Rangzen the challenge and the approach
A key challenge for any community-owned, decentralized, communication network is that of resource allocation and control. The network’s finite resources must be shared among citizens in a manner that deprioritizes unwanted traffic and abusive users, while desired content is allotted higher capacity. Intuitively, the way to achieve such a prioritization mechanism is through means of community-reputation systems: content from reputable users should have higher priority. However, use of reputation conflicts with anonymity[1] as we need to know who the users are to exploit their reputation.
Anonymity is a critically required property for dissent-networking, due to fear of persecution, and it is therefore ill-suited for applying traditional reputation systems as these must authenticate users and defend against Sybil (fake) identities. This ostensible paradox was the focus of our research over the past two years; we believe to have found a solution for this dilemma, which forms the cornerstone of this project.
We set out to design, build and support, infrastructure-independent, wireless networks that are robust against attacks by oppressive regimes, to enable anonymous communication among citizens.
It is our belief that use of specialized hardware and even minor tweaks such as outdoor antennas, is inappropriate for our target populations and may put users at unnecessary risks. Therefore, we intend to use only smartphones for realizing our solution, via an installable software app.
We acknowledge the numerous pilots and vast body of research on mobile-mesh networks – projects that failed to scale beyond the lab. The majority of failures is due to their attempt at supporting Internet-like, online, end-to-end connectivity that is in conflict with the store-and-forward communication paradigm. The store-and-forward paradigm, on which peer-to-peer ad-hoc meshes are based, increases resource contention exponentially with every added node and hence extend latencies and do not scale. Moreover, it is unlikely that our target localities will be dense enough to provide the desired end-to-end coverage, even if we had a way to avoid contention.
These fundamental challenges in supporting Internet-like connectivity over a mobile mesh led us to focus on a Delay Tolerant Network (DTN) paradigm. Although ill-suited for many Internet applications, it provides a robust packet delivery fabric that is grounded by extensive body of work, primarily from the sensor-nets community.
In a DTN-Mesh, phones exchange traffic when they opportunistically come within radio range of each other and collaboratively relay messages on behalf of other members. We augment this resource-hungry, epidemic-routing approach with our prioritization algorithm which is based on a social graph of trust relations, formed among users. Additionally, we refine existing incremental replication and multicast flooding solutions, to optimize the use of resources. The lack of real-time connectivity imposes severe restrictions and makes the anonymity and attack-resiliency features of our solution especially challenging. However, given our design is DTN-based from the ground up, it is robust and apt for the target beneficiaries and environments.
Other challenges are too many to include in this summary, yet, unlike the virgin ground of our anonymity preserving prioritization algorithm, we expect to use the vast body of relevant research, and even some open-source code, to address these remaining challenges. To name but a few: battery-aware, multimodal[2], connectivity-seeking, neighbor-discovery solutions; HCI elements to simplify use while guiding users to make informed decisions that may affect their security, such as ways for establishment of trust relations with peers; and incremental replication of content over a DTN using as few as possible round trips. Although research challenges remain, these are relatively low risk and our recent achievements eliminated the highest-risk research elements in this project.
[1] One may argue for pseudonymity, yet it has been shown to be easy to deanonymize.
[2] Leveraging whatever connectivity may be available, from full 3G/4G internet access, through ad-hoc wifi & Bluetooth, to sneakernet (manual transport of SD-cards).