Private Distributed Hash Tables

[Rich Jones]

Far too much yap yap yappin' around here lately.. cpunks write code,
remember? Let's get back to business.

Here's an idea for a private, censorship-resistant communication/file
sharing system with integrated invitations and access control. I don't
think I've ever seen this before, but it's quite possible that people have
discussed this idea previously. Either way, I don't know of any
implementations yet.

Problem
=======

The current P2P file sharing landscape is divided up into two spaces: 1)
private tracker communities (what.cd // Demonoid // etc) which provide high
quality network speeds and file quality through moderation, but which are
often subject to outages due to centralization, and 2) the single giant
BitTorrent 'peer exchange' distributed hash table, which provides universal
file access and fault-tolerance, but at the cost of abuse and surveillance
of those participating.

Ideally, we want a peer-to-peer community which is decentralized and
fault-tolerant, but with enough authority to maintain a high network
quality and private enough to avoid open surveillance.

Proposed Solution
=======

It might be possible to combine the exclusivity and moderation of private
trackers with the fault-tolerance of distributed hash tables by having each
private table operate with a certificated-authority based public key
infrastructure. Essentially, to participate in the DHT, peers must
cryptographically prove that they have been invited to participate.

Power and trust flow down a through a concentric certificate web. A
client's authority in the network is a function of how far away from the
root authority they are (not dissimilar to Scientology's hierarchy.)
Clients should automatically respect commands coming from those higher up
the cert chain or from those closer to the root than they are, and should
listen to, but not automatically respect, commands from those lower down
the cert chain or from "lower-ranking" clients.

* Bootstrapping and Invitation

The very first user of the network will have to generate a root
certificate. He is then able to generate new signing certificates, which he
can give to new users of a network to allow them the ability to access the
network. These new users should be able to use their own certificates to do
the same for their own new users. (This could be done with certificate
signing requests coming from potential new users as well, but that might
come at the cost of a slightly more complicated user experience).

* Revocation

Bannings can be performed by issuing updates to a network-wide revocation
list. Clients will automatically respect revocations coming from superiors,
and may or may not choose to respect revocations coming from underlings.

* Implementation

Everything needed to create the heart of this should exist already in
Kademlia and OpenSSL. BitTorrent could serve as the basis for the
file-sharing application, but vanilla BitTorrent has a content discovery
problem, so I'd suggest that any implementations of BitTorrent on Private
Distributed Hash Tables should have some kind of discovery BEP included as
well, possibly one which uses the authority system of the PDHT to verify
files. There's also a possibility there for what you might call "trusted
amnesia" - the ability for a user with a high authority to publish verified
documents to the whole network without having to broadly expose themselves
as the source of the content by having peers in their same trust level sign
their content, forget the source, then increase the availability by one
access level.

Anyway, that's the sketch. Any thoughts?

Rich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 4049 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140108/e380f35a/attachment-0001.txt>