-
Notifications
You must be signed in to change notification settings - Fork 6
Open Problem: Preserve full users' privacy when providing and fetching Content #5
Conversation
Do not forget to link to: |
@yiannisbot, @jsoares, @miyazono Can I ask you to review this Open Problem statement for me? Please check for: language, completeness (missing conversations that should be linked, requirements/constraints and anything else that you see fit). Thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mostly language fixes but beware some content questions.
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
|
||
Creating a separate IPFS Network will ensure that only member nodes can access the content within that network. | ||
|
||
- [libp2p-pnet](https://github.com/libp2p/specs/blob/master/pnet/Private-Networks-PSK-V1.md) takes that one step forward and creates a protection using a pre-shared key. This means that only the owners of that key can join this network (to prevent from mistakenly joining two networks and making all data accessible). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Add video demo that @jacobheun recorded
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jacobheun I'm a terrible person and somehow I forgot to add the url when you sent it to me and now I can't find it again :( Could you send it to me again 🙏🏽 thank you!
|
||
##### Capability Systems / Cryptographic ACLs | ||
|
||
- [peer-base cryptographic ACLs](https://github.com/peer-base/peer-base) - These are used by [PeerPad](https://peerpad.net). For each user, a Public/Private key pair is generated. Every time a user wants to make a modification, the user signs that modification and encrypts it with a symmetric room key so that only owners of the symmetric key can change and only changes from valid peers are accepted. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- link to video Demo from @pgte in showcasing PeerPad ACL
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also related, include https://www.youtube.com/watch?v=yc10xRifTmQ&feature=youtu.be
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@pgte can you help me find your video?
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
@gpestana you are deeply passionate about this topic. Would you mind giving a review to this Open Problem statement and advise in case there is: literature missing that you know about, other conversations, good articles/talks that introduce the problem and a review to what we should be looking for when it comes to a sound solution? Thank you so much in advance! |
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work, I'm excited to see this going forward!
- [SoK: Secure Messaging](https://ieeexplore.ieee.org/document/7163029) | ||
- [Talek: a Private Publish-Subscribe Protocol](https://raymondcheng.net/download/papers/talek-tr.pdf) | ||
- [Ricochet](https://github.com/ricochet-im/ricochet/blob/master/doc/protocol.md) | ||
- Content Routing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- ShadowWalker: peer-to-peer anonymous communication using redundant structured topologies (https://dl.acm.org/citation.cfm?id=1653683)
- Solutions that are more resistant (not fully resistent) typically trade off bandwidth + memory for creating that protection (e.g. creating noise in the network to make it hard to distinguish valid from dummy traffic) | ||
- Lack of data encryption at rest | ||
- Lack of complete authorization + revocation | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
-
Some of the solutions (e.g. OctopusDHT) rely on centralised certificate authorities for reputation management
-
How to measure privacy? (old but gold)
* Initial input * Background Update * Related works update. * Update PRESERVE_USER_PRIVACY.md * Update PRESERVE_USER_PRIVACY.md
Co-Authored-By: Jorge Soares <mail@jorgesoares.org>
I went through each comment and incorporated them into the main document. Thank you all so much for your reviews and contributions. I'll take this opportunity to merge this PR and declare. it as the first documented Open Problem for IPFS (and also one of the most important to solve!) Research RFPs to follow soon :) |
No description provided.