Fishy Fishy Fishy Transport Layer --------------- available anonymity node addressability session support automatic/dynamic/cyclical (re)configuration encryption per-node incryption !!node compromisation routing: Nodes form an interconnected broadcast network with link coloring. Each node has a list of links to other nodes (this is a non-exhaustive list of random nodes from the pool of all nodes). A packet traverses the network by passing into a node from another node. If the node in question has a connection out to the node it got the packet from, it marks that connection as already having seen the message. The node then sends the message over the rest of its connections, marking them each in turn. Every packet contains a token that the source node recognizes, so that the source node can be addressed without betraying its identification. This token changes for every session (sessions could be tracked). anonymiser: a connection though the network can be established from a client to a tcp target outside the network by sending a special packet that has a Time To Live. The TTL is decrimented as the packet traveses each node. When the TTL reaches 0, the node it is in becomes an end node and sends a message over the network addressed to the source of the packet with its session ID offering to establish a connection. The client can then communicate with the end node in an on going basis using its session ID, thus establishing an anonymous connection. streams would use key exchange to eliminate casual snooping, keys would be provided with the initial packets in the establishment of the connection. Proposed packet format: 32 bit network order unsigned ints 0 1 2 3 4 5 6 7 +-------+-------+-------+-------+-------+-------+-------+-------+ |opt bmp| source token | dest. token |pkt id | TTL |command| +-------+-------+-------+-------+-------+-------+-------+-------+ |datalen|Data ... +-------+-------- opt bmp: Options for leaving out various parts of the packet bit purpose (on = this) -------------------------- 0 no source token present 1 no destination token present 2 no TTL present 3 no data present (also no datalen present) 4..31 future use source token: A unique identifier for this session for the originating node destination token: A unique identifier for this session for the target node packet id: A unique identifier, paired with other information in this packet used for route coloring TTL: Time To Live, for packets without a destination, when TTL is 0, the command will be executed, otherwise the packet will be dropped. command: The command to execute by the distination node or the the TTL 0 node. data length: The length in bytes of the data associated with this packet. THe semantic purpose of the data is determined by the command field. synchronization: Covert nodes would synchronize using a general method of searching for centain kinds of websites (those with a guestbook are most likely) and then posting to them. The content would be generated by a markov chainer based on other content from the page or based on content from the owner's cache. The content would follow the general pattern of a positive comment about a website, but contain the chained sequences, deliniated with special algorithmicly derived guardwords which would encode the node's identificiation. Nodes wishing to synchronize with other nodes would do searches for the specific kind of site, and then read the site, locating the deliniated passages and deriving node identifiers from them, thus allowing the nodes that posted the messages to be located.