Download presentation
Presentation is loading. Please wait.
1
The Anonymous File Transfer Network
(AFTN) Jared Rose
2
What is AFTN? A system for sending files anonymously
Uses RSA & digital signatures for establishing a user’s “identity” Utilizes the Tor network SSL Encryption Onion Routing Hidden Services Cross platform compatible Jared Rose
3
Goals of AFTN Users of the AFTN are anonymous
Clients can verify the “identities” of other clients and servers File integrity/validity can be checked MD5 hashing + file size Synchronization of contact information between clients and servers Jared Rose
4
Goals of AFTN (Continued)
Files are protected by end-to-end encryption Tor + Hidden Services Secure updating and management of encryption/signing keys on the server Allow clients to anonymously retrieve key and address information from servers Jared Rose
5
Why Create AFTN? Digital privacy concerns “Big Government”
Whistle blowers Censorship Humanitarian work Its interesting Jared Rose
6
Ethical/Legal Concerns
Potential for illegal use IP infringement Crime Malicious software/Spam Encryption export laws Open source Jared Rose
7
How does AFTN work? Two types of hosts: Nodes connected to Tor network
Clients Directory Servers Nodes connected to Tor network Outbound connections through Vidalia Inbound connections to server sockets listening at a Tor hidden services address Provides anonymous exchanges between hosts End to end encryption Jared Rose
8
Clients & Directory Servers
Clients register with a directory server Directory servers supply contact info for clients Clients send files to other clients (P2P) Clients know servers contact info through white lists Clients of non-whitelisted servers ignored Permits organizations to be “off the grid” Jared Rose
9
Tor Provides anonymity through onion routing Hidden Services:
NAT/Firewall traversal End to end encryption Hides server locations Bandwidth/Speed are issues Onion routing is bandwidth intensive Speed influence by the types of node you traverse Jared Rose
10
Anonymity and User Identity
Q. If anonymous, how do we know we are talking to the right person? A. Public Key Cryptography! Public/Private signing key Jared Rose
11
Anonymity and User Identity
When clients register with a server: Create unique name/server pair answer (name#server) Register public “master” key used for signing other keys Any changes to keys/information on server must be signed w/ master key Master key can be stored separate from the rest of the system for security Jared Rose
12
Where are we at Right Now?
Jared Rose
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.