unixninja92 | 17 Aug 19:24 2014

[GSoC 2014 Crypto API] Status Update 8


Hi all,

I've gotten a lot done since my last status update. The deadline for
GSoC is tomorrow, and I'm just about done. All I need to do is finish
up writing unit tests for ERAT (like 3 more to go) and CryptBucket. I
also need to write docs for ERAT and CryptSignature, but that should
not take very long.

This means that all the other classes I've written for the API are
finished and ready for review/merging. This includes: CryptByteBuffer
(used to be called CryptBitSet), Hash, KeyExchange, KeyGenUtils,
MessageAuthCode, and MasterSecret. I've submitted a pull request (#277
[1]) for EncryptedRandomAccessThing and it's dependencies so that toad
can start working with it as soon as possible. This includes
CryptByteBuffer, KeyGenUtils, MasterSecret, and MessageAuthCode.
CryptByteBuffer and MessageAuthCode have not had any review yet, so
please review!

Hash has been submitted in PR #258 [2]. Once #277 has been merged I
will submit a new pull request that will include KeyExchange,
CryptBucket and CryptSignature.

Unfortunately I don't have time to get JFKExchange classes working as
part of GSoC, but I will hopefully have time to work on them in the
future.

So please review #277 and #271(upgrade to BC 1.51)[3] :)

-Charles
(Continue reading)

xor | 11 Aug 21:04 2014

Good news: I have permission to write a Freenet filesharing app as my bachelor thesis

Hey folks!

The bachelor thesis is the last thing remaining to do in my computer science 
studies.
Today I had a meeting with my mentor, and I proposed to design and implement a 
Freenet client application: Filesharing. He is okay with that! :)

Easy-to-use, sharefolder-based filesharing with auto-insert has been requested 
for ages, and yet we didn't bother to finally implement it.
In fact it is the #1 request at uservoice: 
http://freenet.uservoice.com/forums/8861-general

I want to finally deal with this :)
It fits my current job very well: It will need spam filtering, so it  should be 
a WOT client application. 
Luckily, I was also able to convince my mentor that it is absolutely critical 
for me to fix WOT performance first! :) I told him that this shall take 4-6 
months, so I would start writing the thesis between December and February.

This should be manageable - there are 5 possible major WOT optimizations, 
sorted descending by efficiency:
1)  Optimization of computeAllScoresWithoutCommit(). Very pessimistically 
estimated should take a month.
2) Queuing of downloaded trust lists to prevent thread congestion. Not much 
work, should take 1-2 weeks. 
3) Event-notifications, which is essentially finished besides some fred-side 
refactoring and will be deployed very soon (2-3 weeks). 
4) Not subscribing to the USKs of ALL identities but only to direct trustees. 
Should be 2-4 weeks of work.
5) De-synchronizing the web-interface. While that own its own is only a week 
(Continue reading)

Steve Dougherty | 9 Aug 19:12 2014

Freenet 0.7.5 build 1465 released

The major network structure change in this release is preferential
opennet peer acceptance based on link length. The Roos, Schiller,
Hacker, and Strufe paper reports far too many long links. [0] The
statistics we've been collecting observe this as well. This release
accepts comparatively few long links, which should allow much better
navigation of the local keyspace. This will result in rejecting more
connections offered over announcement, so in a future version
announcements may indicate link length preference to lessen the load.

Matthew speculates that this will not interact well with the existing
behavior, so it will be mandatory 2014-08-16.

Java 6 has been EOL since February 2013. [1] This release adds an alert
when running with Java earlier than 1.7. [2] Freenet will require Java
1.7 or later in a future release.

Also in this release:

* Add Russian Windows installer translation. Thanks zabuldon! If you
  want to give a translation for another language please do so; the
  English source file is here: [2] In addition to Russian there are
  currently translations for Spanish, French, and Dutch.
* Update German, Finnish, French, Japanese, Dutch, Brazilian
  Portuguese, and Simplified Chinese translations thanks to volunteers
  on Transifex.
* Add permissions attribute to main jar manifest.
* Allow building with Bouncy Castle 1.50 and higher. 1.49 had a draft
  implementation of OCBBlockCipher, and an updated draft in 1.50
  limited the nonce size below what Freenet was using. Bouncy Castle
  1.51 will be deployed in a future release.
(Continue reading)

Arne Bab. | 5 Aug 15:18 2014
Picon

beehive paper: representation of freenet and gnutella in the introduction

Dear Venugopalan, dear Emin,

I read your paper on Beehive[1], and while it sounds impressive, the description of Freenet and Gnutella in
the introduction and the related work as unstructured networks does not reflect current versions of the networks.

Gnutella 0.6 and onwards has two structured components (the first 2 hops and the last two hops) with one
unstructured hop in between. For reference see Dynamic Querying and Intra-Ultrapeer QRP.
Intra-Ultrapeer QRP (nowadays rather called bloom-filter-sharing) directly affects the routing and
reduces the cost to approximately O(log N), while Dynamic Querying only affects the network cost of
searching for popular content. See [2] or [3].

Freenet on the other hand uses a small-world structure which generally provides O(log N) lookup along with
strong caching which significantly reduces the lookup time for popular content.

Both Gnutella and Freenet provide the properties of hard structured networks with an adaptive approach:
The routing is approaching structured routing via dynamic optimizations.

It would be nice if you could fix these inaccuracies. For Gnutella you can do so by specifying that your
description applies for Gnutella 0.4, which used a pure flooding approach and was already deprecated in 2004.

For Freenet you could reference the paper from Roos (2014)[4] which showed that while Freenet assumes a
structured lookup, it’s real structure was only partly structured (due to churn and optimization
skewing from local requests).

Still Beehive could be useful for Freenet, because we’ve long been planning to add a constant bandwidth
mode, in which times of inactivity are used to spread content proactively. Beehive looks like it would
provide a nice base for that. For additional notes on this mode, see [5].

While Freenet does not use prefix routing, but instead a simple location-distance metric, both methods
are easy to map into each other.
(Continue reading)

Arne Babenhauserheide | 4 Aug 20:14 2014
Picon

winterface deadlines

With Marios Isaakidis, I created a set of deadlines for the Winterface GSoC project.

It is possible that I will be completely offline during the evaluation period (I’m on vacation from
2014-08-08, and I’ll be in a small spanish village where I don’t know whether my OLPC will be able to
connect to the wireless internet - last time the access point actually managed to crash my kernel), so this
list is also meant as support for Steve to judge the success off the Winterface project. If nothing serious
gets in the way, Florent should have made Steve a second mentor for Winterface in a few days - I started
putting things into motion for that some time ago).

The deadlines are also available as html page in Freenet: http://127.0.0.1:8888/freenet:USK <at> um4cEaaGWlgdAK8gAFDJrqY2eiSM3fHxiPfMTu89coE,m2rG6gU~ISukN3S3qJtNwVxXr0giCtHvu8BPz605FxE,AQACAAE/winterface-deadlines/0/#sec-2

or from my inproxy: https://d6.gnutella2.info/freenet/USK <at> um4cEaaGWlgdAK8gAFDJrqY2eiSM3fHxiPfMTu89coE,m2rG6gU~ISukN3S3qJtNwVxXr0giCtHvu8BPz605FxE,AQACAAE/winterface-deadlines/0/#sec-2

(note the new URL: https://d6.gnutella2.info/freenet ← this is one of the cases where SSL is really
useful ☺)

(Till now I did not write much on devl, because I’m swamped with stuff to do and decided to priorize info on
IRC+Sone and helping Marios directly over giving mentor-comments here)

Enough preface, here’s the list.

#+title: Deadlines for the Winterface GSoC project

#+BEGIN_ABSTRACT
Winterface is a new Web Interface for Freenet implemented as plugin. Marios alias Prometheas alias
misaakidis is working on it over the summer. We’re in the last few weeks and pieced together a list of
deadlines required to finish GSoC successfully.
#+END_ABSTRACT

* Tasks
(Continue reading)

Ximin Luo | 30 Jul 16:46 2014

Re: Github administration

+devl <at> 

On 29/07/14 23:03, xor wrote:
> (re-sent because mail bounced from infinity0's GMX address)
> 
> On Tuesday, October 22, 2013 11:10:17 AM Ximin Luo wrote:
>> +nextgens
>>
>> Re-reading through the IRC logs from last night apparently there's this:
>>
>> https://javadoc.freenetproject.org/
>>
>> I am guessing this is newer than the github one, which I set up manually by
>> committing to the gh-pages branch. As xor points out, that method is not
>> really suitable for massive chunks of variable data like javadocs.
> 
> Did you make sure to delete the manually committed Github stuff given that we 
> have the freenetproject.org thing?
> - We recently cleaned the set of repositories, maybe it was done already.
> 

I seem to have lost my push access during the github restructuring.

No, the branch is still there. Someone with push access can delete it with $ git push origin :gh-pages

X

--

-- 
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
(Continue reading)

Matthew Toseland | 30 Jul 12:25 2014
Picon

What we can learn from Tor

The recent Tor announcement is interesting. Some points:

1. Real Sybil attacks often do use a single IP range.
=> It's worth detecting and/or deterring this sort of thing, i.e. using
IP scarcity on some level. Provided that it's not ridiculously hard.
Here there is significant interaction between current opennet
bootstrapping (seednodes), somewhat complicated proposals to harden it,
and ShadowWalker (opennet tunneling, requires each node to be assigned a
"shadow node" on creation to make sure it doesn't lie about its peers).
2. They are interested in socially-aware tunnel setup.
So are we. We don't have a tunnel network. IMHO PISCES requires some
level of decentralisation, and they'll probably go for one of the
less-decentralised published proposals, but at the very least we need to
investigate how Tor works before implementing our own tunnel layer, and
maybe have some discussions about architecture.
3. We should really use their transport layer.
Granted it's written in C, but we need our connection level crypto to be
written in C, because you can't eliminate side-channels if you're doing
encryption in Java. Plus they have a number of working transport
plugins. I believe it's all stream based, so we may want to keep UDP as
well, which leads back to getting Chetan's work finished/merged ...

Thoughts?

_______________________________________________
Devl mailing list
Devl@...
https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
(Continue reading)

helen whitter | 29 Jul 05:32 2014
Picon

Auto-response

   I am awayi? 1/2 at present but would love to hear from you when I get
   back Thank you
Steve Dougherty | 29 Jul 04:44 2014

1465 Prerelease

1465 prerelease is now available on the website: update.sh testing /
update.cmd testing. Inserts are pending.

If all goes well 1465 will be released on Sunday, August 2nd.

The release notes will look something like:

The major network structure change in this upcoming release is
preferential opennet peer acceptance based on link length. The Roos,
Schiller, Hacker, and Strufe paper [0] reports far too many long links.
The statistics we've been collecting observe this as well. This release
accepts comparatively few long links, which should allow much better
navigation of the local keyspace.

Java 6 has been EOL since February 2013. [1] This release adds an alert
when running with Java earlier than 1.7. [2] Freenet will require Java
1.7 or higher in a future release.

Also in this release:

* Add Russian Windows installer translation.
* Add permissions attribute to main jar manifest.
* Allow building with Bouncy Castle 1.50 and higher. 1.49 had a draft
implementation of OCBBlockCipher, and an updated draft in 1.50 limited
the key size below what Freenet was using.
* Add X-Content-Type-Options nosniff header.
* Disable negtypes before 9. Negtype 9 has been mandatory since build
1448 went mandatory on July 23rd, 2013. Future releases will remove the
code for these unused negtypes.
* Remove :visited from CSS to prevent pages from appearing differently
(Continue reading)

unixninja92 | 28 Jul 03:55 2014

[GSoC 2014 Crypto API] Status Update 7


Hi all,

I've been writing lots of unit tests and documentation these past two
weeks. As soon as KeyGenUtils is merged in, I will submit pull
requests for MessageAuthCode and CryptBitSet as they are both
complete. The only bug with CryptBitSet right now is that when I'm
encrypting BitSets with Rijndael in PCFB mode the first half of the
BitSet is encrypted and/or decrypted incorrectly. It works just fine
when using byte[]s, this bug only appears with BitSets. I have no idea
why this is happening. If you have any ideas about why this might be
happening let me know. [1][2]

I wrote an EncryptedRandomAccessThing for Toad's db4o replacement. It
requires BC 1.51 though, so we will have to wait for that to be
released. Should be soon as they recently released the last beta for
1.51.

I have started working on documenting, unit testing, and bug fixing
CryptSignature. DSA can now handle both SecureRandom and RandomSource
rather than just RandomSource. Sign and verify now have their own
addBytes methods rather than sharing them. This solves init issues
with the Signature class.

After some discussion on IRC I have upgraded all of my tests to use
JUnit 4. This has helped make them cleaner and easier to understand.

-Charles

[1]
(Continue reading)

Steve Dougherty | 20 Jul 19:27 2014

GitHub Repository Restructuring

Thanks to nextgens we've finally restructured the repositories on
GitHub. There are backups of all the deleted repositories here:
https://archives.freenetproject.org/github-backups-official/

The changes:

* Repositories with names ending in "-staging" are renamed to remove
  the "-staging". GitHub redirects the old names to the new.
* Repositories with names ending in "-official" are deleted. They were
  strict subsets of the "-staging" repositories.
* The IpToCountry is deleted. It had a single commit from 2011 with a
  copy of database.
* The testnet repositories are deleted.
* The jSite repository is deleted in favor of its official and
  up-to-date upstream: https://github.com/bombe/jsite
* Push permissions are now restricted to project release managers:
  https://github.com/orgs/freenet/teams/freenet-release-managers
  Other authors can push to their personal repositories and open pull
  requests to the project ones.

Thaw is an unofficial plugin in the project organization, [0] but its
author's copy appears abandoned. [1] It's not clear whether it makes
sense to do anything with it. Bombe's version has branches with more
recent activity - would it make sense to delete the project one in favor
of it?

Thanks,
- Steve Dougherty

[0] https://github.com/freenet/Thaw
(Continue reading)


Gmane