Student: Aľchimoniak Mikita
Student e-mail: alkhimionak1@uniba.sk
Supervisor: Janáček Jaroslav
Supervisor e-mail: jaroslav.janacek@uniba.sk
The project aims to create a raw (considering time constraints) overlay IPv6 network over UDP for the free exchange of information1. It must provide end-to-end encryption and have a decentralized, peer-to-peer structure (node and point2). Each owner of a node (henceforth, node-master) possesses 256 points, which together constitute the node. Through hash computation (henceforth, master key mining), the node's value within the FDABnet network is achieved. In turn, points represent a limited number of relatives and friends: the node-master must know these people in person; their unforged connection represents, to a certain extent, value for FDABnet.
The address of each node looks like FDAB:(node_id)::/96, where node_id is the last 10 bytes of the public key. The address of each point looks like FDAB:(node_id):(point_id)::/104, where point_id is a 1-byte identifier belonging to that specific node. Points 0x00, 0xFE, 0xFF are reserved (cannot be used for individual purposes). Point 0x00 is used for the signing key authorized to act on behalf of the node (second-level certification, typically on the node master's workstation). Point 0xFE is used for the daemon running on behalf of the node (typically a VPS machine). Point 0xFF is used for first-level certification (the node master's machine without internet access).
Rank is determined by the length of the prefix FDABFDABFDABF... of the master key. Checking the rank of an unknown node directly is vulnerable and leads to DoS. Therefore, verification is done via pre-computed hashes (henceforth, challenge-response tables). The challenge must be computed by the unknown node, and only the response needs to be compared.
Master key mining
Challenge-response table
Cryptography (signatures, key exchange, certificates...)
Determining the type of NAT3
(IPv6-4 Tunneling) (optional, if time permits)
STUN, TURN, ICE. Implementation of an alternative solution for NAT type determination and relay function. Ideas for NAT determination: siblings, privacy using opacity.
The need for servers to find each other. The need for broadcast messaging, the need for a relay, the need for a database of known node locations...
Free exchange of information1 — implies absolute privacy, no censorship, and no spam.
Node and point2 — a node acts as a server, while a point functions as a client (of a sane person).
Type of NAT3 — refers to the categories: full-cone, restricted, and symmetric.