CoNet project
Devices connected each other with OpenPGP’s Key ID rather than IP address.
ABSTRACT
CoNet is a specialized network in which all nodes discover each other and communicate via OpenPGP’s Key ID, as opposed to a standard Internet connection which uses IP addresses. CoNet nodes utilize encrypted content transferred through the IMAP protocol to create an end-to-end encrypted virtual-internet tunnel as a means for data exchange.
Primary Objectives of CoNet:
- To circumvent current online censorship and surveillance methods.
- To secure users from online threats through anonymity and invisibility to current tools.
- To allow users to bypass any government or third-party imposed restrictions and filters.
- To protect user’s servers completely from DDoS attacks.
- To empower users to access the Internet in a novel and completely anonymous way, allowing them to experience true Internet freedom.
1. Introduction
“Breaking up Google’s not going to do that. You actually have to create a network that secures that data. So identity management, access control and encryption become key features of building an internet and a free society because it allows people to actually know who’s on the network”
— (Ret) Brigadier General Spalding
The Internet has become a fundamental element of modern-life. However, the well documented rise of cyber-crime, hacking, and surveillance points to critical failures in the access and use of the Internet. A further compromise is experienced by users in countries such as China, Russia, and certain parts of the Middle East and Asia, and where they must contend with local governments’ imposed censorship and filtering. Censorship creates a burden for both businesses and consumers in the affected countries and poses a palpable threat to freedom of speech.
At this moment of human history when our collective online footprints are growing exponentially, new, innovative and bold actions must be taken to protect our online freedoms and rights to access and share our data privately without the worrying about interferences, especially the rights of those who cannot speak for themselves. The majority of the tools commonly utilized to protect data and circumvent surveillance and censorship today are not robust enough to meet the goal of full protection. Solutions such as Tor and VPN all share the same fundamental problem, they rely on routing data over a proxy server. Governments and nefarious third parties have become masters at spotting such proxy servers and exploit them for nefarious purposes or shut them down completely. This is typically the case with government censorship. This situation has created a niche in the market for a tool that can surpass the protocols and tactics used by adversaries of freedom and unlock the Internet for all people.
This is the time give power back to user from BigTech.
2. CoNet Open Network
2.1 The Idea
The CoNet technology has been designed in a fundamentally new way that differ from contemporary solutions. Using patented technologies, CoNet is designed based on the email protocol suite ( SMTP & IMAP) and can use third party mail servers as a vehicle to link computers together worldwide. Plainly described as a new decentralized internet that utilizes a layer of the internet that previously was used solely for sending email.
With CoNet technology, we can control who has access to connect to our network. We maintain a hidden key that is untraceable and thus renders your internet activity completely invisible. With no IP address publicly available to trace, there is nowhere for governments or hackers to attack, block, censor, or otherwise manipulate. As our technology routes all internet usage through existing highly secure and stable email platforms such as iCloud, and Hotmail all activity is observed as encrypted emails, disguising the true contents. No other party will be able to open these emails, after the fact including the email provider, because our patented technology shreds and destroys the encrypted emails, during your browsing session so there is no trace of your activity remaining, even if someone were to decrypt the system there would be no legacy records for the nefarious party to access.
A computer network is a digital telecommunications network which allows nodes to share digital resources via the sending and receiving of data packets. In computer networks, computing devices exchange data with each other using connections (data links) between nodes. These data links are established over a physical media such as twisted pair or Optical fiber cables, and wireless media such as Wi-Fi.
2.2.1 Internet Protocol address (IP address)
A network address is an identifier for a node or host on a telecommunications network. Network addresses are designed to be unique identifiers across the network, although some networks allow for local, private addresses or locally administered addresses that may not be unique.
A network packet is a formatted unit of data carried by a packet-switched network. A packet consists of control information and user data,[1] which is also known as the payload. Control information provides data for delivering the payload, for example: source and destination network addresses, error detection codes, and sequencing information. Typically, control information is found in packet headers and trailers.
The Internet protocol suite is the conceptual model and set of communications protocols used in the Internet and similar computer networks. It is commonly known as TCP/IP because the foundational protocols in the suite are the Transmission Control Protocol (TCP) and the Internet Protocol (IP).
2.2.4 Network topology
Network topology is the layout or organizational hierarchy of interconnected nodes of a computer network. The physical layout of a network is usually less important than the topology that connects network nodes. Most diagrams that describe a physical network are therefore topological, rather than geographic.
The simplest topology is one in where there is a dedicated link between two endpoints. Easiest to understand, of the variations of point-to-point topology, is a point-to-point communication channel that appears, to the user, to be permanently associated with the two endpoints.
2.2.5 Node
Network computer devices that originate, route and terminate the data are called network nodes. Nodes are generally identified by network addresses, and can include hosts such as personal computers, phones, and servers, as well as networking hardware such as routers and switches. Two such devices can be said to be networked together when one device is able to exchange information with the other device, whether or not they have a direct connection to each other.
In most cases, application-specific communications protocols are layered (i.e. carried as payload) over other more general communications protocols.
2.2.6 Access Point (AP)
An access point (AP) is virtual device running in cloud, such as a wireless router, that allows CoNet’s client connect to CoNet network. AP have routing table that lists the connected nodes. Also AP forward toward its destination node via other AP.
In computing, bandwidth is the maximum rate of data transfer across a given path. Bandwidth may be characterized as network bandwidth, data bandwidth, or digital bandwidth. The consumed bandwidth in bits, corresponds to achieved throughput or good put, i.e., the average rate of successful data transfer through a communication path.
2.3 Email protocols
The mail client and mail server can exchange information with each other using a variety of protocols.
2.3.1 Simple Mail Transfer Protocol (SMTP) protocol
The Simple Mail Transfer Protocol (SMTP) is a communication protocol for electronic mail transmission. As an Internet standard, SMTP was first defined in 1982 by RFC 821, and updated in 2008 by RFC 5321 to Extended SMTP additions, which is the protocol variety in widespread use today.
2.3.2 Internet Message Access Protocol (IMAP) protocol
The Internet Message Access Protocol (IMAP) is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP is defined by RFC 3501. IMAP over SSL (IMAPS) is assigned well-known port number 993.
2.3.3 Draft message
IMAP supports the ability to store a users messages as a draft. These drafts are updated in real time and saved and are intended to save messages where the user has not completed the message composition. Draft messages do not store any IP address information in the message’s metadata.
2.3.4 APPEND command
The APPEND command appends the literal argument as a new message to the end of the specified destination mailbox.
IMAP requires a client to poll the server for changes to the selected mailbox (new mail, deletions). IDLE is an IMAP protocol extension. It allows an IMAP client to indicate to the server that it is ready to accept real-time notifications about the changes (e.g. new message) in the currently selected folder. It also helps some real-time applications based on IMAP. It is defined by RFC 2177.
IMAP FETCH command retrieves data associated with a message in the mailbox. The data items to be fetched can be either a single atom or a parenthesized list. It is defined by RFC 3501.
2.3.7 Real time communication
Two IMAP clients may establish a real time communication via a third party email server using standard IMAP protocols.
2.3.8 Tunneling
The IMAP protocol was designed to be half-duplex, meaning that there was no way to send and receive data at the same time. However CoNet establishes two independent simplex tunnels that allow for traffic to move across the network in both directions to and from each node.
2.3.9 JavaScript Object Notation (JSON)
JSON is a language-independent data format. It was derived from JavaScript, and it’s an open-standard file format, or data interchange format, that uses human-readable text to transmit data objects consisting of attribute–value pairs and array data types (or any other serializable value).
JSON is a formatted unit of data carried by the CoNet network.
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, emails, files, directories, and whole disk partitions and to increase the security of e-mail communications. PGP and similar software follow the OpenPGP standard (RFC 4880) for encrypting and decrypting data.
PGP supports message authentication and integrity checking. The latter is used to detect whether a message has been altered since it was completed (the message integrity property) and the former, to determine whether it was actually sent by the person or entity claimed to be the sender (a digital signature). Because the content is encrypted, any changes in the message will result in failure of the decryption with the appropriate key. The sender uses PGP to create a digital signature for the message with either the RSA or DSA algorithms. To do so, PGP computes a hash (also called a message digest) from the plaintext and then creates the digital signature from that hash using the sender’s private key.
2.3.12 Decentralized fault-tolerant web of confidence
Both when encrypting messages and when verifying signatures, it is critical that the public key used to send messages to someone or some entity actually does ‘belong’ to the intended recipient. Users must also ensure by some means that the public key in a certificate actually does belong to the person or entity claiming it.
As time goes on, you will accumulate keys from other people that you may want to designate as trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys.
2.3.13 Ping Pong
Node A encrypted json “ping” with PGP and APPEND to an GMail folder “aaa”, Node B is listening folder “aaa” and got a IDLE notify from GMail. Then get message content via FETCH command, then decrypt to get json “ping” request from Node A. Then encrypted JSON “pong” with PGP and APPEND to an GMail folder “bbb”, Node A is listening folder “bbb” and got a IDLE notify from GMail. Node A get message content via FETCH command, then decrypt to get json “pong”, Final Node A got response from Node B.
2.4 Test Executive Summary
Our tests were conducted to evaluate the performance of the CoNet network. Based on our analysis, CoNet currently has a bandwidth which is comparable to a standard VPN connection, when iCloud is used as the chosen mail server. Our testing also revealed that there is a small delay of nearly one second. It uses JSON format for data carried in CoNet network that is different than packet-switched network.
2.4.1 Test Design and Methodology
Our tests were all conducted on Cloud VM servers, at three selected locations; in San Francisco, Tokyo, and Paris. We determined the latency, (delay) between the two computers while utilizing the CoNet node as an end-to-end tunnel. We also uploaded and downloaded several files to determine the bandwidth capacity.
2.4.2 Network Ping Test ( delay )
2.4.3 2KB Upload/Download Test ( bandwidth )
2.4.4 2MB Upload/Download Test ( bandwidth )
2.4.5 Network 8MB Upload/Download Test ( bandwidth )
2.5 CoNet network
CoNet using the email protocol suite (SMTP & IMAP) via third party mail servers as a vehicle to link computers together worldwide. Think of it as a new internet that exists on a layer that previously was used only for sending email.
2.5.1 CoNet node
The CoNet node is an AP (access point) that provides the ability for users to connect to the CoNet network via a public email server like iCloud, Yahoo or Outlook. The node also maintains a routing table that helps the client and node find each other. All nodes connect to each other thereby building the core of the CoNet network in a similar fashion to an intranet. The CoNet node is an open source technology that will be open to development by any person or organization. They are then able to build their own node and to service their client via their private node. Additionally the CoNet node also makes possible the mining of CoNet cryptocurrency similar to how a traditional node in a blockchain operates.
2.5.2 CoNet Platform
The CoNet Platform is a client APP built to allow others to deploy their own apps that utilize the underlying CoNet technology and access the internet via the deployment of secure nodes as access points. The CoNet platform is an open source and cross-platform software. It allows developers to easily build and develop their own powerful APPs to operate on top of CoNet’s technology.
2.6 User case
2.6.1 Kloak Platform
The Kloak Platform is being designed to serve the growing community gathering around our best-of-breed suite of privacy-enhancing apps. Users will be able to safely and effectively bypass third-party restrictions, surveillance and censorship. They will also be able to chat, send messages, perform web searches, watch videos, share files, create blogs, and much more. With the addition of every new app release, our community will continue to experience unrivaled anonymity, freedom, and privacy while online. With Kloak products, there is no search history saved at any time and no IP address to associate with these searches which previously anyone could discover at a later time.
2.6.2 KloSearch
KloSearch search client that allows users to access Google, Yahoo, Bing, and Baidu’s popular search engines. Sitting on top of CoNet’s core private internet technology Kloak is able to provide users with a top-tier privacy service which is unparalleled by today’s existing standards. This makes it a truly private experience no matter where you choose to access the internet from. This app can even be used to perform searches within countries where Google searches are blocked or restricted by local governments. Additionally with KloSearch you will have the ability to test potentially unsafe links and files before deciding to load them.
2.6.2 KloMSM
KloMSM is a messaging and communications app that operates on the Kloak platform. KloMSM utilizes CoNet technology to manage the end-to-end sending and retrieval of highly secure, private encrypted messages. KloMSM solves many common privacy issues and is the only messaging product that will be able to circumvent online censorship and surveillance completely. By utilizing CoNet technology KloMSM allow KloMSM users to create a virtual internet tunnel by operating via public email servers and protocols. By using the Kloak platform users’ locations and personal information are obfuscated and decentralized so that they are never permanently logged. Because of this unique set of features, users’ personal whereabouts and details cannot be retrieved, that extends to KloMSM itself.
2.7 Competitors
2.7.1 CoNet vs VPN
2.7.2 CoNet vs Tor
2.8 CoNet — Threats
2.8.1 Legality
The laws are largely targeted at spammers and are designed to prevent them from acquiring people’s email addresses without their permission and spamming them with unsolicited emails. CoNet users have warning and risk agreements when they send connect request email to CoNet that include IMAP account name and password. The CoNet platform is a normal email client software similar to Outlook or others. It uses standard IMAP protocol to connect and reading or writing draft message to email server that have not sent. All messages are based on Open PGP standard format. Email providers may not censor message detail. Also the IMAP protocol standard allows email clients to multi-connect to an email account. CoNets server side is also a mail client that is authorized by the client to access their email account. It is similar to Outlook or Gmail online mail service which can add mail accounts to connect to other mail services.
