All the encryption layers for SAFEnet

Great post @polpolrene

1 Like

I was thinking that maybe someone could go through how traditional server architecture works and how all those functions have been broken up into these decentralized processes.

I think that part of the problem for a lot of new people is that they don’t understand how the current client server model works, and what an improvement this represents.

3 Likes

I started doing it for explaining how BitTorrent works in Lecture 2, I can do more ;-).

3 Likes

Yeah, that would be great!

One of the things would be to explain and distinguish the vocabulary.
“In traditional client-server architecture, they have a process called A, which does this function, for this reason”
“A has these problems because it exposes your data (headers whether destination or origin, as well as content) in this way and this way.”
“SAFE breaks this process up into two roles called X and Y, which still does all the functions of A, BUT, it doesn’t have the problems of A.”

One of the problems I have with explaining to people is that I have a general sense of how the Client-server model works, but I don’t know a lot of the technical vocabulary, and so that makes it had to have a discussion and distinguish, unless I’m willing to just make up words.

@erick Getting this in written form, in some kind of a Maidsafe evangelism packet, I think could be very valuable.

1 Like

I spent most of the day studying encryption, which one do what, and asking myself what kind of encryption the SAFE Network use between peer if any, and what kind of encryption I think it would have.

I was going to start a new topic asking these kind of possibly repeatable question from the past, thanks to discourse feature, discourse show me this topic.

This topic is very useful and it is hidden far behind.

What paper is related to this? I didn’t find.
What documents is related to this? I didn’t find.
What wiki is related to this? I didn’t find.
Someone, please link me something related to this topic.

I think it should have a kind of static category in this forum where only moderator copy or link useful topic like that there. A kind of centralised (I know you don’t like this word) category where people like me can read all the technical details and question that are already answered there before asking our own and waste time to everyone.

Now I’m going to read the 2 first topic that referenced this one here which his questions that I was going to ask if I didn’t find them.

Sorry to bring this topic up again, but it’s really an important one.

2 Likes

You can study the SodiumOxide library and analyze the code. At a glance SAFE use curve25519xsalsa20poly1305 as Public-key authenticated encryption, xsalsa20poly1305 as Secret-key authenticated encryption, ed25519 as Public-key signatures and, of course, Hash512. The self encryption want to change to aessafe 256X8 cbc.

2 Likes

I used to think having a curated list of quality topics would be useful - still could be. We did have something similar in terms of a FAQ category, created mainly by individuals who decided to share something they learned, as a FAQ topic, but that went when we created the wiki which now holds all the FAQ.

I think the best would be to point out and fill any gaps in the wiki, which can include links to topics, but I’m not sure a curated list of topics would be worth the effort. There is already a search function, and it is a lot of work for someone to create and maintain such a list.

2 Likes

So this is like Tor but with only a guard and middle relay? I get that unlike Tor its not a direct singular flow between nodes, its like guard group A → Manager group B, but still when requests leave my computer it will go to a guard node and then onto a manager node, so essentially its a two hop anonymity network.

Or is it more like (request file) → break into multiple pieces → Multiple guard nodes each received a piece → each pass on to (mulitple?) manager nodes → each pass onto where chunks located in network?

If you look to SAFE with TOR perspective one might say that each node (vault) is a middle relay. But in TOR there are end-nodes as well which can spot that someone is looking at a particular website. In SAFE you request a file, and it comes from several sources. Maybe even 700 sources as you download a personal 700mb file. And the nodes don’t have a clue if you are looking at a website or doing something else. TOR is protecting your browsing experience. But SAFE doesn’t connect to the good old WWW and is more focused on storing and retrieving data. Including safesites.

2 Likes

But your guard node still sees 700 1mb chunks coming through to you right? The entire security premise of tor hinges on having a nonmalicious guard node, how is safe different in this regard?

@feelz I feel it’s worth mentioning to you that ip addresses are scrubbed on I believe the second hop and the data managers etc are only handling chunks of data that had already been encrypted client side.

Vaults just connect to each other and 3 or 4 in your group know your IP. But all they see is messages going from you to another vault.

As a client you connect over a relay_node. So you connect to a node (in XOR) and that node connects you to a group. Communication between you and the group is encrypted. So the relay-node doesn’t have a clue what’s going over the pipe. Your close group (as a client) does but they don’t know your IP as they see a connection come in from the relay_nodes. Probably 3 or 4 of them.

1 Like

I think this is somewhat what you are seeing … currently we are only connected to one droplet ip this test.
Previous test was parallel to each other…

1 Like

We should try and build a series of info graphics for this kinda stuff I think. One that explains the network, one that explains SAFEcoin, etc.

5 Likes

Freenet claimed the same thing and a user got sybild. Though the salted part sounds like it may defeat chunks being id’d.

With tor a hiddn service guard node could be knocked down and churn initiated to select attackers guard if not pinned and trusted, sybils are tricky business but if there is truly xor randomness and measures put in place to prevent attackers from spawning thousands of nodes in order to increase this probability (i believe i was part of this discussion and no one could come to a solution) then perhaps there is a chance maidsafe will be more anonymous and secure than tor.

1 Like

Id like to see the mechanisms that prevent an attacker with x% of the nodes under its control from being selected as a guard as well as the rest of the chain. Just saying “XOR” doesnt explain anything, Tor implements pseudo-random node selection too (some basic checks like uptime, bandwidth, attack-scanning), the fact is without some way of verifying the legitimacy of a node, and with automated node-selection, you will always have x% chance of selecting a compromised chain of nodes.

Breaking up the requests so that its not a direct A->B->C->D->E chain like Tor has, and including default network routing (basically freenet), certainly does provide plausible deniability, but as you pointed out, that doesnt keep the cops from coming to your door and searching your house. They broke the denability by surrounding his node and monitoring known hashes (the packet fragments thereof) going into and out of his computer to determine if he was requesting the entirety of the file or just serving parts for others, turns out they were able to observe the former.

So salting in transit, if it does work in a truly random way, may in fact defeat this particular attack vector of a sybil, but it doesnt defeat sybil itself.

On SAFE all nodes are guards. Even the slow ones that can’t route data chunks. Each nodes should at least be able to take part in a group and do simple things like signs and verifying signs from others. That way an evil node will be spotted quite fast. If you’re part of a group of 12 nodes, you need at least to own 7 or 8 of them to all do evil things. And you can’t pick your own address on SAFE. To target a group is extremely hard. Image you’re on IP-level and I’m in group XYZ and you want to target my group. How would you do that? You would ask the network to be accepted at XOR-level and as there are thousands of groups the change is extremely low you could join mine.

2 Likes

Stupid question. Does the network use dynamic encryption keys?