On Tue, Dec 30, 2014 at 03:14:33AM +0330, cont...@sharebook.com wrote: > > > Hi all. we published documentations about our big plan here > sharebook.com/design.html
Thank you for posting to several mailing lists about it. I see you have spent quite some time in the design of the cryptographic aspects of things, but as the designer of http://secushare.org - a distributed social network supposed to protect data, metadata, but also to scale, I see some aspects that may turn out troublesome on the scalability front. Most transactions on a social network are one-to-many distributed messages.. your model provides postings and comments to postings, both requiring "hundreds" of circuits to hidden services being established or maintained each time something happens on one person's timeline. In your example, Alice has 167 friends, therefore if a posting of hers triggers a conversation, her node would have to relay each piece of conversation to 167 other hidden services without a distribution strategy. This will not scale well since Tor has no optimization for one-to-many use cases. We are specifically developing a multicast distribution layer into GNUnet to address these types of use. See http://secushare.org/scalability and http://secushare.org/pubsub for further details. But that's not all yet, according to your document each posting or comment isn't actually delivered directly but rather stored in form of what you call a "Block" on a "PseudonymousServer." All of the 167 recipients have thus to maintain a circuit to one or more PseudonymousServers in order to retrieve the ongoing comments of the discussion. This also opens up doubts concerning anonymity. If a global passive observer can correlate EntryNode activity with the traffic going in and out of PseudonymousServer, wouldn't it be likely that very similar bursts of Block retrievals would allow to reconstruct the social graph of Alice? Even more, if the attacker p0wned this specific PseudonymousServer and thus knows which Blocks are being retrieved? Your design doc specifies that you are lacking an incentive for creating large numbers of such Pseudony- mousServers, thus the attackers would be the only ones to have a motivation to offer such "free" services. These would be things that worry me at first glance, maybe I could find more if I spend further time. I do in any case appreciate your idealism and the effort you have put into this so far. I would love to have you work with us on secushare.org. You can fork it and call it sharebook if you like. -- http://youbroketheinternet.org ircs://psyced.org/youbroketheinternet -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
