Editing GNUnet

{{short description|Framework for decentralized, peer-to-peer networking which is part of the GNU Project}}
{{distinguish|Gnutella}}
{{More citations needed|date=April 2019}}
{{Outdated as of | year = 2019 | month = 04 | day = 18 }}
{{Infobox software
| name = GNUnet
| logo = [[File: Official_logo_of_the_GNUnet_project.svg|250px]]
| screenshot = Gnunet-gtk_0.10_under_arch-gnulinux.png
| caption = GNUnet with the [[GTK+]] user interface
| developer = GNUnet [[Registered association (Germany)|e.V.]]<ref>[https://gnunet.org/en/ev.html GNUnet.org &ndash; About GNUnet e.V.]</ref>
| released = {{Start date and age|2001|11|05}}
| latest release version = {{wikidata|property|preferred|references|edit|Q1007056|P348|P548=Q2804309}}
| latest release date = {{wikidata|qualifier|preferred|single|Q1007056|P348|P548=Q2804309|P577}}
| latest preview version = {{wikidata|property|preferred|references|edit|Q1007056|P348|P548=Q51930650}}
| latest preview date = {{wikidata|qualifier|preferred|single|Q1007056|P348|P548=Q51930650|P577}}
| programming language = [[C (programming language)|C]]<ref>[https://git.gnunet.org/gnunet.git/tree GNUnet Source Code]</ref>
| operating system = official: [[Free software]] operating systems ([[Linux]], [[FreeBSD]], [[NetBSD]], [[OpenBSD]]);<br />unofficial: Other operating systems ([[OS X]], [[Microsoft Windows|Windows]])
| language = Spanish, English, Russian, German, French
| genre = [[Anonymous P2P]], [[Friend-to-friend]]
| license = 2018: [[GNU Affero General Public License|AGPL-3.0-or-later]]{{efn|AGPL-3.0-or-later since 2018-06-05.}}<ref>{{cite web |access-date=June 8, 2018 |url=https://gnunet.org/git/gnunet.git/tree/src/core/core.h?id=4e2504a967ba09643c6dd7e3b9ce400e30adcb3d |title=license notice placed at the top in one of the source files of the project's repository, probably in each of its source files |quote=GNUnet is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.}}</ref><br />2007: [[GNU General Public License|GPL-3.0-or-later]]{{efn|GPL-3.0-or-later from 2007-07-02 until 2018-06-05.}}<br />2001: [[GNU General Public License|GPL-2.0-or-later]]{{efn|GPL-2.0-or-later from 2001 until 2007-07-02.}}
| website = {{URL|https://gnunet.org}}
}}
{{File sharing sidebar}}
[[File:Christian Grothoff - August 2013 - Berlin, Germany.png|thumb|Christian Grothoff, maintainer of GNUnet, in [[Berlin]] on August 1, 2013 at the "[http://youbroketheinternet.org/#august2013 #youbroketheinternet. We'll make ourselves a GNU one.]" event.]]
'''GNUnet''' is a [[software framework]] for [[decentralization|decentralized]], [[peer-to-peer]] [[Computer network|networking]] and an official [[GNU project|GNU]] package. The framework offers [[link encryption]], [[Peering|peer discovery]], [[resource allocation]], communication over many transports (such as [[Transmission Control Protocol|TCP]], [[User Datagram Protocol|UDP]], [[Hypertext Transfer Protocol|HTTP]], [[HTTPS]], [[Wireless LAN|WLAN]] and [[Bluetooth]]) and various basic [[peer-to-peer]] algorithms for [[routing]], [[multicast]] and network size estimation.{{sfn|EvansPolotGrothoff|2012}}<ref>{{Cite thesis|title=The GNUnet System|url=https://hal.inria.fr/tel-01654244|publisher=Université de Rennes 1|date=2017-10-10|degree=habilitation|language=en|first=Christian|last=Grothoff}}</ref>

GNUnet's basic network topology is that of a [[mesh network]]. GNUnet includes a [[distributed hash table]] (DHT) which is a [[randomized]] variant of [[Kademlia]] that can still efficiently route in [[small-world network]]s. GNUnet offers a "[[Friend-to-friend|F2F topology]]" option for restricting connections to only the users' trusted friends. The users' friends' own friends (and so on) can then indirectly exchange files with the users' computer, never using its IP address directly.

GNUnet uses [[Uniform resource identifier]]s (not approved by [[Internet Assigned Numbers Authority|IANA]], although an application has been made).{{when|date=May 2019}} GNUnet URIs consist of two major parts: the module and the module specific identifier. A GNUnet URI is of form <br /><code>gnunet://module/identifier</code> where ''module'' is the module name and ''identifier'' is a module specific string.

The primary codebase is written in [[C (programming language)|C]], but there are [[Language_binding | bindings]] in other languages to produce an API for developing extensions in those languages. GNUnet is part of the [[GNU Project]]. It has gained interest in the [[Hacker culture|hacker community]] after the [[PRISM (surveillance program)|PRISM]] revelations.{{sfn|Grothoff|2013}}

GNUnet consists of several subsystems, of which essential ones are Transport and Core subsystems.{{sfn|FerreiraGrothoffRuth|2003|loc=Figure 1}} Transport subsystem provides insecure link-layer communications, while Core provides peer discovery and encryption.{{sfn|FerreiraGrothoffRuth|2003|loc=II. GNUNET AND THE TRANSPORT LAYER|ps=: "The core is responsible for link-to-link encryption, binding of node identities to routable addresses, and peer discovery."}} On top of the core subsystem various applications are built.

GNUnet includes various P2P applications in the main distribution of the framework, including filesharing, chat and VPN; additionally, a few external projects (such as secushare) are also extending the GNUnet infrastructure.

GNUnet is unrelated to the older [[Gnutella]] P2P protocol. Gnutella is not an official GNU project, while GNUnet is.<ref>{{cite web |title=GNU Software |url=https://www.gnu.org/software/ |website=Software - GNU Project - Free Software Foundation |publisher=Free Software Foundation, Inc. |access-date=25 January 2020}}</ref>

== Transport ==

Originally, GNUnet used [[User Datagram Protocol|UDP]] for underlying transport.{{sfn|GrothoffPatrascuBennettStef|2002|loc=3.1.1 UDP}} Now GNUnet transport subsystem provides multiple options, such as TCP and SMTP.{{sfn|FerreiraGrothoffRuth|2003}}

The communication port, officially registered at [[Internet Assigned Numbers Authority|IANA]], is 2086 ([[Transmission Control Protocol|tcp]] + [[User Datagram Protocol|udp]]).<ref>[https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?&page=38 Service Name and Transport Protocol Port Number Registry, p. 38]</ref>

== Trust system ==

GNUnet provides trust system based on an excess-based economic model.{{sfn|Grothoff|2003}} The idea of employing an economic system is taken from the [[MojoNation]] network.{{sfn|GrothoffPatrascuBennettStef|2002|loc=2.4 Mojo Nation}}

GNUnet network has no trusted entities so it is impossible to maintain a global ''reputation''. Instead, each peer maintains its own ''trust'' for each of its local links.

When resources, such as bandwidth and CPU time, are in excess, the peer provides them to all requesting neighbors without reducing trust or otherwise charging them. When a node is under stress it drops requests from its neighbor nodes having lower internal trust value. However, when the peer has less resources than enough to fulfill everyone's requests, it denies requests of those neighbors that it trusts less and charges others by reducing their trust.

== File sharing ==
The primary application at this point is [[anonymity|anonymous]], [[Internet censorship|censorship]]-resistant file-sharing, allowing users to anonymously publish or retrieve information of all kinds. The GNUnet protocol which provides anonymity is called GAP (GNUnet anonymity protocol).{{sfn|BennettGrothoff|2003}} GNUnet FS can additionally make use of [[GNU libextractor]] to automatically annotate shared files with [[metadata]].

=== File encoding ===
Files shared with GNUnet are ECRS (Encoding for Censorship-Resistant Sharing) coded.{{sfn|BennettGrothoffHorozovPatrascu|2002}}

All content is represented as GBlocks. Each GBlock contains 1024 bytes. There are several types of GBlocks, each of them serves a particular purpose. Any GBlock <math>B</math> is uniquely identified by its [[RIPEMD#RIPEMD-160 hashes|RIPEMD-160 hash]] <math>H(B)</math>.

DBlocks store actual file contents and nothing else. File is split at 1024 byte boundaries and resulting chunks are stored in DBlocks. DBlocks are linked together into [[Merkle tree]] by means of IBlocks that store DBlock identifiers.

Blocks are encrypted with a symmetric key derived from <math>H(B)</math> when they are stored in the network.

=== Queries and replies ===
GNUnet Anonymity Protocol consists of queries and replies. Depending on load of the forwarding node, messages are forwarded to zero or more nodes.

Queries are used to search for content and request data blocks.

Query contains resource identifier, reply address, priority and TTL (Time-to-Live).

Resource identifier of datum <math>Q</math> is a triple-hash <math>H(H(H(Q)))</math>.{{sfn|GrothoffPatrascuBennettStef|2002|loc=5.5 More on queries}} Peer that replies to query provides <math>H(H(Q))</math>to prove that it indeed has the requested resource without providing <math>H(Q)</math> to intermediate nodes, so intermediate nodes can't decrypt <math>Q</math>.

Reply address is the major difference compared to [[Freenet]] protocol. While in Freenet reply always propagates back using the same path as the query, in GNUnet the path may be shorter. Peer receiving a query may drop it, ''forward'' it without rewriting reply address or ''indirect'' it by replacing reply address with its own address. By indirecting queries peer provides [[cover traffic]] for its own queries, while by forwarding them peer avoids being a link in reply propagation and preserves its bandwidth. This feature allows the user to trade anonymity for efficiency. User can specify an anonymity level for each publish, search and download operation. An anonymity level of ''zero'' can be used to select non-anonymous file-sharing. GNUnet's DHT infrastructure is only used if non-anonymous file-sharing is specified. The anonymity level determines how much cover traffic a peer must have to hide the user's own actions.

Priority specifies how much of its trust user wants to spend in case of a resource shortage.

TTL is used to prevent queries from staying in the network for too long.

=== File sharing URIs ===
The ''fs'' module ''identifier'' consists of either ''chk'', ''sks'', ''ksk'' or ''loc'' followed by a slash and a category specific value. Most URIs contain hashes, which are encoded in [[base32#base32hex|base32hex]].<ref>{{cite web|last1=Grothoff|first1=Christian|title=File-Sharing URIs|url=https://www.gnunet.org/fs-urisyntax|website=www.gnunet.org|access-date=15 July 2016|archive-date=17 August 2016|archive-url=https://web.archive.org/web/20160817025026/https://www.gnunet.org/fs-urisyntax|url-status=dead}}</ref>

* ''chk'' identifies files, typically: <code><nowiki>gnunet://fs/chk/[file hash].[query hash].[file size in bytes]</nowiki></code>
: File hash is the hash of the plaintext file, which allows decrypting it once it is downloaded. Query hash is the hash of topmost GBlock which allows downloading the whole tree of GBlocks that contain encrypted file. File size is required to determine the shape of the tree.
* ''sks'' identifies files within namespaces, typically: <code><nowiki>gnunet://fs/sks/NAMESPACE/IDENTIFIER</nowiki></code>
* ''ksk'' identifies search queries, typically: <code><nowiki>gnunet://fs/ksk/KEYWORD[+KEYWORD]*</nowiki></code>
* ''loc'' identifies a datum on a specific machine, typically: <code><nowiki>gnunet://fs/loc/PEER/QUERY.TYPE.KEY.SIZE</nowiki></code>

==== Examples ====
A type of GNUnet filesharing URI pointing to a specific copy of [[GNU GPL]] license text:
<code style="word-wrap:break-word">
gnunet://fs/chk/9E4MDN4VULE8KJG6U1C8FKH5HA8C5CHSJTILRTTPGK8MJ6VHORERHE68JU8Q0FDTOH1DGLUJ3NLE99N0ML0N9PIBAGKG7MNPBTT6UKG.1I823C58O3LKS24LLI9KB384LH82LGF9GUQRJHACCUINSCQH36SI4NF88CMAET3T3BHI93D4S0M5CC6MVDL1K8GFKVBN69Q6T307U6O.17992</code>

Another type of GNUnet filesharing URI, pointing to the search results of a search with keyword "gpl":
<code style="word-wrap:break-word">
gnunet://fs/ksk/gpl
</code>

== GNU Name System ==
GNUnet includes an implementation of the GNU Name System (GNS), a decentralized and censorship-resistant replacement for [[Domain Name System|DNS]]. In GNS, each user manages their own [[DNS zone|zones]] and can delegate subdomains to zones managed by other users. Lookups of records defined by other users are performed using GNUnet's DHT.{{sfn|Wachs|Schanzenbach|Grothoff|2014}} GNS has been standardized in {{IETF RFC|9498}}. The GANA registry manages the ".alt" [[top-level domain]] in GNS.<ref>{{cite web |title=RFC 9498: The GNU Name System [LWN.net] |url=https://lwn.net/Articles/952122/ |website=lwn.net}}</ref>

== Protocol translation ==

GNUnet can tunnel IP traffic over the peer-to-peer network. If necessary, GNUnet can perform IPv4-IPv6 [[IPv6 transition mechanisms|protocol translation]] in the process. GNUnet provides a [[Application-level gateway|DNS Application-level gateway]] to proxy DNS requests and map addresses to the desired address family as necessary. This way, GNUnet offers a possible technology to facilitate [[IPv6 transition mechanisms|IPv6 transition]]. Furthermore, in combination with GNS, GNUnet's protocol translation system can be used to access hidden services — IP-based services that run locally at some peer in the network and which can only be accessed by resolving a GNS name.

== Social API ==
[[Gabor X Toth]] published in early September 2013 a thesis<ref>Toth, Gabor X (2013-09-05), [https://gnunet.org/design-social-messaging-system Design of a Social Messaging System Using Stateful Multicast] {{Webarchive|url=https://web.archive.org/web/20140222032558/https://gnunet.org/design-social-messaging-system |date=2014-02-22 }} - Retrieved 2013-09-28</ref> to present the design of a [[social messaging]] service for the GNUnet peer-to-peer framework that offers scalability, extensibility, and end-to-end encrypted communication. The scalability property is achieved through multicast message delivery, while extensibility is made possible by using [[PSYC]] (Protocol for SYnchronous Conferencing), which provides an extensible [[Remote procedure call|RPC]] (Remote Procedure Call) syntax that can evolve over time without having to upgrade the software on all nodes in the network. Another key feature provided by the PSYC layer are stateful multicast channels, which are used to store e.g. user profiles. End-to-end encrypted communication is provided by the mesh service of GNUnet, upon which the multicast channels are built. Pseudonymous users and social places in the system have cryptographical identities — identified by their public key — these are mapped to human memorable names using GNS ([[GNU Name System]]), where each pseudonym has a zone pointing to its places.

That is the required building block for turning the GNUnet framework into a fully [[Distributed social network|peer-to-peer social networking]] platform.

== Chat ==
A chat has been implemented in the CADET module,<ref>GNUnet.org documentation (2019-11-14) [https://gnunet.org/en/use.html#groupchat Chatting with a (simple) client] - Retrieved 2019-11-14</ref> for which a [[GTK]] interface for [[GNOME]] exists,<ref>[https://gitlab.com/TheJackiMonster/cadet-gtk cadet-gtk] on [[GitLab]]</ref> specifically designed for the emerging Linux phones (such as the [[Librem 5]] or the [[PinePhone]]).<ref>[https://www.reddit.com/r/Purism/comments/g22al7/gnunet_cadet_for_mobile_linux/ GNUnet CADET for mobile Linux – Reddit]</ref>

== See also ==
{{Portal|Free and open-source software}}
* [[InterPlanetary File System]]
* [[Comparison of file-sharing applications]]
* [[Synchronous conferencing]]

== Notes ==
{{notelist}}

== References ==
{{Reflist}}

== Further references ==
{{refbegin}}
* {{cite tech report
  |first=Christian
  |last=Grothoff
  |first2=Ioana
  |last2=Patrascu
  |first3=Krista
  |last3=Bennett
  |first4=Tiberiu
  |last4=Stef
  |first5=Tzvetan
  |last5=Horozov
  |title=The GNet whitepaper
  |institution=Purdue University
  |date=2002-06-13
  |url=https://git.gnunet.org/bibliography.git/plain/docs/main.pdf
  }}
* {{Cite book
  |title=Efficient Sharing of Encrypted Data
  |last1=Bennett
  |first1=Krista
  |last2=Grothoff
  |first2=Christian
  |last3=Horozov
  |first3=Tzvetan
  |last4=Patrascu
  |first4=Ioana
  |date=2002-07-03
  |publisher=Springer Berlin Heidelberg
  |isbn=9783540438618
  |editor-last=Batten
  |editor-first=Lynn|editor-link=Lynn Batten
  |series=Lecture Notes in Computer Science
  |pages=107–120
  |language=en
  |doi=10.1007/3-540-45450-0_8
  |editor-last2=Seberry
  |editor-first2=Jennifer
  |citeseerx = 10.1.1.19.9837}}
* {{Cite book
  |first1=Ronaldo
  |last1=Ferreira
  |first2=Christian
  |last2=Grothoff
  |first3=Paul
  |last3=Ruth
  |date=2003-05-01
  |publisher=IEEE
  |isbn=978-0-7695-1919-7
  |doi=10.1109/CCGRID.2003.1199393
  |pages=398–405
  |title=CCGrid 2003. 3rd IEEE/ACM International Symposium on Cluster Computing and the Grid, 2003. Proceedings
  |chapter-url=http://grothoff.org/christian/transport.pdf
  |citeseerx=10.1.1.13.5086
  |chapter=A transport layer abstraction for peer-to-peer networks
 |s2cid=1928711
 }}
* {{Cite journal
  |last=Grothoff
  |first=Dipl-Math Christian
  |date=2003-06-01
  |title=Resource allocation in peer-to-peer networks
  |journal=Wirtschaftsinformatik
  |language=en
  |volume=45
  |issue=3
  |pages=285–292
  |doi=10.1007/BF03254946
  |s2cid=4479637
 |issn=0937-6429
  }}
* {{Cite book
  |last1=Wachs
  |first1=Matthias
  |last2=Schanzenbach
  |first2=Martin
  |last3=Grothoff
  |first3=Christian
  |title=Cryptology and Network Security
 |chapter=A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System
 |date=2014
  |series=Lecture Notes in Computer Science
 |volume=8813
 |language=en
  |issue=13
  |pages=127–142
 |doi=10.1007/978-3-319-12280-9_9
 |isbn=978-3-319-12279-3
 |chapter-url=https://git.gnunet.org/bibliography.git/plain/docs/gns2014wachs.pdf
  }}
* {{Cite book
  |last1=Bennett
  |first1=Krista
  |last2=Grothoff
  |first2=Christian
  |title=Privacy Enhancing Technologies
 |chapter=Gap – Practical Anonymous Networking
 |date=2003-03-26
  |publisher=Springer Berlin Heidelberg
  |isbn=9783540206101
  |editor-last=Dingledine
  |editor-first=Roger
  |series=Lecture Notes in Computer Science
  |volume=2760
 |pages=141–160
  |language=en
  |doi=10.1007/978-3-540-40956-4_10
|citeseerx = 10.1.1.125.9673}}
* {{Cite book
  |last1=Evans
  |first1=Nathan
  |last2=Polot
  |first2=Bartlomiej
  |last3=Grothoff
  |first3=Christian
  |title=Networking 2012
 |chapter=Efficient and Secure Decentralized Network Size Estimation
 |date=2012-05-21
  |publisher=Springer Berlin Heidelberg
  |isbn=9783642300448
  |editor-last=Bestak
  |editor-first=Robert
  |series=Lecture Notes in Computer Science
  |volume=7289
 |pages=304–317
  |language=en
  |doi=10.1007/978-3-642-30045-5_23
  |editor-last2=Kencl
  |editor-first2=Lukas
  |editor-last3=Li
  |editor-first3=Li Erran
  |editor-last4=Widmer
  |editor-first4=Joerg
  |editor-last5=Yin
  |editor-first5=Hao
  }}
* {{cite web
  |url=https://git.gnunet.org/gnunet-videos-2013.git/plain/you%20broke%20the%20internet/internetistschuld.webm
  |title=Video: You broke the Internet. We're making ourselves a GNU one.
  |last=Grothoff
  |first=Christian
  |date=2013-08-01
  |website=gnunet.org
  |publisher=[[Pirate Party Germany]], [[Berlin]]
  |access-date=4 October 2013
  }}
* {{cite web
  |url=http://grothoff.org/christian/psc2015.pdf
  |title=The Architecture of the GNUnet: 45 Subsystems in 45 Minutes
  |last=Grothoff
  |first=Christian
  |year=2015
  |access-date=2016-07-14
  }}
{{refend}}

== External links ==
* {{Official website}}

{{File sharing protocols}}
{{GNU}}
{{Cryptographic software}}

[[Category:GNU Project software]]
[[Category:Free file sharing software]]
[[Category:Anonymity networks]]
[[Category:Anonymous file sharing networks]]
[[Category:Free software programmed in C]]
[[Category:Cross-platform free software]]
[[Category:Software using the GNU Affero General Public License]]
[[Category:Key-based routing]]