Accessibility setting

Section: Research Program

Decentralisation as the way forward

The goal of the proposed research and development effort is to build the GNUnet, a fully decentralized Internet that respects user's freedoms, giving users free networking software that protects their privacy and makes it difficult for authoritarian institutions to control their lives, and to enable social groups to effectively organize dissent. Like the Internet, the GNUnet is not supposed to be a monolithic application, but instead a layered extensible architecture which enables continuous improvement.

Clear separation into layers should also facilitate testing and verification of the various components. Nevertheless, existing formal verification techniques do not scale to typical subsystems encountered in practice. Thus, we plan to use statistical model checking and static analysis to improve software security using methods that are applicable to real-world systems.

GNUnet is being realised as an overlay network; while it would ideally eventually supplant the Internet, replacing IP will take decades. By building GNUnet as an overlay network, we can use the existing global communication infrastructure to bootstrap a new network. This way, we can perform large-scale deployments and thereby engage researchers and developers worldwide at the cost of a software layer that deals with the intricacies of the modern Internet.

GNUnet currently use the $R^{5}N$ Byzantine fault-tolerant and censorship-resistant distributed hash table as a key-value store. One of the special properties of $R^{5}N$ is that, unlike most other DHT designs, it does not assume that any peer can talk to any other peer. Thus, $R^{5}N$ is suitable for deployment in (ad-hoc) wireless networks, in friend-to-friend networks, or in environments where firewalls limit connectivity. Using $R^{5}N$ to discover paths, GNUnet's MESH service constructs end-to-end encrypted channels between peers to enable any pair of peers to freely communicate.

These two building blocks are critical for the performance of many applications that we plan to build, and we would like to investigate various ideas for improving their performance. Specifically, we would like to compare $R^{5}N$ with the X-Vine DHT (including in the presence of adversaries in the network), investigate a strategy for key randomization (learning from techniques used by botnets) and evaluate performance implications of different resource allocation strategies and incentive mechanisms for overlay tunnels.

An important aspect of organizing social movements is the ability to get a message quickly to a large number of people. For example, a user might need to transmit a video of atrocious actions by the authorities, or a call to assemble for a protest. Transmitting such information to a large number of interested parties without powerful central servers requires enlisting other peers to help multiply the traffic.

Existing designs for peer-to-peer multicast have focused on minimizing latency and bandwidth consumption. Our vision for secure multicast builds on these designs, but adds confidentiality and Byzantine fault-tolerance as additional requirements. Furthermore, we envision a stateful multicast channel where certain data is efficiently replayed to peers that join late. The resulting building block should then facilitate one-to-many communication to enable secure messaging at scale.