Skip to content
This repository has been archived by the owner on Apr 29, 2020. It is now read-only.

Open Problem: Preserve full users' privacy when providing and fetching Content #5

Merged
merged 29 commits into from
Oct 21, 2019

Conversation

daviddias
Copy link
Contributor

No description provided.

@daviddias daviddias changed the title Open Problem: PRESERVE_USER_PRIVACY Open Problem: Preseve full users' privacy when providing and fetching Content Sep 10, 2019
@daviddias
Copy link
Contributor Author

@yiannisbot, @jsoares, @miyazono Can I ask you to review this Open Problem statement for me? Please check for: language, completeness (missing conversations that should be linked, requirements/constraints and anything else that you see fit). Thank you!

@daviddias daviddias marked this pull request as ready for review September 11, 2019 07:14
@daviddias daviddias requested a review from jsoares September 11, 2019 12:50
Copy link
Contributor

@jsoares jsoares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mostly language fixes but beware some content questions.

OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
daviddias and others added 10 commits September 12, 2019 08:11
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>

Creating a separate IPFS Network will ensure that only member nodes can access the content within that network.

- [libp2p-pnet](https://github.com/libp2p/specs/blob/master/pnet/Private-Networks-PSK-V1.md) takes that one step forward and creates a protection using a pre-shared key. This means that only the owners of that key can join this network (to prevent from mistakenly joining two networks and making all data accessible).
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jacobheun I'm a terrible person and somehow I forgot to add the url when you sent it to me and now I can't find it again :( Could you send it to me again 🙏🏽 thank you!


##### Capability Systems / Cryptographic ACLs

- [peer-base cryptographic ACLs](https://github.com/peer-base/peer-base) - These are used by [PeerPad](https://peerpad.net). For each user, a Public/Private key pair is generated. Every time a user wants to make a modification, the user signs that modification and encrypts it with a symmetric room key so that only owners of the symmetric key can change and only changes from valid peers are accepted.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • link to video Demo from @pgte in showcasing PeerPad ACL

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pgte can you help me find your video?

OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
daviddias and others added 3 commits September 18, 2019 14:31
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
@daviddias
Copy link
Contributor Author

@gpestana you are deeply passionate about this topic. Would you mind giving a review to this Open Problem statement and advise in case there is: literature missing that you know about, other conversations, good articles/talks that introduce the problem and a review to what we should be looking for when it comes to a sound solution? Thank you so much in advance!

@daviddias daviddias requested a review from gpestana September 18, 2019 12:05
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Copy link

@gpestana gpestana left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work, I'm excited to see this going forward!

OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Show resolved Hide resolved
- [SoK: Secure Messaging](https://ieeexplore.ieee.org/document/7163029)
- [Talek: a Private Publish-Subscribe Protocol](https://raymondcheng.net/download/papers/talek-tr.pdf)
- [Ricochet](https://github.com/ricochet-im/ricochet/blob/master/doc/protocol.md)
- Content Routing

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

- Solutions that are more resistant (not fully resistent) typically trade off bandwidth + memory for creating that protection (e.g. creating noise in the network to make it hard to distinguish valid from dummy traffic)
- Lack of data encryption at rest
- Lack of complete authorization + revocation

Copy link

@gpestana gpestana Sep 18, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Some of the solutions (e.g. OctopusDHT) rely on centralised certificate authorities for reputation management

  • How to measure privacy? (old but gold)

OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Outdated Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Show resolved Hide resolved
OPEN_PROBLEMS/PRESERVE_USER_PRIVACY.md Show resolved Hide resolved
yiannisbot and others added 2 commits September 26, 2019 17:27
* Initial input

* Background Update

* Related works update.

* Update PRESERVE_USER_PRIVACY.md

* Update PRESERVE_USER_PRIVACY.md
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
@daviddias daviddias changed the title Open Problem: Preseve full users' privacy when providing and fetching Content Open Problem: Preserve full users' privacy when providing and fetching Content Sep 26, 2019
@daviddias
Copy link
Contributor Author

I went through each comment and incorporated them into the main document. Thank you all so much for your reviews and contributions. I'll take this opportunity to merge this PR and declare. it as the first documented Open Problem for IPFS (and also one of the most important to solve!)

Research RFPs to follow soon :)

@daviddias daviddias merged commit 4c67ac4 into master Oct 21, 2019
@daviddias daviddias deleted the preserve-users-privacy branch October 21, 2019 14:09
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants