Building a secure censorship resistant protocol in elixir

Hi everyone,

I want to learn elixir to implement a protocol that has the following features. I also want to document this process and turn is into a web series of screencast compilations. Please let me know if you can help.

RISE Protocol requirements and abstract specification

Product definition (WHY?)

This protocol aims to solve the convenience versus security problem that has prevented other secure by design solutions from gaining traction. These problems include high latency, low bandwidth, and/or limited protection against state level surveillance/censorship.

Requirements

  • Out of band peer bootstrapping: By allowing peer discovery via DHT (commonly used in Bit Torrent, email (IMAP, POP), and shared database of WIFI networks (SSID, password, geolocation) trying to block this protocolā€™s peer discovery should cause significant collateral damage to the network being censored.
  • Onion routing like TOR: Nodes will share public keys with each other as well as a limited number of the public keys of other nodes that they are connected to. This will allow user to create a local map of the network which they can use to route packets to destination nodes.
  • Single packet onion routing: To prevent traffic analysis, and to optimize usage of available bandwidth on this network. Nodes will never use the same route for more than one packet.
  • Node compartmentalization: to prevent a firewall administrator from blocking all nodes in the network, no single node should ever know the coordinates of all nodes on this network (no single point of failure).

Minimal viable version capability requirement:

  • ā€œInstantā€ text messaging (within 5 seconds).
  • To be able to upload data to another user at 80% of total local available upload bandwidth i.e. if a -node has 5mbps of upload bandwidth from their ISP they should be able to use 4mbps after all encryption overhead to send data to 1 or multiple users.

Road map features:

  • voice and video chat
  • voice and video live broadcast
  • mass notification
  • mesh networking (works even if the incumbent network is turned off)
4 Likes

This sounds like an excellent use of Elixir/BEAM. How does RISE protocol compare to CJDNS?

I am definitely a fan of mesh networking, and not a fan of government censorship and how ISPs are the weakest link. From what I understand the Internetā€™s infrastructure is fragile and insane, and itā€™s a kind of miracle it runs as well as it does. The infrastructure will only get more stressed as we stream more video and at higher definition.

With blockchain technology, we can setup a payment mechanism for routing packets through user-hosted machines, and thus eliminate the need to pay Comcast ever again! :019:

I feel like the technology is almost there, but the adoption is really slow and the barrier to entry is kind of high. There is the meshbox, but still, why would the average user care about meshnets? We need long distance WiFi interlinks via the white space frequency spectrum to really make a national meshnet viable. And then weā€™ll need some consumer-grade balloons or satellites for intercontinental mesh-linksā€¦

Anyhow, I would love to contribute to this project as a matter of human rights and of making a better internet. What other options have you explored? What kind of experience do you have in this area? What are your short and long-term goals?

2 Likes

Why does is have to be all or nothing? What about a network that can piggy back over the incumbent infrastructure to bridge islands in the network?

1 Like

Thatā€™s exactly how CJDNS works. It is somewhere around Layer 3 (network) or 4 (transport) in the OSI model.

Running on top of the current Internet is the best way to test the technology and gain adoption. Meanwhile, we can be working on wireless interlinks which bypass ISPs and the rest of the Internet, gradually making the switch over.

1 Like

definitely exciting!

1 Like

I think the first thing to do is implement DHT to bootstrap peers

3 Likes

Here are some DHT implementations on BEAM:

  1. MLDHT (Elixir)
  2. dht (Erlang) - (mostly) formally correct through QuickCheck testing :ok_hand:
1 Like

I had been thinking vaguely of an Elixir-powered meshnet which can be deployed to Raspberry Pis using nerves. It seems to be a perfect combination of the technologies. The RPi could use software-defined radio and/or commercial WiFi antennae such as the NanoBeam M. Hell, the airFiber X has a range of 200 km!

Edit: Here is a 200km radius around Denver, which is pretty impressive! I wonder if the airFiber X can reliably reach anywhere near that. With that, we could cover Boulder, Fort Collins, and Colorado Springs with one or two backhaul radios, then the NanoBeam for better coverage within the city.

3 Likes

Dude! That sick. whats your email? Iā€™m working on a quantum resistant security scheme for this network. my email is georges(DOT)landry(AT)me.com

3 Likes

Sent you an email.

As I suggested above, there is already a project working on a blockchain for incentivizing meshnet nodes to route traffic: BitMesh. This blends nicely with our blockchain discussion. :smiley:

2 Likes

This looks awesome! Count me in.

2 Likes

I think TOR has some performance limitations that could be substantially optimized buy sending each packet over a different route. This however would require awareness of other nodes online/offline status on the network. It would also require that each node would know the public keys of each node in the network that they want to route packets through. This network would also have the ability to amplify the distribution of packet for broadcast purposes. Sending each packet over a unique route would also make it much more difficult to perform statistical timing analysis on packet traffic. Thus, this protocol would have the bandwidth availability of Bit Torrent with better over all security then TOR.

I think we should look at the new presence feature in the phoenix framework. I think those guys might have solved a lot of headaches for us.

2 Likes

While it looks like BitMesh is a dead pile of code with little documentation, this dead project OpenLibernet is only a white paper draft with no prototype.

The white paper is extensive, however, with 33 pages of design details making it much more useful to us. I need to have a read through it but it looks like a fantastic headstart. Seems you would separate the code out into two logical parts: incentive blockchain and mesh networking.

1 Like

There is a decentralized web summit going on right now in San Francisco. Check the hashtag #DWebSummit and their website which lists many projects coordinating around this effort: https://dwebsummit.neocities.org/learn-more/

I am looking forward to seeing the content they publish after the conference.

2 Likes

The redecentralize/alternative-internet GitHub repo is an exhaustive list of all these decentralized internet technologies.

2 Likes

As far as implementing DHT first, has anyone looked at Kademlia?

Also, in terms of the network protocol sought after here, I think IPFS ticks most of the boxes (it uses Kademlia as a part of its stack as well) ā€“ however it mostly serves like a protocol for hosting things by content hashes and doesnā€™t look like it is interested in real-time messaging. Then again, their community doesnā€™t look motivated by commercial interests and they might be open to other scenarios outside of content-addressed hosting network.

Caveat: itā€™s implemented in Golang.

1 Like

If been googling off and on about something, and this thread keeps coming up and Iā€™m going to ask here.

What are my options for WAN discovery in elixir/erlang? Iā€™d like to be able to write a (nerves) app, and be able to find to instances of it out on the internet, without relying on a dynamic dns service or central orchestration server.

Maybe it just looks up IP in the DHT and then the app takes over via HTTP from there, or maybe thereā€™s some way to get encrypted OTP WAN connections.

Can you use a DHT network, like Mainline, for things that arenā€™t torrents?
cdjns seems like the closest thing, but itā€™s a javascript app.

1 Like