Echt Dezentrales Netz/en: Unterschied zwischen den Versionen

Deutsch

We COLLECT and TEST approaches to BUILD secure and private communication.

Welcome

This is the official wiki of the research and software project EDN (Echt Dezentrales Netz - real decentralized network).

We verify the applicability of existing technologies (see Recherche) and aim to integrate them into a comprehensive product.

A Software packet for secure and private routing that includes several services.

In a way it is a child of the regarded projects that inherits its best qualities to fulfill its purpose.

News

• Dear developers and friends add your module infos here
• The newest challenges.
• We have a project diary.

Note

.onion addresses can be accessed via TOR Browser Bundle

Background

Today's communication infrastructure is predominantly centralized.

However, this makes surveillance and manipulation of arbitrary digital communications easier.

These means can be abused - and were abused - not only by dictatorships but also by democratic countries and international companies.

There are indeed solutions like Tor or PGP which can partially patch the shortcomings of the infrastructure, but each user has to take care of that it for herself. Anonymization and encryption are not in the standard configuration.

A penal action against these secret processes is nearly impossible, starting with the problem that they are not even detected by the affected parties. This status quo endangers our democracy. However, it can be countered in different ways. The following is a technical approach:

To repurpose and to extend existing digital communications infrastructure to make surveillance more cumbersome, especially through decentralization.

Goal

The communication potential in densely inhabited regions can be guessed watching these pictures:

• http://motherboard.vice.com/blog/this-is-what-wi-fi-would-look-like-if-we-could-see-it
• http://socialtimes.com/cell-phone-signals-mapping-turns-the-world-into-a-psychedelic-landscape_b194303

Our goal is to use the existing resources to form a difficult-to-monitor cellphone/router/computer network. There are plenty of software solutions (Recherche) with the goal of protecting the privacy of its users. Preexisting structures are to be evaluated and combined into such a network. The communication should run, first and foremost, on top of a combination of WiFi, copper and fibre optics, but we also consider Bluetooth, Ultra Wideband (UWB), red light, ukw and satellite uplinks - shortly all allowed frequencies and ways.

The following criteria should be met:

Primary Criteria

The communication is

decentralized

in other words: distributed or p2p. There is no server through which the main communication streams have to go through and which could collect data to de-anonymize other nodes.

encrypted end-to-end

standard, except for emergency calls

Using Perfect Forward Secrecy

session keys should be used. Even future Forward Secrecy shall be tested.

authenticated

The source is authenticated.

anonymized

The nodes know as little as possible about each other. Only neighboring nodes know each other. Alias meta-data-protection.

Where it can be achieved for the specific services to function properly.

Secondary Criteria

1. The network shall be as performing as it can be considering the grade of security for the specific services
2. the user interface is intuitively usable
3. scalability
4. The infrastructure enables caching and intelligent distribution of public data.

   -> Knowledge representation and file sharing in P2P networks

5. The solution is holistic, which means it encompasses all layers of the OSI model, i.e. from the strongly delay and packet loss tolerant physical layer through an automatically configured, encrypted and anonymizing middle layer to services on the upper layer such as social networking, P2P transfer or generic data storage. However it can also be structured in a different way.
6. The network is open: that means everyone can easily participate
7. The code must be:
   • logically verified
   • efficient
   • well documented
   • well tested
   • made public/Open Source
8. The network has to be resilient: stable, adaptable, fault-tolerant (e.g. against jamming)
9. Robust against fluctuating node participation
10. the user interface represents in an easy way the functionality that is laying beneath
11. The nodes can be mobile
12. The infrastructure supports also realtime communication
13. It is possible to securely update system components
14. The interface(s) of the software are accessible (to people with impairments/disabilities)
15. The amount of bandwidth for private usage can be configured
16. Routing in smartphones must be energy saving
17. the network is open to connect for example a sneakernet(s)
18. [to be continued]

Services

• crypto currency/ pay system
• Searching in local and other reachable networks including the Internet
• filesharing
• blogging
• Private communication with embedded devices

Recherche

Here is a helpful overview including a part of the following projects that considers the layer they serve.
Don't hesitate to add projects, that you feel are missing here. Thank you :)

Current list of relevant projects

• Netsukuku
• cjdns, Hyperboria & the Project Meshnet: encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing
• Gnunet: Secure, fully decentralized P2P network, extensible component-oriented framework, a possible future Internet architecture.
• Briar: Delay-tolerant network for secure messaging (one-to-one, one-to-many and many-to-many), capable of operating over a diverse mixture of transports including Tor, Bluetooth, Wi-Fi and portable storage devices
• Secushare: Distributed pubsub and multicast architecture on top of GNUnet intended to provide advanced communication capabilities and distributed social networking
• ZeroTier One: hybrid peer to peer protocol that creates virtual Ethernet networks
• Commotion Wireless
• Servalproject
• COR Connection oriented routing: a layer 3+4 mesh protocol for zero administration networks, implemented as a linux kernel patch
• Quick Mesh Project (qMp): Firmware for embedded network devices based on OpenWRT Linux operating system
• Maidsafe: GNUnet-like Internet replacement stack, focused on distributed data storage, replication and high latency interaction
• Ind.ie
• Tribler
• Zyre
• Qaul.net: Provider independent, self-configuring, multiplatform communication network that integrates services
• RINA Another internet stack
• Invisible: filetransfer and conversation without trace/evidence
• Tahoe-LAFS high latency tool: decentralized cloud storage system. It distributes data across multiple servers. Iff some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly
• Secure Scuttlebutt high latency tool
• ipfs
• Retroshare: Secure communication. Chat, mail, forums,telephony and filesharing based on a Friend-to-Friend(F2F) network
• Bitmessage: decentralized, encrypted, peer-to-peer, trustless communications protocol
• Tox: Skype Replacement: encrypted Peer-to-Peer Messenger/Phone and Video
• BALL: autonomous, persistent execution environment to realize integrity protection of data and operations, authenticated timestamps, compliance auditing
• ethereum: Programmable blockchain agent framework
• I2P
• Freenet
• FreedomBox: Project to develop, design and promote personal servers running free software for private, personal, communications.
• TOR
• [bmx6]
• [olsr2]
• [batman]
• [babel]
• net2o,2

Threat model

We presume a global active attacker that does automated intrusion such as traffic shaping. We draw the line before targeted operations.

Who benefits?

• Average citizens because they regain parts of their privacy, a basic civil right that ensures a proper functioning democracy
• Government institutions and companies because our product will make espionage and cyber attacks a lot harder
• Other software projects, because they get some of their modules tested

How?

We hope to unite the different forces that aim for more privacy and security such as the older and upcoming software projects, scientists, activists and others.

Contribute

Everyone can contribute according to his/her skills.

You can help

• Finding hardware and software for the EDN testbed
• Doing recherche about EDN relevant projects: filling the tables
• Adding possible sponsors
• developing concept ideas how EDN could be realised using what is there
• accepting another task-challenge

Note

.onion addresses can be accessed via TOR Browser Bundle

Contact

Subscribe to the encrypted EDN-mailinglist

• get the list's public key by sending an empty unsigned message
• send your public key to the EDN-mailinglist

if you want to add anonymity for meta-data-protection

• make sure you have an email address that
  • is not connected to your name
  • never used your name or other identifiers in an unencrypted email
  • only accessed the mailbox via TOR
    • per webinterface: TOR Browser Bundle
    • per mailclient [plugin torbirdy]
    • or at least per proxy
• possible email providers are:
  • Posteo which does not need your name
  • or Openmailbox