The Free Haven Project

The Free Haven Project
February 22, 2000
Speaker: Roger Dingledine
Scribe: Kevin Fu


There does not exist a system to anonymously retrieve documents when the location of the document is also anonymous. Without this anonymity, opposition can easily remove publications. For instance, the Church of Scientology bullies governments into preventing distribution of their religious documents.

The Free Haven Project consists of:

The Servnet consists of a set of independent servnet nodes. Each node accepts opaque data for publication. A Servnet node publishes the data.
A collection of machines which anonymize communications. Specific implementations could work over email, IP, or any communications medium.

The Free Haven Project uses an information dispersal algorithm. One ASRG member asked whether the Tornado algorithm would help with an O(n) reconstruction time.


Shares of a publication will check each other for validity.

Related Work

Most anonymous storage systems perform the same functions as the Free Haven Project, but there is a significant difference in anonymity. Most projects define anonymity as "persons requesting a document cannot identify the publisher." The Free Haven Project uses a different tack.

The Free Haven Project intends to deploy a system that provides a good infrastructure for stronger anonymity. Specifically, this means that the publisher of a given document should not be known; that clients requesting the document should not have to identify themselves to anyone; and that the current location of the document should not be known. Additionally, it would be preferable to limit the number of opportunities where an outsider can show that a given document passed through a given computer.


ASRG participants raised several questions:
Q: How does a person locate a document?
A: Documents are named by a file handle which consists of a cryptographic hash of a public key. Providing a directory service is not the goal of the Free Haven Project. There is no native provision for directory lookups. Users are expected to do this out of band.
Q: It seems that searching for information will be difficult. Why?
A: A directory allows censorship. A government could search for the file handle in a directory, then censor the file lookup.
Q: So isn't it hard to trust directory contents that are built out of band?
A: The Free Haven Project does not want to solve the directory problem within the main system. Directories would require frequent updates. The Free Haven project has latencies in hours or days. You wouldn't want a directory service like this. Free Haven is a base infrastructure for anonymous publication. It's not a web server. It's not a directory. It neither allows or prevents others to add this functionality at a higher layer.
Q: How many public keys are there per file fragment?
A: Each file is associated with one public key. The corresponding shares/fragments share the same key.
Q: What are the potential bottlenecks?
A: Periodically each servnet node broadcasts to every other servnet node it knows about. Each message is individually encrypted and signed to each other node. This can be expensive.
Q: Describe the GUI. How easy is it to use compared to PGP or the LCS anonymous remailer?
A: Point and click. Users need only have the file handle (hash of the public key) of a document to locate the document content. Client code is underway to hide the cryptography from the user.
Q: What's the first thing you'll do with the Free Haven?
A: The first thing going into the system is the client code because it may contain potentially patented algorithms. :-)


Roger Dingledine. Free Haven Thesis Proposal [draft], February 2000.
Brought to you by the MIT LCS Applied Security Reading Group