[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The Decense Project





The Decense Project

  A few days ago I was reading Clarinet Newsbytes Top news. It read
like something right out of 1984. "Germany cracks down on AOL and
Compuserve", "Japan busts Japanese porn web site", "French bans web
sites with banned book", "China issues internet regulations", and
"Clinton signs Telecom bill" The other shoe is starting to drop. The
ante has been raised as governments around the world are trying to
control the content of the Internet. But the politicians writing this
type of legislation have no clue what they are really dealing
with. They are are part of a centralized organization with a
centralized philosophy trying to cope with something inherently
decentralized, non-physical, and constantly evolving. We all know the
genie is out of the bottle. Let's write some code to keep it that
way.

Enough of the rhetoric.

Decense is the name of what I hope to be, a family of software protocols
designed to "decensor" the net. I'm contributing the first, and I hope,
most useful piece. I hope others will join me in developing this software,
making it more robust, and distributing it across the net.


What is Decense?

The first piece of the Decense software is designed to provide "penet" like
double-blind anonymous transactions for the http protocol. It is written
as a cgi-bin script which provides a seamless mapping between anonymous
ids and remote web servers. Servers running Decense can be chained like
anonymous remailers to increase site level security.


Decense works as follows.

The server maintains a database mapping anonymous ids to url directories.
For instance 'foo' -> 'www.c2.org' as an example. The anonymous ids are
stored as md5 hashes so that if the site is ever compromised, the db
cannot be used to get a complete listing of all anonids<->sites. The
attacker is forced to hash and compare each one he is looking for. 
[yes, he still gets a listing of all the urls, but chaining takes care of
that to some extent. In the future, I want to use the unhashed 'anonid' as 
a key to a symmetric cipher to encrypt/encrypt each url field of the database.
The db would be stored as (hashed(anonid), DES/IDEA(anonurl)
                               ^ key            ^ value       ]


A url is constructed as follows

http://<decense.server.host>/<cgi-bin-dir>/decense/<anonid>/<relative url>

Decense will lookup the anonid in the database, and map it to a url, such
as "http://foo.bar", it will then append the relative url portion yielding
"http://foo.bar/<relative url>"

It will proceed to fetch the document at that URL. If the document is
an html or text file, it will scan the file replacing any references to
the remote server with the decense url.

Example:

Let's say I am running decense at http://foo.bar with an anonid of 
'c2' which maps to www.c2.org.

If I then request http://foo.bar/cgi-bin/decense/c2/index.html
and index.html contains the following URL

<img src="/c2.jpg">

the URL will be changed to 

<img src="http://foo.bar/cgi-bin/decense/c2/c2.jpg"> 

in the returned document.


Future plans for Decense

  I am heavily loaded down with work right now. But future versions of
Decense should have

1) the ability to filter out mailto: and instead, substitute in a url
pointing to a post/mail cgi-script which sends mail to the real recipient
through an anonymous remailer chain.

2) the ability to proxy through SSL servers for encryption

3) the ability to handle authenticated urls properly

4) the ability to handle a document being located on multiple sites, with
optional shamir sharing, so that a site is a) either picked at random
to retrieve a document or b) a portion of the sites are picked, and the
document is fetched and reassembled via a sharing protocol from those
sites.    



I will release source code in about a day, I'm now alpha testing it.

If you would like to contribute to Decense, send mail to 
   [email protected]

-Ray
[email protected]