Echt Dezentrales Netz/en

Aus C3D2
Zur Navigation springen Zur Suche springen

Deutsch

We COLLECT and TEST approaches to BUILD secure and private communication.


Welcome

This is the official wiki of the research and software project EDN (Echt Dezentrales Netz - real decentralized network).

We verify the applicability of existing technologies (see Recherche) and aim to integrate them into a comprehensive product.

A Software packet for secure and private routing that includes several services.

In a way it is a child of the projects regarded that inherits its best qualities to fullfil its purpose.

News


Note: .onion adresses can be accessed via TOR Browser Bundle

Background

Today's communication infrastructure is predominantly centralized.

However, this makes surveillance and manipulation of arbitrary digital communications easier.

These means can be abused - and were abused - not only by dictatorships but also by democratic countries and international companies.

There are indeed solutions like Tor or PGP which can partially patch the shortcomings of the infrastructure, but each user has to take care of that it for herself. Anonymisation and encryption are not in the standard configuration.

A penal action against these secret processes is nearly impossible, starting with the problem that they are not even detected by the affected parties. This status quo endangers our democracy. However, it can be countered in different ways. The following is a technical approach: To repurpose and to extend existing digital communications infrastructure to make surveillance more cumbersome, especially through decentralisation.

Goal

The communication potential in densely inhabited regions can be guessed watching these pictures:

Our goal is to use the existing resources to form a difficult-to-monitor cellphone/router/computer network. There are plenty of software solutions (Recherche) with the goal of protecting the privacy of its users. Preexisting structures are to be evaluated and combined into such a network. The communication should run, first and foremost, on top of a combination of WiFi, copper and fibre optics, but we also consider Bluetooth, Ultra Wideband (UWB), red light, ukw and satelite uplinks - shortly all allowed frequencies and ways.

The following criteria should be met:

Primary Criteria

The communication is
decentralized
in other words: distributed or p2p. There is no server through which the main communication streams have to go through and which could collect data to de-anonymise other nodes.
encrypted end-to-end
standard, except for emergency calls
Using Perfect Forward Secrecy
session keys should be used. Even future Forward Secrecy shall be tested.
authenticated
The source is authenticated.
anonymised
where it is possible. The nodes know as little as possible about each other. Only neighbouring nodes know each other. Alias meta-data-protection.

Secondary Criteria

  1. The network shall be as performant as it can be considering the grade of security for the specific services
  2. the user interface is intuitively usable
  3. scalability
  4. The infrastructure enables caching and intelligent distribution of public data.
    -> Knowledge representation and file sharing in P2P networks
  5. The solution is holistic, which means it encompasses all layers of the OSI model, i.e. from the strongly delay and packet loss tolerant physical layer through an automatically configured, encrypted and anonymising middle layer to services on the upper layer such as social networking, P2P transfer or generic data storage. However it can also be structured in a different way.
  6. The network is open: that means everyone can easily participate
  7. The code must be:
    • logically verified
    • efficient
    • well documented
    • well tested
    • made public/Open Source
  8. The network has to be resilient: stable, adaptable, fault-tolerant (e.g. against jamming)
  9. Robust against fluctuating node participation
  10. the user interface represents in an easy way the functionality that is laying beneath
  11. The nodes can be mobile
  12. The infrastructure supports also realtime communication
  13. It is possible to securely update system components
  14. The interface(s) of the software are accessible (to people with impairments/disabilities)
  15. The amount of bandwidth for private usage can be configured
  16. Routing in smartphones must be energy saving
  17. the network is open to connect for example a sneakernet(s)
  18. [to be continued]

Services

public personal/private
Text Chat of local (neighbouring) nodes To a single person: Chat, Email or SMS To multiple people: Chat or mailing list
Audio/Telephony/Video Call among locally restricted nodes normal call conference call
Other formats ? ? ?
  • crypto currency/ pay system
  • Searching in local and other reachable networks including the Internet
  • filesharing
  • blogging
  • Private communication with embedded devices

Recherche

Here is a helpful overview including a part of the following projects

Current list of relevant projects


  • Netsukuku
  • cjdns, Hyperboria & the Project Meshnet: encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing
  • Gnunet: Secure, fully decentralized P2P network, extensible component-oriented framework, a possible future Internet architecture.
  • Briar: Delay-tolerant network for secure messaging (one-to-one, one-to-many and many-to-many), capable of operating over a diverse mixture of transports including Tor, Bluetooth, Wi-Fi and portable storage devices
  • Secushare: Distributed pubsub and multicast architecture on top of GNUnet intended to provide advanced communication capabilities and distributed social networking
  • ZeroTier One: hybrid peer to peer protocol that creates virtual Ethernet networks
  • Commotion Wireless
  • Servalproject
  • COR Connection oriented routing: a layer 3+4 mesh protocol for zero administration networks, implemented as a linux kernel patch
  • Quick Mesh Project (qMp): Firmware for embedded network devices based on OpenWRT Linux operating system
  • Maidsafe: GNUnet-like Internet replacement stack, focused on distributed data storage, replication and high latency interaction
  • Ind.ie
  • Tribler
  • Zyre
  • Qaul.net: Provider independent, self-configuring, multiplatform communication network that integrates services
  • RINA Another internet stack
  • Invisible: filetransfer and conversation without trace/evidence
  • Tahoe-LAFS high latency tool: decentralized cloud storage system. It distributes data across multiple servers. Iff some of the servers fail or are taken over by an attacker, the entire file store continues to function correctly
  • Secure Scuttlebutt high latency tool
  • ipfs
  • Retroshare: Secure communication. Chat, mail, forums,telephony and filesharing based on a Friend-to-Friend(F2F) network
  • Bitmessage: decentralized, encrypted, peer-to-peer, trustless communications protocol
  • Tox: Skype Replacement: encrypted Peer-to-Peer Messenger/Phone and Video
  • BALL: autonomous, persistent execution environment to realize integrity protection of data and operations, authenticated timestamps, compliance auditing
  • ethereum: Programmable blockchain agent framework
  • I2P
  • Freenet
  • FreedomBox: Project to develop, design and promote personal servers running free software for private, personal, communications.
  • TOR
  • [bmx6]
  • [olsr2]
  • [batman]
  • [babel]
  • net2o,2

Threat model

We presume a global active attacker that does automated intrusion such as traffic shaping. We draw the line before targeted operations.

Who benefits ?

  • Average citizens because they regain their privacy and therefore one basic civil right that ensures a proper functioning democracy
  • Government institutions and companiesbecause our product will make espionage and cyber attacks a lot harder
  • Other software projects, because they get some of their modules tested

How?

We hope to unite the different forces

Contribute

Everyone can contribute according to his/her skills.

You can help

Developers of relevant projects are kindly invited to join EDN. You know your project best to help identifying modules.

Note: .onion adresses can be accessed via TOR Browser Bundle

Federation Network

http://www.federation.network

Contact

Subscribe to the encrypted EDN-mailinglist

if you want to add anonymity for meta-data-protection:

  • make sure you have an emailadress that
    • is not connected to your name
    • never used your name or other identifiers in an unencrypted email
    • only accessed the mailbox via TOR
      • per webinterface: TOR Browser Bundle
      • per mailclient [plugin torbirdy]
      • or at least per proxy
  • possible email providers are: