With the Content-Addressable Web standard, we have built secure hashes into the very fabric of the network. CAW goes so far as to use them to provide a uniform URI for a unique piece of content, regardless of its location on the network.
There is a new Gnutella standard extension called HUGE that will will fix a number of this file integrity and reliability problems. I think Bearshare is very close to releasing an implementation.
There is also a sister specification to HUGE entitled the "Content-Addressable Web" which is for performing distributed downloads of content from normal web sites, and is thus not Gnutella specific. The CAW specification is available at http://onionnetworks.com/caw/
Sure. The Tornado codes achieve good performance by requiring 3-5.5% additional data beyond the original file size in order to reconstruct the original file. The Vandermonde codes that we use require no additional data, but require a bit more scheduling to get good performance. This scheduling is no problem over a point-to-point link.
Oh yeah, and you can download our completely patent-free and open source FEC library from here and build your own Multicast or UDP based download system very quickly (provided you get the flow control right:)
The "Math" they use is called Forward Error Correction (FEC) and is the same stuff that the Swarmcast distributed download system is based off of (http://sf.net/projects/swarmcast/).
I am the creator of Swarmcast, and we at Onion Networks (http://onionnetworks.com/) already have a product that can provide file transfers just as fast as Digital Fountain, but ours is 3-5.5% more efficient and much much cheaper.
On the open source front, we are working on the next generation of the Swarmcast technology which will combine parallel downloads over HTTP, Multicast IP, and UDP (for tunnelling through NAT). We have started work defining a standard for this system called the "Content-Addressable Web" and hope to see it implemented in everything from Apache to Mozilla.
Please mod this up, people shouldn't be paying $150k for these types of technologies.
Content-Addressable Web
on
A Better FTP?
·
· Score: 2, Interesting
Hello, I am the creator of Swarmcast and have just written a new paper entitled "HTTP Extensions for the Content-Addressable Web" that is available at onionnetworks.com.
The Content-Addressable Web provides all of the asked-for features, including multi-source/parallel downloads, and the ability to safely retrieve content from untrusted mirrors.
The cornerstone technology to any reliable multicast system is FEC (Forward Error Correction) which is an encoding technique that can repair lost or corrupt packets.
We at Onion Networks have created a very solid FEC library that will form the foundation of our open source implementations of the reliable multicast protocols. The FEC library can be had at http://onionnetworks.com/components.html
Hi, I am Justin Chapweske, the inventor of OpenCola's Swarmcast. I am now working on another software project to specifically address the needs of content distribution over multicast, and the Onion Networks FEC Library is the first step in building that soluiton. The FEC library will provide the foundation of our future open source multicast content distribution software, so keep an eye out at http://onionnetworks.com for more info.
Re:This is p2p, but not a napster clone...
on
Swarmcast GPLed
·
· Score: 1
Wow, I'm massively impressed by the cluefullness of your response, perhaps you could repost it to our developer mailing list and we can answer some of your questions in more detail.
Re:What's with this gateway thing?
on
Swarmcast GPLed
·
· Score: 2
Swarmcast is neither a fragile chain structure, nor a hierarchy, it is a many-to-many 'swarm' structure where peers send and recieve data from many peers in parallel. The use of Forward Error Correction allows us to have a potentially huge number of unique packets in the mesh where only a small subset of those packets are needed to recreate the original content. This allows the peers to swap data back and forth in a fairly random fashion to provide a high level of resiliance against changing network conditions, very high throughput, and rapid scalability.
-Justin Chapweske, Lead Swarmcast Developer
Re:What's with this gateway thing?
on
Swarmcast GPLed
·
· Score: 5
Everything you need to both serve and download content is released under the GPL. Besides, its peer-to-peer so there really isn't that much of a "server" concept.
The gateway is mostly for content management and permissions, the kind of stuff that companies pay money for so that I can keep my job and write more open source code.
-Justin Chapweske, Lead Swarmcast Developer
I've put up a Swarmcast mirror of the content here.
Swarmcast is BETA (it gots boogs) software that will soon be released under the GPL. The installation procedure sucks right now but the situation will quickly improve.
Swarmcast is peer-to-peer software that uses the bandwidth of the peers that are currently or recently downloaded a piece of content to help boost everyone elses download. So its basically like having a bunch of partial-horsepower mirrors.
If you're not into that "altruism" stuff then you can just ignore this post and hammer directly on kernel.org.
You can join the Swarmcast devel mailing list here. and let us know what you think.
If the patents really are an issue, then perhaps I can help. I designed a strong password authentication scheme around the same time that SRP was introduced. There were a couple of techniques in common with SRP but I think the overall structure should probably be different enough to avoid the patents. So, if anyone is really interested in moving this stuff forward then I'd be more than happy to provide you with a detailed explaination. Just e-mail orasis@acm.org
Tornado codes are sort of interesting, but wholly useless because they are patented. In any case plain old reed-solomon can be made to work just fine for these applications.
Is anyone out there working on unencumbered linear time decodable codes??
I find it rediculous how much code overlap there is because people want to force their socio-political agenda on us through the use of the GPL. Us Apache and Mozilla people are sick of not being able to reuse code with GPL applications!
IF YOU HAVE A PROGRAM WITH LIBRARY TYPE CAPABILITIES, PUT IT UNDER THE LGPL!
SRP+SSH Vulnerabilities
on
SSH v. SRP
·
· Score: 2
Hello, my name is Justin Chapweske and I developed a system called Natz, which is very similar to SRP.
The biggest weakness with Strong Password Authentication protocols like SRP, Natz, and B-SPEKE is that they are vulnerable to a man-in-the-middle attack if the password is known before hand. Thus these systems are worthless for encrypting data to a public resource, like public/anon FTP or a web site.
My biggest issue with SSH is very similar, a man-in-the-middle attack can performed when the server is sending its certificate to the client for the first time.
So basically they both suck, and to this end I have been working on a solution that combines the strengths of both to significantly minimize the cases where a man-in-the-middle attack could be employed.
Oh, BTW, you people that are comparing SRP to SSH based on features don't know what you're talking about. It would be trivial to use SRP allong with SSH or TLS's transport protocols, just using SRP for the authentication/key generation...so quit yacking about SRP not having X-windows tunneling support and whatnot....screw features, its the security thats important.
If you are interested in this, please email me at justin@cyrus.net or continue this thread.
Slashdot Mirror
With the Content-Addressable Web standard, we have built secure hashes into the very fabric of the network. CAW goes so far as to use them to provide a uniform URI for a unique piece of content, regardless of its location on the network.
--
Justin Chapweske, Onion Networks
There is a new Gnutella standard extension called HUGE that will will fix a number of this file integrity and reliability problems. I think Bearshare is very close to releasing an implementation.
There is also a sister specification to HUGE entitled the "Content-Addressable Web" which is for performing distributed downloads of content from normal web sites, and is thus not Gnutella specific. The CAW specification is available at http://onionnetworks.com/caw/
--
Justin Chapweske, Onion Networks
http://onionnetworks.com/
Sure. The Tornado codes achieve good performance by requiring 3-5.5% additional data beyond the original file size in order to reconstruct the original file. The Vandermonde codes that we use require no additional data, but require a bit more scheduling to get good performance. This scheduling is no problem over a point-to-point link.
Oh yeah, and you can download our completely patent-free and open source FEC library from here and build your own Multicast or UDP based download system very quickly (provided you get the flow control right :)
--
Justin Chapweske, Onion Networks
The "Math" they use is called Forward Error Correction (FEC) and is the same stuff that the Swarmcast distributed download system is based off of (http://sf.net/projects/swarmcast/).
I am the creator of Swarmcast, and we at Onion Networks (http://onionnetworks.com/) already have a product that can provide file transfers just as fast as Digital Fountain, but ours is 3-5.5% more efficient and much much cheaper.
On the open source front, we are working on the next generation of the Swarmcast technology which will combine parallel downloads over HTTP, Multicast IP, and UDP (for tunnelling through NAT). We have started work defining a standard for this system called the "Content-Addressable Web" and hope to see it implemented in everything from Apache to Mozilla.
Please mod this up, people shouldn't be paying $150k for these types of technologies.
The Content-Addressable Web provides all of the asked-for features, including multi-source/parallel downloads, and the ability to safely retrieve content from untrusted mirrors.
Please read the paper and tell me what you think.
The cornerstone technology to any reliable multicast system is FEC (Forward Error Correction) which is an encoding technique that can repair lost or corrupt packets.
We at Onion Networks have created a very solid FEC library that will form the foundation of our open source implementations of the reliable multicast protocols. The FEC library can be had at http://onionnetworks.com/components.html
Hi, I am Justin Chapweske, the inventor of OpenCola's Swarmcast. I am now working on another software project to specifically address the needs of content distribution over multicast, and the Onion Networks FEC Library is the first step in building that soluiton. The FEC library will provide the foundation of our future open source multicast content distribution software, so keep an eye out at http://onionnetworks.com for more info.
Wow, I'm massively impressed by the cluefullness of your response, perhaps you could repost it to our developer mailing list and we can answer some of your questions in more detail.
Cool, I'll make sure the FAQ gets cleared up.
Thanks!
-Justin Chapweske, Lead Swarmcast Developer
You are basically correct, we are using SHA-1. I should put up a security FAQ.
-Justin Chapweske, Lead Swarmcast Developer
Swarmcast is neither a fragile chain structure, nor a hierarchy, it is a many-to-many 'swarm' structure where peers send and recieve data from many peers in parallel. The use of Forward Error Correction allows us to have a potentially huge number of unique packets in the mesh where only a small subset of those packets are needed to recreate the original content. This allows the peers to swap data back and forth in a fairly random fashion to provide a high level of resiliance against changing network conditions, very high throughput, and rapid scalability.
-Justin Chapweske, Lead Swarmcast Developer
Everything you need to both serve and download content is released under the GPL. Besides, its peer-to-peer so there really isn't that much of a "server" concept. The gateway is mostly for content management and permissions, the kind of stuff that companies pay money for so that I can keep my job and write more open source code. -Justin Chapweske, Lead Swarmcast Developer
I've put up a Swarmcast mirror of the content here.
Swarmcast is BETA (it gots boogs) software that will soon be released under the GPL. The installation procedure sucks right now but the situation will quickly improve.
Swarmcast is peer-to-peer software that uses the bandwidth of the peers that are currently or recently downloaded a piece of content to help boost everyone elses download. So its basically like having a bunch of partial-horsepower mirrors.
If you're not into that "altruism" stuff then you can just ignore this post and hammer directly on kernel.org.
You can join the Swarmcast devel mailing list here. and let us know what you think.
If the patents really are an issue, then perhaps I can help. I designed a strong password authentication scheme around the same time that SRP was introduced. There were a couple of techniques in common with SRP but I think the overall structure should probably be different enough to avoid the patents. So, if anyone is really interested in moving this stuff forward then I'd be more than happy to provide you with a detailed explaination. Just e-mail orasis@acm.org
Tornado codes are sort of interesting, but wholly useless because they are patented. In any case plain old reed-solomon can be made to work just fine for these applications. Is anyone out there working on unencumbered linear time decodable codes??
I find it rediculous how much code overlap there is because people want to force their socio-political agenda on us through the use of the GPL. Us Apache and Mozilla people are sick of not being able to reuse code with GPL applications!
IF YOU HAVE A PROGRAM WITH LIBRARY TYPE CAPABILITIES, PUT IT UNDER THE LGPL!
Hello, my name is Justin Chapweske and I developed a system called Natz, which is very similar to SRP.
The biggest weakness with Strong Password Authentication protocols like SRP, Natz, and B-SPEKE is that they are vulnerable to a man-in-the-middle attack if the password is known before hand. Thus these systems are worthless for encrypting data to a public resource, like public/anon FTP or a web site.
My biggest issue with SSH is very similar, a man-in-the-middle attack can performed when the server is sending its certificate to the client for the first time.
So basically they both suck, and to this end I have been working on a solution that combines the strengths of both to significantly minimize the cases where a man-in-the-middle attack could be employed.
Oh, BTW, you people that are comparing SRP to SSH based on features don't know what you're talking about. It would be trivial to use SRP allong with SSH or TLS's transport protocols, just using SRP for the authentication/key generation...so quit yacking about SRP not having X-windows tunneling support and whatnot....screw features, its the security thats important.
If you are interested in this, please email me at justin@cyrus.net or continue this thread.
Tada...if you agree with me moderate this one up.