• Corpus ID: 38602911

The GNUnet System

  title={The GNUnet System},
  author={Christian Grothoff},
GNUnet is an alternative network stack for building secure, decentralized and privacy-preserving distributed applications. Our goal is to replace the old insecure Internet protocol stack. Starting from an application for secure publication of files, it has grown to include all kinds of basic protocol components and applications towards the creation of a GNU internet. This habilitation provides an overview of the GNUnet architecture, including the development process, the network architecture… 
A Distributed Service Framework for the Internet of Things
DSF provides a common protocol and infrastructure for secure service specification, registration, discovery, publishing, and subscription, over insecure public networks, and introduces mechanisms for service replication, supporting dynamic scalability of services, and delegation.
E-squads: A novel paradigm to build privacy-preserving ubiquitous applications. (Les e-squads : Un nouveau paradigme pour la conception d'applications ubiquitaires respectant le droit à la vie privée)
This thesis explores a novel concept, the e-squad: to make one's connected devices collaborate through gossip communication to build new privacy-preserving services, and demonstrates that collaboration helps to overcome the end-devices' poor availability and performance.
The Pipeline Concept as Key Ingredient for Modular, Adaptive Communication for Cyber-physical Systems
The authors propose the pipeline concept as such a building block for robust, interoperable and future-proof network communication between a myriad of different systems in a global network.
Topology Inference of Networks utilizing Rooted Spanning Tree Embeddings
This work analyzes in detail which information malicious participants can infer from knowledge about assigned vectors and shows that by monitoring packet trajectories, malicious participants cannot unambiguously infer links between nodes of unidentified participants.


On the Feasibility of a Censorship Resistant Decentralized Name System
The design space is mapped and design requirements for censorship resistant name systems are given, including the existing range of ideas for the realization of such a system, and the results from a survey on browser usage support the idea that delegation should be a key ingredient in any censor resistant name system.
A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System
The design and implementation of the GNU Name System GNS is introduced, a fully decentralized and censorship-resistant name system which provides a privacy-enhancing alternative to DNS which preserves the desirable property of memorable names.
Poisoning the Kad Network
It is shown that today's Kad network can be attacked in several ways by carrying out several (well-known) attacks on the Kad network.
Internet X.509 Public Key Infrastructure Certificate and CRL Profile
The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms (e.g., IP addresses); standard certificate extensions are described and one new Internet-specific extension is defined.
X-Vine: Secure and Pseudonymous Routing Using Social Networks
X-Vine is resilient to denial of service via Sybil attacks, and in fact is the first Sybil defense that requires only a logarithmic amount of state per node, making it suitable for large-scale and dynamic settings.
A secure protocol for computing dot-products in clustered and distributed environments
This work presents an extremely efficient and sufficiently secure protocol for computing the dot-product of two vectors using linear algebraic techniques and demonstrates superior performance in terms of computational overhead, numerical stability, and security.
Bitcoin: A Peer-to-Peer Electronic Cash System
This work proposes a solution to the double-spending problem using a peer-to-peer network, where the network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof- of-work.
Exploiting KAD: possible uses and misuses
This paper relates some of the findings and point out how kad can be used and misused and explains why Mounting a Sybil attack is very easy in kad.
Uia: a global connectivity architecture for mobile personal devices
Unmanaged Internet Architecture (UIA) is a novel, incrementally deployable network architecture for modern personal devices, which reconsiders three architectural cornerstones: naming, routing, and transport.