crack-proof through brute-force, so you can be certain that any files you transfer, and any discussions you have with other users, are completely secure. Of course, one weakness in WASTE's security model is that it's easy for other users on the same network to get hold of your public key. If you're worried about this, simply reject other users' public keys. Remember; if both of you don't have each other's public keys, neither of you can connect and view what's on the other's computer. To do this, open Preferences, select Pending keys, then remove the tick from Auto-accept broadcasted public keys. The latest WASTE client for Windows is included on this months cover cd set. ( i will post this after posting) There's a Mac OS X client in development that allows encrypted chat and file serving but not downloading from other users( you can find it at www.hummusandpita.com/waste) A command-line Linux version is in alpha developmentat http;//grazzy.mjoelkbar.net/waste.

---

You can download WASTE here

You can also read more here

Hmmm ... they make a lot of claims. I suppose that would work best from a home system on a DSL or cable. Intalling that app on a workstation in a network would cause no end of problems, especially in one like mine that uses Kerberos/IPSec and a Certificate Server. It would probably get the workstation kicked off the network and one of use net-dudes would have to go kill a user and then clean up the mess.

Don't go passing strange keys around in someone else's network.

Having some experience in security and encryption, I find this article's explanation a bit disturbing.

If it is, as it states, a shared key community, then that means the community has and is aware of a key.

What makes KaZaa and Gnutella work is the fact that so many users are able to connect to each other.

If everyone has to have a key to access the network, suddenly the available hosts from which you can download a file is DRASTICALLY reduced.

If everyone HAS the key, then the monitoring software will as well. As is the standard, I'm sure the software will use a specific port, or allow for the specification of another port in the original negotiation, so someone who wants to monitor the communication will be able to, if they have the key.

The moral of this story...
If only a few people have the key, then there are fewer files available.
If lots of people have the key, then the monitors will as well.

Encryption that creates a separate key per connection would be one answer, but the processing overhead would probably be prohibative.

Another answer would be binary segmentation, basically jumbling the file even before it is transferred, so recombining the TCP packets would not match any signature, since it is not raw data, and not processing intensive encrypted data, but just jumbled with the key as part of the data.

Yes, that could be broken easily, and there is no easy answer, but as far as blind sniffing of packets, with some re-assembly based on ports, jumbling would be as effective.

I just perused the source for the linux version, and it is a very nice try. One obvious problem? Now that you have created a key, and that key is yours, guess what? Its yours. You can't say that someone hijacked your machine, or that they spoofed your IP. Your key is YOURS.

I'm not sure that's a great idea.

Also, once someone is accepted into the network, it broadcasts the key outward to others who, if they have the default setup, will accept connections from that key.

And since you have a unique key that identifies YOU, and each connection is, in essence, an authenticated transaction, there seems to be NO way to claim ignorance or that it wasn't you.

If you DON't accept the keys, then you are limited to a very small group of people with which to share.

*Shrug*

The idea of waste is probably a little overboard , but really it is the classic and proper response to being "attacked". The formation of "cells"/decentralization is very important and ceates a very hard target for RIAA and such as the expense/time for them to infiltrate would be very high and prohibitive.Private ftps is probably a better solution than waste, standard, less overhead, easy control of use.... Personally i was thinking of setting up a proxy in a "safe country" and charging $ for USians to make use of it. Good business idea possibly or good way to be sued into oblivion by a billion dollar company?

Quote:

---

If everyone has to have a key to access the network, suddenly the available hosts from which you can download a file is DRASTICALLY reduced.

---

Have to agree w/ u on that one.

Sound like a good prog

I can say from experience that having fewer keys out there doesnt mean less being shared. In two or three users you can easily have about 40-60gb, especially if the people are heavy downloaders. In fact I know of one user that has at least 30gb of shared material, so if you have two or three people like that, you set as far as downloads go, the main problem is influx of new material into the network, which either means someone has to buy or copy the matrial, and rip it to the hdd. WASTE isint as much overhead as you would think, I run it on a 1.5ghx Xeon with 1024Mb of RAM, along with other apps, and i hardly notice any slow down, and it doesnt bother my bandwidth either. The only noticable part is when doing the IMs, it encrypts it, sends, and verifies that the message was recieved, which only takes half a second i think. If your paranoid about the RIAA snooping onto you, WASTE is definately the way to go imho.

hi,
on the same topic APC magazine october issue has an article regarding p2p.new motherboards with built in encryption which come with bootable key.in case you dont have it hard disk is no readable.on the same magazine monthly disc you can find a waste 1.1.
have a look at www.apcmag.com if interested
have fun

I've been using the CryptoAPI top encrypt my file system. Since it isn't broadcast, and it is only dependant on your processor as to how much overhead you can afford, using a 1024bit encryption algorhythm on your filesystem makes it ALOT less likely that once then subpoena your disk, that they will have any evidence.

Even local accounts don't have access.

if you are so enclined, you can put a passcode protected program into your boot script for the admin/root user, and if answered wrong, can do a quick format of the filesystem (separate partitions are great) if it is answered incorrectly.

paranioa is fun!

P.S. my password is an MD5 checksum of a particular file plus a few characters. Even I don't know what the password is.

I have been and continue to be a Kazaa user. I'd say a majority of my data has come from the fasttrack network in one form or another.

That having been said, I've gone to great pains to setup a dedicated waste server for my particular circle of friends, and I've found that the private sharing on waste to be in some ways superior to that of the files found on fasttrack.

For example, most movies whether they are unsteadycam captures at a local theatre or rips direct from DVD usually go through a certain ammount of degredation during transfer. This is normally not a problem, except when that one file has been traded more than half a dozen times. On fasttrack, it's concievable that a file will change hands at least 10 times before it enters a user's sphere of influence. There are also a few other dynamics that promote sharing files of inferior quality, usually based solely on when the "l33t 0-day \/\/ar3z and /\/\0vi3z" are released.

Yet with waste, not only am I assured of personally knowing the person I'm trading with, (And one of my requirements for trading keys with someone is that it be done face to face, just like a good ol' PGP party) but I can be relatively sure that the files will conform to a high level of quality. (This is not typical for your average user, but most of my crowd are avid infojunkies, and take great pains to insure good rips.)

Another benefit I've noticed is in transfer speed. I suspect that this is due to most of my network being supplied by broadband connections, once again due to most of my friends taking media VERY seriously.

I guess waste isn't a superior form of P2P, but I will say that I appreciate being able to connect directly with people I know to be immediate friends. And perhaps making P2P more community-based instead of having a free-for-all will be a better move anyhow. At least, those of us who use the technology and take it seriously arn't going to let it die... not without a fight anyway!

I just want to point out in respect to turing_machines post, this is the use of public/private key encryption. No one will be able to monitor you whether they have a key or not. The public key which is shared can only ENCRYPT data not De-crypt. This means any traffic will be encrypted and render useless to anyone except the PRIVATE key holder (you). Having the public key will not help you other than to encrypt the data before transmitting to the reciever. And as far as the key belonging to you, what does that mean? Its not a drivers license, its a block of numbers and letters, that doesnt mean anything to anyone except you- and you can change keys whenever you want.

-Maestr0