Most recent edit on 2007-11-19 15:35:10 by MatthewToseland [move algorithms to a separate part at the end, explain the extra bytes]
Additions:
It works by using public-key cryptography so you automatically sign your site. Only the person with the secret key can add updated versions of your site to Freenet.
GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w is the hash of the public key. This part is all that is required to uniquely identify the file (but not decrypt it), so nodes need only store this bit. The actual public key is stored (unencrypted) with the (encrypted) data.
c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs is the document decryption key. This is only known to clients and not to the nodes storing the data, so nodes cannot decrypt the data they store without the full address.
The gory details: Algorithms
The symmetric encryption key is 256-bit Rijndael∞ (both key and block size; not strictly AES as AES specifies a 128-bit block size) with CFB mode∞ (referred to as PCFB in some of the source code for historical reasons).
Hashes are all SHA-256∞.
The public key encryption is 2048-bit DSA∞ with a 256-bit M (an extension of FIPS-180-2, close to FIPS-180-3).
All the non-human-readable parts of the SSK are base64∞ encoded bytes - a pubkey hash (or a privkey for an insert url), a symmetric key, and the extra bytes specifying crypto settings.
The last part of the SSK, aka the extra bytes, "AQABAAE" or similar, indicates which algorithms have been used for the SSK (1, first byte), whether it is a private key (1) or a public key (0) (second byte), the encryption algorithm (2, third byte), and the hash algorithm (1, fourth and fifth bytes).
Deletions:
It works by using public-key cryptography so you automatically sign your site (using 2048-bit DSA). Only the person with the secret key can add updated versions of your site to Freenet.
GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w is the (SHA256) hash of the public key. This part is all that is required to uniquely identify the file (but not decrypt it), so nodes need only store this bit. The actual public key is stored (unencrypted) with the (encrypted) data.
c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs is the (AES256) document decryption key. This is only known to clients and not to the nodes storing the data, so nodes cannot decrypt the data they store without the full address.
TODO
- Explain what cipher/mode/size is used for the public/private keypair
- Explain what cipher/mode/size is used for the symmetric key
- Explain the breakdown of the small 'tail' part of public SSK URIs, eg the ',AQABAAE' part of the above example
- Explain which hash/mode is used for the H(pubkey) part of SSK public URIs. (Is it SHA(256)? SHA(1)?)
Edited on 2007-11-19 15:17:05 by MatthewToseland [other algorithm]
Additions:
It works by using public-key cryptography so you automatically sign your site (using 2048-bit DSA). Only the person with the secret key can add updated versions of your site to Freenet.
Deletions:
It works by using public-key cryptography so you can sign your site. Only the person with the secret key can add updated versions of your site to Freenet.
Edited on 2007-11-19 15:15:01 by MatthewToseland [mention algorithms]
Additions:
~GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w is the (SHA256) hash of the public key. This part is all that is required to uniquely identify the file (but not decrypt it), so nodes need only store this bit. The actual public key is stored (unencrypted) with the (encrypted) data.
c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs is the (AES256) document decryption key. This is only known to clients and not to the nodes storing the data, so nodes cannot decrypt the data they store without the full address.
Deletions:
~GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w is the hash of the public key. This part is all that is required to uniquely identify the file (but not decrypt it), so nodes need only store this bit. The actual public key is stored (unencrypted) with the (encrypted) data.
c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs is the document decryption key. This is only known to clients and not to the nodes storing the data, so nodes cannot decrypt the data they store without the full address.
Edited on 2006-11-28 10:52:00 by MosTeo [Corrected mismatch between example key and textual explanation (foobar/mysite)]
Additions:
~http://localhost:8888/SSK@CxRxWs...BAAE/mysite-4/
Deletions:
~http://localhost:8888/SSK@CxRxWs...BAAE/foobar-4/
Edited on 2006-06-05 20:06:04 by DavidMcNab
Additions:
~1) Explain which hash/mode is used for the H(pubkey) part of SSK public URIs. (Is it SHA(256)? SHA(1)?)
Edited on 2006-06-05 19:57:23 by DavidMcNab
Additions:
TODO
Explain what cipher/mode/size is used for the public/private keypair
Explain what cipher/mode/size is used for the symmetric key
Explain the breakdown of the small 'tail' part of public SSK URIs, eg the ',AQABAAE' part of the above example
Edited on 2006-04-21 17:44:20 by JaQa
Additions:
The random-looking text in the middle is a pointer to the public key, and also a symmetric key used for privacy. The mysite part is a word chosen by the site creator, and the 4 is the version of the site. The version number is incremented each time you create a new version of the site and insert it into Freenet. We use this approach because it is not currently possible to update data in Freenet, nor is this likely in the near or medium term. Updatable Subspace Keys make this even more transparent to the end user.
The SSK is made up of a hash of the public key, and the symmetric key. The hash of the public key acts as the index to the data for searching purposes. Also, the actual public key is stored with the data. This is so that Freenet nodes can verify the signature when the SSK file comes into their node, and also so that clients can verify the signature when retrieving the file. The symmetric key is so that clients can decrypt the file.
Deletions:
The random-looking text in the middle is a pointer to the public key, and also a symmetric key used for privacy. The mysite part is a word chosen by the site creator, and the *4* is the version of the site. The version number is incremented each time you create a new version of the site and insert it into Freenet. We use this approach because it is not currently possible to update data in Freenet, nor is this likely in the near or medium term. Updatable Subspace Keys make this even more transparent to the end user.
The SSK is made up of a hash of the public key, and the symmetric key. The hash of the public key is like the index to the data, but the actual public key is stored with the data. This is so that Freenet nodes can verify the signature when the SSK file comes into their node, and also so that clients can verify the signature when retrieving the file. The symmetric key is so that clients can decrypt the file.
Edited on 2006-04-21 17:42:06 by JaQa
Additions:
~GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w is the hash of the public key. This part is all that is required to uniquely identify the file (but not decrypt it), so nodes need only store this bit. The actual public key is stored (unencrypted) with the (encrypted) data.
The SSK is made up of a hash of the public key, and the symmetric key. The hash of the public key is like the index to the data, but the actual public key is stored with the data. This is so that Freenet nodes can verify the signature when the SSK file comes into their node, and also so that clients can verify the signature when retrieving the file. The symmetric key is so that clients can decrypt the file.
Deletions:
~GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w is the hash of the public key. This part is all that is required to uniquely identify the file (but not decrypt it), so nodes need only store this bit.
The SSK is made up of the public key and the symmetric key. The public key is so that Freenet nodes can verify the signature when the SSK file comes into their node, and also so that clients can verify the signature when retrieving the file. The symmetric key is so that clients can decrypt the file.
Edited on 2006-04-21 16:06:05 by JaQa
Additions:
~GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w is the hash of the public key. This part is all that is required to uniquely identify the file (but not decrypt it), so nodes need only store this bit.
c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs is the document decryption key. This is only known to clients and not to the nodes storing the data, so nodes cannot decrypt the data they store without the full address.
AQABAAE is the encryption settings etc.
When a file is inserted into Freenet, it is encrypted with the symmetric key and signed with the private key. The signature is stored with the file. Nodes don't store the symmetric key, only the public key part of the SSK, as an index to the data. This is so they can plausibly deny knowledge of the data on their node.
Deletions:
"GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w" is the hash of the public key.
"c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs" is the document decryption key (this is only known to clients and not to the nodes storing the data)
"AQABAAE" is the encryption settings etc.
- When a file is inserted into Freenet, it is encrypted with the symmetric key and signed with the private key. The signature is stored with the file.
Edited on 2006-04-13 00:28:12 by IanClarke
Additions:
The random-looking text in the middle is a pointer to the public key, and also a symmetric key used for privacy. The mysite part is a word chosen by the site creator, and the *4* is the version of the site. The version number is incremented each time you create a new version of the site and insert it into Freenet. We use this approach because it is not currently possible to update data in Freenet, nor is this likely in the near or medium term. Updatable Subspace Keys make this even more transparent to the end user.
Signed Subspace Key sites have largely been superseded by Updatable Subspace Key (USK) sites, which are based on SSKs but allow for links that try to always retrieve the most up-to-date version of the site.
Deletions:
The random-looking text in the middle is a pointer to the public key, and also a symmetric key used for privacy. The mysite part is a word chosen by the site creator, and the *4* is the version of the site. The version number is incremented each time you create a new version of the site and insert it into Freenet.
Signed Subspace Key sites have largely been superseded by Updateable Subspace Key (USK) sites, which are based on SSKs but allow for links that try to always retrieve the most up-to-date version of the site.
Edited on 2006-04-12 19:02:53 by MatthewToseland
Additions:
The random-looking text in the middle is a pointer to the public key, and also a symmetric key used for privacy. The mysite part is a word chosen by the site creator, and the *4* is the version of the site. The version number is incremented each time you create a new version of the site and insert it into Freenet.
"GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w" is the hash of the public key.
"c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs" is the document decryption key (this is only known to clients and not to the nodes storing the data)
"AQABAAE" is the encryption settings etc.
Signed Subspace Key sites have largely been superseded by Updateable Subspace Key (USK) sites, which are based on SSKs but allow for links that try to always retrieve the most up-to-date version of the site.
Deletions:
The random-looking text in the middle is automatically generated by mixing the site content with the site path (the mysite) and then signing it with the secret key. The mysite part is a word chosen by the site creator, and the *4* is the version of the site. The version number is incremented each time you create a new version of the site and insert it into Freenet.
Signed Subspace Key sites have largely been superseded by Updateable Subspace Key (USK) sites, which are similar but allow for links that try to always retrieve the most up-to-date version of the site.
Edited on 2006-04-12 18:59:32 by MatthewToseland
Additions:
~http://localhost:8888/SSK@CxRxWs...BAAE/foobar-4/
Deletions:
~http://localhost:8888/SSK:CxRxWs...BAAE/foobar-4/
Edited on 2006-04-12 18:59:01 by MatthewToseland
Additions:
Signed Subspace Keys are usually for sites that are going to change over time. For example, a website that may need news to be updated or information to be corrected, added or deleted. They work in such a way that someone else can't put up a newer version of your site and pretend it was you who did it.
Deletions:
Signed Subspace Keys are for sites that are going to change over time. For example, a website that may need news to be updated or information to be corrected, added or deleted. They work in such a way that someone else can't put up a newer version of your site and pretend it was you who did it.
Edited on 2006-04-11 21:04:48 by JaQa
Additions:
~1) The SSK is made up of the public key and the symmetric key. The public key is so that Freenet nodes can verify the signature when the SSK file comes into their node, and also so that clients can verify the signature when retrieving the file. The symmetric key is so that clients can decrypt the file.
Deletions:
~1) The SSK is made up of the public key and the symmetric key. The public key is so that Freenet nodes can verify the signature when the SSK file comes into their node. The symmetric key is so that clients can decrypt the file.
Edited on 2006-04-11 21:03:24 by JaQa
Additions:
~1) The author generates a cryptographic keypair: a private key for signing files and a public key for verifying the signature.
- The author also generates a single symmetric key (one that is used for both encrypting and decrypting).
- When a file is inserted into Freenet, it is encrypted with the symmetric key and signed with the private key. The signature is stored with the file.
- The SSK is made up of the public key and the symmetric key. The public key is so that Freenet nodes can verify the signature when the SSK file comes into their node. The symmetric key is so that clients can decrypt the file.
Deletions:
~1) The author generates a cryptographic keypair: a private key for signing files and a public key for verifying the signature.
The author also generates a single symmetric key (one that is used for both encrypting and decrypting).
When a file is inserted into Freenet, it is encrypted with the symmetric key and signed with the private key. The signature is stored with the file.
The SSK is made up of the public key and the symmetric key. The public key is so that Freenet nodes can verify the signature when the SSK file comes into their node. The symmetric key is so that clients can decrypt the file.
Edited on 2006-04-11 21:02:19 by JaQa
Additions:
~1) The author generates a cryptographic keypair: a private key for signing files and a public key for verifying the signature.
When a file is inserted into Freenet, it is encrypted with the symmetric key and signed with the private key. The signature is stored with the file.
The SSK is made up of the public key and the symmetric key. The public key is so that Freenet nodes can verify the signature when the SSK file comes into their node. The symmetric key is so that clients can decrypt the file.
Deletions:
~1) The author generates a cryptographic keypair: a private key for signing and a public key for verifying the signature.
Edited on 2006-04-11 20:38:14 by JaQa
Additions:
How SSKs work
The author generates a cryptographic keypair: a private key for signing and a public key for verifying the signature.
The author also generates a single symmetric key (one that is used for both encrypting and decrypting).
Edited on 2006-04-11 19:36:41 by JaQa
Additions:
~1) First we need to generate a cryptographic keypair. This is done randomly each time and produces two keys: one (the private key) for signing the files, and the other (the public key) for verifying the signature. Type:
Deletions:
~1) First we need to generate a cryptographic keypair. This is done randomly each time and produces two keys: one (the private key) for encrypting and signing the file, and the other (the public key) for decrypting it and verifying signatures. Type:
Edited on 2006-04-11 18:57:07 by JaQa
Additions:
Here's an example of an address of a real SSK site in Freenet. It should be a Freenet stress-testing page:
Deletions:
Here's an example of an address of a real SSK site in Freenet:
Oldest known version of this page was edited on 2006-04-11 18:55:57 by JaQa []
Page view:
SSK: Signed Subspace Key
All files within Freenet are identified and requested by a
file key, or
index, in a similar way that normal websites are identified by a domain name.
Signed Subspace Keys are for sites that are going to change over time. For example, a website that may need news to be updated or information to be corrected, added or deleted. They work in such a way that someone else can't put up a newer version of your site and pretend it was you who did it.
It works by using
public-key cryptography so you can sign your site. Only the person with the secret key can add updated versions of your site to Freenet.
The address of an SSK site looks something like this (the middle has been chopped out so it fits on the page):
http://localhost:8888/SSK:CxRxWs...BAAE/foobar-4/
The random-looking text in the middle is automatically generated by mixing the site content with the site path (the
mysite) and then signing it with the secret key. The
mysite part is a word chosen by the site creator, and the *4* is the version of the site. The version number is incremented each time you create a new version of the site and insert it into Freenet.
Here's an example of an address of a real SSK site in Freenet:
http://localhost:8888/SSK@GB3wuHmtxN2wLc7g4y1ZVydkK6sOT-DuOsUo-eHK35w,c63EzO7uBEN0piUbHPkMcJYW7i7cOvG42CM3YDduXDs,AQABAAE/testinserts-3/∞
Signed Subspace Key sites have largely been superseded by
Updateable Subspace Key (USK) sites, which are similar but allow for links that try to always retrieve the most up-to-date version of the site.
Example
There are graphical tools like
jSite to help you easily add freesites to Freenet, but for pedagogical purposes we will use the
telnet interface to show how the process of adding an SSK freesite works step by step.
- Create a sample directory and give it a name like mysite, say, with a few HTML files in it, one called index.html.
- Connect to the telnet interface by entering this at a command line:
telnet localhost 2323
- First we need to generate a cryptographic keypair. This is done randomly each time and produces two keys: one (the private key) for encrypting and signing the file, and the other (the public key) for decrypting it and verifying signatures. Type:
MAKESSK
- This will return two strings of random-looking characters, an Insert URI (the private key for encrypting and signing) and a Request URI (for decrypting and verifying signatures). For example:
Insert URI:
SSK@AIfB3XMup9~D7o5LaKaOV8sV9LWayoegCtiH88gc-xuD,V27XCqRZYUOVFltYPSKGv9gQticpsg13DjSoBCob3a8
Request URI:
SSK@~cnUlnYEwS~nRs9y6~yXmZeLgil8MRhe8VBea4gn1Fo,V27XCqRZYUOVFltYPSKGv9gQticpsg13DjSoBCob3a8,AQABAAE
- Now we want to upload the directory and its contents to Freenet and have a link to be able to retrieve them. Type the following, replacing the "..." in the middle (which we have just done to make this fit on the page) with the full Insert URI:
PUTSSKDIR: SSK@AIfB3XMup9...CtiH88gc-xuD,V27XCqRZY...oBCob3a8/testsite#/path/to/mysite#index.html
This should upload the contents of the /path/to/mysite directory to Freenet, with a default file of index.html, and encrypted and signed with the private key we just generated. Be patient, it could take a few minutes. Eventually, it should come back with a message like this (middle bits chopped so it fits on page):
====URI: freenet:SSK@~cnUlnYEwS...4gn1Fo,V27XCqRZY...oBCob3a8,AQABAAE/testsite/====
- We can check the site works by visiting this address on a web browser:
Page was generated in 0.2191 seconds