The Decense Project A few days ago I was reading Clarinet Newsbytes Top news. It read like something right out of 1984. "Germany cracks down on AOL and Compuserve", "Japan busts Japanese porn web site", "French bans web sites with banned book", "China issues internet regulations", and "Clinton signs Telecom bill" The other shoe is starting to drop. The ante has been raised as governments around the world are trying to control the content of the Internet. But the politicians writing this type of legislation have no clue what they are really dealing with. They are are part of a centralized organization with a centralized philosophy trying to cope with something inherently decentralized, non-physical, and constantly evolving. We all know the genie is out of the bottle. Let's write some code to keep it that way. Enough of the rhetoric. Decense is the name of what I hope to be, a family of software protocols designed to "decensor" the net. I'm contributing the first, and I hope, most useful piece. I hope others will join me in developing this software, making it more robust, and distributing it across the net. What is Decense? The first piece of the Decense software is designed to provide "penet" like double-blind anonymous transactions for the http protocol. It is written as a cgi-bin script which provides a seamless mapping between anonymous ids and remote web servers. Servers running Decense can be chained like anonymous remailers to increase site level security. Decense works as follows. The server maintains a database mapping anonymous ids to url directories. For instance 'foo' -> 'www.c2.org' as an example. The anonymous ids are stored as md5 hashes so that if the site is ever compromised, the db cannot be used to get a complete listing of all anonids<->sites. The attacker is forced to hash and compare each one he is looking for. [yes, he still gets a listing of all the urls, but chaining takes care of that to some extent. In the future, I want to use the unhashed 'anonid' as a key to a symmetric cipher to encrypt/encrypt each url field of the database. The db would be stored as (hashed(anonid), DES/IDEA(anonurl) ^ key ^ value ] A url is constructed as follows http://<decense.server.host>/<cgi-bin-dir>/decense/<anonid>/<relative url> Decense will lookup the anonid in the database, and map it to a url, such as "http://foo.bar", it will then append the relative url portion yielding "http://foo.bar/<relative url>" It will proceed to fetch the document at that URL. If the document is an html or text file, it will scan the file replacing any references to the remote server with the decense url. Example: Let's say I am running decense at http://foo.bar with an anonid of 'c2' which maps to www.c2.org. If I then request http://foo.bar/cgi-bin/decense/c2/index.html and index.html contains the following URL <img src="/c2.jpg"> the URL will be changed to <img src="http://foo.bar/cgi-bin/decense/c2/c2.jpg"> in the returned document. Future plans for Decense I am heavily loaded down with work right now. But future versions of Decense should have 1) the ability to filter out mailto: and instead, substitute in a url pointing to a post/mail cgi-script which sends mail to the real recipient through an anonymous remailer chain. 2) the ability to proxy through SSL servers for encryption 3) the ability to handle authenticated urls properly 4) the ability to handle a document being located on multiple sites, with optional shamir sharing, so that a site is a) either picked at random to retrieve a document or b) a portion of the sites are picked, and the document is fetched and reassembled via a sharing protocol from those sites. I will release source code in about a day, I'm now alpha testing it. If you would like to contribute to Decense, send mail to rcromw1@gl.umbc.edu -Ray rjc@clark.net