Monday, December 10, 2007

Waste P2P Project

With the RIAA trying to crack down more and more on P2P networks, WASTE is looking like a more viable alternative. This came out several years ago but did not catch on like the inventors had hoped for, but now it looks like a good alternative that is secure from prying eyes!

 

 

Welcome

WASTE is an anonymous, secure, and encrypted collaboration tool which allows users to both share ideas through the chat interface and share data through the download system. WASTE is RSA secured, and has been heralded as the most secure P2P connection protocol currently in development. For technical information please see "information", but for more information on download and installation, please see "downloads". Looking for other WASTE projects? Please choose "projects", or if you are interested in the main WASTE sourceforge project, see "sourceforge". Or, if you just need some help with WASTE, see "documentation".

 

 

Overview

WASTE is a software product and protocol that enables secure distributed communication for small (on the order of 10-50 nodes) trusted groups of users.

WASTE is designed to enable small companies and small teams within larger companies to easily communicate and collaborate in a secure and efficient fashion, independent of physical network topology.

 

Some bits of information about WASTE:

 

WASTE is currently available for 32-bit Windows operating systems as a client and server, Mac OS X as a limited client and server, and as a limited functionality server for Linux, FreeBSD, Mac OS X, and Windows. Porting to other operating systems should be a breeze, as the source is provided (and the network code itself is pretty portable).

WASTE is licensed under the GPL.

WASTE currently provides the following services:

Instant Messaging (with presence)

Group Chat

File browsing/searching

File transfer (upload and download)

Network architecture: WASTE uses a distributed architecture that allows for nodes to connect in a partial mesh type network. Nodes on the network can broadcast and route traffic. Nodes that are not publicly accessible or on slow links can choose not to route traffic. This network is built such that all services utilize the network, so firewall issues become moot. more information.

Security: WASTE uses link-level encryption to secure links, and public keys for authentication. RSA is used for session key exchange and authentication, and the links are encrypted using Blowfish in PCBC mode. The automatic key distribution security model is very primitive at the moment, and may not lend itself well to some social situations. more information.

 

Network

WASTE creates a network of hosts, making whatever connections possible, and typically routes traffic via the path of lowest latency (which effectively ends up as load-balancing, though it is far from ideal).

With at least one host outside of firewalls (or behind a firewall but having one incoming port open), a WASTE network can enable all supported services (including chat and file transfer) between any two hosts.

WASTE uses three main classes of messages: Broadcast messages, routed reply messages, and local management messages.
Broadcast messages are sent from a host when the host wants to either notify or request information from all hosts on the network.
Routed reply messages are sent in response to a broadcast message, routed back to the host that initially broadcast the request.
Local management messages are sent directly between two nodes to negotiate link configuration parameters etc.
The network messaging structure is flexible and there is plenty of room for new message types to enable new services and functionality.

Each link on the network is secured and authenticated, but messages are not secured point to point, which means a trusted user on the network can theoretically spoof and/or sniff traffic. For more information, see the security section.

 

Security

WASTE builds a distributed network of hosts, and secures each link in the network. In securing each link, WASTE also authenticates each link using public keys.

WASTE also provides a mechanism for hosts on this network to exchange keys automatically with each other once a host is trusted on the network.

How WASTE Secures Links
WASTE secures the links of the WASTE network by using RSA to exchange session keys and authenticate the other end of the connection. Once the hosts have authenticated each other and both have the correct session keys, the connection is encrypted using Blowfish in PCBC mode (using different IVs for each direction of the connection). The oversimplified process for bringing a link up is (see comments in the code and the code itself for a more in depth view):
Both sides exchange public key hashes, and verify that they know that hash
Both sides exchange session keys and challenge-response tokens encrypted with each other’s public keys.
Both sides decrypt and verify the challenge-response tokens, and begin encrypted communication (a stream of messages, each message is verified using an MD5).
There's a lot more to it than that, but that's the basic idea. The reality of it is that there is also a "Network ID/Name" feature that allows you to easily keep networks from colliding, as well as efforts to obfuscate the whole process (to make WASTE connections difficult to detect). Another unique feature is the way session keys are exchanged and combined so that in order to decrypt past (recorded) traffic, both private keys of a connection need to be recovered.

Note: It might be worth implementing WASTE using a subset of SSL, to avoid any concern of flaws in this protocol. Feedback is gladly accepted on any potential weaknesses of the negotiation. We have spent a decent amount of time analyzing this, and although we have found a few things that are not ideal (i.e. if you know public keys from a network, you can sniff some traffic and do an offline dictionary attack on the network name/ID), but overall it seems decent. The current implementation probably needs work, too.

Why WASTE requires a trusted group
Since the security in WASTE relies on encrypted links, and messages are not encrypted point to point, a node on the trusted network could easily sniff or spoof messages. So yes, your friends can spy on you. But you were not really worried about them, were you?

How WASTE Prevents Information Leakage
WASTE makes an effort to prevent information leakage. WASTE sends all traffic through the same encrypted link(s), and does not (by default) bring up or drop connections in response to any user actions. WASTE messages are sent completely inside an encrypted channel, so a snooping party would have a VERY difficult time determining what kind of traffic is being sent across a link, or where the traffic originated from, or where the traffic was headed to. And because there may be redundant paths in the network, and traffic is load balanced across those paths, it further complicates things.

In addition, WASTE has an optional saturation feature, in which connections can be saturated to a particular rate (with random data, if necessary), so that a snooping party cannot see how much real data is being moved.

How WASTE Exchanges Keys Between Trusted Hosts
In order for two WASTE hosts to connect to each other, they need to know each other’s public keys. This can happen two ways. The first way, which is how you would initially connect to a WASTE network, is by manually exchanging public keys. This is clunky, and generally a PITA.

Once a WASTE host is on a WASTE network, however, it can (and is by default) be configured to automatically exchange public keys with other hosts on the network. This happens through the secure links of the network.

The main drawback to this is that it is very difficult to remove a key from the network. Each node on the network that that person could potentially connect to has to remove the key. This may be addressed in a future version.

 

 

RMStringer

^^^^^^^^^^^^^^^^^^^^^^

You have no conscience and it seems you never will - Cyberaktif

 

No comments:

Post a Comment

Ambient Massive - There Is Grace In Their Feelings

. Instruments used were: Kurzweil 2000vx Microfreak' Maschine 2 Wavestate Deepmind 12 Virus Ti2 Monotron and various VSTi synths. Releas...