NAT Traversal & Bootstrapping

Not if the signing happens between the close group nodes. Even between them a key blinding mechanism could be implemented effectively preventing any node from seeing the private key. If key blinding isn’t possible then It could be designed break the keys in into pieces so that no single quorum node has the entire picture.

You can’t compromise my node when you connect me to a fake network. Let’s say I connect on IP-level to your fake node. Now I request my “personal file” out of the network. My log in details will never leave my computer. When my username is: userABC and my PIN is: 3769 a Hash is derived from these credentials. So a hash of “userABC3769” (and some salt) is the place of my personal file with all the datamaps to my data. So I’ll request my file on your network. You’re probably not able to provide me that file because you have no clue where it is. And even if you had, this means you need to store all Chunks in the network. But let’s assume you’re a smart cookie, so you request the file out of the real network and provide me these Chunks through your fake network. What can you do? Nothing! What can I do? My clients will de-crypt it locally with my password.

In my personal file (now open on my computer) I have a list of nodes in XOR. I also have their public keys. So I start to message them, send a mail or chat or whatever. What van you do? Nothing, you can only block my request. Or you can connect me to my XOR group. But due to PKI you have no clue what’s going on.

So when the network goes live, provide me your IP. Let you be my relay-node (next to 4 others as well) and within moments my client knows your connection is fake (because you behave different than the others). And you really don’t know anything what I did in XOR or who I connected to. You just know, here’s a node that tried to connect to SAFE. That’s all. And remember, on SAFE you don’t log in to a server, you log on to the network in the way I described.

@Tonda Sorry but you’re going to have to help me out a bit with this because I’m not following where the close group comes into things. What I understood you to say is:

There is a validation key and this is unique to the bootstrapping server (not to a client or anything). The client is going to pass this validation key into the network and if a positive result comes back then the client feels safe. Is this correct?

How does the client judge whether a response is positive or not? If they’re waiting for something to come saying “I managed to decrypt the key” then I can just return that too - it doesn’t matter that I don’t have a clue what’s the content is. I’m thinking if I connect to the real SAFE bootstrapper and network that I’m going to be passing in the same validation key (because it’s unique to the bootstrapper not the client)?? This means I can pass the same data back to a client that enters the fake network.

Alternatively, if I was to get a bridge between the fake network and SAFE then I’d just pass the request through, wait for a response and rely on to the client.

Sorry if I’ve misunderstood.

If I’ve compromised you’re node I can capture your details as you type them.

I’ve shown how I can get your credentials, I also know your IP address and figure out who you are.

This is only true if you’ve connected to SAFE previously and are now going directly into the network using previously known nodes. If you’ve never logged into SAFE before and you’re hitting my bootstrapping server then I’m going to put you into my network where I control the nodes and they all act as you would expect.

In network 1 (as I described it above) all nodes would be vanilla MaidSafe binaries. The important bit is that I own them all and can tell what you’re putting into the network and I can determine your IP. Once I know you’re IP I start working on a way to break into your machine so I can swap out your client for another one that sends me your credentials…and so one.

No, they all are, just in different circumstances.

I think what you are saying is capture seed nodes (or falsely publicise them etc.) Then get everyone to use them and bam. You do need to however stop people creating their own vaults and joining, which dilutes your attack with each new node. (note vaults cannot tell you any data, it’s encrypted and signed in some cases, so crypto secure), you will need to keylog/get into the end point (users computer). This is a valid attack we discuss a lot, if you are using certain OS’s we know your likely already tracked, if you have an insecure computer then again just take the login. The end point is the weak point. There is things we can do there and we are in talks with some folks about just that. It is a real attack vector though.

Ultimately if you are saying You start the network and get folk to join your network then it is yours and that is something to consider.

So you start a network, on it and encourage folk to join. This is what we are doing and we do not know who joins where or when? I hope that makes sense.

If there are already people on the network you have to kill them all off and start again if you can. That is another problem, if you see what I mean.

So if we can assume you can break into the seed nodes and comprimise them and no other way on the network was possible (we cannot even release new seed nodes etc.) then you could of course prevent new access, but it does not work that way, there are multiple ways on, folk need to grow a network and so on. So it’s extremely hypothetical and we have to assumed heroic feats and disable many parts of the network to help you in this attack. There was a similar thread on self encryption for an age, it does eat into time for sure.

I suspect the seed nodes part of the process like btc and all the rest does need further work, I am not saying otherwise. Like bootstrap onto the network even in use these are less secured parts for sure as they are not in the consensus part yet. Like you walk-in into the most secure building in the world and I say, aha but what if I rob you before you get in :wink: it can be that kind of hypothesis we need to adopt to look at some of these attacks.

Anyway keep at it, and we can see where it gets or if we can expose anything. Lets not get into a p2p device is a server and a client and can be considered X etc. etc. as that’s all semantics and a waste of time.

Working through this is good and the kinda thing we do a lot. It does take time and for me at the moment I cannot keep the thread going too much longer as I have a really important thing to do this weekend which will put me off line for a couple of days (personal matter). I will try and pick it up if there is any more info next week if I get a chance.

2 Likes

Issue a challenge encrypted with the developers public key. The challenge is decrypted then solved encrypted with the clients’ public key and returned. The client can choose one of say 10 or so challenges at random. Your network would have a 1 in 10 chance of returning the correct response for each dev key. If the client is required to get correct responses from at least >50% of the entire dev pool, It would make it very difficult to provide the right combination of responses. Make sense? I have another possibly crappy idea brewing but need more time. Got other things to juggle.

I didn’t understand anything in this thread but I read it all anyway :smiley:

It’s rare to see discussions like this take place in forums in “cryptoverse” and this is just one of many.

Really is amazing to see peeps hammer out arguments like this.

Couldn’t find a thumbs up so I guess lovely red boots will have to do :boot: :tractor: and a tractor…cos you know…obviously!

6 Likes

You are assuming you can break into everything and hijack everything in your example. So you’ve hacked the seed-nodes, now I connect to you, you know my IP and now you hack my IP as well and when I type in anything on my keyboard you have a keylogger and know what I do exactly on the network. Yes, of course, you can now maybe understand who I am and what I do. you can also steal my Bitcoin-wallet as well.

No, this is not right. You can’t get my credentials until you have figured out my IP and broke in to my computer as well.

This is not correct as well. Before I upload any Chunk to SAFE, stuff is locally encrypted using self_encryption. So even when you trick me into your fake network which looks like the real thing, you still don’t know what I upload as Chunks to the network. To you they’re still gibberish data. And when I request data the same thing goes as well. These Chunks are only de-crypted locally on my computer. And you don’t have a clue because you don’t have the datamap to these files. Actually, you don’t even have these Chunks as well.

So to know who I am and what I do exactly:

  1. You need to hijack the seed-nodes at Maidsafe, and hope I use the software for the first time.
  2. Next you have to provide a list of fake relay-nodes which you own. Now you have my IP when I connect to 4 of your relay-nodes.
  3. The next thing you have to do is break into my computer and install a keylogger.
  4. Hope that I log on to the network. Now you have my credentials.

All this time you have to provide me a fake network, including providing real chunks (from the real network).

Step 1 is no problem for me, you wouldn’t know a thing. Step 2 is neither a real problem or scary thing to me, you still don’t know anything. Step 3: yes this would be scary, just like people getting in to my computer while I’m just on the normal internet.

How big is the chance you can make 3 steps in your attack? I think it’s extremely small. Until then you really don’t know more about me than my IP and see some gibberish data come by.

1 Like

Cool, no problem. I’ve appreciated the feedback given already and enjoyed the discussion :slightly_smiling:

@anon40790172 I accept that the attack I outlined was convoluted. My main point through all this is that the hosted bootstrap servers are a major weak point and this appears to have been accepted.

Let’s consider a MUCH simpler attack that would probably actually be more beneficial to an agency/government than what I originally proposed:

I am the CIA, I can find out all bootstrapping servers details (again these are servers users hit before they’ve ever connected to SAFE). I go to all ISP’s and I say, give me a log of all IP addresses that have connected to one of these servers.

I now have a nice big list of IP addresses (if I’ve managed to get all ISP’s to comply then I’ve potentially got the details of a very high percentage of user on the network).

This list allows me to gauge how quickly the network is growing and I can analyse the details of the known users (based on ISP records). If the network is sufficiently large then I will likely want to focus on a subset of users; I’ll pick people who have criminal records, etc. as the people I’m most interested in monitoring.

I start trying to compromise these “interesting” users machines based on IP address and can probably even get the ISP to tell me if users of interest are assigned new IP addresses. I’ve really got as much time as I need now to break into their machines (whereas with the attack I mentioned previously I’d only have a short window).

Everyone is completely oblivious to what’s going on. Bootstrapping servers don’t have to be compromised and logging of IP addresses is obviously invisible.

EDIT: Also when I compromise a node I can get it to start telling me about it nearest neighbors all the time, meaning I can potentially start building up a list of users that I didn’t catch going to a bootstrapping server.

While possible any information gained would without warrant be illegal. Even if they colluded with local law enforcement a simple motion for discovery would reveal collusion and illegal wiretapping resulting in a dismissal.

In tyrannical governments your approach would be effective.

2 Likes

I don’t think they are :grin:. It’s very hard and almost impossible to fool a group of Devs with their hardware. How do you know the IP of these folks in Troon? How do you know which hardware they use? And even if they can, then you still need “hackers” that know extremely much about SAFE. And assume we see 1000 new users everyday? They only connect to these servers on day one. So after 2 weeks we have a network with 14.000 users that connect to IP’s they already know. After a month we have such a strong network that nobody seems so get it down anyway :+1:.

That is nearest neighbors in XOR. So you know you’re close to “VhgadsgjvHKGjgfjhgfjkiiogvcjhgkhgkkjgk”.

But keep thinking about it. It’s good to think about the security of the network. Makes me crack my brain again on how this all interacts.

2 Likes

I know I’m going to sound like a pr*ck now and I don’t want to change topic but I can’t help myself :smiley: If the authorities in non-tyrannical regimes can be trusted to not to break the rules then why would users in these regimes need the privacy features of the network?

I don’t think this is the case. Imagine some agency managed to get all ISP to agree to share their records with them (for the sake of argument let’s just assume that SAFE is deemed by governments to be a threat to global peace). It would take a lot of processing but you should be able to find out everyone that’s on the network without even thinking about bootstrapping servers.

In order to do this the agency would install their own vault. Other nodes on the network would connect to this vault (and the IP addresses of these other nodes are known). Based on a very small number of IP addresses to start with the agency can then start analysing the connections made to these machines and so on (based on ISP records). As said it would take a lot of processing but you should be able to figure out all IP addresses on the network.

In order to avoid this you’d have to have a completely new Internet without ISP’s.

In order to compromise a particular machine I wouldn’t really need to know anything about SAFE. However it might help me if I did because I know that each of the machines that were identified are going to have at least one port that’s open and listening for connections from other SAFE nodes. If I find a vulnerability in the node code I can exploit this. This isn’t required though and there will be other routes onto the machine.

Sorry if I used the wrong terminology there. What I meant are the nodes that are the last hop before the destination - these obviously communicate with each other with IP.

You could sample IP addresses, but what’s the value of it? People will use SAFEnetwork for many reasons, so it would be like having the IP address of everyone who ever visited Wikipedia - only unlike stealing the Wikipedia http logs, you’d have no idea what they were using SAFEnetwork for.

I don’t see the value in this, and it would be extremely costly if you wanted all IP addresses. So actually, you’d have some fraction and an ever smaller fraction as the number of SAFEnetwork users increased.

There are far more attractive avenues for finding individuals to target I think.

And if someone wants to stop SAFEnetwork itself, I don’t see how this helps them.

I’m still interested in your original idea of creating a false network, but I think so far all the issues with that have been answered fairly well, if not yet definitively for lack of time. Keep trying - it’s a valuable contribution.

I don’t care if they follow the rules. As long as they don’t attempt have an individual prosecuted for information they obtained illegally. SAFE makes it impossible for them to stifle free speech which is the point after all. The privacy afforded by SAFE prevent all but the most powerful and knowledgeable from having access to your moment to moment activities and personal content.This provides massive benefits, keeps everyone on their toes, and help to level the playing field so to speak. Spy agencies are good but their don’t know everything. Remember that your account is accessible by you anytime any where. They would have to devote significant resources to be glued to you. This is targeted surveillance as opposed to dragnet.

Vaults have no knowledge of IP addresses, only XOR addresses. But yes, that is the only real extreme that SAFE is threatened by. Few if any other networks can say this. SAFE has the smallest attack surface of any network I can think of.

I guess the value is that you can cross reference the “owners” of these IP addresses with other databases. I could see that John Smith was at an anti-government demonstration and he also happens to be on SAFE. As a government I’d be interested in seeing what he’s up to. I’d then use this as justification for expending a certain amount of resources trying to access his machine, discovering his credentials, etc.

I don’t think it would be prohibitively costly to maintain a list of all IP addresses. The real cost would be in monitoring individual users - as you say it would have to be targeted.

I’m sure you are right that there will be more attractive ways for achieving “big things” as far as an attacker is concerned. I too have a feeling there’s scope with the fake network idea. I’ll give it a bit more thought but I’ve burnt a good part of a day on this already and can’t afford to keep going for much longer.

Totally agree with you.

I’m afraid they do, see this:

https://forum.autonomi.community/t/potential-way-to-weed-out-illegal-content/568/76

From my understanding vaults know the IP of the owners machine (obviously) but not that of other vaults on the network. Vaults communicate with each other via XOR. What did I miss? :confused: The linked thread and post is one where you claim it is possible for someone to determine which vault served a particular chunk. This doesn’t seem correct as it would be a serious security issue I doubt David would have overlooked. Please tell me I’m not wrong. :neutral_face:

XOR is used at a layer above the actual network. XOR distances, etc. are a Kademlia notion and they are not part of IP which you need to use to communicate with any computer on the Internet.

There’s a link within the post I referenced that confirms this and it’s also acknowledged in the posts that follow it.

I know this… What you haven’t explained is the idea that vaults know each others IP address. It’s one thing for vaults to communicate via XOR. It’s another to have them have direct IP communication with each other. That is a flaw IMO and is not acknowledged further into the thread.

What is acknowledged is that a UK dick will know who relayed a given chunk, not which vault served it. So again, what did I miss? :confused:

I don’t really want to get back into this again because it’s already been discussed to death. There have obviously been prosecutions (in the US at least) of people on P2P networks because they are distributing copyrighted content, It’s quite possible while that person was distributing the bits that got them caught they were still in the process of downloading the content themselves and didn’t have a usable copy - perhaps their download didn’t even complete.

Granted you can argue that in SAFE the person didn’t know they were distributing illegal content. I’m sure a lot of people who use torrents also don’t know they’re distributing anything though and I don’t think it’s a massive leap to say that it’s possible for a prosecutor to argue that by you participating in the SAFE network you’re taking the decision to agree to distribute content that is potentially illegal.

My point in that post was just that. I wasn’t saying that you can identify the vault that the chunk originated from, I was saying that you can identify the node that delivers it to you. The vault is no more complicit than the node is - neither know the data but they know there’s a chance that they are holding at some time a part of something that is illegal.

I don’t remember saying anywhere that any vault knows the IP address of any other vault. What I did say was that if I had ISP records I’d be able to trace through these and build up a picture of the network…so if a chunk followed a route like this:

A (chunk lives here) → B → C → D (chunk ends here)

I know D’s IP address and from D I can tell C’s address. I look at the ISP records and I can tell what IP address delivered the chunk to C (i.e. B), I then lookup the records for B and can tell who A is.

1 Like

Hmmmmmmmmmmmmmmmmmmm!!! (20 chars)

No, this can’t be done this way. All connection on IP-level are encrypted as well. And because all nodes work like “Ants” and pass Chunks to each other, you would only see an x-amount of data going between the nodes. You wouldn’t have any clue about which Chunk etc. Even if you use deep-packet inspection and complete recording of nodes A, B, C and D fro the outside you couldn’t make any guess about what’s going on. Just think about it, the connection between A and B uses PKI infrastructure. How can you know which Chunk A passes to B? It’s impossible.

What can you see as an evil ISP? Address 123.456.789 is connected to address 987.654.321 and they have full encrypted communication. That’s it. You can probably figure out they’re on Safenet (or is it Ethereum or Freenet that uses PKI as well?) but you don’t have a clue what they do in XOR.