Blocks V0.14

A Prototype Distributed Anonymous File Server

News: As you can see blocks now has 2 logos which are both pretty cool. A big thanks to Benjamin & Erik for those (let me know if you want your full name plastered on the page and I'll start a credits list). Also, I've added a new protocol section so that the Freehaven guys can tear Blocks to bits :-)

More News: Linux binaries are here couresy of Benjamin!

Test Servers: (Michael ICQ#1276988) 209.180.104.202:91 (NEW)
(Luke) 24.147.23.210:9999

EFNet IRC: channel #blocks

Sourceforge Mailing List: To join go HERE

Want to help? We need volunteers for the following... 1) to host servers 2) to provide Linux and other ports 3) to show me how to work the new Sourceforge page :-)

Download V0.14:-
WIN32 binary (~241Kb)
zipped crossplatform source code (~80Kb)
gzipped Linux binaries - blockgui.gz (~236Kb)blockd.gz (~90Kb)
Solaris binary (TBA)

What is Blocks?

Blocks is an anonymous distributed file transfer system designed for people with permanent ‘always on’ Internet connections like DSL lines or cable modems. It allows you to anonymously upload files from, and download files to the Blocks server ‘network’.

Blocks differs from other anonymous file transfer utilities in that the following ways…

All ‘uploaded’ files are split into small 64Kb blocks.

‘File advertisements’ are broadcast through out the network. Your Blocks application needs to be running to see them. When you do a ‘search’ you are actually searching the local list maintained by your Blocks application, searches are never broadcast.

The data blocks are routed from server to server rather than from point to point, with content being replicated through out the ‘network’. IP addresses are not associated with uploads or downloads in any way.

Each Blocks application acts as a potential client, server, and caching proxy for data blocks.

Blocks uses a large disk bound cache (1-64Gb) that is protected by a 128bit block cipher using a random key based on a strong Pseudo Random Number Generator (entropy provided by user), and the cache is deleted and recreated each time the Blocks server is stopped or started. Therefore, even after a crash or abnormal termination, the disk cache cannot be used to ascertain what data has been downloaded or was being served.

All network connections are protected by a 128bit stream cipher using a session key created from a 512bit Diffie-Hellman key exchange. So, network logs cannot be used to identify what network passed through the system.

You can easily set up your own separate Blocks network or join a public one. You can even participate in a public Blocks network when you are behind a firewall that stops incoming connections.

Blocks uses very little resources so you can use your computer for other things while you are running your Blocks server. Blocks uses ~2Mb+(1Mb per 4Gb of cache) of memory and a tiny amount of CPU. You can configure how much of your bandwidth you want Blocks to use and even play Quake or Tribes online and still be running your Blocks server (128Kb/sec minimum is required).

Blocks is completely public domain. There are no licensing restrictions on the code or the binaries… obviously there is no warranty either :-)

How does Blocks Work?

When you run a Blocks server it finds and connects to a number of other Blocks servers, creating an interconnected ‘network’ of servers. All Blocks servers have a disk bound cache of data that is used to store data in the form of fixed size binary blocks of 64Kb.

When you ‘upload’ a file to your blocks server, the file is split into 64Kb blocks and each is inserted into the cache. A ‘header’ block containing a list of identifiers for all the data blocks, as well as basic information such as the filename and size, is also inserted into the cache, and the file is advertised to the Blocks network. The server also uses the cache to store data as it is routed and downloaded so eventually your uploaded file data will be overwritten.

Your Blocks server is always listening for file advertisements from the Blocks network that it keeps a local list of. The Blocks network offers no distributed search capability, so when you do a file search you are only searching the local list built up since you started your server. So don’t expect a huge list of files if you’ve only been running your server for a couple of hours.

Once you choose a file to ‘download’ the server requests the ‘header’ block and all the data blocks sequentially from the Blocks network then reconstructs the file locally once all the Blocks have been received.

So what anonymity features does it have?

NOTE: Please look at the FreeHaven Project at http://www.freehaven.net for an excellent description of several approaches to anonymous file sharing systems. They probably wouldnt class Blocks as being very anonymous, but it will be interesting to see if we get a mention anyway. I will probably rewrite the rest of this section at somepoint soon. A warning though, anyone using V0.14 or later with the 'readvertise files' option on, are allowing people to possibly connect to them to see whats being served from their cache. They shouldnt be able to tell what was directly uploaded and what was proxied into cache, but its worth thinking about anyway.

When you start your Blocks server it connects to the Blocks network and broadcasts your IP address as being that of a server looking for connections. This is the only time your IP is advertised to the network, and it is never associated with any other messages.

All other messages use a simple routing mechanism using an alphabetic list of connection identifiers. Only the small number of servers you are immediately adjacent to can associate your IP with file advertisements, and even they cannot tell if you uploaded the file or it simply migrated automatically from another server.

All network traffic is encrypted using a 128Bit stream cipher using a key derived from a 512bit Diffie-Hellman key exchange.

All data in the disk bound cache is encrypted using a 128bit block cipher using a key derived from a strong Pseudo Random Number Generator (entropy provided by user). The cache is completely destroyed and an empty one recreated each time the server is started or stopped, and the key is different each time. No information about the origin of the data blocks is stored in the cache.

The Blocks Protocol

A short description of How Blocks Works

System Requirements?

You need a 128+K permanent internet connection (ADSL, cable, or better).
3Mb RAM (+1Mb per Gb of cache).
1Gb of disk space (of the cache).

How Do I Run It?

To run your own Blocks network, run the binary, clear the 'Primary Server' field, disable the 'Random Port' check box, and hit online. Tell your friends the hostname:port of your server so they can connect.

To connect to an existing Blocks network, run the binary, fill in the hostname:port of the Blocks network you want to connect to in the 'Primary Server' field, and hit online.

NOTE: If you want to run multiple instances of Blocks make sure to use different copies of the binary which are in different directories, and that you start each from within their own directory. This is because Blocks will create a cache directory in the directory it is started from (or the binary is in on WIN32) and you really dont want multiple Blocks servers using the same cache structure.

Optional comand line arguements :-

    -server <host:port>        Sets the Primary Server value.
    -port <number>             Sets the listening port
    -cache <1-64>                Sets the cache size in Gb
    -throttle <number>          Sets the bandwidth throttle (max bytes per sec, >=16384)
    -dont_route_ads             Stop the server routing file adverts
    -online                            Starts the server

How Do I Compile It?

First get FLTK from http://www.fltk.org and compile that. My Blocks source
has a structure like this...

fltk/
blocks/
    blockd/
    blockgui/
    libblocks/
    libsock/

so you might want to move/rename the fltk-1.0.9 directory to be fltk/ so you
dont have to change the fltk entries in the Makefiles.

UNIX:
Solaris users should be able to build out of the box.
Linux users need to remove "-lnsl" and "-lsocket" from the LIB= line in the Makefiles.
(If you have successfully built it under Linux and are prepared to donate a binary
please get in contact... but dont email the binary :-)

Volunteers wanting to port to other systems should get in touch.

WIN32:
Use Visual C++ load up the workspace... fix the library paths for fltk and hit build.

Feedback?

Anyone with a dedicated internet connection who is willing to run a public test
server, please get in contact! You can set it so that it acts only as a name server
and never serves data.

Please send any comments to petergunn@hotmail.com