Freenet (0.7) is touted an anonymous and secure filesharing implementation and protocol. Iain Clarke and Oskar Sandberg are the original creators and also the theoriticians behind the basis for the Freenet protocol. Freenet's main claim to fame is that it uses a novel protocol for routing and assigning structure to the overlay network. Freenet is a F2F (Friend-to-Friend) network. This means that there is no global list of nodes and how to connect to them. Each node must manually create connections to other nodes and can only directly connect to those friends. This makes it very important that there is a good way to route data and queries between the network for data searching and storage. Freenet uses the assumption that the connections in this F2F network will create what is known as a Small world network. This is a reasonable assumption as F2F networks resemble and are created in the same way as social networks in the real world.
An open problem in online privacy and security is the ability to share information and data in a completely anonymous and untraceable fashion. There are many protocols, networks, and programs that claim to solve parts of this problem in one way or another. The researchers at CRISP are dedicated to creating and evaluating novel solutions to the problems that are encountered when trying to enable the secure and anonymous transfer of information between parties on the internet. There is also an interesting problem of routing in a network where not all of the nodes are directly connected or unaccessible for one reason or another. The most common example is a home user behind a NAT or firewall using P2P (Peer-to-Peer) software. Without forwarding on most NAT's, it is impossible for an outside user of the P2P network to contact the NAT'ed host. Another example of a common restricted route network is a wifi network where connections are limited by physical distance to peers and signal strength. Without an underlying network (like the internet) nodes can only share information with those they are directly connected to. So efficient routing in these restricted route networks is something that is also interesting to study. This point is brought up because Freenet (0.7) also proposes a way to route efficiently in these networks.
Any P2P network has the main purpose of allowing peers to share data between each other in a reasonably effecient way. Usually this involves some means of identifying peers and data and also finding it. Freenet uses unique identifiers for both nodes in the network and data. The identifier for the node will hereby be called its "location" and the identifier for the data its "key". Routing of GET (searches for data) and PUT (inserts of data) is based on the proximity of the key to the location of the peers in the network. As an example of what this means, have a look at the figure below. In order to structure the network so that routing is achieved efficiently, Freenet employs the swapping of locations between nodes in the network. Swapping means that two connected peers switch locations with each other, and are thereafter use the new locations for routing of requests. Without going into detail here, the swapping protocol works quite well to structure the network for routing and achieves routing on a logarithmic scale with relation to the size of the network. However, the reliance on swapping in Freenet also gives the chance for an attacker to hurt the routing efficiency and data storage responsibilities of the network. Because Freenet is a F2F network and there is no global information available to individual nodes in the network there is no way for a particular peer to be sure that swapping with a neighbor really is advantageous to the overall network. Our attack exploits this lack of knowledge by creating malicious nodes that force swaps to happen with neighbor peers and essentially remove "good" locations from the network. With this kind of attack, large numbers of diverse locations are removed from existence and replaced with malicious locations. The goal of this kind of attack would be to have all the peers in the network have exactly the same location, this would make routing essentially as bad as possible because routing is based on the locations in the network. The structuring swap protocol would also become essentially useless. So our attack strives to remove as much diversity of locations as we can from the network.